AWS::RDS::DBCluster
The AWS::RDS::DBCluster resource creates an Amazon Aurora DB cluster. For
more information, see Managing an Amazon Aurora DB
Cluster in the Amazon Aurora User Guide.
Note
You can only create this resource in regions where Amazon Aurora is supported.
The default DeletionPolicy for AWS::RDS::DBCluster
resources is Snapshot. For more information about how AWS
CloudFormation deletes resources, see
DeletionPolicy Attribute.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::RDS::DBCluster", "Properties" : { "AvailabilityZones" :[ String, ... ], "BacktrackWindow" :Long, "BackupRetentionPeriod" :Integer, "DBClusterIdentifier" :String, "DBClusterParameterGroupName" :String, "DBSubnetGroupName" :String, "DatabaseName" :String, "DeletionProtection" :Boolean, "EnableCloudwatchLogsExports" :[ String, ... ], "EnableIAMDatabaseAuthentication" :Boolean, "Engine" :String, "EngineMode" :String, "EngineVersion" :String, "KmsKeyId" :String, "MasterUserPassword" :String, "MasterUsername" :String, "Port" :Integer, "PreferredBackupWindow" :String, "PreferredMaintenanceWindow" :String, "ReplicationSourceIdentifier" :String, "ScalingConfiguration" :ScalingConfiguration, "SnapshotIdentifier" :String, "SourceRegion" :String, "StorageEncrypted" :Boolean, "Tags" :[ Tag, ... ], "VpcSecurityGroupIds" :[ String, ... ]} }
YAML
Type: AWS::RDS::DBCluster Properties: AvailabilityZones:- StringBacktrackWindow:LongBackupRetentionPeriod:IntegerDBClusterIdentifier:StringDBClusterParameterGroupName:StringDBSubnetGroupName:StringDatabaseName:StringDeletionProtection:BooleanEnableCloudwatchLogsExports:- StringEnableIAMDatabaseAuthentication:BooleanEngine:StringEngineMode:StringEngineVersion:StringKmsKeyId:StringMasterUserPassword:StringMasterUsername:StringPort:IntegerPreferredBackupWindow:StringPreferredMaintenanceWindow:StringReplicationSourceIdentifier:StringScalingConfiguration:ScalingConfigurationSnapshotIdentifier:StringSourceRegion:StringStorageEncrypted:BooleanTags:- TagVpcSecurityGroupIds:- String
Properties
AvailabilityZones-
A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see Choosing the Regions and Availability Zones in the Amazon Aurora User Guide.
Required: No
Type: List of String
Update requires: Replacement
BacktrackWindow-
The target backtrack window, in seconds. To disable backtracking, set this value to 0.
Default: 0
Constraints:
-
If specified, this value must be set to a number from 0 to 259,200 (72 hours).
Required: No
Type: Long
Update requires: No interruption
-
BackupRetentionPeriod-
The number of days for which automated backups are retained.
Default: 1
Constraints:
-
Must be a value from 1 to 35
Required: No
Type: Integer
Update requires: No interruption
-
DBClusterIdentifier-
The DB cluster identifier. This parameter is stored as a lowercase string.
Constraints:
-
Must contain from 1 to 63 letters, numbers, or hyphens.
-
First character must be a letter.
-
Can't end with a hyphen or contain two consecutive hyphens.
Example:
my-cluster1Required: No
Type: String
Update requires: Replacement
-
DBClusterParameterGroupName-
The name of the DB cluster parameter group to associate with this DB cluster.
Note
If this argument is omitted,
default.aurora5.6is used. Ifdefault.aurora5.6is used, specifyingaurora-mysqloraurora-postgresqlfor theEngineproperty might result in an error.Required: No
Type: String
Update requires: No interruption
DBSubnetGroupName-
A DB subnet group that you want to associate with this DB cluster.
Required: No
Type: String
Update requires: Replacement
DatabaseName-
The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see Naming Constraints in the Amazon RDS User Guide.
Required: No
Type: String
Update requires: Replacement
DeletionProtection-
A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.
Required: No
Type: Boolean
Update requires: No interruption
EnableCloudwatchLogsExports-
The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.
Required: No
Type: List of String
Update requires: No interruption
EnableIAMDatabaseAuthentication-
A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.
Required: No
Type: Boolean
Update requires: No interruption
Engine-
The name of the database engine to be used for this DB cluster.
Valid Values:
aurora(for MySQL 5.6-compatible Aurora),aurora-mysql(for MySQL 5.7-compatible Aurora), andaurora-postgresqlRequired: Yes
Type: String
Update requires: Replacement
EngineMode-
The DB engine mode of the DB cluster, either
provisioned,serverless,parallelquery, orglobal.Required: No
Type: String
Update requires: Replacement
EngineVersion-
The version number of the database engine to use.
Note
To prevent automatic upgrades, be sure to specify the full version number (for example, 5.6.13). If the default version for the database engine changes and you specify only the major version (for example, 5.6), your DB instance will be upgraded to use the new default version. Note that the default version is not necessarily the latest supported version.
Required: No
Type: String
Update requires: Replacement
KmsKeyId-
The Amazon Resource Name (ARN) of the AWS Key Management Service master key that is used to encrypt the database instances in the DB cluster, such as
arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable theStorageEncryptedproperty but don't specify this property, the default master key is used. If you specify this property, you must set theStorageEncryptedproperty totrue.Required: No
Type: String
Update requires: Replacement
MasterUserPassword-
The master password for the DB instance.
Note
If you specify the
SourceDBInstanceIdentifierorDBSnapshotIdentifierproperty, don't specify this property. The value is inherited from the source DB instance or snapshot.Required: No
Type: String
Update requires: No interruption
MasterUsername-
The name of the master user for the DB cluster.
Note
You must specify
MasterUsername, unless you specifySnapshotIdentifier. In that case, don't specifyMasterUsername.Required: No
Type: String
Update requires: Replacement
Port-
The port number on which the instances in the DB cluster accept connections.
Default:
3306if engine is set as aurora or5432if set to aurora-postgresql.Required: No
Type: Integer
Update requires: No interruption
PreferredBackupWindow-
The daily time range during which automated backups are created if automated backups are enabled using the
BackupRetentionPeriodparameter.The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.
Constraints:
-
Must be in the format
hh24:mi-hh24:mi. -
Must be in Universal Coordinated Time (UTC).
-
Must not conflict with the preferred maintenance window.
-
Must be at least 30 minutes.
Required: No
Type: String
Update requires: No interruption
-
PreferredMaintenanceWindow-
The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format:
ddd:hh24:mi-ddd:hh24:miThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
Required: No
Type: String
Update requires: No interruption
ReplicationSourceIdentifier-
The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a Read Replica.
Required: No
Type: String
Update requires: No interruption
ScalingConfiguration-
The
ScalingConfigurationproperty type specifies the scaling configuration of an Aurora Serverless DB cluster.Required: No
Type: ScalingConfiguration
Update requires: No interruption
SnapshotIdentifier-
The identifier for the DB snapshot or DB cluster snapshot to restore from.
You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.
Constraints:
-
Must match the identifier of an existing Snapshot.
Required: No
Type: String
Update requires: Replacement
-
SourceRegion-
The AWS Region which contains the source DB cluster when replicating a DB cluster. For example,
us-east-1.Required: No
Type: String
Update requires: Replacement
StorageEncrypted-
Indicates whether the DB instance is encrypted.
If you specify the
DBClusterIdentifier,DBSnapshotIdentifier, orSourceDBInstanceIdentifierproperty, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance.Important
If you specify the
KmsKeyIdproperty, then you must enable encryption.Required: No
Type: Boolean
Update requires: Replacement
Tags-
Tags to assign to the DB cluster.
Required: No
Type: List of Tag
Update requires: No interruption
VpcSecurityGroupIds-
A list of EC2 VPC security groups to associate with this DB cluster.
Required: No
Type: List of String
Update requires: No interruption
Return Values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the name of the DB cluster.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following
are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
Endpoint.Address-
The connection endpoint for the DB cluster. For example:
mystack-mydbcluster-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com Endpoint.Port-
The port number that will accept connections on this DB cluster. For example:
3306 ReadEndpoint.Address-
The reader endpoint for the DB cluster. For example:
mystack-mydbcluster-ro-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com
Examples
The following example creates an Amazon Aurora DB cluster and adds two DB instances to it. Because Amazon RDS automatically assigns a writer and reader DB instances in the cluster, use the cluster endpoint to read and write data, not the individual DB instance endpoints.
JSON
{ "RDSCluster": { "Type": "AWS::RDS::DBCluster", "Properties": { "MasterUsername": { "Ref": "username" }, "MasterUserPassword": { "Ref": "password" }, "Engine": "aurora", "DBSubnetGroupName": { "Ref": "DBSubnetGroup" }, "DBClusterParameterGroupName": { "Ref": "RDSDBClusterParameterGroup" } } }, "RDSDBInstance1": { "Type": "AWS::RDS::DBInstance", "Properties": { "DBSubnetGroupName": { "Ref": "DBSubnetGroup" }, "DBParameterGroupName": { "Ref": "RDSDBParameterGroup" }, "Engine": "aurora", "DBClusterIdentifier": { "Ref": "RDSCluster" }, "PubliclyAccessible": "true", "AvailabilityZone": { "Fn::GetAtt": [ "Subnet1", "AvailabilityZone" ] }, "DBInstanceClass": "db.r3.xlarge" } }, "RDSDBInstance2": { "Type": "AWS::RDS::DBInstance", "Properties": { "DBSubnetGroupName": { "Ref": "DBSubnetGroup" }, "DBParameterGroupName": { "Ref": "RDSDBParameterGroup" }, "Engine": "aurora", "DBClusterIdentifier": { "Ref": "RDSCluster" }, "PubliclyAccessible": "true", "AvailabilityZone": { "Fn::GetAtt": [ "Subnet2", "AvailabilityZone" ] }, "DBInstanceClass": "db.r3.xlarge" } }, "RDSDBClusterParameterGroup": { "Type": "AWS::RDS::DBClusterParameterGroup", "Properties": { "Description": "CloudFormation Sample Aurora Cluster Parameter Group", "Family": "aurora5.6", "Parameters": { "time_zone": "US/Eastern" } } }, "RDSDBParameterGroup": { "Type": "AWS::RDS::DBParameterGroup", "Properties": { "Description": "CloudFormation Sample Aurora Parameter Group", "Family": "aurora5.6", "Parameters": { "sql_mode": "IGNORE_SPACE" } } } }
YAML
--- RDSCluster: Properties: DBClusterParameterGroupName: Ref: RDSDBClusterParameterGroup DBSubnetGroupName: Ref: DBSubnetGroup Engine: aurora MasterUserPassword: Ref: password MasterUsername: Ref: username Type: "AWS::RDS::DBCluster" RDSDBClusterParameterGroup: Properties: Description: "CloudFormation Sample Aurora Cluster Parameter Group" Family: aurora5.6 Parameters: time_zone: US/Eastern Type: "AWS::RDS::DBClusterParameterGroup" RDSDBInstance1: Properties: AvailabilityZone: ? "Fn::GetAtt" : - Subnet1 - AvailabilityZone DBClusterIdentifier: Ref: RDSCluster DBInstanceClass: db.r3.xlarge DBParameterGroupName: Ref: RDSDBParameterGroup DBSubnetGroupName: Ref: DBSubnetGroup Engine: aurora PubliclyAccessible: "true" Type: "AWS::RDS::DBInstance" RDSDBInstance2: Properties: AvailabilityZone: ? "Fn::GetAtt" : - Subnet2 - AvailabilityZone DBClusterIdentifier: Ref: RDSCluster DBInstanceClass: db.r3.xlarge DBParameterGroupName: Ref: RDSDBParameterGroup DBSubnetGroupName: Ref: DBSubnetGroup Engine: aurora PubliclyAccessible: "true" Type: "AWS::RDS::DBInstance" RDSDBParameterGroup: Properties: Description: "CloudFormation Sample Aurora Parameter Group" Family: aurora5.6 Parameters: sql_mode: IGNORE_SPACE Type: "AWS::RDS::DBParameterGroup"
