AWS::Redshift::Cluster - AWS CloudFormation

AWS::Redshift::Cluster

Specifies a cluster. A cluster is a fully managed data warehouse that consists of a set of compute nodes.

To create a cluster in Virtual Private Cloud (VPC), you must provide a cluster subnet group name. The cluster subnet group identifies the subnets of your VPC that Amazon Redshift uses when creating the cluster. For more information about managing clusters, go to Amazon Redshift Clusters in the Amazon Redshift Cluster Management Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Redshift::Cluster", "Properties" : { "AllowVersionUpgrade" : Boolean, "AquaConfigurationStatus" : String, "AutomatedSnapshotRetentionPeriod" : Integer, "AvailabilityZone" : String, "AvailabilityZoneRelocation" : Boolean, "AvailabilityZoneRelocationStatus" : String, "Classic" : Boolean, "ClusterIdentifier" : String, "ClusterParameterGroupName" : String, "ClusterSecurityGroups" : [ String, ... ], "ClusterSubnetGroupName" : String, "ClusterType" : String, "ClusterVersion" : String, "DBName" : String, "DeferMaintenance" : Boolean, "DeferMaintenanceDuration" : Integer, "DeferMaintenanceEndTime" : String, "DeferMaintenanceStartTime" : String, "DestinationRegion" : String, "ElasticIp" : String, "Encrypted" : Boolean, "Endpoint" : Endpoint, "EnhancedVpcRouting" : Boolean, "HsmClientCertificateIdentifier" : String, "HsmConfigurationIdentifier" : String, "IamRoles" : [ String, ... ], "KmsKeyId" : String, "LoggingProperties" : LoggingProperties, "MaintenanceTrackName" : String, "ManageMasterPassword" : Boolean, "ManualSnapshotRetentionPeriod" : Integer, "MasterPasswordSecretKmsKeyId" : String, "MasterUsername" : String, "MasterUserPassword" : String, "MultiAZ" : Boolean, "NamespaceResourcePolicy" : Json, "NodeType" : String, "NumberOfNodes" : Integer, "OwnerAccount" : String, "Port" : Integer, "PreferredMaintenanceWindow" : String, "PubliclyAccessible" : Boolean, "ResourceAction" : String, "RevisionTarget" : String, "RotateEncryptionKey" : Boolean, "SnapshotClusterIdentifier" : String, "SnapshotCopyGrantName" : String, "SnapshotCopyManual" : Boolean, "SnapshotCopyRetentionPeriod" : Integer, "SnapshotIdentifier" : String, "Tags" : [ Tag, ... ], "VpcSecurityGroupIds" : [ String, ... ] } }

Properties

AllowVersionUpgrade

If true, major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.

When a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.

Default: true

Required: No

Type: Boolean

Update requires: No interruption

AquaConfigurationStatus

This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).

Required: No

Type: String

Allowed values: enabled | disabled | auto

Update requires: No interruption

AutomatedSnapshotRetentionPeriod

The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with CreateClusterSnapshot in the Amazon Redshift API Reference.

Default: 1

Constraints: Must be a value from 0 to 35.

Required: No

Type: Integer

Update requires: No interruption

AvailabilityZone

The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.

Default: A random, system-chosen Availability Zone in the region that is specified by the endpoint.

Example: us-east-2d

Constraint: The specified Availability Zone must be in the same region as the current endpoint.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

AvailabilityZoneRelocation

The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.

Required: No

Type: Boolean

Update requires: No interruption

AvailabilityZoneRelocationStatus

Describes the status of the Availability Zone relocation operation.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

Classic

A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to false, the resize type is elastic.

Required: No

Type: Boolean

Update requires: No interruption

ClusterIdentifier

A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.

Constraints:

  • Must contain from 1 to 63 alphanumeric characters or hyphens.

  • Alphabetic characters must be lowercase.

  • First character must be a letter.

  • Cannot end with a hyphen or contain two consecutive hyphens.

  • Must be unique for all clusters within an AWS account.

Example: myexamplecluster

Required: No

Type: String

Maximum: 63

Update requires: Replacement

ClusterParameterGroupName

The name of the parameter group to be associated with this cluster.

Default: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to Working with Amazon Redshift Parameter Groups

Constraints:

  • Must be 1 to 255 alphanumeric characters or hyphens.

  • First character must be a letter.

  • Cannot end with a hyphen or contain two consecutive hyphens.

Required: No

Type: String

Maximum: 255

Update requires: No interruption

ClusterSecurityGroups

A list of security groups to be associated with this cluster.

Default: The default cluster security group for Amazon Redshift.

Required: No

Type: Array of String

Update requires: No interruption

ClusterSubnetGroupName

The name of a cluster subnet group to be associated with this cluster.

If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).

Required: No

Type: String

Maximum: 2147483647

Update requires: Replacement

ClusterType

The type of the cluster. When cluster type is specified as

  • single-node, the NumberOfNodes parameter is not required.

  • multi-node, the NumberOfNodes parameter is required.

Valid Values: multi-node | single-node

Default: multi-node

Required: Yes

Type: String

Maximum: 2147483647

Update requires: No interruption

ClusterVersion

The version of the Amazon Redshift engine software that you want to deploy on the cluster.

The version selected runs on all the nodes in the cluster.

Constraints: Only version 1.0 is currently available.

Example: 1.0

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

DBName

The name of the first database to be created when the cluster is created.

To create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to Create a Database in the Amazon Redshift Database Developer Guide.

Default: dev

Constraints:

  • Must contain 1 to 64 alphanumeric characters.

  • Must contain only lowercase letters.

  • Cannot be a word that is reserved by the service. A list of reserved words can be found in Reserved Words in the Amazon Redshift Database Developer Guide.

Required: Yes

Type: String

Maximum: 2147483647

Update requires: Replacement

DeferMaintenance

A Boolean indicating whether to enable the deferred maintenance window.

Required: No

Type: Boolean

Update requires: No interruption

DeferMaintenanceDuration

An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.

Required: No

Type: Integer

Update requires: No interruption

DeferMaintenanceEndTime

A timestamp for the end of the time period when we defer maintenance.

Required: No

Type: String

Update requires: No interruption

DeferMaintenanceStartTime

A timestamp indicating the start time for the deferred maintenance window.

Required: No

Type: String

Update requires: No interruption

DestinationRegion

The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

ElasticIp

The Elastic IP (EIP) address for the cluster.

Constraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to Supported Platforms to Launch Your Cluster in the Amazon Redshift Cluster Management Guide.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

Encrypted

If true, the data in the cluster is encrypted at rest.

Default: false

Required: No

Type: Boolean

Update requires: No interruption

Endpoint

The connection endpoint.

Required: No

Type: Endpoint

Update requires: No interruption

EnhancedVpcRouting

An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see Enhanced VPC Routing in the Amazon Redshift Cluster Management Guide.

If this option is true, enhanced VPC routing is enabled.

Default: false

Required: No

Type: Boolean

Update requires: No interruption

HsmClientCertificateIdentifier

Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

HsmConfigurationIdentifier

Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

IamRoles

A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.

The maximum number of IAM roles that you can associate is subject to a quota. For more information, go to Quotas and limits in the Amazon Redshift Cluster Management Guide.

Required: No

Type: Array of String

Maximum: 50

Update requires: No interruption

KmsKeyId

The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

LoggingProperties

Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.

Required: No

Type: LoggingProperties

Update requires: No interruption

MaintenanceTrackName

An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the current track.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

ManageMasterPassword

If true, Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use MasterUserPassword if ManageMasterPassword is true. If ManageMasterPassword is false or not set, Amazon Redshift uses MasterUserPassword for the admin user account's password.

Required: No

Type: Boolean

Update requires: No interruption

ManualSnapshotRetentionPeriod

The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.

The value must be either -1 or an integer between 1 and 3,653.

Required: No

Type: Integer

Update requires: No interruption

MasterPasswordSecretKmsKeyId

The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if ManageMasterPassword is true.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

MasterUsername

The user name associated with the admin user account for the cluster that is being created.

Constraints:

  • Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be PUBLIC.

  • Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.

  • The first character must be a letter.

  • Must not contain a colon (:) or a slash (/).

  • Cannot be a reserved word. A list of reserved words can be found in Reserved Words in the Amazon Redshift Database Developer Guide.

Required: Yes

Type: String

Maximum: 128

Update requires: Replacement

MasterUserPassword

The password associated with the admin user account for the cluster that is being created.

You can't use MasterUserPassword if ManageMasterPassword is true.

Constraints:

  • Must be between 8 and 64 characters in length.

  • Must contain at least one uppercase letter.

  • Must contain at least one lowercase letter.

  • Must contain one number.

  • Can be any printable ASCII character (ASCII code 33-126) except ' (single quote), " (double quote), \, /, or @.

Required: No

Type: String

Maximum: 64

Update requires: No interruption

MultiAZ

A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.

Required: No

Type: Boolean

Update requires: No interruption

NamespaceResourcePolicy

The policy that is attached to a resource.

Required: No

Type: Json

Update requires: No interruption

NodeType

The node type to be provisioned for the cluster. For information about node types, go to Working with Clusters in the Amazon Redshift Cluster Management Guide.

Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.xlplus | ra3.4xlarge | ra3.16xlarge

Required: Yes

Type: String

Maximum: 2147483647

Update requires: No interruption

NumberOfNodes

The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node.

For information about determining how many nodes you need, go to Working with Clusters in the Amazon Redshift Cluster Management Guide.

If you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.

Default: 1

Constraints: Value must be at least 1 and no more than 100.

Required: No

Type: Integer

Update requires: No interruption

OwnerAccount

The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.

Required: No

Type: String

Maximum: 2147483647

Update requires: Replacement

Port

The port number on which the cluster accepts incoming connections.

The cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.

Default: 5439

Valid Values:

  • For clusters with ra3 nodes - Select a port within the ranges 5431-5455 or 8191-8215. (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)

  • For clusters with ds2 or dc2 nodes - Select a port within the range 1150-65535.

Required: No

Type: Integer

Update requires: No interruption

PreferredMaintenanceWindow

The weekly time range (in UTC) during which automated cluster maintenance can occur.

Format: ddd:hh24:mi-ddd:hh24:mi

Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see Maintenance Windows in Amazon Redshift Cluster Management Guide.

Valid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun

Constraints: Minimum 30-minute window.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

PubliclyAccessible

If true, the cluster can be accessed from a public network.

Required: No

Type: Boolean

Update requires: No interruption

ResourceAction

The Amazon Redshift operation to be performed. Supported operations are pause-cluster, resume-cluster, and failover-primary-compute.

Required: No

Type: String

Update requires: No interruption

RevisionTarget

Describes a RevisionTarget object.

Required: No

Type: String

Update requires: No interruption

RotateEncryptionKey

Rotates the encryption keys for a cluster.

Required: No

Type: Boolean

Update requires: No interruption

SnapshotClusterIdentifier

The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.

Required: No

Type: String

Maximum: 2147483647

Update requires: Replacement

SnapshotCopyGrantName

The name of the snapshot copy grant.

Required: No

Type: String

Maximum: 2147483647

Update requires: No interruption

SnapshotCopyManual

Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.

Required: No

Type: Boolean

Update requires: No interruption

SnapshotCopyRetentionPeriod

The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region.

By default, this only changes the retention period of copied automated snapshots.

If you decrease the retention period for automated snapshots that are copied to a destination AWS Region, Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.

Constraints: Must be at least 1 and no more than 35 for automated snapshots.

If you specify the manual option, only newly copied manual snapshots will have the new retention period.

If you specify the value of -1 newly copied manual snapshots are retained indefinitely.

Constraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.

Required: No

Type: Integer

Update requires: No interruption

SnapshotIdentifier

The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or snapshotArn, but not both.

Example: my-snapshot-id

Required: No

Type: String

Maximum: 2147483647

Update requires: Replacement

Tags

A list of tag instances.

Required: No

Type: Array of Tag

Maximum: 50

Update requires: No interruption

VpcSecurityGroupIds

A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.

Default: The default VPC security group is associated with the cluster.

Required: No

Type: Array of String

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name. For example:

{ "Ref": "myCluster" }

For the Amazon Redshift cluster myCluster, Ref returns the name of the cluster.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

ClusterNamespaceArn

The namespace Amazon Resource Name (ARN) of the cluster.

DeferMaintenanceIdentifier

A unique identifier for the maintenance window.

Endpoint.Address

The connection endpoint for the Amazon Redshift cluster. For example: examplecluster.cg034hpkmmjt.us-east-1.redshift.amazonaws.com.

Endpoint.Port

The port number on which the Amazon Redshift cluster accepts connections. For example: 5439.

MasterPasswordSecretArn

The Amazon Resource Name (ARN) for the cluster's admin user credentials secret.

Examples

Single-Node Cluster

The following example describes a single-node Redshift cluster. The master user password is referenced from an input parameter that's in the same template.

JSON

{ "myCluster": { "Type": "AWS::Redshift::Cluster", "Properties": { "DBName": "mydb", "MasterUsername": "master", "MasterUserPassword": { "Ref" : "MasterUserPassword" }, "NodeType": "ds2.xlarge", "ClusterType": "single-node", "Tags": [{ "Key": "foo", "Value": "bar" } ] } }

YAML

myCluster: Type: "AWS::Redshift::Cluster" Properties: DBName: "mydb" MasterUsername: "master" MasterUserPassword: Ref: "MasterUserPassword" NodeType: "ds2.xlarge" ClusterType: "single-node" Tags: - Key: foo Value: bar

See also