@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
933 lines • 81.8 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
import * as enums from "../types/enums";
/**
* Provides an RDS instance resource. A DB instance is an isolated database
* environment in the cloud. A DB instance can contain multiple user-created
* databases.
*
* Changes to a DB instance can occur when you manually change a parameter, such as
* `allocatedStorage`, and are reflected in the next maintenance window. Because
* of this, this provider may report a difference in its planning phase because a
* modification has not yet taken place. You can use the `applyImmediately` flag
* to instruct the service to apply the change immediately (see documentation
* below).
*
* When upgrading the major version of an engine, `allowMajorVersionUpgrade` must be set to `true`.
*
* > **Note:** using `applyImmediately` can result in a brief downtime as the server reboots.
* See the AWS Docs on [RDS Instance Maintenance][instance-maintenance] for more information.
*
* > **Note:** All arguments including the username and password will be stored in the raw state as plain-text.
* Read more about sensitive data instate.
*
* ## RDS Instance Class Types
*
* Amazon RDS supports instance classes for the following use cases: General-purpose, Memory-optimized, Burstable Performance, and Optimized-reads.
* For more information please read the AWS RDS documentation about [DB Instance Class Types](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)
*
* ## Low-Downtime Updates
*
* By default, RDS applies updates to DB Instances in-place, which can lead to service interruptions.
* Low-downtime updates minimize service interruptions by performing the updates with an [RDS Blue/Green deployment][blue-green] and switching over the instances when complete.
*
* Low-downtime updates are only available for DB Instances using MySQL, MariaDB and PostgreSQL,
* as other engines are not supported by RDS Blue/Green deployments.
* They cannot be used with DB Instances with replicas.
*
* Backups must be enabled to use low-downtime updates.
*
* Enable low-downtime updates by setting `blue_green_update.enabled` to `true`.
*
* ## Example Usage
*
* ### Basic Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _default = new aws.rds.Instance("default", {
* allocatedStorage: 10,
* dbName: "mydb",
* engine: "mysql",
* engineVersion: "8.0",
* instanceClass: aws.rds.InstanceType.T3_Micro,
* username: "foo",
* password: "foobarbaz",
* parameterGroupName: "default.mysql8.0",
* skipFinalSnapshot: true,
* });
* ```
*
* ### RDS Custom for Oracle Usage with Replica
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* // Lookup the available instance classes for the custom engine for the region being operated in
* const custom_oracle = aws.rds.getOrderableDbInstance({
* engine: "custom-oracle-ee",
* engineVersion: "19.c.ee.002",
* licenseModel: "bring-your-own-license",
* storageType: "gp3",
* preferredInstanceClasses: [
* "db.r5.xlarge",
* "db.r5.2xlarge",
* "db.r5.4xlarge",
* ],
* });
* // The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
* const byId = aws.kms.getKey({
* keyId: "example-ef278353ceba4a5a97de6784565b9f78",
* });
* const _default = new aws.rds.Instance("default", {
* allocatedStorage: 50,
* autoMinorVersionUpgrade: false,
* customIamInstanceProfile: "AWSRDSCustomInstanceProfile",
* backupRetentionPeriod: 7,
* dbSubnetGroupName: dbSubnetGroupName,
* engine: custom_oracle.then(custom_oracle => custom_oracle.engine),
* engineVersion: custom_oracle.then(custom_oracle => custom_oracle.engineVersion),
* identifier: "ee-instance-demo",
* instanceClass: custom_oracle.then(custom_oracle => custom_oracle.instanceClass).apply((x) => aws.rds.InstanceType[x]),
* kmsKeyId: byId.then(byId => byId.arn),
* licenseModel: custom_oracle.then(custom_oracle => custom_oracle.licenseModel),
* multiAz: false,
* password: "avoid-plaintext-passwords",
* username: "test",
* storageEncrypted: true,
* });
* const test_replica = new aws.rds.Instance("test-replica", {
* replicateSourceDb: _default.identifier,
* replicaMode: "mounted",
* autoMinorVersionUpgrade: false,
* customIamInstanceProfile: "AWSRDSCustomInstanceProfile",
* backupRetentionPeriod: 7,
* identifier: "ee-instance-replica",
* instanceClass: custom_oracle.then(custom_oracle => custom_oracle.instanceClass).apply((x) => aws.rds.InstanceType[x]),
* kmsKeyId: byId.then(byId => byId.arn),
* multiAz: false,
* skipFinalSnapshot: true,
* storageEncrypted: true,
* });
* ```
*
* ### RDS Custom for SQL Server
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* // Lookup the available instance classes for the custom engine for the region being operated in
* const custom_sqlserver = aws.rds.getOrderableDbInstance({
* engine: "custom-sqlserver-se",
* engineVersion: "15.00.4249.2.v1",
* storageType: "gp3",
* preferredInstanceClasses: [
* "db.r5.xlarge",
* "db.r5.2xlarge",
* "db.r5.4xlarge",
* ],
* });
* // The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
* const byId = aws.kms.getKey({
* keyId: "example-ef278353ceba4a5a97de6784565b9f78",
* });
* const example = new aws.rds.Instance("example", {
* allocatedStorage: 500,
* autoMinorVersionUpgrade: false,
* customIamInstanceProfile: "AWSRDSCustomSQLServerInstanceProfile",
* backupRetentionPeriod: 7,
* dbSubnetGroupName: dbSubnetGroupName,
* engine: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.engine),
* engineVersion: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.engineVersion),
* identifier: "sql-instance-demo",
* instanceClass: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.instanceClass).apply((x) => aws.rds.InstanceType[x]),
* kmsKeyId: byId.then(byId => byId.arn),
* multiAz: false,
* password: "avoid-plaintext-passwords",
* storageEncrypted: true,
* username: "test",
* });
* ```
*
* ### RDS Db2 Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* // Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
* const _default = aws.rds.getEngineVersion({
* engine: "db2-se",
* });
* // Lookup the available instance classes for the engine in the region being operated in
* const example = Promise.all([_default, _default]).then(([_default, _default1]) => aws.rds.getOrderableDbInstance({
* engine: _default.engine,
* engineVersion: _default1.version,
* licenseModel: "bring-your-own-license",
* storageType: "gp3",
* preferredInstanceClasses: [
* "db.t3.small",
* "db.r6i.large",
* "db.m6i.large",
* ],
* }));
* // The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
* const exampleParameterGroup = new aws.rds.ParameterGroup("example", {
* name: "db-db2-params",
* family: _default.then(_default => _default.parameterGroupFamily),
* parameters: [
* {
* applyMethod: "immediate",
* name: "rds.ibm_customer_id",
* value: "0",
* },
* {
* applyMethod: "immediate",
* name: "rds.ibm_site_id",
* value: "0",
* },
* ],
* });
* // Create the RDS Db2 instance, use the data sources defined to set attributes
* const exampleInstance = new aws.rds.Instance("example", {
* allocatedStorage: 100,
* backupRetentionPeriod: 7,
* dbName: "test",
* engine: example.then(example => example.engine),
* engineVersion: example.then(example => example.engineVersion),
* identifier: "db2-instance-demo",
* instanceClass: example.then(example => example.instanceClass).apply((x) => aws.rds.InstanceType[x]),
* parameterGroupName: exampleParameterGroup.name,
* password: "avoid-plaintext-passwords",
* username: "test",
* });
* ```
*
* ### Storage Autoscaling
*
* To enable Storage Autoscaling with instances that support the feature, define the `maxAllocatedStorage` argument higher than the `allocatedStorage` argument. This provider will automatically hide differences with the `allocatedStorage` argument value if autoscaling occurs.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.rds.Instance("example", {
* allocatedStorage: 50,
* maxAllocatedStorage: 100,
* });
* ```
*
* ### Managed Master Passwords via Secrets Manager, default KMS Key
*
* > More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).
*
* You can specify the `manageMasterUserPassword` attribute to enable managing the master password with Secrets Manager. You can also update an existing cluster to use Secrets Manager by specify the `manageMasterUserPassword` attribute and removing the `password` attribute (removal is required).
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _default = new aws.rds.Instance("default", {
* allocatedStorage: 10,
* dbName: "mydb",
* engine: "mysql",
* engineVersion: "8.0",
* instanceClass: aws.rds.InstanceType.T3_Micro,
* manageMasterUserPassword: true,
* username: "foo",
* parameterGroupName: "default.mysql8.0",
* });
* ```
*
* ### Managed Master Passwords via Secrets Manager, specific KMS Key
*
* > More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the [RDS User Guide](https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/) and [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html).
*
* You can specify the `masterUserSecretKmsKeyId` attribute to specify a specific KMS Key.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.kms.Key("example", {description: "Example KMS Key"});
* const _default = new aws.rds.Instance("default", {
* allocatedStorage: 10,
* dbName: "mydb",
* engine: "mysql",
* engineVersion: "8.0",
* instanceClass: aws.rds.InstanceType.T3_Micro,
* manageMasterUserPassword: true,
* masterUserSecretKmsKeyId: example.keyId,
* username: "foo",
* parameterGroupName: "default.mysql8.0",
* });
* ```
*
* ## Import
*
* Using `pulumi import`, import DB Instances using the `identifier`. For example:
*
* ```sh
* $ pulumi import aws:rds/instance:Instance default mydb-rds-instance
* ```
*/
export declare class Instance extends pulumi.CustomResource {
/**
* Get an existing Instance resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance;
/**
* Returns true if the given object is an instance of Instance. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Instance;
/**
* Specifies the DNS address of the DB instance.
*/
readonly address: pulumi.Output<string>;
/**
* The allocated storage in gibibytes. If `maxAllocatedStorage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If `replicateSourceDb` is set, the value is ignored during the creation of the instance.
*/
readonly allocatedStorage: pulumi.Output<number>;
/**
* Indicates that major version
* upgrades are allowed. Changing this parameter does not result in an outage and
* the change is asynchronously applied as soon as possible.
*/
readonly allowMajorVersionUpgrade: pulumi.Output<boolean | undefined>;
/**
* Specifies whether any database modifications
* are applied immediately, or during the next maintenance window. Default is
* `false`. See [Amazon RDS Documentation for more
* information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
*/
readonly applyImmediately: pulumi.Output<boolean | undefined>;
/**
* The ARN of the RDS instance.
*/
readonly arn: pulumi.Output<string>;
/**
* Indicates that minor engine upgrades
* will be applied automatically to the DB instance during the maintenance window.
* Defaults to true.
*/
readonly autoMinorVersionUpgrade: pulumi.Output<boolean | undefined>;
/**
* The AZ for the RDS instance.
*/
readonly availabilityZone: pulumi.Output<string>;
/**
* The days to retain backups for.
* Must be between `0` and `35`.
* Default is `0`.
* Must be greater than `0` if the database is used as a source for a [Read Replica][instance-replication],
* uses low-downtime updates,
* or will use [RDS Blue/Green deployments][blue-green].
*/
readonly backupRetentionPeriod: pulumi.Output<number>;
/**
* Specifies where automated backups and manual snapshots are stored. Possible values are `region` (default) and `outposts`. See [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) for more information.
*/
readonly backupTarget: pulumi.Output<string>;
/**
* The daily time range (in UTC) during which automated backups are created if they are enabled.
* Example: "09:46-10:16". Must not overlap with `maintenanceWindow`.
*/
readonly backupWindow: pulumi.Output<string>;
/**
* Enables low-downtime updates using [RDS Blue/Green deployments][blue-green].
* See `blueGreenUpdate` below.
*/
readonly blueGreenUpdate: pulumi.Output<outputs.rds.InstanceBlueGreenUpdate | undefined>;
/**
* The identifier of the CA certificate for the DB instance.
*/
readonly caCertIdentifier: pulumi.Output<string>;
/**
* The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation).
* This can't be changed.
* See [Oracle Character Sets Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) or
* [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.
* Cannot be set with `replicateSourceDb`, `restoreToPointInTime`, `s3Import`, or `snapshotIdentifier`.
*/
readonly characterSetName: pulumi.Output<string>;
/**
* Copy all Instance `tags` to snapshots. Default is `false`.
*/
readonly copyTagsToSnapshot: pulumi.Output<boolean | undefined>;
/**
* The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.
*/
readonly customIamInstanceProfile: pulumi.Output<string | undefined>;
/**
* Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See [CoIP for RDS on Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html#rds-on-outposts.coip) for more information.
*
* For more detailed documentation about each argument, refer to the [AWS official
* documentation](http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).
*
* > **NOTE:** Removing the `replicateSourceDb` attribute from an existing RDS
* Replicate database managed by the provider will promote the database to a fully
* standalone database.
*/
readonly customerOwnedIpEnabled: pulumi.Output<boolean | undefined>;
/**
* The mode of Database Insights that is enabled for the instance. Valid values: `standard`, `advanced` .
*/
readonly databaseInsightsMode: pulumi.Output<string>;
/**
* The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.
*/
readonly dbName: pulumi.Output<string>;
/**
* Name of DB subnet group.
* DB instance will be created in the VPC associated with the DB subnet group.
* If unspecified, will be created in the `default` Subnet Group.
* When working with read replicas created in the same region, defaults to the Subnet Group Name of the source DB.
* When working with read replicas created in a different region, defaults to the `default` Subnet Group.
* See [DBSubnetGroupName in API action CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html) for additional read replica constraints.
*/
readonly dbSubnetGroupName: pulumi.Output<string>;
/**
* Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.dlv) for more details.
*/
readonly dedicatedLogVolume: pulumi.Output<boolean | undefined>;
/**
* Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.
*/
readonly deleteAutomatedBackups: pulumi.Output<boolean | undefined>;
/**
* If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.
*/
readonly deletionProtection: pulumi.Output<boolean | undefined>;
/**
* The ID of the Directory Service Active Directory domain to create the instance in. Conflicts with `domainFqdn`, `domainOu`, `domainAuthSecretArn` and a `domainDnsIps`.
*/
readonly domain: pulumi.Output<string | undefined>;
/**
* The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with `domain` and `domainIamRoleName`.
*/
readonly domainAuthSecretArn: pulumi.Output<string | undefined>;
/**
* The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with `domain` and `domainIamRoleName`.
*/
readonly domainDnsIps: pulumi.Output<string[] | undefined>;
/**
* The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with `domain` and `domainIamRoleName`.
*/
readonly domainFqdn: pulumi.Output<string>;
/**
* The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with `domainFqdn`, `domainOu`, `domainAuthSecretArn` and a `domainDnsIps`.
*/
readonly domainIamRoleName: pulumi.Output<string | undefined>;
/**
* The self managed Active Directory organizational unit for your DB instance to join. Conflicts with `domain` and `domainIamRoleName`.
*/
readonly domainOu: pulumi.Output<string | undefined>;
/**
* Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).
*/
readonly enabledCloudwatchLogsExports: pulumi.Output<string[] | undefined>;
/**
* The connection endpoint in `address:port` format.
*/
readonly endpoint: pulumi.Output<string>;
/**
* The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.
*/
readonly engine: pulumi.Output<string>;
/**
* The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*/
readonly engineLifecycleSupport: pulumi.Output<string>;
/**
* The engine version to use. If `autoMinorVersionUpgrade` is enabled, you can provide a prefix of the version such as `8.0` (for `8.0.36`). The actual engine version used is returned in the attribute `engineVersionActual`, see Attribute Reference below. For supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.
*/
readonly engineVersion: pulumi.Output<string>;
/**
* The running version of the database.
*/
readonly engineVersionActual: pulumi.Output<string>;
/**
* The name of your final DB snapshot
* when this DB instance is deleted. Must be provided if `skipFinalSnapshot` is
* set to `false`. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.
*/
readonly finalSnapshotIdentifier: pulumi.Output<string | undefined>;
/**
* Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.
*/
readonly hostedZoneId: pulumi.Output<string>;
/**
* Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database
* accounts is enabled.
*/
readonly iamDatabaseAuthenticationEnabled: pulumi.Output<boolean | undefined>;
/**
* The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if `restoreToPointInTime` is specified.
*/
readonly identifier: pulumi.Output<string>;
/**
* Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.
*/
readonly identifierPrefix: pulumi.Output<string>;
/**
* The instance type of the RDS instance.
*/
readonly instanceClass: pulumi.Output<string>;
/**
* The amount of provisioned IOPS. Setting this implies a
* storageType of "io1" or "io2". Can only be set when `storageType` is `"io1"`, `"io2` or `"gp3"`.
* Cannot be specified for gp3 storage if the `allocatedStorage` value is below a per-`engine` threshold.
* See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.
*/
readonly iops: pulumi.Output<number>;
/**
* The ARN for the KMS encryption key. If creating an
* encrypted replica, set this to the destination KMS ARN.
*/
readonly kmsKeyId: pulumi.Output<string>;
/**
* The latest time, in UTC [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), to which a database can be restored with point-in-time restore.
*/
readonly latestRestorableTime: pulumi.Output<string>;
/**
* License model information for this DB instance. Valid values for this field are as follows:
* * RDS for MariaDB: `general-public-license`
* * RDS for Microsoft SQL Server: `license-included`
* * RDS for MySQL: `general-public-license`
* * RDS for Oracle: `bring-your-own-license | license-included`
* * RDS for PostgreSQL: `postgresql-license`
*/
readonly licenseModel: pulumi.Output<string>;
/**
* Specifies the listener connection endpoint for SQL Server Always On. See endpoint below.
*/
readonly listenerEndpoints: pulumi.Output<outputs.rds.InstanceListenerEndpoint[]>;
/**
* The window to perform maintenance in.
* Syntax: "ddd:hh24:mi-ddd:hh24:mi". Eg: "Mon:00:00-Mon:03:00". See [RDS
* Maintenance Window
* docs](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)
* for more information.
*/
readonly maintenanceWindow: pulumi.Output<string>;
/**
* Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `password` or `passwordWo` is provided.
*/
readonly manageMasterUserPassword: pulumi.Output<boolean | undefined>;
/**
* The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.
*/
readonly masterUserSecretKmsKeyId: pulumi.Output<string>;
/**
* A block that specifies the master user secret. Only available when `manageMasterUserPassword` is set to true. Documented below.
*/
readonly masterUserSecrets: pulumi.Output<outputs.rds.InstanceMasterUserSecret[]>;
/**
* Specifies the maximum storage (in GiB) that Amazon RDS can automatically scale to for this DB instance. By default, Storage Autoscaling is disabled. To enable Storage Autoscaling, set `maxAllocatedStorage` to **greater than or equal to** `allocatedStorage`. Setting `maxAllocatedStorage` to 0 explicitly disables Storage Autoscaling. When configured, changes to `allocatedStorage` will be automatically ignored as the storage can dynamically scale.
*/
readonly maxAllocatedStorage: pulumi.Output<number | undefined>;
/**
* The interval, in seconds, between points
* when Enhanced Monitoring metrics are collected for the DB instance. To disable
* collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid
* Values: 0, 1, 5, 10, 15, 30, 60.
*/
readonly monitoringInterval: pulumi.Output<number | undefined>;
/**
* The ARN for the IAM role that permits RDS
* to send enhanced monitoring metrics to CloudWatch Logs. You can find more
* information on the [AWS
* Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)
* what IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.
*/
readonly monitoringRoleArn: pulumi.Output<string>;
/**
* Specifies if the RDS instance is multi-AZ
*/
readonly multiAz: pulumi.Output<boolean>;
/**
* The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. See [Oracle Character Sets
* Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html).
*/
readonly ncharCharacterSetName: pulumi.Output<string>;
/**
* The network type of the DB instance. Valid values: `IPV4`, `DUAL`.
*/
readonly networkType: pulumi.Output<string>;
/**
* Name of the DB option group to associate.
*/
readonly optionGroupName: pulumi.Output<string>;
/**
* Name of the DB parameter group to associate.
*/
readonly parameterGroupName: pulumi.Output<string>;
/**
* Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Cannot be set if `manageMasterUserPassword` is set to `true`.
*/
readonly password: pulumi.Output<string | undefined>;
/**
* Specifies whether Performance Insights are enabled. Defaults to false.
*/
readonly performanceInsightsEnabled: pulumi.Output<boolean | undefined>;
/**
* The ARN for the KMS key to encrypt Performance Insights data. When specifying `performanceInsightsKmsKeyId`, `performanceInsightsEnabled` needs to be set to true. Once KMS key is set, it can never be changed.
*/
readonly performanceInsightsKmsKeyId: pulumi.Output<string>;
/**
* Amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31`. When specifying `performanceInsightsRetentionPeriod`, `performanceInsightsEnabled` needs to be set to true. Defaults to '7'.
*/
readonly performanceInsightsRetentionPeriod: pulumi.Output<number>;
/**
* The port on which the DB accepts connections.
*/
readonly port: pulumi.Output<number>;
/**
* Bool to control if instance is publicly
* accessible. Default is `false`.
*/
readonly publiclyAccessible: pulumi.Output<boolean | undefined>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* Specifies whether the replica is in either `mounted` or `open-read-only` mode. This attribute
* is only supported by Oracle instances. Oracle replicas operate in `open-read-only` mode unless otherwise specified. See [Working with Oracle Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) for more information.
*/
readonly replicaMode: pulumi.Output<string>;
readonly replicas: pulumi.Output<string[]>;
/**
* Specifies that this resource is a Replica database, and to use this value as the source database.
* If replicating an Amazon RDS Database Instance in the same region, use the `identifier` of the source DB, unless also specifying the `dbSubnetGroupName`.
* If specifying the `dbSubnetGroupName` in the same region, use the `arn` of the source DB.
* If replicating an Instance in a different region, use the `arn` of the source DB.
* Note that if you are creating a cross-region replica of an encrypted database you will also need to specify a `kmsKeyId`.
* See [DB Instance Replication][instance-replication] and [Working with PostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html) for more information on using Replication.
*/
readonly replicateSourceDb: pulumi.Output<string | undefined>;
/**
* The RDS Resource ID of this instance.
*/
readonly resourceId: pulumi.Output<string>;
/**
* A configuration block for restoring a DB instance to an arbitrary point in time.
* Requires the `identifier` argument to be set with the name of the new DB instance to be created.
* See Restore To Point In Time below for details.
*/
readonly restoreToPointInTime: pulumi.Output<outputs.rds.InstanceRestoreToPointInTime | undefined>;
/**
* Restore from a Percona Xtrabackup in S3. See [Importing Data into an Amazon RDS MySQL DB Instance](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html)
*/
readonly s3Import: pulumi.Output<outputs.rds.InstanceS3Import | undefined>;
/**
* Determines whether a final DB snapshot is
* created before the DB instance is deleted. If true is specified, no DBSnapshot
* is created. If false is specified, a DB snapshot is created before the DB
* instance is deleted, using the value from `finalSnapshotIdentifier`. Default
* is `false`.
*/
readonly skipFinalSnapshot: pulumi.Output<boolean | undefined>;
/**
* Specifies whether or not to create this database from a snapshot.
* This corresponds to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05.
*/
readonly snapshotIdentifier: pulumi.Output<string>;
/**
* The RDS instance status.
*/
readonly status: pulumi.Output<string>;
/**
* Specifies whether the DB instance is
* encrypted. Note that if you are creating a cross-region read replica this field
* is ignored and you should instead declare `kmsKeyId` with a valid ARN. The
* default is `false` if not specified.
*/
readonly storageEncrypted: pulumi.Output<boolean | undefined>;
/**
* The storage throughput value for the DB instance. Can only be set when `storageType` is `"gp3"`. Cannot be specified if the `allocatedStorage` value is below a per-`engine` threshold. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.
*/
readonly storageThroughput: pulumi.Output<number>;
/**
* One of "standard" (magnetic), "gp2" (general
* purpose SSD), "gp3" (general purpose SSD that needs `iops` independently)
* "io1" (provisioned IOPS SSD) or "io2" (block express storage provisioned IOPS
* SSD). The default is "io1" if `iops` is specified, "gp2" if not.
*/
readonly storageType: pulumi.Output<string>;
/**
* A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Time zone of the DB instance. `timezone` is currently
* only supported by Microsoft SQL Server. The `timezone` can only be set on
* creation. See [MSSQL User
* Guide](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)
* for more information.
*/
readonly timezone: pulumi.Output<string>;
/**
* Whether to upgrade the storage file system configuration on the read replica.
* Can only be set with `replicateSourceDb`.
*/
readonly upgradeStorageConfig: pulumi.Output<boolean | undefined>;
/**
* (Required unless a `snapshotIdentifier` or `replicateSourceDb`
* is provided) Username for the master DB user. Cannot be specified for a replica.
*/
readonly username: pulumi.Output<string>;
/**
* List of VPC security groups to
* associate.
*/
readonly vpcSecurityGroupIds: pulumi.Output<string[]>;
/**
* Create a Instance resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: InstanceArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Instance resources.
*/
export interface InstanceState {
/**
* Specifies the DNS address of the DB instance.
*/
address?: pulumi.Input<string>;
/**
* The allocated storage in gibibytes. If `maxAllocatedStorage` is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If `replicateSourceDb` is set, the value is ignored during the creation of the instance.
*/
allocatedStorage?: pulumi.Input<number>;
/**
* Indicates that major version
* upgrades are allowed. Changing this parameter does not result in an outage and
* the change is asynchronously applied as soon as possible.
*/
allowMajorVersionUpgrade?: pulumi.Input<boolean>;
/**
* Specifies whether any database modifications
* are applied immediately, or during the next maintenance window. Default is
* `false`. See [Amazon RDS Documentation for more
* information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
*/
applyImmediately?: pulumi.Input<boolean>;
/**
* The ARN of the RDS instance.
*/
arn?: pulumi.Input<string>;
/**
* Indicates that minor engine upgrades
* will be applied automatically to the DB instance during the maintenance window.
* Defaults to true.
*/
autoMinorVersionUpgrade?: pulumi.Input<boolean>;
/**
* The AZ for the RDS instance.
*/
availabilityZone?: pulumi.Input<string>;
/**
* The days to retain backups for.
* Must be between `0` and `35`.
* Default is `0`.
* Must be greater than `0` if the database is used as a source for a [Read Replica][instance-replication],
* uses low-downtime updates,
* or will use [RDS Blue/Green deployments][blue-green].
*/
backupRetentionPeriod?: pulumi.Input<number>;
/**
* Specifies where automated backups and manual snapshots are stored. Possible values are `region` (default) and `outposts`. See [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) for more information.
*/
backupTarget?: pulumi.Input<string>;
/**
* The daily time range (in UTC) during which automated backups are created if they are enabled.
* Example: "09:46-10:16". Must not overlap with `maintenanceWindow`.
*/
backupWindow?: pulumi.Input<string>;
/**
* Enables low-downtime updates using [RDS Blue/Green deployments][blue-green].
* See `blueGreenUpdate` below.
*/
blueGreenUpdate?: pulumi.Input<inputs.rds.InstanceBlueGreenUpdate>;
/**
* The identifier of the CA certificate for the DB instance.
*/
caCertIdentifier?: pulumi.Input<string>;
/**
* The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation).
* This can't be changed.
* See [Oracle Character Sets Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) or
* [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information.
* Cannot be set with `replicateSourceDb`, `restoreToPointInTime`, `s3Import`, or `snapshotIdentifier`.
*/
characterSetName?: pulumi.Input<string>;
/**
* Copy all Instance `tags` to snapshots. Default is `false`.
*/
copyTagsToSnapshot?: pulumi.Input<boolean>;
/**
* The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.
*/
customIamInstanceProfile?: pulumi.Input<string>;
/**
* Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See [CoIP for RDS on Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html#rds-on-outposts.coip) for more information.
*
* For more detailed documentation about each argument, refer to the [AWS official
* documentation](http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).
*
* > **NOTE:** Removing the `replicateSourceDb` attribute from an existing RDS
* Replicate database managed by the provider will promote the database to a fully
* standalone database.
*/
customerOwnedIpEnabled?: pulumi.Input<boolean>;
/**
* The mode of Database Insights that is enabled for the instance. Valid values: `standard`, `advanced` .
*/
databaseInsightsMode?: pulumi.Input<string>;
/**
* The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the [AWS documentation](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/rds/create-db-instance.html) for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.
*/
dbName?: pulumi.Input<string>;
/**
* Name of DB subnet group.
* DB instance will be created in the VPC associated with the DB subnet group.
* If unspecified, will be created in the `default` Subnet Group.
* When working with read replicas created in the same region, defaults to the Subnet Group Name of the source DB.
* When working with read replicas created in a different region, defaults to the `default` Subnet Group.
* See [DBSubnetGroupName in API action CreateDBInstanceReadReplica](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html) for additional read replica constraints.
*/
dbSubnetGroupName?: pulumi.Input<string>;
/**
* Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.dlv) for more details.
*/
dedicatedLogVolume?: pulumi.Input<boolean>;
/**
* Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is `true`.
*/
deleteAutomatedBackups?: pulumi.Input<boolean>;
/**
* If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`.
*/
deletionProtection?: pulumi.Input<boolean>;
/**
* The ID of the Directory Service Active Directory domain to create the instance in. Conflicts with `domainFqdn`, `domainOu`, `domainAuthSecretArn` and a `domainDnsIps`.
*/
domain?: pulumi.Input<string>;
/**
* The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with `domain` and `domainIamRoleName`.
*/
domainAuthSecretArn?: pulumi.Input<string>;
/**
* The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with `domain` and `domainIamRoleName`.
*/
domainDnsIps?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with `domain` and `domainIamRoleName`.
*/
domainFqdn?: pulumi.Input<string>;
/**
* The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with `domainFqdn`, `domainOu`, `domainAuthSecretArn` and a `domainDnsIps`.
*/
domainIamRoleName?: pulumi.Input<string>;
/**
* The self managed Active Directory organizational unit for your DB instance to join. Conflicts with `domain` and `domainIamRoleName`.
*/
domainOu?: pulumi.Input<string>;
/**
* Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html).
*/
enabledCloudwatchLogsExports?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The connection endpoint in `address:port` format.
*/
endpoint?: pulumi.Input<string>;
/**
* The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide.
*/
engine?: pulumi.Input<string>;
/**
* The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. [Using Amazon RDS Extended Support]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*/
engineLifecycleSupport?: pulumi.Input<string>;
/**
* The engine version to use. If `autoMinorVersionUpgrade` is enabled, you can provide a prefix of the version such as `8.0` (for `8.0.36`). The actual engine version used is returned in the attribute `engineVersionActual`, see Attribute Reference below. For supported values, see the EngineVersion parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.
*/
engineVersion?: pulumi.Input<string>;
/**
* The running version of the database.
*/
engineVersionActual?: pulumi.Input<string>;
/**
* The name of your final DB snapshot
* when this DB instance is deleted. Must be provided if `skipFinalSnapshot` is
* set to `false`. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.
*/
finalSnapshotIdentifier?: pulumi.Input<string>;
/**
* Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.
*/
hostedZoneId?: pulumi.Input<string>;
/**
* Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database
* accounts is enabled.
*/
iamDatabaseAuthenticationEnabled?: pulumi.Input<boolean>;
/**
* The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if `restoreToPointInTime` is specified.
*/
identifier?: pulumi.Input<string>;
/**
* Creates a unique identifier beginning with the specified prefix. Conflicts with `identifier`.
*/
identifierPrefix?: pulumi.Input<string>;
/**
* The instance type of the RDS instance.
*/
instanceClass?: pulumi.Input<string | enums.rds.InstanceType>;
/**
* The amount of provisioned IOPS. Setting this implies a
* storageType of "io1" or "io2". Can only be set when `storageType` is `"io1"`, `"io2` or `"gp3"`.
* Cannot be specified for gp3 storage if the `allocatedStorage` value is below a per-`engine` threshold.
* See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.
*/
iops?: pulumi.Input<number>;
/**
* The ARN for the KMS encryption key. If creating an
* encrypted replica, set this to the destination KMS ARN.
*/
kmsKeyId?: pulumi.Input<string>;
/**
* The latest time, in UTC [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8), to which a database can be restored with point-in-time restore.
*/
latestRestorableTime?: pulumi.Input<string>;
/**
* License model information for this DB instance. Valid values for this field are as follows:
* * RDS for MariaDB: `general-public-license`
* * RDS for Microsoft SQL Server: `license-included`
* * RDS for MySQL: `general-public-license`
* * RDS for Oracle: `bring-your-own-license | license-included`
* * RDS for PostgreSQL