DatabaseClusterProps

class aws_cdk.aws_docdb.DatabaseClusterProps(*, instance_type, master_user, vpc, backup=None, cloud_watch_logs_retention=None, cloud_watch_logs_retention_role=None, db_cluster_name=None, deletion_protection=None, engine_version=None, export_audit_logs_to_cloud_watch=None, export_profiler_logs_to_cloud_watch=None, instance_identifier_base=None, instances=None, kms_key=None, parameter_group=None, port=None, preferred_maintenance_window=None, removal_policy=None, security_group=None, storage_encrypted=None, vpc_subnets=None)

Bases: object

Properties for a new database cluster.

Parameters:
  • instance_type (InstanceType) – What type of instance to start for the replicas.

  • master_user (Union[Login, Dict[str, Any]]) – Username and password for the administrative user.

  • vpc (IVpc) – What subnets to run the DocumentDB instances in. Must be at least 2 subnets in two different AZs.

  • backup (Union[BackupProps, Dict[str, Any], None]) – Backup settings. Default: - Backup retention period for automated backups is 1 day. Backup preferred window is set to a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

  • cloud_watch_logs_retention (Optional[RetentionDays]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity. Default: - logs never expire

  • cloud_watch_logs_retention_role (Optional[IRole]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - a new role is created.

  • db_cluster_name (Optional[str]) – An optional identifier for the cluster. Default: - A name is automatically generated.

  • deletion_protection (Optional[bool]) – Specifies whether this cluster can be deleted. If deletionProtection is enabled, the cluster cannot be deleted unless it is modified and deletionProtection is disabled. deletionProtection protects clusters from being accidentally deleted. Default: - false

  • engine_version (Optional[str]) – What version of the database to start. Default: - The default engine version.

  • export_audit_logs_to_cloud_watch (Optional[bool]) – Whether the audit logs should be exported to CloudWatch. Note that you also have to configure the audit log export in the Cluster’s Parameter Group. Default: false

  • export_profiler_logs_to_cloud_watch (Optional[bool]) – Whether the profiler logs should be exported to CloudWatch. Note that you also have to configure the profiler log export in the Cluster’s Parameter Group. Default: false

  • instance_identifier_base (Optional[str]) – Base identifier for instances. Every replica is named by appending the replica number to this string, 1-based. Default: - dbClusterName is used with the word “Instance” appended. If dbClusterName is not provided, the identifier is automatically generated.

  • instances (Union[int, float, None]) – Number of DocDB compute instances. Default: 1

  • kms_key (Optional[IKey]) – The KMS key for storage encryption. Default: - default master key.

  • parameter_group (Optional[IClusterParameterGroup]) – The DB parameter group to associate with the instance. Default: no parameter group

  • port (Union[int, float, None]) – The port the DocumentDB cluster will listen on. Default: DatabaseCluster.DEFAULT_PORT

  • preferred_maintenance_window (Optional[str]) – A weekly time range in which maintenance should preferably execute. Must be at least 30 minutes long. Example: ‘tue:04:17-tue:04:47’ Default: - 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

  • removal_policy (Optional[RemovalPolicy]) – The removal policy to apply when the cluster and its instances are removed or replaced during a stack update, or when the stack is deleted. This removal policy also applies to the implicit security group created for the cluster if one is not supplied as a parameter. Default: - Retain cluster.

  • security_group (Optional[ISecurityGroup]) – Security group. Default: a new security group is created.

  • storage_encrypted (Optional[bool]) – Whether to enable storage encryption. Default: true

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – Where to place the instances within the VPC. Default: private subnets

ExampleMetadata:

infused

Example:

# vpc: ec2.Vpc

cluster = docdb.DatabaseCluster(self, "Database",
    master_user=docdb.Login(
        username="myuser",  # NOTE: 'admin' is reserved by DocumentDB
        exclude_characters=""@/:",  # optional, defaults to the set ""@/" and is also used for eventually created rotations
        secret_name="/myapp/mydocdb/masteruser"
    ),
    instance_type=ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE),
    vpc_subnets=ec2.SubnetSelection(
        subnet_type=ec2.SubnetType.PUBLIC
    ),
    vpc=vpc
)

Attributes

backup

Backup settings.

Default:

  • Backup retention period for automated backups is 1 day.

Backup preferred window is set to a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/backup-restore.db-cluster-snapshots.html#backup-restore.backup-window

cloud_watch_logs_retention

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity.

Default:
  • logs never expire

cloud_watch_logs_retention_role

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

Default:
  • a new role is created.

db_cluster_name

An optional identifier for the cluster.

Default:
  • A name is automatically generated.

deletion_protection

Specifies whether this cluster can be deleted.

If deletionProtection is enabled, the cluster cannot be deleted unless it is modified and deletionProtection is disabled. deletionProtection protects clusters from being accidentally deleted.

Default:
  • false

engine_version

What version of the database to start.

Default:
  • The default engine version.

export_audit_logs_to_cloud_watch

Whether the audit logs should be exported to CloudWatch.

Note that you also have to configure the audit log export in the Cluster’s Parameter Group.

Default:

false

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html#event-auditing-enabling-auditing

export_profiler_logs_to_cloud_watch

Whether the profiler logs should be exported to CloudWatch.

Note that you also have to configure the profiler log export in the Cluster’s Parameter Group.

Default:

false

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html#profiling.enable-profiling

instance_identifier_base

Base identifier for instances.

Every replica is named by appending the replica number to this string, 1-based.

Default:

  • dbClusterName is used with the word “Instance” appended. If dbClusterName is not provided, the

identifier is automatically generated.

instance_type

What type of instance to start for the replicas.

instances

Number of DocDB compute instances.

Default:

1

kms_key

The KMS key for storage encryption.

Default:
  • default master key.

master_user

Username and password for the administrative user.

parameter_group

The DB parameter group to associate with the instance.

Default:

no parameter group

port

The port the DocumentDB cluster will listen on.

Default:

DatabaseCluster.DEFAULT_PORT

preferred_maintenance_window

A weekly time range in which maintenance should preferably execute.

Must be at least 30 minutes long.

Example: ‘tue:04:17-tue:04:47’

Default:

  • 30-minute window selected at random from an 8-hour block of time for

each AWS Region, occurring on a random day of the week.

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-maintain.html#maintenance-window

removal_policy

The removal policy to apply when the cluster and its instances are removed or replaced during a stack update, or when the stack is deleted.

This removal policy also applies to the implicit security group created for the cluster if one is not supplied as a parameter.

Default:
  • Retain cluster.

security_group

Security group.

Default:

a new security group is created.

storage_encrypted

Whether to enable storage encryption.

Default:

true

vpc

What subnets to run the DocumentDB instances in.

Must be at least 2 subnets in two different AZs.

vpc_subnets

Where to place the instances within the VPC.

Default:

private subnets