Syntax Properties Return values Examples See also

AWS::DocDB::DBCluster

The AWS::DocDB::DBCluster Amazon DocumentDB (with MongoDB compatibility) resource describes a DBCluster. Amazon DocumentDB is a fully managed, MongoDB-compatible document database engine. For more information, see DBCluster in the Amazon DocumentDB Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::DocDB::DBCluster",
  "Properties" : {
      "AvailabilityZones" : [ String, ... ],
      "BackupRetentionPeriod" : Integer,
      "CopyTagsToSnapshot" : Boolean,
      "DBClusterIdentifier" : String,
      "DBClusterParameterGroupName" : String,
      "DBSubnetGroupName" : String,
      "DeletionProtection" : Boolean,
      "EnableCloudwatchLogsExports" : [ String, ... ],
      "EngineVersion" : String,
      "KmsKeyId" : String,
      "MasterUsername" : String,
      "MasterUserPassword" : String,
      "Port" : Integer,
      "PreferredBackupWindow" : String,
      "PreferredMaintenanceWindow" : String,
      "RestoreToTime" : String,
      "RestoreType" : String,
      "SnapshotIdentifier" : String,
      "SourceDBClusterIdentifier" : String,
      "StorageEncrypted" : Boolean,
      "StorageType" : String,
      "Tags" : [ Tag, ... ],
      "UseLatestRestorableTime" : Boolean,
      "VpcSecurityGroupIds" : [ String, ... ]
    }
}

YAML


Type: AWS::DocDB::DBCluster
Properties:
  AvailabilityZones: 
    - String
  BackupRetentionPeriod: Integer
  CopyTagsToSnapshot: Boolean
  DBClusterIdentifier: String
  DBClusterParameterGroupName: String
  DBSubnetGroupName: String
  DeletionProtection: Boolean
  EnableCloudwatchLogsExports: 
    - String
  EngineVersion: String
  KmsKeyId: String
  MasterUsername: String
  MasterUserPassword: String
  Port: Integer
  PreferredBackupWindow: String
  PreferredMaintenanceWindow: String
  RestoreToTime: String
  RestoreType: String
  SnapshotIdentifier: String
  SourceDBClusterIdentifier: String
  StorageEncrypted: Boolean
  StorageType: String
  Tags: 
    - Tag
  UseLatestRestorableTime: Boolean
  VpcSecurityGroupIds: 
    - String

Properties

AvailabilityZones

A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.

Required: No

Type: Array of String

Update requires: Replacement

BackupRetentionPeriod

The number of days for which automated backups are retained. You must specify a minimum value of 1.

Default: 1

Constraints:

Must be a value from 1 to 35.

Required: No

Type: Integer

Update requires: No interruption

CopyTagsToSnapshot

Set to true to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise false. The default is false.

Required: No

Type: Boolean

Update requires: No interruption

DBClusterIdentifier

The cluster identifier. This parameter is stored as a lowercase string.

Constraints:

Must contain from 1 to 63 letters, numbers, or hyphens.
The first character must be a letter.
Cannot end with a hyphen or contain two consecutive hyphens.

Example: my-cluster

Required: No

Type: String

Update requires: Replacement

DBClusterParameterGroupName

The name of the cluster parameter group to associate with this cluster.

Required: No

Type: String

Update requires: No interruption

DBSubnetGroupName

A subnet group to associate with this cluster.

Constraints: Must match the name of an existing DBSubnetGroup. Must not be default.

Example: mySubnetgroup

Required: No

Type: String

Update requires: Replacement

DeletionProtection

Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and DeletionProtection is disabled.

Required: No

Type: Boolean

Update requires: No interruption

EnableCloudwatchLogsExports

The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see Auditing Amazon DocumentDB Events and Profiling Amazon DocumentDB Operations.

Required: No

Type: Array of String

Update requires: No interruption

EngineVersion

The version number of the database engine to use. The --engine-version will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.

Changing the EngineVersion will start an in-place engine version upgrade. Note that in-place engine version upgrade will cause downtime in the cluster. See Amazon DocumentDB in-place major version upgrade before starting an in-place engine version upgrade.

Required: No

Type: String

Update requires: No interruption

KmsKeyId

The AWS KMS key identifier for an encrypted cluster.

The AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.

If an encryption key is not specified in KmsKeyId:

If the StorageEncrypted parameter is true, Amazon DocumentDB uses your default encryption key.

AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Regions.

Required: No

Type: String

Update requires: Replacement

MasterUsername

The name of the master user for the cluster.

Constraints:

Must be from 1 to 63 letters or numbers.
The first character must be a letter.
Cannot be a reserved word for the chosen database engine.

Required: Conditional

Type: String

Update requires: Replacement

MasterUserPassword

The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote ("), or the "at" symbol (@).

Constraints: Must contain from 8 to 100 characters.

Required: Conditional

Type: String

Update requires: No interruption

Port

Specifies the port that the database engine is listening on.

Required: No

Type: Integer

Update requires: No interruption

PreferredBackupWindow

The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region.

Constraints:

Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.

Required: No

Type: String

Update requires: No interruption

PreferredMaintenanceWindow

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week.

Valid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun

Constraints: Minimum 30-minute window.

Required: No

Type: String

Update requires: No interruption

RestoreToTime

The date and time to restore the cluster to.

Valid values: A time in Universal Coordinated Time (UTC) format.

Constraints:

Must be before the latest restorable time for the instance.
Must be specified if the UseLatestRestorableTime parameter is not provided.
Cannot be specified if the UseLatestRestorableTime parameter is true.
Cannot be specified if the RestoreType parameter is copy-on-write.

Example: 2015-03-07T23:45:00Z

Required: No

Type: String

Update requires: No interruption

RestoreType

The type of restore to be performed. You can specify one of the following values:

full-copy - The new DB cluster is restored as a full copy of the source DB cluster.
copy-on-write - The new DB cluster is restored as a clone of the source DB cluster.

Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11.

If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster.

Required: No

Type: String

Update requires: No interruption

SnapshotIdentifier

The identifier for the snapshot or cluster snapshot to restore from.

You can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.

Constraints:

Must match the identifier of an existing snapshot.

Required: No

Type: String

Update requires: Replacement

SourceDBClusterIdentifier

The identifier of the source cluster from which to restore.

Constraints:

Must match the identifier of an existing DBCluster.

Required: No

Type: String

Update requires: Replacement

StorageEncrypted

Specifies whether the cluster is encrypted.

If you specify SourceDBClusterIdentifier or SnapshotIdentifier and don’t specify StorageEncrypted, the encryption property is inherited from the source cluster or snapshot (unless KMSKeyId is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and StorageEncrypted is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the KMSKeyId property as well). If the source is unencrypted and StorageEncrypted is specified to be true, then the KMSKeyId property must be specified. If the source is encrypted, don’t specify StorageEncrypted to be false as opting out of encryption is not allowed.

Required: Conditional

Type: Boolean

Update requires: Replacement

StorageType

The storage type to associate with the DB cluster.

For information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the Amazon DocumentDB Developer Guide.

Valid values for storage type - standard | iopt1

Default value is standard

Note

When you create a DocumentDB DB cluster with the storage type set to iopt1, the storage type is returned in the response. The storage type isn't returned when you set it to standard.

Required: No

Type: String

Update requires: No interruption

Tags

The tags to be assigned to the cluster.

Required: No

Type: Array of Tag

Update requires: No interruption

UseLatestRestorableTime

A value that is set to true to restore the cluster to the latest restorable backup time, and false otherwise.

Default: false

Constraints: Cannot be specified if the RestoreToTime parameter is provided.

Required: No

Type: Boolean

Update requires: No interruption

VpcSecurityGroupIds

A list of EC2 VPC security groups to associate with this cluster.

Required: No

Type: Array of String

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the DBClusterIdentifier, such as mycluster.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

ClusterResourceId: The resource id for the cluster; for example: cluster-ABCD1234EFGH5678IJKL90MNOP. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies.
Endpoint: The connection endpoint for the cluster, such as sample-cluster.cluster-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com.
Port: The port number on which the cluster accepts connections. For example: 27017.
ReadEndpoint: The reader endpoint for the cluster. For example: sample-cluster.cluster-ro-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com.

Examples

JSON


{
   "AWSTemplateFormatVersion" : "2010-09-09",
   "Resources" : {
      "myDBInstance" : {
         "Type" : "AWS::DocDB::DBCluster",
         "Properties" : {
            "BackupRetentionPeriod" : 8,
            "DBClusterIdentifier" : "sample-cluster",
            "DBClusterParameterGroupName" : "default.docdb3.6",
            "DBSubnetGroupName" : "default",
            "KmsKeyId" : "your-kms-key-id",
            "MasterUsername" : "your-master-username",
            "MasterUserPassword" : "your-master-user-password",
            "Port" : "27017",
            "PreferredBackupWindow" : "07:34-08:04",
            "PreferredMaintenanceWindow" : "sat:04:51-sat:05:21",
            "SnapshotIdentifier" : "sample-cluster-snapshot-id",
            "StorageEncrypted" : true,
            "Tags" : [ {"Key" : "String", "Value" : "String"} ]
         }
      }
   }  
}

YAML


AWSTemplateFormatVersion: "2010-09-09"
Resources: 
   myDBInstance: 
      Type: "AWS::DocDB::DBCluster"
      Properties: 
         BackupRetentionPeriod : 8
         DBClusterIdentifier : "sample-cluster"
         DBClusterParameterGroupName : "default.docdb3.6"
         DBSubnetGroupName : "default"
         KmsKeyId : "your-kms-key-id"
         MasterUsername : "your-master-username"
         MasterUserPassword : "your-master-user-password"
         Port : "27017"
         PreferredBackupWindow : "07:34-08:04"
         PreferredMaintenanceWindow : "sat:04:51-sat:05:21"
         SnapshotIdentifier : "sample-cluster-snapshot-id"
         StorageEncrypted : true
         Tags: 
            - 
               Key: "String"
               Value: "String"