rds-with-secrets.yaml

AWSTemplateFormatVersion: 2010-09-09
Description: >-
  AWS CloudFormation Template tyo demonstrate creating a secret
  and using it in a RDS instance
Resources:
  MyRDSSecrets:
    Type: AWS::SecretsManager::Secret
    Properties:
      Description: 'This is the secret for my RDS instance'
      GenerateSecretString:
        SecretStringTemplate: '{"username": "admin"}'
        GenerateStringKey: 'password'
        PasswordLength: 16
        ExcludeCharacters: '"@/\'
  MyDBInstance:
    Type: AWS::RDS::DBInstance
    Properties:
      AllocatedStorage: 20
      DBInstanceClass: db.t2.micro
      Engine: mysql
      MasterUsername: !Join ['', ['{{resolve:secretsmanager:', !Ref MyRDSSecrets, ':SecretString:username}}' ]]
      MasterUserPassword: !Join ['', ['{{resolve:secretsmanager:', !Ref MyRDSSecrets, ':SecretString:password}}' ]]
      BackupRetentionPeriod: 0
      DBInstanceIdentifier: 'rds-instance'