DatabaseClusterProps

class aws_cdk.aws_docdb.DatabaseClusterProps(*, instance_type, master_user, vpc, backup=None, ca_certificate=None, cloud_watch_logs_retention=None, cloud_watch_logs_retention_role=None, copy_tags_to_snapshot=None, db_cluster_name=None, deletion_protection=None, enable_performance_insights=None, engine_version=None, export_audit_logs_to_cloud_watch=None, export_profiler_logs_to_cloud_watch=None, instance_identifier_base=None, instance_removal_policy=None, instances=None, kms_key=None, parameter_group=None, port=None, preferred_maintenance_window=None, removal_policy=None, security_group=None, security_group_removal_policy=None, storage_encrypted=None, vpc_subnets=None)

Bases: object

Properties for a new database cluster.

Parameters:

  • instance_type (InstanceType) – What type of instance to start for the replicas.

  • master_user (Union[Login, Dict[str, Any]]) – Username and password for the administrative user.

  • vpc (IVpc) – What subnets to run the DocumentDB instances in. Must be at least 2 subnets in two different AZs.

  • backup (Union[BackupProps, Dict[str, Any], None]) – Backup settings. Default: - Backup retention period for automated backups is 1 day. Backup preferred window is set to a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

  • ca_certificate (Optional[CaCertificate]) – The identifier of the CA certificate used for the instances. Specifying or updating this property triggers a reboot. Default: - DocumentDB will choose a certificate authority

  • cloud_watch_logs_retention (Optional[RetentionDays]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity. Default: - logs never expire

  • cloud_watch_logs_retention_role (Optional[IRole]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - a new role is created.

  • copy_tags_to_snapshot (Optional[bool]) – Whether to copy tags to the snapshot when a snapshot is created. Default: - false

  • db_cluster_name (Optional[str]) – An optional identifier for the cluster. Default: - A name is automatically generated.

  • deletion_protection (Optional[bool]) – Specifies whether this cluster can be deleted. If deletionProtection is enabled, the cluster cannot be deleted unless it is modified and deletionProtection is disabled. deletionProtection protects clusters from being accidentally deleted. Default: - false

  • enable_performance_insights (Optional[bool]) – A value that indicates whether to enable Performance Insights for the instances in the DB Cluster. Default: - false

  • engine_version (Optional[str]) – What version of the database to start. Default: - The default engine version.

  • export_audit_logs_to_cloud_watch (Optional[bool]) – Whether the audit logs should be exported to CloudWatch. Note that you also have to configure the audit log export in the Cluster’s Parameter Group. Default: false

  • export_profiler_logs_to_cloud_watch (Optional[bool]) – Whether the profiler logs should be exported to CloudWatch. Note that you also have to configure the profiler log export in the Cluster’s Parameter Group. Default: false

  • instance_identifier_base (Optional[str]) – Base identifier for instances. Every replica is named by appending the replica number to this string, 1-based. Default: - dbClusterName is used with the word “Instance” appended. If dbClusterName is not provided, the identifier is automatically generated.

  • instance_removal_policy (Optional[RemovalPolicy]) – The removal policy to apply to the cluster’s instances. Cannot be set to SNAPSHOT. Default: - RemovalPolicy.DESTROY when removalPolicy is set to SNAPSHOT, removalPolicy otherwise.

  • instances (Union[int, float, None]) – Number of DocDB compute instances. Default: 1

  • kms_key (Optional[IKey]) – The KMS key for storage encryption. Default: - default master key.

  • parameter_group (Optional[IClusterParameterGroup]) – The DB parameter group to associate with the instance. Default: no parameter group

  • port (Union[int, float, None]) – The port the DocumentDB cluster will listen on. Default: DatabaseCluster.DEFAULT_PORT

  • preferred_maintenance_window (Optional[str]) – A weekly time range in which maintenance should preferably execute. Must be at least 30 minutes long. Example: ‘tue:04:17-tue:04:47’ Default: - 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

  • removal_policy (Optional[RemovalPolicy]) – The removal policy to apply when the cluster and its instances are removed or replaced during a stack update, or when the stack is deleted. This removal policy also applies to the implicit security group created for the cluster if one is not supplied as a parameter. When set to SNAPSHOT, the removal policy for the instances and the security group will default to DESTROY as those resources do not support the policy. Use the instanceRemovalPolicy and securityGroupRemovalPolicy to change the behavior. Default: - Retain cluster.

  • security_group (Optional[ISecurityGroup]) – Security group. Default: a new security group is created.

  • security_group_removal_policy (Optional[RemovalPolicy]) – The removal policy to apply to the cluster’s security group. Cannot be set to SNAPSHOT. Default: - RemovalPolicy.DESTROY when removalPolicy is set to SNAPSHOT, removalPolicy otherwise.

  • storage_encrypted (Optional[bool]) – Whether to enable storage encryption. Default: true

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – Where to place the instances within the VPC. Default: private subnets

ExampleMetadata:

infused

Example:

# vpc: ec2.Vpc


cluster = docdb.DatabaseCluster(self, "Database",
    master_user=docdb.Login(
        username="myuser"
    ),
    instance_type=ec2.InstanceType.of(ec2.InstanceClass.MEMORY5, ec2.InstanceSize.LARGE),
    vpc_subnets=ec2.SubnetSelection(
        subnet_type=ec2.SubnetType.PUBLIC
    ),
    vpc=vpc,
    ca_certificate=docdb.CaCertificate.RDS_CA_RSA4096_G1
)

Attributes

backup

Backup settings.

Default:

  • Backup retention period for automated backups is 1 day.

Backup preferred window is set to a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/backup-restore.db-cluster-snapshots.html#backup-restore.backup-window

ca_certificate

The identifier of the CA certificate used for the instances.

Specifying or updating this property triggers a reboot.

Default:

  • DocumentDB will choose a certificate authority

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html

cloud_watch_logs_retention

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity.

Default:

  • logs never expire

cloud_watch_logs_retention_role

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

Default:

  • a new role is created.

copy_tags_to_snapshot

Whether to copy tags to the snapshot when a snapshot is created.

Default:

  • false

db_cluster_name

An optional identifier for the cluster.

Default:

  • A name is automatically generated.

deletion_protection

Specifies whether this cluster can be deleted.

If deletionProtection is enabled, the cluster cannot be deleted unless it is modified and deletionProtection is disabled. deletionProtection protects clusters from being accidentally deleted.

Default:

  • false

enable_performance_insights

A value that indicates whether to enable Performance Insights for the instances in the DB Cluster.

Default:

  • false

engine_version

What version of the database to start.

Default:

  • The default engine version.

export_audit_logs_to_cloud_watch

Whether the audit logs should be exported to CloudWatch.

Note that you also have to configure the audit log export in the Cluster’s Parameter Group.

Default:

false

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html#event-auditing-enabling-auditing

export_profiler_logs_to_cloud_watch

Whether the profiler logs should be exported to CloudWatch.

Note that you also have to configure the profiler log export in the Cluster’s Parameter Group.

Default:

false

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html#profiling.enable-profiling

instance_identifier_base

Base identifier for instances.

Every replica is named by appending the replica number to this string, 1-based.

Default:

  • dbClusterName is used with the word “Instance” appended. If dbClusterName is not provided, the

identifier is automatically generated.

instance_removal_policy

The removal policy to apply to the cluster’s instances.

Cannot be set to SNAPSHOT.

Default:

  • RemovalPolicy.DESTROY when removalPolicy is set to SNAPSHOT, removalPolicy otherwise.

See:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html

instance_type

What type of instance to start for the replicas.

instances

Number of DocDB compute instances.

Default:

1

kms_key

The KMS key for storage encryption.

Default:

  • default master key.

master_user

Username and password for the administrative user.

parameter_group

The DB parameter group to associate with the instance.

Default:

no parameter group

port

The port the DocumentDB cluster will listen on.

Default:

DatabaseCluster.DEFAULT_PORT

preferred_maintenance_window

A weekly time range in which maintenance should preferably execute.

Must be at least 30 minutes long.

Example: ‘tue:04:17-tue:04:47’

Default:

  • 30-minute window selected at random from an 8-hour block of time for

each AWS Region, occurring on a random day of the week.

See:

https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-maintain.html#maintenance-window

removal_policy

The removal policy to apply when the cluster and its instances are removed or replaced during a stack update, or when the stack is deleted.

This removal policy also applies to the implicit security group created for the cluster if one is not supplied as a parameter.

When set to SNAPSHOT, the removal policy for the instances and the security group will default to DESTROY as those resources do not support the policy.

Use the instanceRemovalPolicy and securityGroupRemovalPolicy to change the behavior.

Default:

  • Retain cluster.

security_group

Security group.

Default:

a new security group is created.

security_group_removal_policy

The removal policy to apply to the cluster’s security group.

Cannot be set to SNAPSHOT.

Default:

  • RemovalPolicy.DESTROY when removalPolicy is set to SNAPSHOT, removalPolicy otherwise.

See:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html

storage_encrypted

Whether to enable storage encryption.

Default:

true

vpc

What subnets to run the DocumentDB instances in.

Must be at least 2 subnets in two different AZs.

vpc_subnets

Where to place the instances within the VPC.

Default:

private subnets