CfnDBClusterProps

class aws_cdk.aws_rds.CfnDBClusterProps(*, allocated_storage=None, associated_roles=None, auto_minor_version_upgrade=None, availability_zones=None, backtrack_window=None, backup_retention_period=None, copy_tags_to_snapshot=None, database_name=None, db_cluster_identifier=None, db_cluster_instance_class=None, db_cluster_parameter_group_name=None, db_instance_parameter_group_name=None, db_subnet_group_name=None, db_system_id=None, deletion_protection=None, domain=None, domain_iam_role_name=None, enable_cloudwatch_logs_exports=None, enable_http_endpoint=None, enable_iam_database_authentication=None, engine=None, engine_mode=None, engine_version=None, global_cluster_identifier=None, iops=None, kms_key_id=None, manage_master_user_password=None, master_username=None, master_user_password=None, master_user_secret=None, monitoring_interval=None, monitoring_role_arn=None, network_type=None, performance_insights_enabled=None, performance_insights_kms_key_id=None, performance_insights_retention_period=None, port=None, preferred_backup_window=None, preferred_maintenance_window=None, publicly_accessible=None, replication_source_identifier=None, restore_to_time=None, restore_type=None, scaling_configuration=None, serverless_v2_scaling_configuration=None, snapshot_identifier=None, source_db_cluster_identifier=None, source_region=None, storage_encrypted=None, storage_type=None, tags=None, use_latest_restorable_time=None, vpc_security_group_ids=None)

Bases: object

Properties for defining a CfnDBCluster.

Parameters:

• allocated_storage (Union[int, float, None]) – The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. This setting is required to create a Multi-AZ DB cluster. Valid for: Multi-AZ DB clusters only

• associated_roles (Union[IResolvable, Sequence[Union[DBClusterRoleProperty, Dict[str, Any], IResolvable]], None]) – Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• auto_minor_version_upgrade (Union[bool, IResolvable, None]) – A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically. Valid for: Multi-AZ DB clusters only

• availability_zones (Optional[Sequence[str]]) – A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see Choosing the Regions and Availability Zones in the Amazon Aurora User Guide . Valid for: Aurora DB clusters only

• backtrack_window (Union[int, float, None]) – The target backtrack window, in seconds. To disable backtracking, set this value to 0. .. epigraph:: Currently, Backtrack is only supported for Aurora MySQL DB clusters. Default: 0 Constraints: - If specified, this value must be set to a number from 0 to 259,200 (72 hours). Valid for: Aurora MySQL DB clusters only

• backup_retention_period (Union[int, float, None]) – The number of days for which automated backups are retained. Default: 1 Constraints: - Must be a value from 1 to 35 Valid for: Aurora DB clusters and Multi-AZ DB clusters

• copy_tags_to_snapshot (Union[bool, IResolvable, None]) – A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• database_name (Optional[str]) – The name of your database. If you don’t provide a name, then Amazon RDS won’t create a database in this DB cluster. For naming constraints, see Naming Constraints in the Amazon Aurora User Guide . Valid for: Aurora DB clusters and Multi-AZ DB clusters

• db_cluster_identifier (Optional[str]) – The DB cluster identifier. This parameter is stored as a lowercase string. Constraints: - Must contain from 1 to 63 letters, numbers, or hyphens. - First character must be a letter. - Can’t end with a hyphen or contain two consecutive hyphens. Example: my-cluster1 Valid for: Aurora DB clusters and Multi-AZ DB clusters

• db_cluster_instance_class (Optional[str]) – The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes and availability for your engine, see DB instance class in the Amazon RDS User Guide . This setting is required to create a Multi-AZ DB cluster. Valid for: Multi-AZ DB clusters only

• db_cluster_parameter_group_name (Optional[str]) – The name of the DB cluster parameter group to associate with this DB cluster. .. epigraph:: If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting. If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. To list all of the available DB cluster parameter group names, use the following command: aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text Valid for: Aurora DB clusters and Multi-AZ DB clusters

• db_instance_parameter_group_name (Optional[str]) – The name of the DB parameter group to apply to all instances of the DB cluster. .. epigraph:: When you apply a parameter group using the DBInstanceParameterGroupName parameter, the DB cluster isn’t rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. Default: The existing name setting Constraints: - The DB parameter group must be in the same DB parameter group family as this DB cluster.

• db_subnet_group_name (Optional[str]) – A DB subnet group that you want to associate with this DB cluster. If you are restoring a DB cluster to a point in time with RestoreType set to copy-on-write , and don’t specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• db_system_id (Optional[str]) – Reserved for future use.

• deletion_protection (Union[bool, IResolvable, None]) – A value that indicates whether the DB cluster has deletion protection enabled. The database can’t be deleted when deletion protection is enabled. By default, deletion protection is disabled. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• domain (Optional[str]) – Indicates the directory ID of the Active Directory to create the DB cluster. For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster. For more information, see Kerberos authentication in the Amazon Aurora User Guide . Valid for: Aurora DB clusters only

• domain_iam_role_name (Optional[str]) – Specifies the name of the IAM role to use when making API calls to the Directory Service. Valid for: Aurora DB clusters only

• enable_cloudwatch_logs_exports (Optional[Sequence[str]]) – The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide . Aurora MySQL Valid values: audit , error , general , slowquery Aurora PostgreSQL Valid values: postgresql Valid for: Aurora DB clusters and Multi-AZ DB clusters

• enable_http_endpoint (Union[bool, IResolvable, None]) – A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless DB cluster. By default, the HTTP endpoint is disabled. When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor. For more information, see Using the Data API for Aurora Serverless in the Amazon Aurora User Guide . Valid for: Aurora DB clusters only

• enable_iam_database_authentication (Union[bool, IResolvable, None]) – A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. For more information, see IAM Database Authentication in the Amazon Aurora User Guide. Valid for: Aurora DB clusters only

• engine (Optional[str]) – The name of the database engine to be used for this DB cluster. Valid Values: - aurora-mysql - aurora-postgresql - mysql - postgres Valid for: Aurora DB clusters and Multi-AZ DB clusters

• engine_mode (Optional[str]) – The DB engine mode of the DB cluster, either provisioned or serverless . The serverless engine mode only supports Aurora Serverless v1. Currently, AWS CloudFormation doesn’t support Aurora Serverless v2. Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide : - Limitations of Aurora Serverless v1 - Requirements for Aurora Serverless v2 - Limitations of parallel query - Limitations of Aurora global databases Valid for: Aurora DB clusters only

• engine_version (Optional[str]) – The version number of the database engine to use. To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command: aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion" You can supply either 5.7 or 8.0 to use the default engine version for Aurora MySQL version 2 or version 3, respectively. To list all of the available engine versions for Aurora PostgreSQL, use the following command: aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion" To list all of the available engine versions for RDS for MySQL, use the following command: aws rds describe-db-engine-versions --engine mysql --query "DBEngineVersions[].EngineVersion" To list all of the available engine versions for RDS for PostgreSQL, use the following command: aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion" Aurora MySQL For information, see Database engine updates for Amazon Aurora MySQL in the Amazon Aurora User Guide . Aurora PostgreSQL For information, see Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide . MySQL For information, see Amazon RDS for MySQL in the Amazon RDS User Guide . PostgreSQL For information, see Amazon RDS for PostgreSQL in the Amazon RDS User Guide . Valid for: Aurora DB clusters and Multi-AZ DB clusters

• global_cluster_identifier (Optional[str]) – If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the AWS::RDS::GlobalCluster resource. If you aren’t configuring a global database cluster, don’t specify this property. .. epigraph:: To remove the DB cluster from a global database cluster, specify an empty value for the GlobalClusterIdentifier property. For information about Aurora global databases, see Working with Amazon Aurora Global Databases in the Amazon Aurora User Guide . Valid for: Aurora DB clusters only

• iops (Union[int, float, None]) – The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid IOPS values, see Provisioned IOPS storage in the Amazon RDS User Guide . This setting is required to create a Multi-AZ DB cluster. Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster. Valid for: Multi-AZ DB clusters only

• kms_key_id (Optional[str]) – The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef . If you enable the StorageEncrypted property but don’t specify this property, the default KMS key is used. If you specify this property, you must set the StorageEncrypted property to true . If you specify the SnapshotIdentifier property, the StorageEncrypted property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified KmsKeyId property is used. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• manage_master_user_password (Union[bool, IResolvable, None]) –

  A value that indicates whether to manage the master user password with AWS Secrets Manager. For more information, see Password management with AWS Secrets Manager in the Amazon RDS User Guide and Password management with AWS Secrets Manager in the Amazon Aurora User Guide. Constraints: - Can’t manage the master user password with AWS Secrets Manager if MasterUserPassword is specified. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• master_username (Optional[str]) – The name of the master user for the DB cluster. .. epigraph:: If you specify the SourceDBClusterIdentifier , SnapshotIdentifier , or GlobalClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• master_user_password (Optional[str]) – The master password for the DB instance. .. epigraph:: If you specify the SourceDBClusterIdentifier , SnapshotIdentifier , or GlobalClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• master_user_secret (Union[IResolvable, MasterUserSecretProperty, Dict[str, Any], None]) –

  Contains the secret managed by RDS in AWS Secrets Manager for the master user password. For more information, see Password management with AWS Secrets Manager in the Amazon RDS User Guide and Password management with AWS Secrets Manager in the Amazon Aurora User Guide.

• monitoring_interval (Union[int, float, None]) – The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0. If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0. Valid Values: 0, 1, 5, 10, 15, 30, 60 Valid for: Multi-AZ DB clusters only

• monitoring_role_arn (Optional[str]) – The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess . For information on creating a monitoring role, see Setting up and enabling Enhanced Monitoring in the Amazon RDS User Guide . If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value. Valid for: Multi-AZ DB clusters only

• network_type (Optional[str]) – The network type of the DB cluster. Valid values: - IPV4 - DUAL The network type is determined by the DBSubnetGroup specified for the DB cluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( DUAL ). For more information, see Working with a DB instance in a VPC in the Amazon Aurora User Guide. Valid for: Aurora DB clusters only

• performance_insights_enabled (Union[bool, IResolvable, None]) – A value that indicates whether to turn on Performance Insights for the DB cluster. For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide . Valid for: Multi-AZ DB clusters only

• performance_insights_kms_key_id (Optional[str]) – The AWS KMS key identifier for encryption of Performance Insights data. The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. If you don’t specify a value for PerformanceInsightsKMSKeyId , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region . Valid for: Multi-AZ DB clusters only

• performance_insights_retention_period (Union[int, float, None]) – The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:. - 7 - month * 31, where month is a number of months from 1-23 - 731 For example, the following values are valid: - 93 (3 months * 31) - 341 (11 months * 31) - 589 (19 months * 31) - 731 If you specify a retention period such as 94, which isn’t a valid value, RDS issues an error. Valid for: Multi-AZ DB clusters only

• port (Union[int, float, None]) – The port number on which the DB instances in the DB cluster accept connections. Default: - When EngineMode is provisioned , 3306 (for both Aurora MySQL and Aurora PostgreSQL) - When EngineMode is serverless : - 3306 when Engine is aurora or aurora-mysql - 5432 when Engine is aurora-postgresql .. epigraph:: The No interruption on update behavior only applies to DB clusters. If you are updating a DB instance, see Port for the AWS::RDS::DBInstance resource. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• preferred_backup_window (Optional[str]) – The daily time range during which automated backups are created. For more information, see Backup Window in the Amazon Aurora User Guide. Constraints: - Must be in the format hh24:mi-hh24:mi . - Must be in Universal Coordinated Time (UTC). - Must not conflict with the preferred maintenance window. - Must be at least 30 minutes. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• preferred_maintenance_window (Optional[str]) – The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). Format: ddd:hh24:mi-ddd:hh24:mi The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide. Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. Constraints: Minimum 30-minute window. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• publicly_accessible (Union[bool, IResolvable, None]) – A value that indicates whether the DB cluster is publicly accessible. When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster’s virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster’s VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn’t permitted if the security group assigned to the DB cluster doesn’t permit it. When the DB cluster isn’t publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address. Default: The default behavior varies depending on whether DBSubnetGroupName is specified. If DBSubnetGroupName isn’t specified, and PubliclyAccessible isn’t specified, the following applies: - If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private. - If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public. If DBSubnetGroupName is specified, and PubliclyAccessible isn’t specified, the following applies: - If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private. - If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public. Valid for: Multi-AZ DB clusters only

• replication_source_identifier (Optional[str]) – The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica. Valid for: Aurora DB clusters only

• restore_to_time (Optional[str]) – The date and time to restore the DB cluster to. Valid Values: Value must be a time in Universal Coordinated Time (UTC) format Constraints: - Must be before the latest restorable time for the DB instance - Must be specified if UseLatestRestorableTime parameter isn’t provided - Can’t be specified if the UseLatestRestorableTime parameter is enabled - Can’t be specified if the RestoreType parameter is copy-on-write Example: 2015-03-07T23:45:00Z Valid for: Aurora DB clusters and Multi-AZ DB clusters

• restore_type (Optional[str]) – The type of restore to be performed. You can specify one of the following values:. - full-copy - The new DB cluster is restored as a full copy of the source DB cluster. - copy-on-write - The new DB cluster is restored as a clone of the source DB cluster. If you don’t specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• scaling_configuration (Union[IResolvable, ScalingConfigurationProperty, Dict[str, Any], None]) – The ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless DB cluster. This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, use ServerlessV2ScalingConfiguration property. Valid for: Aurora DB clusters only

• serverless_v2_scaling_configuration (Union[IResolvable, ServerlessV2ScalingConfigurationProperty, Dict[str, Any], None]) – The ServerlessV2ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster. This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use ScalingConfiguration property. Valid for: Aurora DB clusters only

• snapshot_identifier (Optional[str]) – The identifier for the DB snapshot or DB cluster snapshot to restore from. You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot. After you restore a DB cluster with a SnapshotIdentifier property, you must specify the same SnapshotIdentifier property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don’t specify the SnapshotIdentifier property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified SnapshotIdentifier property, and the original DB cluster is deleted. If you specify the SnapshotIdentifier property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don’t specify the following properties: - GlobalClusterIdentifier - MasterUsername - MasterUserPassword - ReplicationSourceIdentifier - RestoreType - SourceDBClusterIdentifier - SourceRegion - StorageEncrypted (for an encrypted snapshot) - UseLatestRestorableTime Constraints: - Must match the identifier of an existing Snapshot. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• source_db_cluster_identifier (Optional[str]) – When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore. Constraints: - Must match the identifier of an existing DBCluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• source_region (Optional[str]) – The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, us-east-1 . Valid for: Aurora DB clusters only

• storage_encrypted (Union[bool, IResolvable, None]) – Indicates whether the DB cluster is encrypted. If you specify the KmsKeyId property, then you must enable encryption. If you specify the SourceDBClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified KmsKeyId property is used. If you specify the SnapshotIdentifier and the specified snapshot is encrypted, don’t specify this property. The value is inherited from the snapshot, and the specified KmsKeyId property is used. If you specify the SnapshotIdentifier and the specified snapshot isn’t encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the KmsKeyId property for the KMS key to use for encryption. If you don’t want the restored DB cluster to be encrypted, then don’t set this property or set it to false . Valid for: Aurora DB clusters and Multi-AZ DB clusters

• storage_type (Optional[str]) – Specifies the storage type to be associated with the DB cluster. This setting is required to create a Multi-AZ DB cluster. When specified for a Multi-AZ DB cluster, a value for the Iops parameter is required. Valid values: aurora , aurora-iopt1 (Aurora DB clusters); io1 (Multi-AZ DB clusters) Default: aurora (Aurora DB clusters); io1 (Multi-AZ DB clusters) Valid for: Aurora DB clusters and Multi-AZ DB clusters For more information on storage types for Aurora DB clusters, see Storage configurations for Amazon Aurora DB clusters . For more information on storage types for Multi-AZ DB clusters, see Settings for creating Multi-AZ DB clusters .

• tags (Optional[Sequence[Union[CfnTag, Dict[str, Any]]]]) – An optional array of key-value pairs to apply to this DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• use_latest_restorable_time (Union[bool, IResolvable, None]) – A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time. Valid for: Aurora DB clusters and Multi-AZ DB clusters

• vpc_security_group_ids (Optional[Sequence[str]]) – A list of EC2 VPC security groups to associate with this DB cluster. If you plan to update the resource, don’t specify VPC security groups in a shared VPC. Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_rds as rds

cfn_dBCluster_props = rds.CfnDBClusterProps(
    allocated_storage=123,
    associated_roles=[rds.CfnDBCluster.DBClusterRoleProperty(
        role_arn="roleArn",

        # the properties below are optional
        feature_name="featureName"
    )],
    auto_minor_version_upgrade=False,
    availability_zones=["availabilityZones"],
    backtrack_window=123,
    backup_retention_period=123,
    copy_tags_to_snapshot=False,
    database_name="databaseName",
    db_cluster_identifier="dbClusterIdentifier",
    db_cluster_instance_class="dbClusterInstanceClass",
    db_cluster_parameter_group_name="dbClusterParameterGroupName",
    db_instance_parameter_group_name="dbInstanceParameterGroupName",
    db_subnet_group_name="dbSubnetGroupName",
    db_system_id="dbSystemId",
    deletion_protection=False,
    domain="domain",
    domain_iam_role_name="domainIamRoleName",
    enable_cloudwatch_logs_exports=["enableCloudwatchLogsExports"],
    enable_http_endpoint=False,
    enable_iam_database_authentication=False,
    engine="engine",
    engine_mode="engineMode",
    engine_version="engineVersion",
    global_cluster_identifier="globalClusterIdentifier",
    iops=123,
    kms_key_id="kmsKeyId",
    manage_master_user_password=False,
    master_username="masterUsername",
    master_user_password="masterUserPassword",
    master_user_secret=rds.CfnDBCluster.MasterUserSecretProperty(
        kms_key_id="kmsKeyId",
        secret_arn="secretArn"
    ),
    monitoring_interval=123,
    monitoring_role_arn="monitoringRoleArn",
    network_type="networkType",
    performance_insights_enabled=False,
    performance_insights_kms_key_id="performanceInsightsKmsKeyId",
    performance_insights_retention_period=123,
    port=123,
    preferred_backup_window="preferredBackupWindow",
    preferred_maintenance_window="preferredMaintenanceWindow",
    publicly_accessible=False,
    replication_source_identifier="replicationSourceIdentifier",
    restore_to_time="restoreToTime",
    restore_type="restoreType",
    scaling_configuration=rds.CfnDBCluster.ScalingConfigurationProperty(
        auto_pause=False,
        max_capacity=123,
        min_capacity=123,
        seconds_before_timeout=123,
        seconds_until_auto_pause=123,
        timeout_action="timeoutAction"
    ),
    serverless_v2_scaling_configuration=rds.CfnDBCluster.ServerlessV2ScalingConfigurationProperty(
        max_capacity=123,
        min_capacity=123
    ),
    snapshot_identifier="snapshotIdentifier",
    source_db_cluster_identifier="sourceDbClusterIdentifier",
    source_region="sourceRegion",
    storage_encrypted=False,
    storage_type="storageType",
    tags=[CfnTag(
        key="key",
        value="value"
    )],
    use_latest_restorable_time=False,
    vpc_security_group_ids=["vpcSecurityGroupIds"]
)

Attributes

allocated_storage

The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.

This setting is required to create a Multi-AZ DB cluster.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-allocatedstorage

associated_roles

Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster.

IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-associatedroles

auto_minor_version_upgrade

A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window.

By default, minor engine upgrades are applied automatically.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-autominorversionupgrade

availability_zones

A list of Availability Zones (AZs) where instances in the DB cluster can be created.

For information on AWS Regions and Availability Zones, see Choosing the Regions and Availability Zones in the Amazon Aurora User Guide .

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-availabilityzones

backtrack_window

The target backtrack window, in seconds. To disable backtracking, set this value to 0.

Currently, Backtrack is only supported for Aurora MySQL DB clusters.

Default: 0

Constraints:

• If specified, this value must be set to a number from 0 to 259,200 (72 hours).

Valid for: Aurora MySQL DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-backtrackwindow

backup_retention_period

The number of days for which automated backups are retained.

Default: 1

Constraints:

• Must be a value from 1 to 35

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-backupretentionperiod

copy_tags_to_snapshot

A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster.

The default is not to copy them.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-copytagstosnapshot

database_name

The name of your database.

If you don’t provide a name, then Amazon RDS won’t create a database in this DB cluster. For naming constraints, see Naming Constraints in the Amazon Aurora User Guide .

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-databasename

db_cluster_identifier

The DB cluster identifier. This parameter is stored as a lowercase string.

Constraints:

• Must contain from 1 to 63 letters, numbers, or hyphens.

• First character must be a letter.

• Can’t end with a hyphen or contain two consecutive hyphens.

Example: my-cluster1

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbclusteridentifier

db_cluster_instance_class

The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not all DB instance classes are available in all AWS Regions , or for all database engines.

For the full list of DB instance classes and availability for your engine, see DB instance class in the Amazon RDS User Guide .

This setting is required to create a Multi-AZ DB cluster.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbclusterinstanceclass

db_cluster_parameter_group_name

The name of the DB cluster parameter group to associate with this DB cluster.

If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.

If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.

To list all of the available DB cluster parameter group names, use the following command:

aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbclusterparametergroupname

db_instance_parameter_group_name

The name of the DB parameter group to apply to all instances of the DB cluster.

When you apply a parameter group using the DBInstanceParameterGroupName parameter, the DB cluster isn’t rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.

Default: The existing name setting

Constraints:

• The DB parameter group must be in the same DB parameter group family as this DB cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbinstanceparametergroupname

db_subnet_group_name

A DB subnet group that you want to associate with this DB cluster.

If you are restoring a DB cluster to a point in time with RestoreType set to copy-on-write , and don’t specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbsubnetgroupname

db_system_id

Reserved for future use.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbsystemid

deletion_protection

A value that indicates whether the DB cluster has deletion protection enabled.

The database can’t be deleted when deletion protection is enabled. By default, deletion protection is disabled.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-deletionprotection

domain

Indicates the directory ID of the Active Directory to create the DB cluster.

For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.

For more information, see Kerberos authentication in the Amazon Aurora User Guide .

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-domain

domain_iam_role_name

Specifies the name of the IAM role to use when making API calls to the Directory Service.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-domainiamrolename

enable_cloudwatch_logs_exports

The list of log types that need to be enabled for exporting to CloudWatch Logs.

The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide .

Aurora MySQL

Valid values: audit , error , general , slowquery

Aurora PostgreSQL

Valid values: postgresql

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-enablecloudwatchlogsexports

enable_http_endpoint

A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless DB cluster.

By default, the HTTP endpoint is disabled.

When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor.

For more information, see Using the Data API for Aurora Serverless in the Amazon Aurora User Guide .

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-enablehttpendpoint

enable_iam_database_authentication

A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.

By default, mapping is disabled.

For more information, see IAM Database Authentication in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-enableiamdatabaseauthentication

engine

The name of the database engine to be used for this DB cluster.

Valid Values:

• aurora-mysql

• aurora-postgresql

• mysql

• postgres

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-engine

engine_mode

The DB engine mode of the DB cluster, either provisioned or serverless .

The serverless engine mode only supports Aurora Serverless v1. Currently, AWS CloudFormation doesn’t support Aurora Serverless v2.

Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide :

• Limitations of Aurora Serverless v1

• Requirements for Aurora Serverless v2

• Limitations of parallel query

• Limitations of Aurora global databases

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-enginemode

engine_version

The version number of the database engine to use.

To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:

aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion"

You can supply either 5.7 or 8.0 to use the default engine version for Aurora MySQL version 2 or version 3, respectively.

To list all of the available engine versions for Aurora PostgreSQL, use the following command:

aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion"

To list all of the available engine versions for RDS for MySQL, use the following command:

aws rds describe-db-engine-versions --engine mysql --query "DBEngineVersions[].EngineVersion"

To list all of the available engine versions for RDS for PostgreSQL, use the following command:

aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion"

Aurora MySQL

For information, see Database engine updates for Amazon Aurora MySQL in the Amazon Aurora User Guide .

Aurora PostgreSQL

For information, see Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide .

MySQL

For information, see Amazon RDS for MySQL in the Amazon RDS User Guide .

PostgreSQL

For information, see Amazon RDS for PostgreSQL in the Amazon RDS User Guide .

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-engineversion

global_cluster_identifier

If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster.

To define the primary database cluster of the global cluster, use the AWS::RDS::GlobalCluster resource.

If you aren’t configuring a global database cluster, don’t specify this property. .. epigraph:

To remove the DB cluster from a global database cluster, specify an empty value for the ``GlobalClusterIdentifier`` property.

For information about Aurora global databases, see Working with Amazon Aurora Global Databases in the Amazon Aurora User Guide .

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-globalclusteridentifier

iops

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.

For information about valid IOPS values, see Provisioned IOPS storage in the Amazon RDS User Guide .

This setting is required to create a Multi-AZ DB cluster.

Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-iops

kms_key_id

The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef .

If you enable the StorageEncrypted property but don’t specify this property, the default KMS key is used. If you specify this property, you must set the StorageEncrypted property to true .

If you specify the SnapshotIdentifier property, the StorageEncrypted property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified KmsKeyId property is used.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-kmskeyid

manage_master_user_password

A value that indicates whether to manage the master user password with AWS Secrets Manager.

For more information, see Password management with AWS Secrets Manager in the Amazon RDS User Guide and Password management with AWS Secrets Manager in the Amazon Aurora User Guide.

Constraints:

• Can’t manage the master user password with AWS Secrets Manager if MasterUserPassword is specified.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-managemasteruserpassword

master_user_password

The master password for the DB instance.

If you specify the SourceDBClusterIdentifier , SnapshotIdentifier , or GlobalClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masteruserpassword

master_user_secret

Contains the secret managed by RDS in AWS Secrets Manager for the master user password.

For more information, see Password management with AWS Secrets Manager in the Amazon RDS User Guide and Password management with AWS Secrets Manager in the Amazon Aurora User Guide.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masterusersecret

master_username

The name of the master user for the DB cluster.

If you specify the SourceDBClusterIdentifier , SnapshotIdentifier , or GlobalClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masterusername

monitoring_interval

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.

To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0.

Valid Values: 0, 1, 5, 10, 15, 30, 60

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-monitoringinterval

monitoring_role_arn

The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.

An example is arn:aws:iam:123456789012:role/emaccess . For information on creating a monitoring role, see Setting up and enabling Enhanced Monitoring in the Amazon RDS User Guide .

If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-monitoringrolearn

network_type

The network type of the DB cluster.

Valid values:

• IPV4

• DUAL

The network type is determined by the DBSubnetGroup specified for the DB cluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( DUAL ).

For more information, see Working with a DB instance in a VPC in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-networktype

performance_insights_enabled

A value that indicates whether to turn on Performance Insights for the DB cluster.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide .

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-performanceinsightsenabled

performance_insights_kms_key_id

The AWS KMS key identifier for encryption of Performance Insights data.

The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you don’t specify a value for PerformanceInsightsKMSKeyId , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-performanceinsightskmskeyid

performance_insights_retention_period

.

• 7

• month * 31, where month is a number of months from 1-23

• 731

For example, the following values are valid:

• 93 (3 months * 31)

• 341 (11 months * 31)

• 589 (19 months * 31)

• 731

If you specify a retention period such as 94, which isn’t a valid value, RDS issues an error.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-performanceinsightsretentionperiod

Type:

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid

port

The port number on which the DB instances in the DB cluster accept connections.

Default:

• When EngineMode is provisioned , 3306 (for both Aurora MySQL and Aurora PostgreSQL)

• When EngineMode is serverless :

• 3306 when Engine is aurora or aurora-mysql

• 5432 when Engine is aurora-postgresql

The No interruption on update behavior only applies to DB clusters. If you are updating a DB instance, see Port for the AWS::RDS::DBInstance resource.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-port

preferred_backup_window

The daily time range during which automated backups are created.

For more information, see Backup Window in the Amazon Aurora User Guide.

Constraints:

• Must be in the format hh24:mi-hh24:mi .

• Must be in Universal Coordinated Time (UTC).

• Must not conflict with the preferred maintenance window.

• Must be at least 30 minutes.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-preferredbackupwindow

preferred_maintenance_window

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.

Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.

Constraints: Minimum 30-minute window.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-preferredmaintenancewindow

publicly_accessible

A value that indicates whether the DB cluster is publicly accessible.

When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster’s virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster’s VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn’t permitted if the security group assigned to the DB cluster doesn’t permit it.

When the DB cluster isn’t publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.

Default: The default behavior varies depending on whether DBSubnetGroupName is specified.

If DBSubnetGroupName isn’t specified, and PubliclyAccessible isn’t specified, the following applies:

• If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private.

• If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.

If DBSubnetGroupName is specified, and PubliclyAccessible isn’t specified, the following applies:

• If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private.

• If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.

Valid for: Multi-AZ DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-publiclyaccessible

replication_source_identifier

The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-replicationsourceidentifier

restore_to_time

The date and time to restore the DB cluster to.

Valid Values: Value must be a time in Universal Coordinated Time (UTC) format

Constraints:

• Must be before the latest restorable time for the DB instance

• Must be specified if UseLatestRestorableTime parameter isn’t provided

• Can’t be specified if the UseLatestRestorableTime parameter is enabled

• Can’t be specified if the RestoreType parameter is copy-on-write

Example: 2015-03-07T23:45:00Z

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-restoretotime

restore_type

.

• full-copy - The new DB cluster is restored as a full copy of the source DB cluster.

• copy-on-write - The new DB cluster is restored as a clone of the source DB cluster.

If you don’t specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-restoretype

Type:

The type of restore to be performed. You can specify one of the following values

scaling_configuration

The ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless DB cluster.

This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, use ServerlessV2ScalingConfiguration property.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-scalingconfiguration

serverless_v2_scaling_configuration

The ServerlessV2ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster.

This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use ScalingConfiguration property.

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-serverlessv2scalingconfiguration

snapshot_identifier

The identifier for the DB snapshot or DB cluster snapshot to restore from.

You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.

After you restore a DB cluster with a SnapshotIdentifier property, you must specify the same SnapshotIdentifier property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don’t specify the SnapshotIdentifier property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified SnapshotIdentifier property, and the original DB cluster is deleted.

If you specify the SnapshotIdentifier property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don’t specify the following properties:

• GlobalClusterIdentifier

• MasterUsername

• MasterUserPassword

• ReplicationSourceIdentifier

• RestoreType

• SourceDBClusterIdentifier

• SourceRegion

• StorageEncrypted (for an encrypted snapshot)

• UseLatestRestorableTime

Constraints:

• Must match the identifier of an existing Snapshot.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-snapshotidentifier

source_db_cluster_identifier

When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.

Constraints:

• Must match the identifier of an existing DBCluster.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-sourcedbclusteridentifier

source_region

The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, us-east-1 .

Valid for: Aurora DB clusters only

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-sourceregion

storage_encrypted

Indicates whether the DB cluster is encrypted.

If you specify the KmsKeyId property, then you must enable encryption.

If you specify the SourceDBClusterIdentifier property, don’t specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified KmsKeyId property is used.

If you specify the SnapshotIdentifier and the specified snapshot is encrypted, don’t specify this property. The value is inherited from the snapshot, and the specified KmsKeyId property is used.

If you specify the SnapshotIdentifier and the specified snapshot isn’t encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the KmsKeyId property for the KMS key to use for encryption. If you don’t want the restored DB cluster to be encrypted, then don’t set this property or set it to false .

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storageencrypted

storage_type

Specifies the storage type to be associated with the DB cluster.

This setting is required to create a Multi-AZ DB cluster.

When specified for a Multi-AZ DB cluster, a value for the Iops parameter is required.

Valid values: aurora , aurora-iopt1 (Aurora DB clusters); io1 (Multi-AZ DB clusters)

Default: aurora (Aurora DB clusters); io1 (Multi-AZ DB clusters)

Valid for: Aurora DB clusters and Multi-AZ DB clusters

For more information on storage types for Aurora DB clusters, see Storage configurations for Amazon Aurora DB clusters . For more information on storage types for Multi-AZ DB clusters, see Settings for creating Multi-AZ DB clusters .

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-storagetype

tags

An optional array of key-value pairs to apply to this DB cluster.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-tags

use_latest_restorable_time

A value that indicates whether to restore the DB cluster to the latest restorable backup time.

By default, the DB cluster is not restored to the latest restorable backup time.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-uselatestrestorabletime

vpc_security_group_ids

A list of EC2 VPC security groups to associate with this DB cluster.

If you plan to update the resource, don’t specify VPC security groups in a shared VPC.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-vpcsecuritygroupids