Vault
Redis ElastiCache database plugin HTTP API
The Redis ElastiCache database plugin is one of the supported plugins for the database secrets engine. This plugin generates static database credentials based on configured roles for the Redis ElastiCache database.
Configure connection
In addition to the parameters defined by the Database Secrets Engine, this plugin has a number of parameters to further configure a connection.
Method | Path |
---|---|
POST | /database/config/:name |
Parameters
url
(string: <required>)
– Specifies the primary endpoint to connect to.access_key_id
(string)
– Specifies the IAMaccess_key_id
for Vault to use. If omitted, authentication falls back on the AWS credentials provider chain and tries to infer authentication from the environment.secret_access_key
(string)
– Specifies the IAMsecret_access_key
corresponding to the givenaccess_key_id
. If omitted, authentication falls back on the AWS credentials provider chain and tries to infer authentication from the environment.region
(string)
– Specifies the AWS region where to ElastiCache cluster is provisioned. If omitted, falls back on the context from the environment.
Deprecated parameters
username
(string)
– Useaccess_key_id
instead, it is strictly equivalent.password
(string)
– Usesecret_access_key
instead, it is strictly equivalent.
Sample payload
{
"plugin_name": "redis-elasticache-database-plugin",
"url": "primary-endpoint.my-cluster.xxx.yyy.cache.amazonaws.com:6379",
"access_key_id": "AKI***",
"secret_access_key": "ktriNYvULAWLzUmTGb***",
"region": "us-east-1",
"allowed-roles": "*"
}
Sample request
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/database/config/my-redis-cluster