Amazon Relational Database Service
User Guide

Working with Amazon Resource Names (ARNs) in Amazon RDS

Resources created in Amazon Web Services are each uniquely identified with an Amazon Resource Name (ARN). For certain Amazon RDS operations, you must uniquely identify an Amazon RDS resource by specifying its ARN. For example, when you create an RDS DB instance Read Replica, you must supply the ARN for the source DB instance.

Constructing an ARN for Amazon RDS

Resources created in Amazon Web Services are each uniquely identified with an Amazon Resource Name (ARN). You can construct an ARN for an Amazon RDS resource using the following syntax.

arn:aws:rds:<region>:<account number>:<resourcetype>:<name>

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2 HTTPS
US East (N. Virginia) us-east-1 HTTPS
US West (N. California) us-west-1 HTTPS
US West (Oregon) us-west-2 HTTPS
Asia Pacific (Hong Kong) ap-east-1 HTTPS
Asia Pacific (Mumbai) ap-south-1 HTTPS
Asia Pacific (Osaka-Local) ap-northeast-3 HTTPS
Asia Pacific (Seoul) ap-northeast-2 HTTPS
Asia Pacific (Singapore) ap-southeast-1 HTTPS
Asia Pacific (Sydney) ap-southeast-2 HTTPS
Asia Pacific (Tokyo) ap-northeast-1 HTTPS
Canada (Central) ca-central-1 HTTPS
China (Beijing) cn-north-1 HTTPS
China (Ningxia) cn-northwest-1 HTTPS
EU (Frankfurt) eu-central-1 HTTPS
EU (Ireland) eu-west-1 HTTPS
EU (London) eu-west-2 HTTPS
EU (Paris) eu-west-3 HTTPS
EU (Stockholm) eu-north-1 HTTPS
Middle East (Bahrain) me-south-1 HTTPS
South America (Sao Paulo) sa-east-1 HTTPS
AWS GovCloud (US-East) us-gov-east-1 HTTPS
AWS GovCloud (US-West) us-gov-west-1 HTTPS

The following table shows the format that you should use when constructing an ARN for a particular Amazon RDS resource type.

Resource Type ARN Format
DB instance


For example:

Event subscription


For example:

DB option group


For example:

DB parameter group


For example:

Reserved DB instance


For example:

DB security group


For example:

Automated DB snapshot


For example:

Manual DB snapshot


For example:

DB subnet group


For example:


Getting an Existing ARN

You can get the ARN of an RDS resource by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or RDS API.


To get an ARN from the AWS Management Console, navigate to the resource you want an ARN for, and view the details for that resource. For example, you can get the ARN for a DB instance from the Configuration tab of the DB instance details, as shown following.

    				DB instance ARN


To get an ARN from the AWS CLI for a particular RDS resource, you use the describe command for that resource. The following table shows each AWS CLI command, and the ARN property used with the command to get an ARN.

AWS CLI Command ARN Property
describe-event-subscriptions EventSubscriptionArn
describe-certificates CertificateArn
describe-db-parameter-groups DBParameterGroupArn
describe-db-instances DBInstanceArn
describe-db-security-groups DBSecurityGroupArn
describe-db-snapshots DBSnapshotArn
describe-events SourceArn
describe-reserved-db-instances ReservedDBInstanceArn
describe-db-subnet-groups DBSubnetGroupArn
describe-option-groups OptionGroupArn

For example, the following AWS CLI command gets the ARN for a DB instance.


For Linux, OS X, or Unix:

aws rds describe-db-instances \ --db-instance-identifier DBInstanceIdentifier \ --region us-west-2

For Windows:

aws rds describe-db-instances ^ --db-instance-identifier DBInstanceIdentifier ^ --region us-west-2


To get an ARN for a particular RDS resource, you can call the following RDS API operations and use the ARN properties shown following.

RDS API Operation ARN Property
DescribeEventSubscriptions EventSubscriptionArn
DescribeCertificates CertificateArn
DescribeDBParameterGroups DBParameterGroupArn
DescribeDBInstances DBInstanceArn
DescribeDBSecurityGroups DBSecurityGroupArn
DescribeDBSnapshots DBSnapshotArn
DescribeEvents SourceArn
DescribeReservedDBInstances ReservedDBInstanceArn
DescribeDBSubnetGroups DBSubnetGroupArn
DescribeOptionGroups OptionGroupArn