secretsmanager_get_random_password: Generates a random password of the specified complexity

Description

Generates a random password of the specified complexity. This operation is intended for use in the Lambda rotation function. Per best practice, we recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.

Usage

secretsmanager_get_random_password(PasswordLength, ExcludeCharacters,
  ExcludeNumbers, ExcludePunctuation, ExcludeUppercase, ExcludeLowercase,
  IncludeSpace, RequireEachIncludedType)

Arguments

PasswordLength

The desired length of the generated password. The default value if you do not include this parameter is 32 characters.

ExcludeCharacters

A string that includes characters that should not be included in the generated password. The default is that all characters from the included sets can be used.

ExcludeNumbers

Specifies that the generated password should not include digits. The default if you do not include this switch parameter is that digits can be included.

ExcludePunctuation

Specifies that the generated password should not include punctuation characters. The default if you do not include this switch parameter is that punctuation characters can be included.

The following are the punctuation characters that can be included in the generated password if you don't explicitly exclude them with ExcludeCharacters or ExcludePunctuation:

! \" # $ \% & \' ( ) * + , - . / : ; < = > ? @ \[ \ \] ^ _ \` { | } ~

ExcludeUppercase

Specifies that the generated password should not include uppercase letters. The default if you do not include this switch parameter is that uppercase letters can be included.

ExcludeLowercase

Specifies that the generated password should not include lowercase letters. The default if you do not include this switch parameter is that lowercase letters can be included.

IncludeSpace

Specifies that the generated password can include the space character. The default if you do not include this switch parameter is that the space character is not included.

RequireEachIncludedType

A boolean value that specifies whether the generated password must include at least one of every allowed character type. The default value is True and the operation requires at least one of every character type.

Request syntax

svc$get_random_password(
  PasswordLength = 123,
  ExcludeCharacters = "string",
  ExcludeNumbers = TRUE|FALSE,
  ExcludePunctuation = TRUE|FALSE,
  ExcludeUppercase = TRUE|FALSE,
  ExcludeLowercase = TRUE|FALSE,
  IncludeSpace = TRUE|FALSE,
  RequireEachIncludedType = TRUE|FALSE
)

Details

Minimum permissions

To run this command, you must have the following permissions:

secretsmanager:GetRandomPassword

Examples

Run this code

# NOT RUN {
# The following example shows how to request a randomly generated
# password. This example includes the optional flags to require spaces and
# at least one character of each included type. It specifies a length of
# 20 characters.
# }
# NOT RUN {
svc$get_random_password(
  IncludeSpace = TRUE,
  PasswordLength = 20L,
  RequireEachIncludedType = TRUE
)
# }
# NOT RUN {
# }

Run the code above in your browser using DataLab