AWS::RDS::DBProxyEndpoint
The AWS::RDS::DBProxyEndpoint
resource creates or updates a DB proxy endpoint. You can use custom proxy endpoints to access a proxy through a different
VPC than the proxy's default VPC.
For more information about RDS Proxy, see AWS::RDS::DBProxy.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::RDS::DBProxyEndpoint", "Properties" : { "DBProxyEndpointName" :
String
, "DBProxyName" :String
, "Tags" :[ TagFormat, ... ]
, "TargetRole" :String
, "VpcSecurityGroupIds" :[ String, ... ]
, "VpcSubnetIds" :[ String, ... ]
} }
YAML
Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName:
String
DBProxyName:String
Tags:- TagFormat
TargetRole:String
VpcSecurityGroupIds:- String
VpcSubnetIds:- String
Properties
DBProxyEndpointName
-
The name of the DB proxy endpoint to create.
Required: Yes
Type: String
Pattern:
[0-z]*
Maximum:
64
Update requires: Replacement
DBProxyName
-
The name of the DB proxy associated with the DB proxy endpoint that you create.
Required: Yes
Type: String
Pattern:
[0-z]*
Maximum:
64
Update requires: Replacement
-
An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
Required: No
Type: Array of TagFormat
Update requires: No interruption
TargetRole
-
A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
Valid Values:
READ_WRITE | READ_ONLY
Required: No
Type: String
Allowed values:
READ_ONLY | READ_WRITE
Update requires: No interruption
VpcSecurityGroupIds
-
The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
Required: No
Type: Array of String
Minimum:
1
Update requires: No interruption
VpcSubnetIds
-
The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.
Required: Yes
Type: Array of String
Minimum:
2
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the name of the DB proxy endpoint.
For more information about using the Ref
function, see Ref
.
Fn::GetAtt
DBProxyEndpointArn
-
The Amazon Resource Name (ARN) representing the DB proxy endpoint.
Endpoint
-
The custom endpoint for the RDS DB instance or Aurora DB cluster.
IsDefault
-
A value that indicates whether this endpoint is the default endpoint for the associated DB proxy. Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only.
VpcId
-
The VPC ID of the DB proxy endpoint.
Examples
Creating a custom DB proxy endpoint
The following example creates a custom DB proxy endpoint.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "ProxyEndpointName": { "Type": "String", "Default": "exampleProxyEndpoint" }, "ProxyName": { "Type": "String", "Default": "exampleProxy" }, "SecurityGroupIds": { "Type": "String", "Default": "sg-12345678" }, "SubnetIds": { "Type": "String", "Default": "subnet-12345677,subnet-12345678,subnet-12345679" } }, "Resources": { "TestDBProxy": { "Type": "AWS::RDS::DBProxyEndpoint", "Properties": { "DBProxyEndpointName": { "Ref": "ProxyEndpointName" }, "DBProxyName": { "Ref": "ProxyName" }, "VpcSecurityGroupIds": { "Fn::Split": [ ",", { "Ref": "SecurityGroupIds" } ] }, "VpcSubnetIds": { "Fn::Split": [ ",", { "Ref": "SubnetIds" } ] }, "TargetRole": "READ_ONLY" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: ProxyEndpointName: Type: String Default: exampleProxyEndpoint ProxyName: Type: String Default: exampleProxy SubnetIds: Type: String Default: subnet-12345677,subnet-12345678,subnet-12345679 SecurityGroupIds: Type: String Default: sg-12345678 Resources: TestDBProxyEndpoint: Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName: !Ref ProxyEndpointName DBProxyName: !Ref ProxyName VpcSubnetIds: Fn::Split: [",", !Ref SubnetIds] VpcSecurityGroupIds: Fn::Split: [",", !Ref SecurityGroupIds] TargetRole: READ_ONLY