DatabaseInstanceNewProps

class aws_cdk.aws_rds.DatabaseInstanceNewProps(*, vpc, auto_minor_version_upgrade=None, availability_zone=None, backup_retention=None, ca_certificate=None, cloudwatch_logs_exports=None, cloudwatch_logs_retention=None, cloudwatch_logs_retention_role=None, copy_tags_to_snapshot=None, delete_automated_backups=None, deletion_protection=None, domain=None, domain_role=None, enable_performance_insights=None, iam_authentication=None, instance_identifier=None, iops=None, max_allocated_storage=None, monitoring_interval=None, monitoring_role=None, multi_az=None, network_type=None, option_group=None, parameter_group=None, performance_insight_encryption_key=None, performance_insight_retention=None, port=None, preferred_backup_window=None, preferred_maintenance_window=None, processor_features=None, publicly_accessible=None, removal_policy=None, s3_export_buckets=None, s3_export_role=None, s3_import_buckets=None, s3_import_role=None, security_groups=None, storage_throughput=None, storage_type=None, subnet_group=None, vpc_subnets=None)

Bases: object

Construction properties for a DatabaseInstanceNew.

Parameters:
  • vpc (IVpc) – The VPC network where the DB subnet group should be created.

  • auto_minor_version_upgrade (Optional[bool]) – Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window. Default: true

  • availability_zone (Optional[str]) – The name of the Availability Zone where the DB instance will be located. Default: - no preference

  • backup_retention (Optional[Duration]) – The number of days during which automatic DB snapshots are retained. Set to zero to disable backups. When creating a read replica, you must enable automatic backups on the source database instance by setting the backup retention to a value other than zero. Default: - Duration.days(1) for source instances, disabled for read replicas

  • ca_certificate (Optional[CaCertificate]) – The identifier of the CA certificate for this DB instance. Specifying or updating this property triggers a reboot. For RDS DB engines: Default: - RDS will choose a certificate authority

  • cloudwatch_logs_exports (Optional[Sequence[str]]) – The list of log types that need to be enabled for exporting to CloudWatch Logs. Default: - no log exports

  • cloudwatch_logs_retention (Optional[RetentionDays]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity. Default: - logs never expire

  • cloudwatch_logs_retention_role (Optional[IRole]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - a new role is created.

  • copy_tags_to_snapshot (Optional[bool]) – Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. Default: true

  • delete_automated_backups (Optional[bool]) – Indicates whether automated backups should be deleted or retained when you delete a DB instance. Default: true

  • deletion_protection (Optional[bool]) – Indicates whether the DB instance should have deletion protection enabled. Default: - true if removalPolicy is RETAIN, false otherwise

  • domain (Optional[str]) – The Active Directory directory ID to create the DB instance in. Default: - Do not join domain

  • domain_role (Optional[IRole]) – The IAM role to be used when making API calls to the Directory Service. The role needs the AWS-managed policy AmazonRDSDirectoryServiceAccess or equivalent. Default: - The role will be created for you if DatabaseInstanceNewProps#domain is specified

  • enable_performance_insights (Optional[bool]) – Whether to enable Performance Insights for the DB instance. Default: - false, unless performanceInsightRetention or performanceInsightEncryptionKey is set.

  • iam_authentication (Optional[bool]) – Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. Default: false

  • instance_identifier (Optional[str]) – A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. Default: - a CloudFormation generated name

  • iops (Union[int, float, None]) – The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. Default: - no provisioned iops if storage type is not specified. For GP3: 3,000 IOPS if allocated storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL, less than 200 GiB for Oracle and less than 20 GiB for SQL Server. 12,000 IOPS otherwise (except for SQL Server where the default is always 3,000 IOPS).

  • max_allocated_storage (Union[int, float, None]) – Upper limit to which RDS can scale the storage in GiB(Gibibyte). Default: - No autoscaling of RDS instance

  • monitoring_interval (Optional[Duration]) – The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance. Default: - no enhanced monitoring

  • monitoring_role (Optional[IRole]) – Role that will be used to manage DB instance monitoring. Default: - A role is automatically created for you

  • multi_az (Optional[bool]) – Specifies if the database instance is a multiple Availability Zone deployment. Default: false

  • network_type (Optional[NetworkType]) – The network type of the DB instance. Default: - IPV4

  • option_group (Optional[IOptionGroup]) – The option group to associate with the instance. Default: - no option group

  • parameter_group (Optional[IParameterGroup]) – The DB parameter group to associate with the instance. Default: - no parameter group

  • performance_insight_encryption_key (Optional[IKey]) – The AWS KMS key for encryption of Performance Insights data. Default: - default master key

  • performance_insight_retention (Optional[PerformanceInsightRetention]) – The amount of time, in days, to retain Performance Insights data. Default: 7 this is the free tier

  • port (Union[int, float, None]) – The port for the instance. Default: - the default port for the chosen engine.

  • preferred_backup_window (Optional[str]) – The daily time range during which automated backups are performed. Constraints: - Must be in the format hh24:mi-hh24:mi. - Must be in Universal Coordinated Time (UTC). - Must not conflict with the preferred maintenance window. - Must be at least 30 minutes. Default: - a 30-minute window selected at random from an 8-hour block of time for each AWS Region. To see the time blocks available, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow

  • preferred_maintenance_window (Optional[str]) – The weekly time range (in UTC) during which system maintenance can occur. Format: ddd:hh24:mi-ddd:hh24:mi Constraint: Minimum 30-minute window Default: - a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance

  • processor_features (Union[ProcessorFeatures, Dict[str, Any], None]) – The number of CPU cores and the number of threads per core. Default: - the default number of CPU cores and threads per core for the chosen instance class. See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor

  • publicly_accessible (Optional[bool]) – Indicates whether the DB instance is an internet-facing instance. If not specified, the instance’s vpcSubnets will be used to determine if the instance is internet-facing or not. Default: - true if the instance’s vpcSubnets is subnetType: SubnetType.PUBLIC, false otherwise

  • removal_policy (Optional[RemovalPolicy]) – The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update. Default: - RemovalPolicy.SNAPSHOT (remove the resource, but retain a snapshot of the data)

  • s3_export_buckets (Optional[Sequence[IBucket]]) – S3 buckets that you want to load data into. This property must not be used if s3ExportRole is used. For Microsoft SQL Server: Default: - None

  • s3_export_role (Optional[IRole]) – Role that will be associated with this DB instance to enable S3 export. This property must not be used if s3ExportBuckets is used. For Microsoft SQL Server: Default: - New role is created if s3ExportBuckets is set, no role is defined otherwise

  • s3_import_buckets (Optional[Sequence[IBucket]]) – S3 buckets that you want to load data from. This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines. This property must not be used if s3ImportRole is used. For Microsoft SQL Server: Default: - None

  • s3_import_role (Optional[IRole]) – Role that will be associated with this DB instance to enable S3 import. This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines. This property must not be used if s3ImportBuckets is used. For Microsoft SQL Server: Default: - New role is created if s3ImportBuckets is set, no role is defined otherwise

  • security_groups (Optional[Sequence[ISecurityGroup]]) – The security groups to assign to the DB instance. Default: - a new security group is created

  • storage_throughput (Union[int, float, None]) – The storage throughput, specified in mebibytes per second (MiBps). Only applicable for GP3. Default: - 125 MiBps if allocated storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL, less than 200 GiB for Oracle and less than 20 GiB for SQL Server. 500 MiBps otherwise (except for SQL Server where the default is always 125 MiBps).

  • storage_type (Optional[StorageType]) – The storage type. Storage types supported are gp2, io1, standard. Default: GP2

  • subnet_group (Optional[ISubnetGroup]) – Existing subnet group for the instance. Default: - a new subnet group will be created.

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – The type of subnets to add to the created DB subnet group. Default: - private subnets

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk as cdk
from aws_cdk import aws_ec2 as ec2
from aws_cdk import aws_iam as iam
from aws_cdk import aws_kms as kms
from aws_cdk import aws_logs as logs
from aws_cdk import aws_rds as rds
from aws_cdk import aws_s3 as s3

# bucket: s3.Bucket
# ca_certificate: rds.CaCertificate
# key: kms.Key
# option_group: rds.OptionGroup
# parameter_group: rds.ParameterGroup
# role: iam.Role
# security_group: ec2.SecurityGroup
# subnet: ec2.Subnet
# subnet_filter: ec2.SubnetFilter
# subnet_group: rds.SubnetGroup
# vpc: ec2.Vpc

database_instance_new_props = rds.DatabaseInstanceNewProps(
    vpc=vpc,

    # the properties below are optional
    auto_minor_version_upgrade=False,
    availability_zone="availabilityZone",
    backup_retention=cdk.Duration.minutes(30),
    ca_certificate=ca_certificate,
    cloudwatch_logs_exports=["cloudwatchLogsExports"],
    cloudwatch_logs_retention=logs.RetentionDays.ONE_DAY,
    cloudwatch_logs_retention_role=role,
    copy_tags_to_snapshot=False,
    delete_automated_backups=False,
    deletion_protection=False,
    domain="domain",
    domain_role=role,
    enable_performance_insights=False,
    iam_authentication=False,
    instance_identifier="instanceIdentifier",
    iops=123,
    max_allocated_storage=123,
    monitoring_interval=cdk.Duration.minutes(30),
    monitoring_role=role,
    multi_az=False,
    network_type=rds.NetworkType.IPV4,
    option_group=option_group,
    parameter_group=parameter_group,
    performance_insight_encryption_key=key,
    performance_insight_retention=rds.PerformanceInsightRetention.DEFAULT,
    port=123,
    preferred_backup_window="preferredBackupWindow",
    preferred_maintenance_window="preferredMaintenanceWindow",
    processor_features=rds.ProcessorFeatures(
        core_count=123,
        threads_per_core=123
    ),
    publicly_accessible=False,
    removal_policy=cdk.RemovalPolicy.DESTROY,
    s3_export_buckets=[bucket],
    s3_export_role=role,
    s3_import_buckets=[bucket],
    s3_import_role=role,
    security_groups=[security_group],
    storage_throughput=123,
    storage_type=rds.StorageType.STANDARD,
    subnet_group=subnet_group,
    vpc_subnets=ec2.SubnetSelection(
        availability_zones=["availabilityZones"],
        one_per_az=False,
        subnet_filters=[subnet_filter],
        subnet_group_name="subnetGroupName",
        subnets=[subnet],
        subnet_type=ec2.SubnetType.PRIVATE_ISOLATED
    )
)

Attributes

auto_minor_version_upgrade

Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.

Default:

true

availability_zone

The name of the Availability Zone where the DB instance will be located.

Default:
  • no preference

backup_retention

The number of days during which automatic DB snapshots are retained.

Set to zero to disable backups. When creating a read replica, you must enable automatic backups on the source database instance by setting the backup retention to a value other than zero.

Default:
  • Duration.days(1) for source instances, disabled for read replicas

ca_certificate

The identifier of the CA certificate for this DB instance.

Specifying or updating this property triggers a reboot.

For RDS DB engines:

Default:
  • RDS will choose a certificate authority

See:

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html

cloudwatch_logs_exports

The list of log types that need to be enabled for exporting to CloudWatch Logs.

Default:
  • no log exports

cloudwatch_logs_retention

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity.

Default:
  • logs never expire

cloudwatch_logs_retention_role

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

Default:
  • a new role is created.

copy_tags_to_snapshot

Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.

Default:

true

delete_automated_backups

Indicates whether automated backups should be deleted or retained when you delete a DB instance.

Default:

true

deletion_protection

Indicates whether the DB instance should have deletion protection enabled.

Default:
  • true if removalPolicy is RETAIN, false otherwise

domain

The Active Directory directory ID to create the DB instance in.

Default:
  • Do not join domain

domain_role

The IAM role to be used when making API calls to the Directory Service.

The role needs the AWS-managed policy AmazonRDSDirectoryServiceAccess or equivalent.

Default:
  • The role will be created for you if DatabaseInstanceNewProps#domain is specified

enable_performance_insights

Whether to enable Performance Insights for the DB instance.

Default:
  • false, unless performanceInsightRetention or performanceInsightEncryptionKey is set.

iam_authentication

Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.

Default:

false

instance_identifier

A name for the DB instance.

If you specify a name, AWS CloudFormation converts it to lowercase.

Default:
  • a CloudFormation generated name

iops

The number of I/O operations per second (IOPS) that the database provisions.

The value must be equal to or greater than 1000.

Default:

  • no provisioned iops if storage type is not specified. For GP3: 3,000 IOPS if allocated

storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL, less than 200 GiB for Oracle and less than 20 GiB for SQL Server. 12,000 IOPS otherwise (except for SQL Server where the default is always 3,000 IOPS).

max_allocated_storage

Upper limit to which RDS can scale the storage in GiB(Gibibyte).

Default:
  • No autoscaling of RDS instance

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling

monitoring_interval

The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.

Default:
  • no enhanced monitoring

monitoring_role

Role that will be used to manage DB instance monitoring.

Default:
  • A role is automatically created for you

multi_az

Specifies if the database instance is a multiple Availability Zone deployment.

Default:

false

network_type

The network type of the DB instance.

Default:
  • IPV4

option_group

The option group to associate with the instance.

Default:
  • no option group

parameter_group

The DB parameter group to associate with the instance.

Default:
  • no parameter group

performance_insight_encryption_key

The AWS KMS key for encryption of Performance Insights data.

Default:
  • default master key

performance_insight_retention

The amount of time, in days, to retain Performance Insights data.

Default:

7 this is the free tier

port

The port for the instance.

Default:
  • the default port for the chosen engine.

preferred_backup_window

The daily time range during which automated backups are performed.

Constraints:

  • Must be in the format hh24:mi-hh24:mi.

  • Must be in Universal Coordinated Time (UTC).

  • Must not conflict with the preferred maintenance window.

  • Must be at least 30 minutes.

Default:

  • a 30-minute window selected at random from an 8-hour block of

time for each AWS Region. To see the time blocks available, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow

preferred_maintenance_window

The weekly time range (in UTC) during which system maintenance can occur.

Format: ddd:hh24:mi-ddd:hh24:mi Constraint: Minimum 30-minute window

Default:

  • a 30-minute window selected at random from an 8-hour block of

time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance

processor_features

The number of CPU cores and the number of threads per core.

Default:

  • the default number of CPU cores and threads per core for the

chosen instance class.

See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor

publicly_accessible

Indicates whether the DB instance is an internet-facing instance.

If not specified, the instance’s vpcSubnets will be used to determine if the instance is internet-facing or not.

Default:
  • true if the instance’s vpcSubnets is subnetType: SubnetType.PUBLIC, false otherwise

removal_policy

The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.

Default:
  • RemovalPolicy.SNAPSHOT (remove the resource, but retain a snapshot of the data)

s3_export_buckets

S3 buckets that you want to load data into.

This property must not be used if s3ExportRole is used.

For Microsoft SQL Server:

Default:
  • None

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html

s3_export_role

Role that will be associated with this DB instance to enable S3 export.

This property must not be used if s3ExportBuckets is used.

For Microsoft SQL Server:

Default:
  • New role is created if s3ExportBuckets is set, no role is defined otherwise

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html

s3_import_buckets

S3 buckets that you want to load data from.

This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.

This property must not be used if s3ImportRole is used.

For Microsoft SQL Server:

Default:
  • None

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html

s3_import_role

Role that will be associated with this DB instance to enable S3 import.

This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.

This property must not be used if s3ImportBuckets is used.

For Microsoft SQL Server:

Default:
  • New role is created if s3ImportBuckets is set, no role is defined otherwise

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html

security_groups

The security groups to assign to the DB instance.

Default:
  • a new security group is created

storage_throughput

The storage throughput, specified in mebibytes per second (MiBps).

Only applicable for GP3.

Default:

  • 125 MiBps if allocated storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL,

less than 200 GiB for Oracle and less than 20 GiB for SQL Server. 500 MiBps otherwise (except for SQL Server where the default is always 125 MiBps).

See:

https://docs.aws.amazon.com//AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage

storage_type

The storage type.

Storage types supported are gp2, io1, standard.

Default:

GP2

See:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD

subnet_group

Existing subnet group for the instance.

Default:
  • a new subnet group will be created.

vpc

The VPC network where the DB subnet group should be created.

vpc_subnets

The type of subnets to add to the created DB subnet group.

Default:
  • private subnets