AWS::RDS::DBProxyEndpoint - AWS CloudFormation

AWS::RDS::DBProxyEndpoint

The AWS::RDS::DBProxyEndpoint resource creates or updates a DB proxy endpoint. You can use custom proxy endpoints to access a proxy through a different VPC than the proxy's default VPC.

For more information about RDS Proxy, see AWS::RDS::DBProxy.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::RDS::DBProxyEndpoint", "Properties" : { "DBProxyEndpointName" : String, "DBProxyName" : String, "Tags" : [ TagFormat, ... ], "TargetRole" : String, "VpcSecurityGroupIds" : [ String, ... ], "VpcSubnetIds" : [ String, ... ] } }

YAML

Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName: String DBProxyName: String Tags: - TagFormat TargetRole: String VpcSecurityGroupIds: - String VpcSubnetIds: - String

Properties

DBProxyEndpointName

The name of the DB proxy endpoint to create.

Required: Yes

Type: String

Update requires: Replacement

DBProxyName

The name of the DB proxy associated with the DB proxy endpoint that you create.

Required: Yes

Type: String

Update requires: Replacement

Tags

An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.

Required: No

Type: List of TagFormat

Update requires: No interruption

TargetRole

A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.

Valid Values: READ_WRITE | READ_ONLY

Required: No

Type: String

Update requires: Replacement

VpcSecurityGroupIds

The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.

Required: No

Type: List of String

Update requires: No interruption

VpcSubnetIds

The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.

Required: Yes

Type: List of String

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the name of the DB proxy endpoint.

For more information about using the Ref function, see Ref.

Fn::GetAtt

DBProxyEndpointArn

The Amazon Resource Name (ARN) representing the DB proxy endpoint.

Endpoint

The custom endpoint for the RDS DB instance or Aurora DB cluster.

IsDefault

A value that indicates whether this endpoint is the default endpoint for the associated DB proxy. Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only.

VpcId

The VPC ID of the DB proxy endpoint.

Examples

Creating a custom DB proxy endpoint

The following example creates a custom DB proxy endpoint.

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "ProxyEndpointName": { "Type": "String", "Default": "exampleProxyEndpoint" }, "ProxyName": { "Type": "String", "Default": "exampleProxy" }, "SecurityGroupIds": { "Type": "String", "Default": "sg-12345678" }, "SubnetIds": { "Type": "String", "Default": "subnet-12345677,subnet-12345678,subnet-12345679" } }, "Resources": { "TestDBProxy": { "Type": "AWS::RDS::DBProxyEndpoint", "Properties": { "DBProxyEndpointName": { "Ref": "ProxyEndpointName" }, "DBProxyName": { "Ref": "ProxyName" }, "VpcSecurityGroupIds": { "Fn::Split": [ ",", { "Ref": "SecurityGroupIds" } ] }, "VpcSubnetIds": { "Fn::Split": [ ",", { "Ref": "SubnetIds" } ] }, "TargetRole": "READ_ONLY" } } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Parameters: ProxyEndpointName: Type: String Default: exampleProxyEndpoint ProxyName: Type: String Default: exampleProxy SubnetIds: Type: String Default: subnet-12345677,subnet-12345678,subnet-12345679 SecurityGroupIds: Type: String Default: sg-12345678 Resources: TestDBProxyEndpoint: Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName: !Ref ProxyEndpointName DBProxyName: !Ref ProxyName VpcSubnetIds: Fn::Split: [",", !Ref SubnetIds] VpcSecurityGroupIds: Fn::Split: [",", !Ref SecurityGroupIds] TargetRole: READ_ONLY