Skip to content

Instantly share code, notes, and snippets.

Created July 25, 2020 15:37
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Blogpost: ECS Fargate Secret Usage, RDS part
// file: lib/rds-stack.ts
import * as cdk from "@aws-cdk/core";
import * as ec2 from "@aws-cdk/aws-ec2";
import * as rds from "@aws-cdk/aws-rds";
import { DBCredentials} from "./db-credentials-stack";
export interface RDSStackProps extends cdk.StackProps {
vpc: ec2.Vpc;
credentials: DBCredentials;
export class RdsStack extends cdk.Stack {
readonly postgreSQLinstance: rds.DatabaseInstance;
private vpc: ec2.Vpc;
constructor(scope: cdk.Construct, id: string, props: RDSStackProps) {
super(scope, id, props);
const username = props.credentials.username.secretValue.toString();
const password = props.credentials.password.secretValue;
const vpc = props.vpc;
this.postgreSQLinstance = new rds.DatabaseInstance(this, "Postgres", {
engine: rds.DatabaseInstanceEngine.POSTGRES,
vpc: ec2.vpc,
vpcPlacement: { subnetType: ec2.SubnetType.ISOLATED },
masterUsername: username,
masterUserPassword: password,
// the following lines need to be changed for a REAL prod version
deletionProtection: false,
deleteAutomatedBackups: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment