Tools for performing maintenance operations that are not yet automated.
This cli script will rotate the postgres connection password in a specified AWS SecretsManager Secret, update the corresponding role in the postgres database, and trigger all services that depend on postgres connections to retrieve the updated secret.
support_scripts/rotate_pgstac_password.py -h
To use the script, the following AWS resource names are required
--adminthe AWS secret containing the admin postgres connection info. This role will be used to update a pgstac user role. This secret will have a descriptionGenerated by the CDK for stack: veda-backend-<stage>--pgstacthe aws secret containing the pgstac user role to be updated. This secret will have a descriptionPgstac database bootsrapped by veda-backend-<stage> stack--stacand--rasterthe resource names of the STAC and Raster lambdas that are using the pgstac connection secret.
This this tool has a dry run mode that will not alter the database role or AWS secrets --dry.