@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
833 lines • 69 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
import * as enums from "../types/enums";
/**
* Manages a [RDS Aurora Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Aurora.html) or a [RDS Multi-AZ DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html). To manage cluster instances that inherit configuration from the cluster (when not running the cluster in `serverless` engine mode), see the `aws.rds.ClusterInstance` resource. To manage non-Aurora DB instances (e.g., MySQL, PostgreSQL, SQL Server, etc.), see the `aws.rds.Instance` resource.
*
* For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.
*
* Changes to an RDS Cluster can occur when you manually change a parameter, such as `port`, and are reflected in the next maintenance window. Because of this, this provider may report a difference in its planning phase because a modification has not yet taken place. You can use the `applyImmediately` flag to instruct the service to apply the change immediately (see documentation below).
*
* > **Note:** Multi-AZ DB clusters are supported only for the MySQL and PostgreSQL DB engines.
*
* > **Note:** `caCertificateIdentifier` is only supported for Multi-AZ DB clusters.
*
* > **Note:** using `applyImmediately` can result in a brief downtime as the server reboots. See the AWS Docs on [RDS Maintenance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html) for more information.
*
* > **Note:** All arguments including the username and password will be stored in the raw state as plain-text.
* **NOTE on RDS Clusters and RDS Cluster Role Associations:** Pulumi provides both a standalone RDS Cluster Role Association - (an association between an RDS Cluster and a single IAM Role) and an RDS Cluster resource with `iamRoles` attributes. Use one resource or the other to associate IAM Roles and RDS Clusters. Not doing so will cause a conflict of associations and will result in the association being overwritten.
*
* ## Example Usage
*
* ### Aurora MySQL 2.x (MySQL 5.7)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _default = new aws.rds.Cluster("default", {
* clusterIdentifier: "aurora-cluster-demo",
* engine: aws.rds.EngineType.AuroraMysql,
* engineVersion: "5.7.mysql_aurora.2.03.2",
* availabilityZones: [
* "us-west-2a",
* "us-west-2b",
* "us-west-2c",
* ],
* databaseName: "mydb",
* masterUsername: "foo",
* masterPassword: "must_be_eight_characters",
* backupRetentionPeriod: 5,
* preferredBackupWindow: "07:00-09:00",
* });
* ```
*
* ### Aurora MySQL 1.x (MySQL 5.6)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _default = new aws.rds.Cluster("default", {
* clusterIdentifier: "aurora-cluster-demo",
* availabilityZones: [
* "us-west-2a",
* "us-west-2b",
* "us-west-2c",
* ],
* databaseName: "mydb",
* masterUsername: "foo",
* masterPassword: "must_be_eight_characters",
* backupRetentionPeriod: 5,
* preferredBackupWindow: "07:00-09:00",
* });
* ```
*
* ### Aurora with PostgreSQL engine
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const postgresql = new aws.rds.Cluster("postgresql", {
* clusterIdentifier: "aurora-cluster-demo",
* engine: aws.rds.EngineType.AuroraPostgresql,
* availabilityZones: [
* "us-west-2a",
* "us-west-2b",
* "us-west-2c",
* ],
* databaseName: "mydb",
* masterUsername: "foo",
* masterPassword: "must_be_eight_characters",
* backupRetentionPeriod: 5,
* preferredBackupWindow: "07:00-09:00",
* });
* ```
*
* ### RDS Multi-AZ Cluster
*
* > More information about RDS Multi-AZ Clusters can be found in the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html).
*
* To create a Multi-AZ RDS cluster, you must additionally specify the `engine`, `storageType`, `allocatedStorage`, `iops` and `dbClusterInstanceClass` attributes.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.rds.Cluster("example", {
* clusterIdentifier: "example",
* availabilityZones: [
* "us-west-2a",
* "us-west-2b",
* "us-west-2c",
* ],
* engine: aws.rds.EngineType.Mysql,
* dbClusterInstanceClass: "db.r6gd.xlarge",
* storageType: "io1",
* allocatedStorage: 100,
* iops: 1000,
* masterUsername: "test",
* masterPassword: "mustbeeightcharaters",
* });
* ```
*
* ### RDS Serverless v2 Cluster
*
* > More information about RDS Serverless v2 Clusters can be found in the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html).
*
* > **Note:** Unlike Serverless v1, in Serverless v2 the `storageEncrypted` value is set to `false` by default.
* This is because Serverless v1 uses the `serverless` `engineMode`, but Serverless v2 uses the `provisioned` `engineMode`.
*
* To create a Serverless v2 RDS cluster, you must additionally specify the `engineMode` and `serverlessv2ScalingConfiguration` attributes. An `aws.rds.ClusterInstance` resource must also be added to the cluster with the `instanceClass` attribute specified.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.rds.Cluster("example", {
* clusterIdentifier: "example",
* engine: aws.rds.EngineType.AuroraPostgresql,
* engineMode: aws.rds.EngineMode.Provisioned,
* engineVersion: "13.6",
* databaseName: "test",
* masterUsername: "test",
* masterPassword: "must_be_eight_characters",
* storageEncrypted: true,
* serverlessv2ScalingConfiguration: {
* maxCapacity: 1,
* minCapacity: 0,
* secondsUntilAutoPause: 3600,
* },
* });
* const exampleClusterInstance = new aws.rds.ClusterInstance("example", {
* clusterIdentifier: example.id,
* instanceClass: "db.serverless",
* engine: example.engine.apply((x) => aws.rds.EngineType[x]),
* engineVersion: example.engineVersion,
* });
* ```
*
* ### RDS/Aurora Managed Master Passwords via Secrets Manager, default KMS Key
*
* > More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).
*
* You can specify the `manageMasterUserPassword` attribute to enable managing the master password with Secrets Manager. You can also update an existing cluster to use Secrets Manager by specify the `manageMasterUserPassword` attribute and removing the `masterPassword` attribute (removal is required).
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const test = new aws.rds.Cluster("test", {
* clusterIdentifier: "example",
* databaseName: "test",
* manageMasterUserPassword: true,
* masterUsername: "test",
* });
* ```
*
* ### RDS/Aurora Managed Master Passwords via Secrets Manager, specific KMS Key
*
* > More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).
*
* You can specify the `masterUserSecretKmsKeyId` attribute to specify a specific KMS Key.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.kms.Key("example", {description: "Example KMS Key"});
* const test = new aws.rds.Cluster("test", {
* clusterIdentifier: "example",
* databaseName: "test",
* manageMasterUserPassword: true,
* masterUsername: "test",
* masterUserSecretKmsKeyId: example.keyId,
* });
* ```
*
* ### Global Cluster Restored From Snapshot
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = aws.rds.getClusterSnapshot({
* dbClusterIdentifier: "example-original-cluster",
* mostRecent: true,
* });
* const exampleCluster = new aws.rds.Cluster("example", {
* engine: aws.rds.EngineType.Aurora,
* engineVersion: "5.6.mysql_aurora.1.22.4",
* clusterIdentifier: "example",
* snapshotIdentifier: example.then(example => example.id),
* });
* const exampleGlobalCluster = new aws.rds.GlobalCluster("example", {
* globalClusterIdentifier: "example",
* sourceDbClusterIdentifier: exampleCluster.arn,
* forceDestroy: true,
* });
* ```
*
* ## Import
*
* Using `pulumi import`, import RDS Clusters using the `cluster_identifier`. For example:
*
* ```sh
* $ pulumi import aws:rds/cluster:Cluster aurora_cluster aurora-prod-cluster
* ```
*/
export declare class Cluster extends pulumi.CustomResource {
/**
* Get an existing Cluster resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ClusterState, opts?: pulumi.CustomResourceOptions): Cluster;
/**
* Returns true if the given object is an instance of Cluster. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Cluster;
/**
* The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.
*/
readonly allocatedStorage: pulumi.Output<number>;
/**
* Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`.
*/
readonly allowMajorVersionUpgrade: pulumi.Output<boolean | undefined>;
/**
* Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
*/
readonly applyImmediately: pulumi.Output<boolean>;
/**
* Amazon Resource Name (ARN) of cluster
*/
readonly arn: pulumi.Output<string>;
/**
* List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created.
* RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next pulumi up.
* We recommend specifying 3 AZs or using the `lifecycle` configuration block `ignoreChanges` argument if necessary.
* A maximum of 3 AZs can be configured.
*/
readonly availabilityZones: pulumi.Output<string[]>;
/**
* Target backtrack window, in seconds. Only available for `aurora` and `aurora-mysql` engines currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)
*/
readonly backtrackWindow: pulumi.Output<number | undefined>;
/**
* Days to retain backups for. Default `1`
*/
readonly backupRetentionPeriod: pulumi.Output<number>;
/**
* The CA certificate identifier to use for the DB cluster's server certificate.
*/
readonly caCertificateIdentifier: pulumi.Output<string>;
/**
* Expiration date of the DB instance’s server certificate
*/
readonly caCertificateValidTill: pulumi.Output<string>;
/**
* The cluster identifier. If omitted, this provider will assign a random, unique identifier.
*/
readonly clusterIdentifier: pulumi.Output<string>;
/**
* Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `clusterIdentifier`.
*/
readonly clusterIdentifierPrefix: pulumi.Output<string>;
/**
* List of RDS Instances that are a part of this cluster
*/
readonly clusterMembers: pulumi.Output<string[]>;
/**
* RDS Cluster Resource ID
*/
readonly clusterResourceId: pulumi.Output<string>;
/**
* Specifies the scalability mode of the Aurora DB cluster. When set to `limitless`, the cluster operates as an Aurora Limitless Database. When set to `standard` (the default), the cluster uses normal DB instance creation. Valid values: `limitless`, `standard`.
*/
readonly clusterScalabilityType: pulumi.Output<string>;
/**
* Copy all Cluster `tags` to snapshots. Default is `false`.
*/
readonly copyTagsToSnapshot: pulumi.Output<boolean | undefined>;
/**
* The mode of Database Insights to enable for the DB cluster. Valid values: `standard`, `advanced`.
*/
readonly databaseInsightsMode: pulumi.Output<string>;
/**
* Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)
*/
readonly databaseName: pulumi.Output<string>;
/**
* The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6g.xlarge`. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide.
*/
readonly dbClusterInstanceClass: pulumi.Output<string | undefined>;
/**
* A cluster parameter group to associate with the cluster.
*/
readonly dbClusterParameterGroupName: pulumi.Output<string>;
/**
* Instance parameter group to associate with all instances of the DB cluster. The `dbInstanceParameterGroupName` parameter is only valid in combination with the `allowMajorVersionUpgrade` parameter.
*/
readonly dbInstanceParameterGroupName: pulumi.Output<string | undefined>;
/**
* DB subnet group to associate with this DB cluster.
* **NOTE:** This must match the `dbSubnetGroupName` specified on every `aws.rds.ClusterInstance` in the cluster.
*/
readonly dbSubnetGroupName: pulumi.Output<string>;
/**
* For use with RDS Custom.
*/
readonly dbSystemId: pulumi.Output<string>;
/**
* Specifies whether to remove automated backups immediately after the DB cluster is deleted. Default is `true`.
*/
readonly deleteAutomatedBackups: pulumi.Output<boolean | undefined>;
/**
* If the DB cluster should have deletion protection enabled.
* The database can't be deleted when this value is set to `true`.
* The default is `false`.
*/
readonly deletionProtection: pulumi.Output<boolean | undefined>;
/**
* The ID of the Directory Service Active Directory domain to create the cluster in.
*/
readonly domain: pulumi.Output<string | undefined>;
/**
* The name of the IAM role to be used when making API calls to the Directory Service.
*/
readonly domainIamRoleName: pulumi.Output<string | undefined>;
/**
* Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws.rds.GlobalCluster`'s primary cluster. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html) for more information.
*/
readonly enableGlobalWriteForwarding: pulumi.Output<boolean | undefined>;
/**
* Enable HTTP endpoint (data API). Only valid for some combinations of `engineMode`, `engine` and `engineVersion` and only available in some regions. See the [Region and version availability](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html#data-api.regions) section of the documentation. This option also does not work with any of these options specified: `snapshotIdentifier`, `replicationSourceIdentifier`, `s3Import`.
*/
readonly enableHttpEndpoint: pulumi.Output<boolean | undefined>;
/**
* Whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html) for more information. **NOTE:** Local write forwarding requires Aurora MySQL version 3.04 or higher.
*/
readonly enableLocalWriteForwarding: pulumi.Output<boolean | undefined>;
/**
* Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `iam-db-auth-error`, `instance`, `postgresql` (PostgreSQL), `slowquery`.
*/
readonly enabledCloudwatchLogsExports: pulumi.Output<string[] | undefined>;
/**
* DNS address of the RDS instance
*/
readonly endpoint: pulumi.Output<string>;
/**
* Name of the database engine to be used for this DB cluster. Valid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`. (Note that `mysql` and `postgres` are Multi-AZ RDS clusters).
*/
readonly engine: pulumi.Output<string>;
/**
* The life cycle type for this DB instance. This setting is valid for cluster types Aurora DB clusters and Multi-AZ DB clusters. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*/
readonly engineLifecycleSupport: pulumi.Output<string>;
/**
* Database engine mode. Valid values: `global` (only valid for Aurora MySQL 1.21 and earlier), `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. Specify an empty value (`""`) for no engine mode. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) for limitations when using `serverless`.
*/
readonly engineMode: pulumi.Output<string | undefined>;
/**
* Database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value, or by running `aws rds describe-db-engine-versions`. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. The value can contain a partial version where supported by the API. The actual engine version used is returned in the attribute `engineVersionActual`, , see Attribute Reference below.
*/
readonly engineVersion: pulumi.Output<string>;
/**
* Running version of the database.
*/
readonly engineVersionActual: pulumi.Output<string>;
/**
* Name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.
*/
readonly finalSnapshotIdentifier: pulumi.Output<string | undefined>;
/**
* Global cluster identifier specified on `aws.rds.GlobalCluster`.
*/
readonly globalClusterIdentifier: pulumi.Output<string | undefined>;
/**
* Route53 Hosted Zone ID of the endpoint
*/
readonly hostedZoneId: pulumi.Output<string>;
/**
* Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.
*/
readonly iamDatabaseAuthenticationEnabled: pulumi.Output<boolean | undefined>;
/**
* List of ARNs for the IAM roles to associate to the RDS Cluster.
*/
readonly iamRoles: pulumi.Output<string[]>;
/**
* Amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid Iops values, see [Amazon RDS Provisioned IOPS storage to improve performance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. (This setting is required to create a Multi-AZ DB cluster). Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
*/
readonly iops: pulumi.Output<number | undefined>;
/**
* ARN for the KMS encryption key. When specifying `kmsKeyId`, `storageEncrypted` needs to be set to true.
*/
readonly kmsKeyId: pulumi.Output<string>;
/**
* Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `masterPassword` is provided.
*/
readonly manageMasterUserPassword: pulumi.Output<boolean | undefined>;
/**
* Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). Cannot be set if `manageMasterUserPassword` is set to `true`.
*/
readonly masterPassword: pulumi.Output<string | undefined>;
/**
* Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.
*/
readonly masterUserSecretKmsKeyId: pulumi.Output<string>;
/**
* Block that specifies the master user secret. Only available when `manageMasterUserPassword` is set to true. Documented below.
*/
readonly masterUserSecrets: pulumi.Output<outputs.rds.ClusterMasterUserSecret[]>;
/**
* Username for the master DB user. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.
*/
readonly masterUsername: pulumi.Output<string>;
/**
* Interval, in seconds, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.
*/
readonly monitoringInterval: pulumi.Output<number>;
/**
* ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html#USER_Monitoring.OS.IAMRole.html) what IAM permissions are needed to allow Enhanced Monitoring for RDS Clusters.
*/
readonly monitoringRoleArn: pulumi.Output<string>;
/**
* Network type of the cluster. Valid values: `IPV4`, `DUAL`.
*/
readonly networkType: pulumi.Output<string>;
/**
* Enables Performance Insights.
*/
readonly performanceInsightsEnabled: pulumi.Output<boolean | undefined>;
/**
* Specifies the KMS Key ID to encrypt Performance Insights data. If not specified, the default RDS KMS key will be used (`aws/rds`).
*/
readonly performanceInsightsKmsKeyId: pulumi.Output<string>;
/**
* Specifies the amount of time to retain performance insights data for. Defaults to 7 days if Performance Insights are enabled. Valid values are `7`, `month * 31` (where month is a number of months from 1-23), and `731`. See [here](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.Overview.cost.html) for more information on retention periods.
*/
readonly performanceInsightsRetentionPeriod: pulumi.Output<number>;
/**
* Port on which the DB accepts connections.
*/
readonly port: pulumi.Output<number>;
/**
* Daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region, e.g. `04:00-09:00`.
*/
readonly preferredBackupWindow: pulumi.Output<string>;
/**
* Weekly time range during which system maintenance can occur, in (UTC) e.g., `wed:04:00-wed:04:30`
*/
readonly preferredMaintenanceWindow: pulumi.Output<string>;
/**
* Read-only endpoint for the Aurora cluster, automatically
* load-balanced across replicas
*/
readonly readerEndpoint: pulumi.Output<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. **Note:** Removing this attribute after creation will promote the read replica to a standalone cluster. If DB Cluster is part of a Global Cluster, use the `ignoreChanges` resource option to prevent Pulumi from showing differences for this argument instead of configuring this value.
*/
readonly replicationSourceIdentifier: pulumi.Output<string | undefined>;
/**
* Nested attribute for [point in time restore](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-pitr.html). More details below.
*/
readonly restoreToPointInTime: pulumi.Output<outputs.rds.ClusterRestoreToPointInTime | undefined>;
readonly s3Import: pulumi.Output<outputs.rds.ClusterS3Import | undefined>;
/**
* Nested attribute with scaling properties. Only valid when `engineMode` is set to `serverless`. More details below.
*/
readonly scalingConfiguration: pulumi.Output<outputs.rds.ClusterScalingConfiguration | undefined>;
/**
* Nested attribute with scaling properties for ServerlessV2. Only valid when `engineMode` is set to `provisioned`. More details below.
*/
readonly serverlessv2ScalingConfiguration: pulumi.Output<outputs.rds.ClusterServerlessv2ScalingConfiguration | undefined>;
/**
* Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `finalSnapshotIdentifier`. Default is `false`.
*/
readonly skipFinalSnapshot: pulumi.Output<boolean | undefined>;
/**
* Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Conflicts with `globalClusterIdentifier`. Clusters cannot be restored from snapshot **and** joined to an existing global cluster in a single operation. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-getting-started.html#aurora-global-database.use-snapshot) or the Global Cluster Restored From Snapshot example for instructions on building a global cluster starting with a snapshot.
*/
readonly snapshotIdentifier: pulumi.Output<string | undefined>;
/**
* The source region for an encrypted replica DB cluster.
*/
readonly sourceRegion: pulumi.Output<string | undefined>;
/**
* Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engineMode` and `true` for `serverless` `engineMode`. When restoring an unencrypted `snapshotIdentifier`, the `kmsKeyId` argument must be provided to encrypt the restored cluster. The provider will only perform drift detection if a configuration value is provided.
*/
readonly storageEncrypted: pulumi.Output<boolean>;
/**
* (Forces new for Multi-AZ DB clusters) Specifies the storage type to be associated with the DB cluster. For Aurora DB clusters, `storageType` modifications can be done in-place. For Multi-AZ DB Clusters, the `iops` argument must also be set. Valid values are: `""`, `aurora-iopt1` (Aurora DB Clusters); `io1`, `io2` (Multi-AZ DB Clusters). Default: `""` (Aurora DB Clusters); `io1` (Multi-AZ DB Clusters).
*/
readonly storageType: pulumi.Output<string>;
/**
* A map of tags to assign to the DB cluster. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* List of VPC security groups to associate with the Cluster
*
* For more detailed documentation about each argument, refer to
* the AWS official documentation:
*
* * [create-db-cluster](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html)
* * [modify-db-cluster](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster.html)
*/
readonly vpcSecurityGroupIds: pulumi.Output<string[]>;
/**
* Create a Cluster resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ClusterArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Cluster resources.
*/
export interface ClusterState {
/**
* The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.
*/
allocatedStorage?: pulumi.Input<number>;
/**
* Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`.
*/
allowMajorVersionUpgrade?: pulumi.Input<boolean>;
/**
* Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
*/
applyImmediately?: pulumi.Input<boolean>;
/**
* Amazon Resource Name (ARN) of cluster
*/
arn?: pulumi.Input<string>;
/**
* List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created.
* RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next pulumi up.
* We recommend specifying 3 AZs or using the `lifecycle` configuration block `ignoreChanges` argument if necessary.
* A maximum of 3 AZs can be configured.
*/
availabilityZones?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Target backtrack window, in seconds. Only available for `aurora` and `aurora-mysql` engines currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours)
*/
backtrackWindow?: pulumi.Input<number>;
/**
* Days to retain backups for. Default `1`
*/
backupRetentionPeriod?: pulumi.Input<number>;
/**
* The CA certificate identifier to use for the DB cluster's server certificate.
*/
caCertificateIdentifier?: pulumi.Input<string>;
/**
* Expiration date of the DB instance’s server certificate
*/
caCertificateValidTill?: pulumi.Input<string>;
/**
* The cluster identifier. If omitted, this provider will assign a random, unique identifier.
*/
clusterIdentifier?: pulumi.Input<string>;
/**
* Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `clusterIdentifier`.
*/
clusterIdentifierPrefix?: pulumi.Input<string>;
/**
* List of RDS Instances that are a part of this cluster
*/
clusterMembers?: pulumi.Input<pulumi.Input<string>[]>;
/**
* RDS Cluster Resource ID
*/
clusterResourceId?: pulumi.Input<string>;
/**
* Specifies the scalability mode of the Aurora DB cluster. When set to `limitless`, the cluster operates as an Aurora Limitless Database. When set to `standard` (the default), the cluster uses normal DB instance creation. Valid values: `limitless`, `standard`.
*/
clusterScalabilityType?: pulumi.Input<string>;
/**
* Copy all Cluster `tags` to snapshots. Default is `false`.
*/
copyTagsToSnapshot?: pulumi.Input<boolean>;
/**
* The mode of Database Insights to enable for the DB cluster. Valid values: `standard`, `advanced`.
*/
databaseInsightsMode?: pulumi.Input<string>;
/**
* Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints)
*/
databaseName?: pulumi.Input<string>;
/**
* The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6g.xlarge`. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide.
*/
dbClusterInstanceClass?: pulumi.Input<string>;
/**
* A cluster parameter group to associate with the cluster.
*/
dbClusterParameterGroupName?: pulumi.Input<string>;
/**
* Instance parameter group to associate with all instances of the DB cluster. The `dbInstanceParameterGroupName` parameter is only valid in combination with the `allowMajorVersionUpgrade` parameter.
*/
dbInstanceParameterGroupName?: pulumi.Input<string>;
/**
* DB subnet group to associate with this DB cluster.
* **NOTE:** This must match the `dbSubnetGroupName` specified on every `aws.rds.ClusterInstance` in the cluster.
*/
dbSubnetGroupName?: pulumi.Input<string>;
/**
* For use with RDS Custom.
*/
dbSystemId?: pulumi.Input<string>;
/**
* Specifies whether to remove automated backups immediately after the DB cluster is deleted. Default is `true`.
*/
deleteAutomatedBackups?: pulumi.Input<boolean>;
/**
* If the DB cluster should have deletion protection enabled.
* The database can't be deleted when this value is set to `true`.
* The default is `false`.
*/
deletionProtection?: pulumi.Input<boolean>;
/**
* The ID of the Directory Service Active Directory domain to create the cluster in.
*/
domain?: pulumi.Input<string>;
/**
* The name of the IAM role to be used when making API calls to the Directory Service.
*/
domainIamRoleName?: pulumi.Input<string>;
/**
* Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws.rds.GlobalCluster`'s primary cluster. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html) for more information.
*/
enableGlobalWriteForwarding?: pulumi.Input<boolean>;
/**
* Enable HTTP endpoint (data API). Only valid for some combinations of `engineMode`, `engine` and `engineVersion` and only available in some regions. See the [Region and version availability](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html#data-api.regions) section of the documentation. This option also does not work with any of these options specified: `snapshotIdentifier`, `replicationSourceIdentifier`, `s3Import`.
*/
enableHttpEndpoint?: pulumi.Input<boolean>;
/**
* Whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.. See the [User Guide for Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html) for more information. **NOTE:** Local write forwarding requires Aurora MySQL version 3.04 or higher.
*/
enableLocalWriteForwarding?: pulumi.Input<boolean>;
/**
* Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `iam-db-auth-error`, `instance`, `postgresql` (PostgreSQL), `slowquery`.
*/
enabledCloudwatchLogsExports?: pulumi.Input<pulumi.Input<string>[]>;
/**
* DNS address of the RDS instance
*/
endpoint?: pulumi.Input<string>;
/**
* Name of the database engine to be used for this DB cluster. Valid Values: `aurora-mysql`, `aurora-postgresql`, `mysql`, `postgres`. (Note that `mysql` and `postgres` are Multi-AZ RDS clusters).
*/
engine?: pulumi.Input<string | enums.rds.EngineType>;
/**
* The life cycle type for this DB instance. This setting is valid for cluster types Aurora DB clusters and Multi-AZ DB clusters. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*/
engineLifecycleSupport?: pulumi.Input<string>;
/**
* Database engine mode. Valid values: `global` (only valid for Aurora MySQL 1.21 and earlier), `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. Specify an empty value (`""`) for no engine mode. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) for limitations when using `serverless`.
*/
engineMode?: pulumi.Input<string | enums.rds.EngineMode>;
/**
* Database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value, or by running `aws rds describe-db-engine-versions`. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. The value can contain a partial version where supported by the API. The actual engine version used is returned in the attribute `engineVersionActual`, , see Attribute Reference below.
*/
engineVersion?: pulumi.Input<string>;
/**
* Running version of the database.
*/
engineVersionActual?: pulumi.Input<string>;
/**
* Name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made.
*/
finalSnapshotIdentifier?: pulumi.Input<string>;
/**
* Global cluster identifier specified on `aws.rds.GlobalCluster`.
*/
globalClusterIdentifier?: pulumi.Input<string>;
/**
* Route53 Hosted Zone ID of the endpoint
*/
hostedZoneId?: pulumi.Input<string>;
/**
* Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations.
*/
iamDatabaseAuthenticationEnabled?: pulumi.Input<boolean>;
/**
* List of ARNs for the IAM roles to associate to the RDS Cluster.
*/
iamRoles?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid Iops values, see [Amazon RDS Provisioned IOPS storage to improve performance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. (This setting is required to create a Multi-AZ DB cluster). Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
*/
iops?: pulumi.Input<number>;
/**
* ARN for the KMS encryption key. When specifying `kmsKeyId`, `storageEncrypted` needs to be set to true.
*/
kmsKeyId?: pulumi.Input<string>;
/**
* Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `masterPassword` is provided.
*/
manageMasterUserPassword?: pulumi.Input<boolean>;
/**
* Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). Cannot be set if `manageMasterUserPassword` is set to `true`.
*/
masterPassword?: pulumi.Input<string>;
/**
* Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.
*/
masterUserSecretKmsKeyId?: pulumi.Input<string>;
/**
* Block that specifies the master user secret. Only available when `manageMasterUserPassword` is set to true. Documented below.
*/
masterUserSecrets?: pulumi.Input<pulumi.Input<inputs.rds.ClusterMasterUserSecret>[]>;
/**
* Username for the master DB user. Please refer to the [RDS Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints). This argument does not support in-place updates and cannot be changed during a restore from snapshot.
*/
masterUsername?: pulumi.Input<string>;
/**
* Interval, in seconds, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.
*/
monitoringInterval?: pulumi.Input<number>;
/**
* ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html#USER_Monitoring.OS.IAMRole.html) what IAM permissions are needed to allow Enhanced Monitoring for RDS Clusters.
*/
monitoringRoleArn?: pulumi.Input<string>;
/**
* Network type of the cluster. Valid values: `IPV4`, `DUAL`.
*/
networkType?: pulumi.Input<string>;
/**
* Enables Performance Insights.
*/
performanceInsightsEnabled?: pulumi.Input<boolean>;
/**
* Specifies the KMS Key ID to encrypt Performance Insights data. If not specified, the default RDS KMS key will be used (`aws/rds`).
*/
performanceInsightsKmsKeyId?: pulumi.Input<string>;
/**
* Specifies the amount of time to retain performance insights data for. Defaults to 7 days if Performance Insights are enabled. Valid values are `7`, `month * 31` (where month is a number of months from 1-23), and `731`. See [here](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.Overview.cost.html) for more information on retention periods.
*/
performanceInsightsRetentionPeriod?: pulumi.Input<number>;
/**
* Port on which the DB accepts connections.
*/
port?: pulumi.Input<number>;
/**
* Daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region, e.g. `04:00-09:00`.
*/
preferredBackupWindow?: pulumi.Input<string>;
/**
* Weekly time range during which system maintenance can occur, in (UTC) e.g., `wed:04:00-wed:04:30`
*/
preferredMaintenanceWindow?: pulumi.Input<string>;
/**
* Read-only endpoint for the Aurora cluster, automatically
* load-balanced across replicas
*/
readerEndpoint?: pulumi.Input<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. **Note:** Removing this attribute after creation will promote the read replica to a standalone cluster. If DB Cluster is part of a Global Cluster, use the `ignoreChanges` resource option to prevent Pulumi from showing differences for this argument instead of configuring this value.
*/
replicationSourceIdentifier?: pulumi.Input<string>;
/**
* Nested attribute for [point in time restore](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-pitr.html). More details below.
*/
restoreToPointInTime?: pulumi.Input<inputs.rds.ClusterRestoreToPointInTime>;
s3Import?: pulumi.Input<inputs.rds.ClusterS3Import>;
/**
* Nested attribute with scaling properties. Only valid when `engineMode` is set to `serverless`. More details below.
*/
scalingConfiguration?: pulumi.Input<inputs.rds.ClusterScalingConfiguration>;
/**
* Nested attribute with scaling properties for ServerlessV2. Only valid when `engineMode` is set to `provisioned`. More details below.
*/
serverlessv2ScalingConfiguration?: pulumi.Input<inputs.rds.ClusterServerlessv2ScalingConfiguration>;
/**
* Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `finalSnapshotIdentifier`. Default is `false`.
*/
skipFinalSnapshot?: pulumi.Input<boolean>;
/**
* Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. Conflicts with `globalClusterIdentifier`. Clusters cannot be restored from snapshot **and** joined to an existing global cluster in a single operation. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-getting-started.html#aurora-global-database.use-snapshot) or the Global Cluster Restored From Snapshot example for instructions on building a global cluster starting with a snapshot.
*/
snapshotIdentifier?: pulumi.Input<string>;
/**
* The source region for an encrypted replica DB cluster.
*/
sourceRegion?: pulumi.Input<string>;
/**
* Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engineMode` and `true` for `serverless` `engineMode`. When restoring an unencrypted `snapshotIdentifier`, the `kmsKeyId` argument must be provided to encrypt the restored cluster. The provider will only perform drift detection if a configuration value is provided.
*/
storageEncrypted?: pulumi.Input<boolean>;
/**
* (Forces new for Multi-AZ DB clusters) Specifies the storage type to be associated with the DB cluster. For Aurora DB clusters, `storageType` modifications can be done in-place. For Multi-AZ DB Clusters, the `iops` argument must also be set. Valid values are: `""`, `aurora-iopt1` (Aurora DB Clusters); `io1`, `io2` (Multi-AZ DB Clusters). Default: `""` (Aurora DB Clusters); `io1` (Multi-AZ DB Clusters).
*/
storageType?: pulumi.Input<string>;
/**
* A map of tags to assign to the DB cluster. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provide