aws-cdk: rds.Credentials: cannot generate secret even having lots of characters excluded
What is the problem?
We are getting this error in cloudformation when trying to create a Postgres instance
Reason: The parameter MasterUserPassword is not a valid password. Only printable ASCII characters besides '/', '@', '"', ' ' may be used. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue; Request ID: d463b57c-d017-415a-abd6-454db4b08d84)
but we have added all the possible character we could think of in the except. Being quick before cloudformation rolledback the secret, we could see all the secret contained were regular characters.
Reproduction Steps
This is how we generate the credentials
credentials = rds.Credentials.from_generated_secret(
username=GENERIC_USERNAME,
secret_name=secret_name,
# Excluding chars by PSQL url restrictions
exclude_characters="^ %+~`#$&*()|[]{}:;,-<>?!'/\\\",="
)
What did you expect to happen?
Create the master password for postgres
What actually happened?
It couldn’t create it
CDK CLI Version
1.125.0
Framework Version
No response
Node.js Version
The one used by codepipeline
OS
The one used by codepipeline
Language
Python
Language Version
No response
Other information
We are having this problem deploying from local and running a codepipeline deploying the cdk.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 19 (7 by maintainers)
@skinny85 I’lll open a separate issue.
I actually only commented on this old issue, because I wanted “the next person” to have a slightly easier way to fix the problem 😃
There are two problems: