AWS AmazonRDS documentation change
Summary
Expanded password management options with Secrets Manager integration during PDB creation
Security assessment
Adds detailed guidance for using Secrets Manager to securely manage credentials during PDB creation, emphasizing secure practices without evidence of patching a security issue.
Diff
diff --git a/AmazonRDS/latest/UserGuide/oracle-cdb-configuring.adding.pdb.md b/AmazonRDS/latest/UserGuide/oracle-cdb-configuring.adding.pdb.md index 6b4878f1c..5672eb36e 100644 --- a//AmazonRDS/latest/UserGuide/oracle-cdb-configuring.adding.pdb.md +++ b//AmazonRDS/latest/UserGuide/oracle-cdb-configuring.adding.pdb.md @@ -36 +36,15 @@ You can add a tenant database using the AWS Management Console, the AWS CLI, or - * Either enter a password in **Tenant database master password** or select **Auto generate a password**. + * Choose either of the following credentials management options: + + * **Managed in AWS Secrets Manager** + +In **Select the encryption key** , choose either a KMS key that Secrets Manager creates or a key that you have created. + +###### Note + +We recommend AWS Secrets Manager as the most secure technique for managing credentials. Additional charges apply. For more information, see [Password management with Amazon RDS and AWS Secrets Manager](./rds-secrets-manager.html). + + * **Self managed** + +To specify a password, clear the **Auto generate a password** check box if it is selected. Enter the same password in **Master password** and **Confirm master password**. + + * Under **Additional configuration** , enter the name of your PDB for **Initial database name**. You can't name the CDB, which has the default name `RDSCDB`. @@ -110 +124 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Converting the single-tenant configuration to multi-tenant +Converting single-tenant to multi-tenant