AWS CloudFormation
User Guide (Version )

AWS::DocDB::DBCluster

The AWS::DocDB::DBCluster Amazon DocumentDB (with MongoDB compatibility) resource describes a DBCluster. Amazon DocumentDB is a fully managed, MongoDB-compatible document database engine. For more information, see DBCluster in the Amazon DocumentDB Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::DocDB::DBCluster", "Properties" : { "AvailabilityZones" : [ String, ... ], "BackupRetentionPeriod" : Integer, "DBClusterIdentifier" : String, "DBClusterParameterGroupName" : String, "DBSubnetGroupName" : String, "EngineVersion" : String, "KmsKeyId" : String, "MasterUsername" : String, "MasterUserPassword" : String, "Port" : Integer, "PreferredBackupWindow" : String, "PreferredMaintenanceWindow" : String, "SnapshotIdentifier" : String, "StorageEncrypted" : Boolean, "Tags" : [ Tag, ... ], "VpcSecurityGroupIds" : [ String, ... ] } }

YAML

Type: AWS::DocDB::DBCluster Properties: AvailabilityZones: - String BackupRetentionPeriod: Integer DBClusterIdentifier: String DBClusterParameterGroupName: String DBSubnetGroupName: String EngineVersion: String KmsKeyId: String MasterUsername: String MasterUserPassword: String Port: Integer PreferredBackupWindow: String PreferredMaintenanceWindow: String SnapshotIdentifier: String StorageEncrypted: Boolean Tags: - Tag VpcSecurityGroupIds: - String

Properties

AvailabilityZones

A list of Amazon EC2 Availability Zones that instances in the DB cluster can be created in.

Required: No

Type: List of String

Update requires: Replacement

BackupRetentionPeriod

The number of days for which automated backups are retained. You must specify a minimum value of 1.

Default: 1

Constraints:

  • Must be a value from 1 to 35.

Required: No

Type: Integer

Update requires: No interruption

DBClusterIdentifier

The DB cluster identifier. This parameter is stored as a lowercase string.

Constraints:

  • Must contain from 1 to 63 letters, numbers, or hyphens.

  • The first character must be a letter.

  • Cannot end with a hyphen or contain two consecutive hyphens.

Example: my-cluster

Required: No

Type: String

Update requires: Replacement

DBClusterParameterGroupName

The name of the DB cluster parameter group to associate with this DB cluster.

Required: No

Type: String

Update requires: No interruption

DBSubnetGroupName

A DB subnet group to associate with this DB cluster.

Constraints: Must match the name of an existing DBSubnetGroup. Must not be default.

Example: mySubnetgroup

Required: No

Type: String

Update requires: Replacement

EngineVersion

The version number of the database engine to use.

Required: No

Type: String

Update requires: Replacement

KmsKeyId

The AWS KMS key identifier for an encrypted DB cluster.

The AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a DB cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new DB cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.

If an encryption key is not specified in KmsKeyId:

  • If ReplicationSourceIdentifier identifies an encrypted source, then Amazon DocumentDB uses the encryption key that is used to encrypt the source. Otherwise, Amazon DocumentDB uses your default encryption key.

  • If the StorageEncrypted parameter is true and ReplicationSourceIdentifier is not specified, Amazon DocumentDB uses your default encryption key.

AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

If you create a replica of an encrypted DB cluster in another AWS Region, you must set KmsKeyId to a KMS key ID that is valid in the destination AWS Region. This key is used to encrypt the replica in that AWS Region.

Required: No

Type: String

Update requires: Replacement

MasterUsername

The name of the master user for the DB cluster.

Constraints:

  • Must be from 1 to 63 letters or numbers.

  • The first character must be a letter.

  • Cannot be a reserved word for the chosen database engine.

Required: Conditional

Type: String

Update requires: Replacement

MasterUserPassword

The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote ("), or the "at" symbol (@).

Constraints: Must contain from 8 to 100 characters.

Required: Conditional

Type: String

Update requires: No interruption

Port

Specifies the port that the database engine is listening on.

Required: No

Type: Integer

Update requires: No interruption

PreferredBackupWindow

The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region.

Constraints:

  • Must be in the format hh24:mi-hh24:mi.

  • Must be in Universal Coordinated Time (UTC).

  • Must not conflict with the preferred maintenance window.

  • Must be at least 30 minutes.

Required: No

Type: String

Update requires: No interruption

PreferredMaintenanceWindow

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

Valid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun

Constraints: Minimum 30-minute window.

Required: No

Type: String

Update requires: No interruption

SnapshotIdentifier

The identifier for the DB snapshot or DB cluster snapshot to restore from.

You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.

Constraints:

  • Must match the identifier of an existing snapshot.

Required: No

Type: String

Update requires: Replacement

StorageEncrypted

Specifies whether the DB cluster is encrypted.

Required: Conditional

Type: Boolean

Update requires: Replacement

Tags

The tags to be assigned to the DB cluster.

Required: No

Type: List of Tag

Update requires: No interruption

VpcSecurityGroupIds

A list of EC2 VPC security groups to associate with this DB cluster.

Required: No

Type: List of String

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the DBClusterIdentifier, such as mycluster.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

ClusterResourceId

The resource id for the DB cluster; for example: cluster-ABCD1234EFGH5678IJKL90MNOP. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies.

Endpoint

The connection endpoint for the DB cluster, such as sample-cluster.cluster-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com.

Port

The port number on which the DB cluster accepts connections. For example: 27017.

ReadEndpoint

The reader endpoint for the DB cluster. For example: sample-cluster.cluster-ro-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com.

Examples

JSON

{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDBInstance" : { "Type" : "AWS::DocDB::DBCluster", "Properties" : { "BackupRetentionPeriod" : 8, "DBClusterIdentifier" : "sample-cluster", "DBClusterParameterGroupName" : "default.docdb3.6", "DBSubnetGroupName" : "default", "KmsKeyId" : "your-kms-key-id", "MasterUsername" : "your-master-username", "MasterUserPassword" : "your-master-user-password", "Port" : "27017", "PreferredBackupWindow" : "07:34-08:04", "PreferredMaintenanceWindow" : "sat:04:51-sat:05:21", "SnapshotIdentifier" : "sample-cluster-snapshot-id", "StorageEncrypted" : true, "Tags" : [ {"Key" : "String", "Value" : "String"} ] } } } }

YAML

AWSTemplateFormatVersion: "2010-09-09" Resources: myDBInstance: Type: "AWS::DocDB::DBCluster" Properties: BackupRetentionPeriod : 8 DBClusterIdentifier : "sample-cluster" DBClusterParameterGroupName : "default.docdb3.6" DBSubnetGroupName : "default" KmsKeyId : "your-kms-key-id" MasterUsername : "your-master-username" MasterUserPassword : "your-master-user-password" Port : "27017" PreferredBackupWindow : "07:34-08:04" PreferredMaintenanceWindow : "sat:04:51-sat:05:21" SnapshotIdentifier : "sample-cluster-snapshot-id" StorageEncrypted : true Tags: - Key: "String" Value: "String"

See Also