CreateDBProxy

Creates a new DB proxy.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

Auth.member.N

The authorization mechanism that the proxy uses.

Type: Array of UserAuthConfig objects

Required: Yes

DBProxyName

The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.

Type: String

Required: Yes

EngineFamily

The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server, specify SQLSERVER.

Type: String

Valid Values: MYSQL | POSTGRESQL | SQLSERVER

Required: Yes

RoleArn

The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.

Type: String

Required: Yes

VpcSubnetIds.member.N

One or more VPC subnet IDs to associate with the new proxy.

Type: Array of strings

Required: Yes

DebugLogging

Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.

Type: Boolean

Required: No

IdleClientTimeout

The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.

Type: Integer

Required: No

RequireTLS

Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.

Type: Boolean

Required: No

Tags.Tag.N

An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.

Type: Array of Tag objects

Required: No

VpcSecurityGroupIds.member.N

One or more VPC security group IDs to associate with the new proxy.

Type: Array of strings

Required: No

Response Elements

The following element is returned by the service.

DBProxy

The DBProxy structure corresponding to the new proxy.

Type: DBProxy object

Errors

For information about the errors that are common to all actions, see Common Errors.

DBProxyAlreadyExistsFault

The specified proxy name must be unique for all proxies owned by your AWS account in the specified AWS Region.

HTTP Status Code: 400

DBProxyQuotaExceededFault

Your AWS account already has the maximum number of proxies in the specified AWS Region.

HTTP Status Code: 400

InvalidSubnet

The requested subnet is invalid, or multiple subnets were requested that are not all in a common VPC.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go v2

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3