AWS Tools for Windows PowerShell
Command Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Synopsis

Calls the Amazon Relational Database Service CreateDBInstanceReadReplica API operation.

Syntax

New-RDSDBInstanceReadReplica
-DBInstanceIdentifier <String>
-SourceDBInstanceIdentifier <String>
-AutoMinorVersionUpgrade <Boolean>
-AvailabilityZone <String>
-CopyTagsToSnapshot <Boolean>
-DBInstanceClass <String>
-DBSubnetGroupName <String>
-EnableIAMDatabaseAuthentication <Boolean>
-EnablePerformanceInsight <Boolean>
-Iops <Int32>
-KmsKeyId <String>
-MonitoringInterval <Int32>
-MonitoringRoleArn <String>
-OptionGroupName <String>
-PerformanceInsightsKMSKeyId <String>
-Port <Int32>
-PreSignedUrl <String>
-PubliclyAccessible <Boolean>
-SourceRegion <String>
-StorageType <String>
-Tag <Tag[]>
-Force <SwitchParameter>

Description

Creates a new DB instance that acts as a Read Replica for an existing source DB instance. You can create a Read Replica for a DB instance running MySQL, MariaDB, or PostgreSQL. Amazon Aurora does not support this action. You must call the CreateDBInstance action to create a DB instance for an Aurora DB cluster. All Read Replica DB instances are created as Single-AZ deployments with backups disabled. All other DB instance attributes (including DB security groups and DB parameter groups) are inherited from the source DB instance, except as specified below. The source DB instance must have backup retention enabled. For more information, see Working with PostgreSQL, MySQL, and MariaDB Read Replicas.

Parameters

-AutoMinorVersionUpgrade <Boolean>
Indicates that minor engine upgrades are applied automatically to the Read Replica during the maintenance window.Default: Inherits from the source DB instance
Required?False
Position?Named
Accept pipeline input?False
-AvailabilityZone <String>
The Amazon EC2 Availability Zone that the Read Replica is created in.Default: A random, system-chosen Availability Zone in the endpoint's AWS Region. Example: us-east-1d
Required?False
Position?Named
Accept pipeline input?False
-CopyTagsToSnapshot <Boolean>
True to copy all tags from the Read Replica to snapshots of the Read Replica, and otherwise false. The default is false.
Required?False
Position?Named
Accept pipeline input?False
-DBInstanceClass <String>
The compute and memory capacity of the Read Replica, for example, db.m4.large. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide. Default: Inherits from the source DB instance.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-DBInstanceIdentifier <String>
The DB instance identifier of the Read Replica. This identifier is the unique key that identifies a DB instance. This parameter is stored as a lowercase string.
Required?False
Position?1
Accept pipeline input?True (ByValue, ByPropertyName)
-DBSubnetGroupName <String>
Specifies a DB subnet group for the DB instance. The new DB instance is created in the VPC associated with the DB subnet group. If no DB subnet group is specified, then the new DB instance is not created in a VPC.Constraints:
  • Can only be specified if the source DB instance identifier specifies a DB instance in another AWS Region.
  • If supplied, must match the name of an existing DBSubnetGroup.
  • The specified DB subnet group must be in the same AWS Region in which the operation is running.
  • All Read Replicas in one AWS Region that are created from the same source DB instance must either:>
    • Specify DB subnet groups from the same VPC. All these Read Replicas are created in the same VPC.
    • Not specify a DB subnet group. All these Read Replicas are created outside of any VPC.
Example: mySubnetgroup
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-EnableIAMDatabaseAuthentication <Boolean>
True to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts, and otherwise false.You can enable IAM database authentication for the following database engines
  • For MySQL 5.6, minor version 5.6.34 or higher
  • For MySQL 5.7, minor version 5.7.16 or higher
  • Aurora 5.6 or higher.
Default: false
Required?False
Position?Named
Accept pipeline input?False
-EnablePerformanceInsight <Boolean>
True to enable Performance Insights for the read replica, and otherwise false.
Required?False
Position?Named
Accept pipeline input?False
-Force <SwitchParameter>
This parameter overrides confirmation prompts to force the cmdlet to continue its operation. This parameter should always be used with caution.
Required?False
Position?Named
Accept pipeline input?False
-Iops <Int32>
The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.
Required?False
Position?Named
Accept pipeline input?False
-KmsKeyId <String>
The AWS KMS key ID for an encrypted Read Replica. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key. If you specify this parameter when you create a Read Replica from an unencrypted DB instance, the Read Replica is encrypted. If you create an encrypted Read Replica in the same AWS Region as the source DB instance, then you do not have to specify a value for this parameter. The Read Replica is encrypted with the same KMS key as the source DB instance. If you create an encrypted Read Replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the AWS Region that they are created in, and you can't use encryption keys from one AWS Region in another AWS Region.
Required?False
Position?Named
Accept pipeline input?False
-MonitoringInterval <Int32>
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the Read Replica. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0.If MonitoringRoleArn is specified, then you must also set MonitoringInterval to a value other than 0.Valid Values: 0, 1, 5, 10, 15, 30, 60
Required?False
Position?Named
Accept pipeline input?False
-MonitoringRoleArn <String>
The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to To create an IAM role for Amazon RDS Enhanced Monitoring.If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.
Required?False
Position?Named
Accept pipeline input?False
-OptionGroupName <String>
The option group the DB instance is associated with. If omitted, the default option group for the engine specified is used.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-PerformanceInsightsKMSKeyId <String>
The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.
Required?False
Position?Named
Accept pipeline input?False
-Port <Int32>
The port number that the DB instance uses for connections.Default: Inherits from the source DB instanceValid Values: 1150-65535
Required?False
Position?Named
Accept pipeline input?False
-PreSignedUrl <String>
The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action in the source AWS Region that contains the source DB instance. You must specify this parameter when you create an encrypted Read Replica from another AWS Region by using the Amazon RDS API. You can specify the --source-region option instead of this parameter when you create an encrypted Read Replica from another AWS Region by using the AWS CLI. The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action that can be executed in the source AWS Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:
  • DestinationRegion - The AWS Region that the encrypted Read Replica is created in. This AWS Region is the same one where the CreateDBInstanceReadReplica action is called that contains this presigned URL. For example, if you create an encrypted DB instance in the us-west-1 AWS Region, from a source DB instance in the us-east-2 AWS Region, then you call the CreateDBInstanceReadReplica action in the us-east-1 AWS Region and provide a presigned URL that contains a call to the CreateDBInstanceReadReplica action in the us-west-2 AWS Region. For this example, the DestinationRegion in the presigned URL must be set to the us-east-1 AWS Region.
  • KmsKeyId - The AWS KMS key identifier for the key to use to encrypt the Read Replica in the destination AWS Region. This is the same identifier for both the CreateDBInstanceReadReplica action that is called in the destination AWS Region, and the action contained in the presigned URL.
  • SourceDBInstanceIdentifier - The DB instance identifier for the encrypted DB instance to be replicated. This identifier must be in the Amazon Resource Name (ARN) format for the source AWS Region. For example, if you are creating an encrypted Read Replica from a DB instance in the us-west-2 AWS Region, then your SourceDBInstanceIdentifier looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115.
To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (AWS Signature Version 4) and Signature Version 4 Signing Process.
Required?False
Position?Named
Accept pipeline input?False
-PubliclyAccessible <Boolean>
Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.Default: The default behavior varies depending on whether a VPC has been requested or not. The following list shows the default behavior in each case.
  • Default VPC:true
  • VPC:false
If no DB subnet group has been specified as part of the request and the PubliclyAccessible value has not been set, the DB instance is publicly accessible. If a specific DB subnet group has been specified as part of the request and the PubliclyAccessible value has not been set, the DB instance is private.
Required?False
Position?Named
Accept pipeline input?False
-SourceDBInstanceIdentifier <String>
The identifier of the DB instance that will act as the source for the Read Replica. Each DB instance can have up to five Read Replicas.Constraints:
  • Must be the identifier of an existing MySQL, MariaDB, or PostgreSQL DB instance.
  • Can specify a DB instance that is a MySQL Read Replica only if the source is running MySQL 5.6.
  • Can specify a DB instance that is a PostgreSQL DB instance only if the source is running PostgreSQL 9.3.5 or later (9.4.7 and higher for cross-region replication).
  • The specified DB instance must have automatic backups enabled, its backup retention period must be greater than 0.
  • If the source DB instance is in the same AWS Region as the Read Replica, specify a valid DB instance identifier.
  • If the source DB instance is in a different AWS Region than the Read Replica, specify a valid DB instance ARN. For more information, go to Constructing a Amazon RDS Amazon Resource Name (ARN).
Required?False
Position?2
Accept pipeline input?False
-SourceRegion <String>
The SourceRegion for generating the PreSignedUrl property. If SourceRegion is set and the PreSignedUrl property is not, then PreSignedUrl will be automatically generated by the client.
Required?False
Position?Named
Accept pipeline input?False
-StorageType <String>
Specifies the storage type to be associated with the Read Replica. Valid values: standard | gp2 | io1 If you specify io1, you must also include a value for the Iops parameter. Default: io1 if the Iops parameter is specified, otherwise standard
Required?False
Position?Named
Accept pipeline input?False
-Tag <Tag[]>
Documentation for this parameter is not currently available; please refer to the service API documentation.
Required?False
Position?Named
Accept pipeline input?False

Common Credential and Region Parameters

-AccessKey <String>
The AWS access key for the user account. This can be a temporary access key if the corresponding session token is supplied to the -SessionToken parameter.
Required? False
Position? Named
Accept pipeline input? False
-Credential <AWSCredentials>
An AWSCredentials object instance containing access and secret key information, and optionally a token for session-based credentials.
Required? False
Position? Named
Accept pipeline input? False
-ProfileLocation <String>

Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)

If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials. Note that the encrypted credential file is not supported on all platforms. It will be skipped when searching for profiles on Windows Nano Server, Mac, and Linux platforms.

If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.

As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.

Required? False
Position? Named
Accept pipeline input? False
-ProfileName <String>
The user-defined name of an AWS credentials or SAML-based role profile containing credential information. The profile is expected to be found in the secure credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. You can also specify the name of a profile stored in the .ini-format credential file used with the AWS CLI and other AWS SDKs.
Required? False
Position? Named
Accept pipeline input? False
-NetworkCredential <PSCredential>
Used with SAML-based authentication when ProfileName references a SAML role profile. Contains the network credentials to be supplied during authentication with the configured identity provider's endpoint. This parameter is not required if the user's default network identity can or should be used during authentication.
Required? False
Position? Named
Accept pipeline input? False
-SecretKey <String>
The AWS secret key for the user account. This can be a temporary secret key if the corresponding session token is supplied to the -SessionToken parameter.
Required? False
Position? Named
Accept pipeline input? False
-SessionToken <String>
The session token if the access and secret keys are temporary session-based credentials.
Required? False
Position? Named
Accept pipeline input? False
-Region <String>
The system name of the AWS region in which the operation should be invoked. For example, us-east-1, eu-west-1 etc.
Required? False
Position? Named
Accept pipeline input? False
-EndpointUrl <String>

The endpoint to make the call against.

Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.

Required? False
Position? Named
Accept pipeline input? False

Inputs

You can pipe a String object to this cmdlet for the DBInstanceIdentifier parameter.

Outputs

This cmdlet returns a DBInstance object. The service call response (type Amazon.RDS.Model.CreateDBInstanceReadReplicaResponse) can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack.

Supported Version

AWS Tools for PowerShell: 2.x.y.z