2022-09-19 14:26:49 +00:00
|
|
|
|
---
|
|
|
|
|
|
layout: api
|
|
|
|
|
|
page_title: Redis ElastiCache - Database - Secrets Engines - HTTP API
|
|
|
|
|
|
description: >-
|
|
|
|
|
|
The Redis ElastiCache plugin for Vault's database secrets engine generates new passwords for ElastiCache users.
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
# Redis ElastiCache Database Plugin HTTP API
|
|
|
|
|
|
|
|
|
|
|
|
The Redis ElastiCache database plugin is one of the supported plugins for the database
|
|
|
|
|
|
secrets engine. This plugin generates static database credentials based on
|
|
|
|
|
|
configured roles for the Redis ElastiCache database.
|
|
|
|
|
|
|
|
|
|
|
|
## Configure Connection
|
|
|
|
|
|
|
|
|
|
|
|
In addition to the parameters defined by the [Database
|
2023-01-26 00:12:15 +00:00
|
|
|
|
Secrets Engine](/vault/api-docs/secret/databases#configure-connection), this plugin
|
2022-09-19 14:26:49 +00:00
|
|
|
|
has a number of parameters to further configure a connection.
|
|
|
|
|
|
|
|
|
|
|
|
| Method | Path |
|
|
|
|
|
|
| :----- | :----------------------- |
|
|
|
|
|
|
| `POST` | `/database/config/:name` |
|
|
|
|
|
|
|
|
|
|
|
|
### Parameters
|
|
|
|
|
|
|
|
|
|
|
|
- `url` `(string: <required>)` – Specifies the primary endpoint to connect to.
|
|
|
|
|
|
|
2023-01-18 20:51:15 +00:00
|
|
|
|
- `access_key_id` `(string)` – Specifies the IAM `access_key_id` for Vault to use. If omitted, authentication falls back on
|
|
|
|
|
|
the AWS credentials provider chain and tries to infer authentication from the environment.
|
2022-09-19 14:26:49 +00:00
|
|
|
|
|
2023-01-18 20:51:15 +00:00
|
|
|
|
- `secret_access_key` `(string)` – Specifies the IAM `secret_access_key` corresponding to the given `access_key_id`.
|
|
|
|
|
|
If omitted, authentication falls back on the AWS credentials provider chain and tries to infer authentication from the environment.
|
|
|
|
|
|
|
|
|
|
|
|
- `region` `(string)` – Specifies the AWS region where to ElastiCache cluster is provisioned. If omitted, falls back on
|
|
|
|
|
|
the context from the environment.
|
|
|
|
|
|
|
|
|
|
|
|
### Deprecated Parameters
|
|
|
|
|
|
|
|
|
|
|
|
- `username` `(string)` – Use `access_key_id` instead, it is strictly equivalent.
|
|
|
|
|
|
|
|
|
|
|
|
- `password` `(string)` – Use `secret_access_key` instead, it is strictly equivalent.
|
2022-09-19 14:26:49 +00:00
|
|
|
|
|
|
|
|
|
|
### Sample Payload
|
|
|
|
|
|
|
|
|
|
|
|
```json
|
|
|
|
|
|
{
|
|
|
|
|
|
"plugin_name": "redis-elasticache-database-plugin",
|
|
|
|
|
|
"url": "primary-endpoint.my-cluster.xxx.yyy.cache.amazonaws.com:6379",
|
2023-01-18 20:51:15 +00:00
|
|
|
|
"access_key_id": "AKI***",
|
|
|
|
|
|
"secret_access_key": "ktriNYvULAWLzUmTGb***",
|
|
|
|
|
|
"region": "us-east-1",
|
2022-09-19 14:26:49 +00:00
|
|
|
|
"allowed-roles": "*"
|
|
|
|
|
|
}
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Sample Request
|
|
|
|
|
|
|
|
|
|
|
|
```shell-session
|
|
|
|
|
|
$ curl \
|
|
|
|
|
|
--header "X-Vault-Token: ..." \
|
|
|
|
|
|
--request POST \
|
|
|
|
|
|
--data @payload.json \
|
|
|
|
|
|
http://127.0.0.1:8200/v1/database/config/my-redis-cluster
|
|
|
|
|
|
```
|
