Documentation
SupportStatusCommunitySign Up
Start typing to search…

AWS MS SQL Server

With automated secrets rotation, Doppler updates the password for a MS SQL contained user at the interval you define. There's no need expose your database to the internet and Doppler will never require direct access to your database.

Requirements

📷

Requires an upgraded subscription

This feature is exclusive to our Enterprise Plan. Book a demo to see it in action.

Lambda Proxy Setup

🚧

The Lambda proxy setup must be completed before the steps below

Overview

Once you've configured a Lambda proxy, the MS SQL Server database rotation setup can be completed by providing the following properties, each of which are covered in more detail below:

  • Database Rotation Configuration: The rotated secret name - which prefixes each individual secret - and the rotation interval
  • Database Settings: Connection details used by the Lambda function to connect to your database
  • Managing User Credentials: Username and password used by the Lambda function to connect to the database and rotate a user's password
  • Users: MS SQL Server users whose passwords are rotated

Configuration and Database Settings

  • Rotated Secret Name: The name of the rotated secret object; it will also prefix each of the secrets that Doppler injects into your config. For example, if DB_USER is entered, the following secrets would be injected into your config:
    • DB_USER_HOST
    • DB_USER_PORT
    • DB_USER_DATABASE
    • DB_USER_USERNAME
    • DB_USER_PASSWORD
  • Interval: How often your MS SQL Server passwords are rotated
  • Database Host: The hostname or IP of your SQL Server database
  • Database Name: The name of your SQL Server database where the contained users are defined
  • Database Port: The port to connect on for your SQL Server database. Defaults to 1433

Users

During the rotation process, Doppler rotates between the SQL Server users you provide during the rotation configuration process. By providing the users to Doppler, Doppler doesn't need the ability to create new users - just update user passwords.

Note that unlike other database rotation engines, the AWS MS SQL Server engine does not require a managing user. Instead, this engine uses two contained users who are able to rotate their own passwords.

Updated about 15 hours ago