Interface ExecuteSQLStatementProps

interface ExecuteSQLStatementProps {
    dbCredentialsSecret: ISecret;
    dbEngine?: DatabaseEngine;
    dbHost?: string;
    dbName?: string;
    dbPort?: string;
    kmsKey?: IKey;
    onCreateSQL: string;
    onDeleteSQL?: string;
    onUpdateSQL?: string;
    sqlExecutorLambda?: IFunction;
    timeout?: Duration;
    updateTimestamp?: number;
    vpc?: IVpc;
    vpcSubnets?: SubnetSelection;
}

Index

Properties

dbCredentialsSecret dbEngine? dbHost? dbName? dbPort? kmsKey? onCreateSQL onDeleteSQL? onUpdateSQL? sqlExecutorLambda? timeout? updateTimestamp? vpc? vpcSubnets?

Properties

dbCredentialsSecret

dbCredentialsSecret: ISecret

ARN of the secret in Secrets Manager containing the database credentials.

The secret must be encrypted with the KMS key provided. The secret must contain JSON in the following format:

{
  "dbClusterIdentifier": "db_cluster_id",
  "dbname": "db_name",
  "engine": "[mysql|postgres]",
  "host": "db_host",
  "password": "db_password",
  "port": "db_port",
  "username": "db_username"
}

`Optional`dbEngine

dbEngine?: DatabaseEngine

Database engine to use. Required if dbCredentialsSecretArn is not provided.

`Optional`dbHost

dbHost?: string

Database hostname. Required if dbCredentialsSecretArn is not provided.

`Optional`dbName

dbName?: string

Database name. Required if dbCredentialsSecretArn is not provided.

Default

mysql for MySQL

Default

postgres for PostgreSQL

`Optional`dbPort

dbPort?: string

Database port. Required if dbCredentialsSecretArn is not provided.

Default

3306 for MySQL

Default

5432 for PostgreSQL

`Optional`kmsKey

kmsKey?: IKey

KMS key used to encrypt the database credentials. Required if sqlExecutorLambda is not provided.

onCreateSQL

onCreateSQL: string

The SQL statement to execute when the custom resource is created. The SQL statement must be a valid SQL statement for the database engine. Multiple statements can be separated by a semicolon.

If it is not desired to execute a statement on create, use a statement that does not modify the database, such as a SELECT NOW() statement.

The query supports tokenized parameters that can be resolved either from SSM parameters or Secrets Manager secrets before execution of the statement. The parameters must be provided in the following format:

-- Resolve value from SSM parameter. Set the second parameter to true
-- to resolve the value of a SecureString parameter.
SELECT * FROM §SSM@ssm_parameter_name~[true|false]§ WHERE...

-- Resolve value from Secrets Manager secret
SELECT * FROM §SECRET@secret_name~json_key_to_resolve§ WHERE...

Example

SELECT NOW();
SELECT * FROM §SSM@/my/ssm/parameter~true§ ORDER BY id DESC;
SELECT * FROM §SECRET@my-secret-name~tableName§ ORDER BY id DESC;

`Optional`onDeleteSQL

onDeleteSQL?: string

The SQL statement to execute when the custom resource is updated. The SQL statement must be a valid SQL statement for the database engine. Multiple statements can be separated by a semicolon.

`Optional`onUpdateSQL

onUpdateSQL?: string

The SQL statement to execute when the custom resource is updated. The SQL statement must be a valid SQL statement for the database engine. Multiple statements can be separated by a semicolon.

`Optional`sqlExecutorLambda

sqlExecutorLambda?: IFunction

The Custom Resource Lambda function to use for executing SQL statements. If not provided, a new Lambda function will be created.

`Optional`timeout

timeout?: Duration

SQL executor lambda timeout. Has effect only if sqlExecutorLambda is not provided.

Default

10 minutes

`Optional`updateTimestamp

updateTimestamp?: number

Update the timestamp to trigger update event and execution of the onUpdateSQL statement on the stack deployment. Has no other effect.

Default

- No updates are triggered on stack deployment

Example

Date.now() to trigger update event on every deployment

`Optional`vpc

vpc?: IVpc

VPC to use for the Lambda function. Has effect only if sqlExecutorLambda is not provided.

Default

- The LZ Managed VPC

`Optional`vpcSubnets

vpcSubnets?: SubnetSelection

Subnets to use for the Lambda function. Has effect only if sqlExecutorLambda is not provided.

Default

- Private subnets in the LZ Managed VPC

Interface ExecuteSQLStatementProps

Index

Properties

Properties

dbCredentialsSecret

`Optional`dbEngine

`Optional`dbHost

`Optional`dbName

Default

Default

`Optional`dbPort

Default

Default

`Optional`kmsKey

onCreateSQL

Example

`Optional`onDeleteSQL

`Optional`onUpdateSQL

`Optional`sqlExecutorLambda

`Optional`timeout

Default

`Optional`updateTimestamp

Default

Example

`Optional`vpc

Default

`Optional`vpcSubnets

Default

Settings

On This Page

Interface ExecuteSQLStatementProps

Index

Properties

Properties

dbCredentialsSecret

OptionaldbEngine

OptionaldbHost

OptionaldbName

Default

Default

OptionaldbPort

Default

Default

OptionalkmsKey

onCreateSQL

Example

OptionalonDeleteSQL

OptionalonUpdateSQL

OptionalsqlExecutorLambda

Optionaltimeout

Default

OptionalupdateTimestamp

Default

Example

Optionalvpc

Default

OptionalvpcSubnets

Default

Settings

On This Page

`Optional`dbEngine

`Optional`dbHost

`Optional`dbName

`Optional`dbPort

`Optional`kmsKey

`Optional`onDeleteSQL

`Optional`onUpdateSQL

`Optional`sqlExecutorLambda

`Optional`timeout

`Optional`updateTimestamp

`Optional`vpc

`Optional`vpcSubnets