From bd1e06d9539a4a37ac42cbcfc993dbeab4910788 Mon Sep 17 00:00:00 2001 From: Jonathan Remy Date: Wed, 27 Aug 2025 12:08:19 +0200 Subject: [PATCH] docs: document password requirements for database resources --- docs/resources/mongodb_instance.md | 2 +- docs/resources/rdb_instance.md | 29 ++++++++++++++++++++++++++++- docs/resources/rdb_user.md | 13 ++++++++++--- docs/resources/redis_cluster.md | 2 +- 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/docs/resources/mongodb_instance.md b/docs/resources/mongodb_instance.md index a4b550657e..ae3c3c8279 100644 --- a/docs/resources/mongodb_instance.md +++ b/docs/resources/mongodb_instance.md @@ -95,7 +95,7 @@ The following arguments are supported: - `version` - (Optional) MongoDB® version of the instance. - `node_type` - (Required) The type of MongoDB® intance to create. - `user_name` - (Optional) Name of the user created when the intance is created. -- `password` - (Optional) Password of the user. +- `password` - (Optional) Password of the user. The password must contain at least 1 digit, 1 uppercase letter, 1 lowercase letter, and 1 special character. For secure password generation, consider using the `random_password` resource with appropriate parameters. - `name` - (Optional) Name of the MongoDB® instance. - `tags` - (Optional) List of tags attached to the MongoDB® instance. - `volume_type` - (Optional) Volume type of the instance. diff --git a/docs/resources/rdb_instance.md b/docs/resources/rdb_instance.md index 8deb6a9a5c..33a95e13ec 100644 --- a/docs/resources/rdb_instance.md +++ b/docs/resources/rdb_instance.md @@ -25,6 +25,33 @@ resource "scaleway_rdb_instance" "main" { } ``` +### Example with Secure Random Password + +```terraform +resource "random_password" "rdb_password" { + length = 24 + special = true + upper = true + lower = true + numeric = true + min_upper = 1 + min_lower = 1 + min_numeric = 1 + min_special = 1 +} + +resource "scaleway_rdb_instance" "main" { + name = "test-rdb" + node_type = "DB-DEV-S" + engine = "PostgreSQL-15" + is_ha_cluster = true + disable_backup = true + user_name = "my_initial_user" + password = random_password.rdb_password.result + encryption_at_rest = true +} +``` + ### Example Block Storage Low Latency ```terraform @@ -153,7 +180,7 @@ interruption. ~> **Important** Updates to `user_name` will recreate the Database Instance. -- `password` - (Optional) Password for the first user of the Database Instance. +- `password` - (Optional) Password for the first user of the Database Instance. The password must contain at least 1 digit, 1 uppercase letter, 1 lowercase letter, and 1 special character. For secure password generation, consider using the `random_password` resource with appropriate parameters. - `is_ha_cluster` - (Optional) Enable or disable high availability for the Database Instance. diff --git a/docs/resources/rdb_user.md b/docs/resources/rdb_user.md index 64bf6f74e8..180759c4e7 100644 --- a/docs/resources/rdb_user.md +++ b/docs/resources/rdb_user.md @@ -24,8 +24,15 @@ resource "scaleway_rdb_instance" "main" { } resource "random_password" "db_password" { - length = 16 - special = true + length = 20 + special = true + upper = true + lower = true + numeric = true + min_upper = 1 + min_lower = 1 + min_numeric = 1 + min_special = 1 } resource "scaleway_rdb_user" "db_admin" { @@ -48,7 +55,7 @@ The following arguments are supported: ~> **Important:** Updates to `name` will recreate the database user. -- `password` - (Required) database user password. +- `password` - (Required) database user password. The password must contain at least 1 digit, 1 uppercase letter, 1 lowercase letter, and 1 special character. For secure password generation, consider using the `random_password` resource with appropriate parameters. - `is_admin` - (Optional) Grant admin permissions to the database user. diff --git a/docs/resources/redis_cluster.md b/docs/resources/redis_cluster.md index cc63b42488..f27ff71e93 100644 --- a/docs/resources/redis_cluster.md +++ b/docs/resources/redis_cluster.md @@ -89,7 +89,7 @@ you cannot downgrade a Redis™ cluster. - `user_name` - (Required) Identifier for the first user of the Redis™ cluster. -- `password` - (Required) Password for the first user of the Redis™ cluster. +- `password` - (Required) Password for the first user of the Redis™ cluster. The password must contain at least 1 digit, 1 uppercase letter, 1 lowercase letter, and 1 special character. For secure password generation, consider using the `random_password` resource with appropriate parameters. - `name` - (Optional) The name of the Redis™ cluster.