Instance
Provides an RDS instance resource. A DB instance is an isolated database environment in the cloud. A DB instance can contain multiple user-created databases. Changes to a DB instance can occur when you manually change a parameter, such as allocated_storage, and are reflected in the next maintenance window. Because of this, this provider may report a difference in its planning phase because a modification has not yet taken place. You can use the apply_immediately flag to instruct the service to apply the change immediately (see documentation below). When upgrading the major version of an engine, allow_major_version_upgrade must be set to true.
Note: using
apply_immediatelycan result in a brief downtime as the server reboots. See the AWS Docs on instance-maintenance for more information. Note: All arguments including the username and password will be stored in the raw state as plain-text. Read more about sensitive data instate.
RDS Instance Class Types
Amazon RDS supports instance classes for the following use cases: General-purpose, Memory-optimized, Burstable Performance, and Optimized-reads. For more information please read the AWS RDS documentation about DB Instance Class Types
Low-Downtime Updates
By default, RDS applies updates to DB Instances in-place, which can lead to service interruptions. Low-downtime updates minimize service interruptions by performing the updates with an blue-green and switching over the instances when complete. Low-downtime updates are only available for DB Instances using MySQL, MariaDB and PostgreSQL, as other engines are not supported by RDS Blue/Green deployments. They cannot be used with DB Instances with replicas. Backups must be enabled to use low-downtime updates. Enable low-downtime updates by setting blue_green_update.enabled to true.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const _default = new aws.rds.Instance("default", {
allocatedStorage: 10,
dbName: "mydb",
engine: "mysql",
engineVersion: "8.0",
instanceClass: aws.rds.InstanceType.T3_Micro,
username: "foo",
password: "foobarbaz",
parameterGroupName: "default.mysql8.0",
skipFinalSnapshot: true,
});import pulumi
import pulumi_aws as aws
default = aws.rds.Instance("default",
allocated_storage=10,
db_name="mydb",
engine="mysql",
engine_version="8.0",
instance_class=aws.rds.InstanceType.T3_MICRO,
username="foo",
password="foobarbaz",
parameter_group_name="default.mysql8.0",
skip_final_snapshot=True)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var @default = new Aws.Rds.Instance("default", new()
{
AllocatedStorage = 10,
DbName = "mydb",
Engine = "mysql",
EngineVersion = "8.0",
InstanceClass = Aws.Rds.InstanceType.T3_Micro,
Username = "foo",
Password = "foobarbaz",
ParameterGroupName = "default.mysql8.0",
SkipFinalSnapshot = true,
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := rds.NewInstance(ctx, "default", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(10),
DbName: pulumi.String("mydb"),
Engine: pulumi.String("mysql"),
EngineVersion: pulumi.String("8.0"),
InstanceClass: pulumi.String(rds.InstanceType_T3_Micro),
Username: pulumi.String("foo"),
Password: pulumi.String("foobarbaz"),
ParameterGroupName: pulumi.String("default.mysql8.0"),
SkipFinalSnapshot: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Instance("default", InstanceArgs.builder()
.allocatedStorage(10)
.dbName("mydb")
.engine("mysql")
.engineVersion("8.0")
.instanceClass("db.t3.micro")
.username("foo")
.password("foobarbaz")
.parameterGroupName("default.mysql8.0")
.skipFinalSnapshot(true)
.build());
}
}resources:
default:
type: aws:rds:Instance
properties:
allocatedStorage: 10
dbName: mydb
engine: mysql
engineVersion: '8.0'
instanceClass: db.t3.micro
username: foo
password: foobarbaz
parameterGroupName: default.mysql8.0
skipFinalSnapshot: trueRDS Custom for Oracle Usage with Replica
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Lookup the available instance classes for the custom engine for the region being operated in
const custom_oracle = aws.rds.getOrderableDbInstance({
engine: "custom-oracle-ee",
engineVersion: "19.c.ee.002",
licenseModel: "bring-your-own-license",
storageType: "gp3",
preferredInstanceClasses: [
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
],
});
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
const byId = aws.kms.getKey({
keyId: "example-ef278353ceba4a5a97de6784565b9f78",
});
const _default = new aws.rds.Instance("default", {
allocatedStorage: 50,
autoMinorVersionUpgrade: false,
customIamInstanceProfile: "AWSRDSCustomInstanceProfile",
backupRetentionPeriod: 7,
dbSubnetGroupName: dbSubnetGroupName,
engine: custom_oracle.then(custom_oracle => custom_oracle.engine),
engineVersion: custom_oracle.then(custom_oracle => custom_oracle.engineVersion),
identifier: "ee-instance-demo",
instanceClass: custom_oracle.then(custom_oracle => custom_oracle.instanceClass).apply((x) => aws.rds.InstanceType[x]),
kmsKeyId: byId.then(byId => byId.arn),
licenseModel: custom_oracle.then(custom_oracle => custom_oracle.licenseModel),
multiAz: false,
password: "avoid-plaintext-passwords",
username: "test",
storageEncrypted: true,
});
const test_replica = new aws.rds.Instance("test-replica", {
replicateSourceDb: _default.identifier,
replicaMode: "mounted",
autoMinorVersionUpgrade: false,
customIamInstanceProfile: "AWSRDSCustomInstanceProfile",
backupRetentionPeriod: 7,
identifier: "ee-instance-replica",
instanceClass: custom_oracle.then(custom_oracle => custom_oracle.instanceClass).apply((x) => aws.rds.InstanceType[x]),
kmsKeyId: byId.then(byId => byId.arn),
multiAz: false,
skipFinalSnapshot: true,
storageEncrypted: true,
});import pulumi
import pulumi_aws as aws
# Lookup the available instance classes for the custom engine for the region being operated in
custom_oracle = aws.rds.get_orderable_db_instance(engine="custom-oracle-ee",
engine_version="19.c.ee.002",
license_model="bring-your-own-license",
storage_type="gp3",
preferred_instance_classes=[
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
])
# The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
by_id = aws.kms.get_key(key_id="example-ef278353ceba4a5a97de6784565b9f78")
default = aws.rds.Instance("default",
allocated_storage=50,
auto_minor_version_upgrade=False,
custom_iam_instance_profile="AWSRDSCustomInstanceProfile",
backup_retention_period=7,
db_subnet_group_name=db_subnet_group_name,
engine=custom_oracle.engine,
engine_version=custom_oracle.engine_version,
identifier="ee-instance-demo",
instance_class=custom_oracle.instance_class,
kms_key_id=by_id.arn,
license_model=custom_oracle.license_model,
multi_az=False,
password="avoid-plaintext-passwords",
username="test",
storage_encrypted=True)
test_replica = aws.rds.Instance("test-replica",
replicate_source_db=default.identifier,
replica_mode="mounted",
auto_minor_version_upgrade=False,
custom_iam_instance_profile="AWSRDSCustomInstanceProfile",
backup_retention_period=7,
identifier="ee-instance-replica",
instance_class=custom_oracle.instance_class,
kms_key_id=by_id.arn,
multi_az=False,
skip_final_snapshot=True,
storage_encrypted=True)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// Lookup the available instance classes for the custom engine for the region being operated in
var custom_oracle = Aws.Rds.GetOrderableDbInstance.Invoke(new()
{
Engine = "custom-oracle-ee",
EngineVersion = "19.c.ee.002",
LicenseModel = "bring-your-own-license",
StorageType = "gp3",
PreferredInstanceClasses = new[]
{
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
},
});
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
var byId = Aws.Kms.GetKey.Invoke(new()
{
KeyId = "example-ef278353ceba4a5a97de6784565b9f78",
});
var @default = new Aws.Rds.Instance("default", new()
{
AllocatedStorage = 50,
AutoMinorVersionUpgrade = false,
CustomIamInstanceProfile = "AWSRDSCustomInstanceProfile",
BackupRetentionPeriod = 7,
DbSubnetGroupName = dbSubnetGroupName,
Engine = custom_oracle.Apply(custom_oracle => custom_oracle.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.Engine)),
EngineVersion = custom_oracle.Apply(custom_oracle => custom_oracle.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.EngineVersion)),
Identifier = "ee-instance-demo",
InstanceClass = custom_oracle.Apply(custom_oracle => custom_oracle.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse<Aws.Rds.InstanceType>),
KmsKeyId = byId.Apply(getKeyResult => getKeyResult.Arn),
LicenseModel = custom_oracle.Apply(custom_oracle => custom_oracle.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.LicenseModel)),
MultiAz = false,
Password = "avoid-plaintext-passwords",
Username = "test",
StorageEncrypted = true,
});
var test_replica = new Aws.Rds.Instance("test-replica", new()
{
ReplicateSourceDb = @default.Identifier,
ReplicaMode = "mounted",
AutoMinorVersionUpgrade = false,
CustomIamInstanceProfile = "AWSRDSCustomInstanceProfile",
BackupRetentionPeriod = 7,
Identifier = "ee-instance-replica",
InstanceClass = custom_oracle.Apply(custom_oracle => custom_oracle.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse<Aws.Rds.InstanceType>),
KmsKeyId = byId.Apply(getKeyResult => getKeyResult.Arn),
MultiAz = false,
SkipFinalSnapshot = true,
StorageEncrypted = true,
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Lookup the available instance classes for the custom engine for the region being operated in
custom_oracle, err := rds.GetOrderableDbInstance(ctx, &rds.GetOrderableDbInstanceArgs{
Engine: "custom-oracle-ee",
EngineVersion: pulumi.StringRef("19.c.ee.002"),
LicenseModel: pulumi.StringRef("bring-your-own-license"),
StorageType: pulumi.StringRef("gp3"),
PreferredInstanceClasses: []string{
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
},
}, nil)
if err != nil {
return err
}
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
byId, err := kms.LookupKey(ctx, &kms.LookupKeyArgs{
KeyId: "example-ef278353ceba4a5a97de6784565b9f78",
}, nil)
if err != nil {
return err
}
_default, err := rds.NewInstance(ctx, "default", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(50),
AutoMinorVersionUpgrade: pulumi.Bool(false),
CustomIamInstanceProfile: pulumi.String("AWSRDSCustomInstanceProfile"),
BackupRetentionPeriod: pulumi.Int(7),
DbSubnetGroupName: pulumi.Any(dbSubnetGroupName),
Engine: pulumi.String(custom_oracle.Engine),
EngineVersion: pulumi.String(custom_oracle.EngineVersion),
Identifier: pulumi.String("ee-instance-demo"),
InstanceClass: custom_oracle.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),
KmsKeyId: pulumi.String(byId.Arn),
LicenseModel: pulumi.String(custom_oracle.LicenseModel),
MultiAz: pulumi.Bool(false),
Password: pulumi.String("avoid-plaintext-passwords"),
Username: pulumi.String("test"),
StorageEncrypted: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = rds.NewInstance(ctx, "test-replica", &rds.InstanceArgs{
ReplicateSourceDb: _default.Identifier,
ReplicaMode: pulumi.String("mounted"),
AutoMinorVersionUpgrade: pulumi.Bool(false),
CustomIamInstanceProfile: pulumi.String("AWSRDSCustomInstanceProfile"),
BackupRetentionPeriod: pulumi.Int(7),
Identifier: pulumi.String("ee-instance-replica"),
InstanceClass: custom_oracle.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),
KmsKeyId: pulumi.String(byId.Arn),
MultiAz: pulumi.Bool(false),
SkipFinalSnapshot: pulumi.Bool(true),
StorageEncrypted: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.RdsFunctions;
import com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;
import com.pulumi.aws.kms.KmsFunctions;
import com.pulumi.aws.kms.inputs.GetKeyArgs;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Lookup the available instance classes for the custom engine for the region being operated in
final var custom-oracle = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()
.engine("custom-oracle-ee")
.engineVersion("19.c.ee.002")
.licenseModel("bring-your-own-license")
.storageType("gp3")
.preferredInstanceClasses(
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge")
.build());
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
final var byId = KmsFunctions.getKey(GetKeyArgs.builder()
.keyId("example-ef278353ceba4a5a97de6784565b9f78")
.build());
var default_ = new Instance("default", InstanceArgs.builder()
.allocatedStorage(50)
.autoMinorVersionUpgrade(false)
.customIamInstanceProfile("AWSRDSCustomInstanceProfile")
.backupRetentionPeriod(7)
.dbSubnetGroupName(dbSubnetGroupName)
.engine(custom_oracle.engine())
.engineVersion(custom_oracle.engineVersion())
.identifier("ee-instance-demo")
.instanceClass(custom_oracle.instanceClass())
.kmsKeyId(byId.arn())
.licenseModel(custom_oracle.licenseModel())
.multiAz(false)
.password("avoid-plaintext-passwords")
.username("test")
.storageEncrypted(true)
.build());
var test_replica = new Instance("test-replica", InstanceArgs.builder()
.replicateSourceDb(default_.identifier())
.replicaMode("mounted")
.autoMinorVersionUpgrade(false)
.customIamInstanceProfile("AWSRDSCustomInstanceProfile")
.backupRetentionPeriod(7)
.identifier("ee-instance-replica")
.instanceClass(custom_oracle.instanceClass())
.kmsKeyId(byId.arn())
.multiAz(false)
.skipFinalSnapshot(true)
.storageEncrypted(true)
.build());
}
}resources:
default:
type: aws:rds:Instance
properties:
allocatedStorage: 50
autoMinorVersionUpgrade: false # Custom for Oracle does not support minor version upgrades
customIamInstanceProfile: AWSRDSCustomInstanceProfile
backupRetentionPeriod: 7
dbSubnetGroupName: ${dbSubnetGroupName}
engine: ${["custom-oracle"].engine}
engineVersion: ${["custom-oracle"].engineVersion}
identifier: ee-instance-demo
instanceClass: ${["custom-oracle"].instanceClass}
kmsKeyId: ${byId.arn}
licenseModel: ${["custom-oracle"].licenseModel}
multiAz: false # Custom for Oracle does not support multi-az
password: avoid-plaintext-passwords
username: test
storageEncrypted: true
test-replica:
type: aws:rds:Instance
properties:
replicateSourceDb: ${default.identifier}
replicaMode: mounted
autoMinorVersionUpgrade: false
customIamInstanceProfile: AWSRDSCustomInstanceProfile
backupRetentionPeriod: 7
identifier: ee-instance-replica
instanceClass: ${["custom-oracle"].instanceClass}
kmsKeyId: ${byId.arn}
multiAz: false # Custom for Oracle does not support multi-az
skipFinalSnapshot: true
storageEncrypted: true
variables:
# Lookup the available instance classes for the custom engine for the region being operated in
custom-oracle:
fn::invoke:
function: aws:rds:getOrderableDbInstance
arguments:
engine: custom-oracle-ee
engineVersion: 19.c.ee.002
licenseModel: bring-your-own-license
storageType: gp3
preferredInstanceClasses:
- db.r5.xlarge
- db.r5.2xlarge
- db.r5.4xlarge
# The RDS instance resource requires an ARN. Look up the ARN of the KMS key associated with the CEV.
byId:
fn::invoke:
function: aws:kms:getKey
arguments:
keyId: example-ef278353ceba4a5a97de6784565b9f78RDS Custom for SQL Server
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Lookup the available instance classes for the custom engine for the region being operated in
const custom_sqlserver = aws.rds.getOrderableDbInstance({
engine: "custom-sqlserver-se",
engineVersion: "15.00.4249.2.v1",
storageType: "gp3",
preferredInstanceClasses: [
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
],
});
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
const byId = aws.kms.getKey({
keyId: "example-ef278353ceba4a5a97de6784565b9f78",
});
const example = new aws.rds.Instance("example", {
allocatedStorage: 500,
autoMinorVersionUpgrade: false,
customIamInstanceProfile: "AWSRDSCustomSQLServerInstanceProfile",
backupRetentionPeriod: 7,
dbSubnetGroupName: dbSubnetGroupName,
engine: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.engine),
engineVersion: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.engineVersion),
identifier: "sql-instance-demo",
instanceClass: custom_sqlserver.then(custom_sqlserver => custom_sqlserver.instanceClass).apply((x) => aws.rds.InstanceType[x]),
kmsKeyId: byId.then(byId => byId.arn),
multiAz: false,
password: "avoid-plaintext-passwords",
storageEncrypted: true,
username: "test",
});import pulumi
import pulumi_aws as aws
# Lookup the available instance classes for the custom engine for the region being operated in
custom_sqlserver = aws.rds.get_orderable_db_instance(engine="custom-sqlserver-se",
engine_version="15.00.4249.2.v1",
storage_type="gp3",
preferred_instance_classes=[
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
])
# The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
by_id = aws.kms.get_key(key_id="example-ef278353ceba4a5a97de6784565b9f78")
example = aws.rds.Instance("example",
allocated_storage=500,
auto_minor_version_upgrade=False,
custom_iam_instance_profile="AWSRDSCustomSQLServerInstanceProfile",
backup_retention_period=7,
db_subnet_group_name=db_subnet_group_name,
engine=custom_sqlserver.engine,
engine_version=custom_sqlserver.engine_version,
identifier="sql-instance-demo",
instance_class=custom_sqlserver.instance_class,
kms_key_id=by_id.arn,
multi_az=False,
password="avoid-plaintext-passwords",
storage_encrypted=True,
username="test")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// Lookup the available instance classes for the custom engine for the region being operated in
var custom_sqlserver = Aws.Rds.GetOrderableDbInstance.Invoke(new()
{
Engine = "custom-sqlserver-se",
EngineVersion = "15.00.4249.2.v1",
StorageType = "gp3",
PreferredInstanceClasses = new[]
{
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
},
});
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
var byId = Aws.Kms.GetKey.Invoke(new()
{
KeyId = "example-ef278353ceba4a5a97de6784565b9f78",
});
var example = new Aws.Rds.Instance("example", new()
{
AllocatedStorage = 500,
AutoMinorVersionUpgrade = false,
CustomIamInstanceProfile = "AWSRDSCustomSQLServerInstanceProfile",
BackupRetentionPeriod = 7,
DbSubnetGroupName = dbSubnetGroupName,
Engine = custom_sqlserver.Apply(custom_sqlserver => custom_sqlserver.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.Engine)),
EngineVersion = custom_sqlserver.Apply(custom_sqlserver => custom_sqlserver.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.EngineVersion)),
Identifier = "sql-instance-demo",
InstanceClass = custom_sqlserver.Apply(custom_sqlserver => custom_sqlserver.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.InstanceClass)).Apply(System.Enum.Parse<Aws.Rds.InstanceType>),
KmsKeyId = byId.Apply(getKeyResult => getKeyResult.Arn),
MultiAz = false,
Password = "avoid-plaintext-passwords",
StorageEncrypted = true,
Username = "test",
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Lookup the available instance classes for the custom engine for the region being operated in
custom_sqlserver, err := rds.GetOrderableDbInstance(ctx, &rds.GetOrderableDbInstanceArgs{
Engine: "custom-sqlserver-se",
EngineVersion: pulumi.StringRef("15.00.4249.2.v1"),
StorageType: pulumi.StringRef("gp3"),
PreferredInstanceClasses: []string{
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge",
},
}, nil)
if err != nil {
return err
}
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
byId, err := kms.LookupKey(ctx, &kms.LookupKeyArgs{
KeyId: "example-ef278353ceba4a5a97de6784565b9f78",
}, nil)
if err != nil {
return err
}
_, err = rds.NewInstance(ctx, "example", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(500),
AutoMinorVersionUpgrade: pulumi.Bool(false),
CustomIamInstanceProfile: pulumi.String("AWSRDSCustomSQLServerInstanceProfile"),
BackupRetentionPeriod: pulumi.Int(7),
DbSubnetGroupName: pulumi.Any(dbSubnetGroupName),
Engine: pulumi.String(custom_sqlserver.Engine),
EngineVersion: pulumi.String(custom_sqlserver.EngineVersion),
Identifier: pulumi.String("sql-instance-demo"),
InstanceClass: custom_sqlserver.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),
KmsKeyId: pulumi.String(byId.Arn),
MultiAz: pulumi.Bool(false),
Password: pulumi.String("avoid-plaintext-passwords"),
StorageEncrypted: pulumi.Bool(true),
Username: pulumi.String("test"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.RdsFunctions;
import com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;
import com.pulumi.aws.kms.KmsFunctions;
import com.pulumi.aws.kms.inputs.GetKeyArgs;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Lookup the available instance classes for the custom engine for the region being operated in
final var custom-sqlserver = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()
.engine("custom-sqlserver-se")
.engineVersion("15.00.4249.2.v1")
.storageType("gp3")
.preferredInstanceClasses(
"db.r5.xlarge",
"db.r5.2xlarge",
"db.r5.4xlarge")
.build());
// The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
final var byId = KmsFunctions.getKey(GetKeyArgs.builder()
.keyId("example-ef278353ceba4a5a97de6784565b9f78")
.build());
var example = new Instance("example", InstanceArgs.builder()
.allocatedStorage(500)
.autoMinorVersionUpgrade(false)
.customIamInstanceProfile("AWSRDSCustomSQLServerInstanceProfile")
.backupRetentionPeriod(7)
.dbSubnetGroupName(dbSubnetGroupName)
.engine(custom_sqlserver.engine())
.engineVersion(custom_sqlserver.engineVersion())
.identifier("sql-instance-demo")
.instanceClass(custom_sqlserver.instanceClass())
.kmsKeyId(byId.arn())
.multiAz(false)
.password("avoid-plaintext-passwords")
.storageEncrypted(true)
.username("test")
.build());
}
}resources:
example:
type: aws:rds:Instance
properties:
allocatedStorage: 500
autoMinorVersionUpgrade: false # Custom for SQL Server does not support minor version upgrades
customIamInstanceProfile: AWSRDSCustomSQLServerInstanceProfile
backupRetentionPeriod: 7
dbSubnetGroupName: ${dbSubnetGroupName}
engine: ${["custom-sqlserver"].engine}
engineVersion: ${["custom-sqlserver"].engineVersion}
identifier: sql-instance-demo
instanceClass: ${["custom-sqlserver"].instanceClass}
kmsKeyId: ${byId.arn}
multiAz: false # Custom for SQL Server does support multi-az
password: avoid-plaintext-passwords
storageEncrypted: true
username: test
variables:
# Lookup the available instance classes for the custom engine for the region being operated in
custom-sqlserver:
fn::invoke:
function: aws:rds:getOrderableDbInstance
arguments:
engine: custom-sqlserver-se
engineVersion: 15.00.4249.2.v1
storageType: gp3
preferredInstanceClasses:
- db.r5.xlarge
- db.r5.2xlarge
- db.r5.4xlarge
# The RDS instance resource requires an ARN. Look up the ARN of the KMS key.
byId:
fn::invoke:
function: aws:kms:getKey
arguments:
keyId: example-ef278353ceba4a5a97de6784565b9f78RDS Db2 Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
const _default = aws.rds.getEngineVersion({
engine: "db2-se",
});
// Lookup the available instance classes for the engine in the region being operated in
const example = Promise.all([_default, _default]).then(([_default, _default1]) => aws.rds.getOrderableDbInstance({
engine: _default.engine,
engineVersion: _default1.version,
licenseModel: "bring-your-own-license",
storageType: "gp3",
preferredInstanceClasses: [
"db.t3.small",
"db.r6i.large",
"db.m6i.large",
],
}));
// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
const exampleParameterGroup = new aws.rds.ParameterGroup("example", {
name: "db-db2-params",
family: _default.then(_default => _default.parameterGroupFamily),
parameters: [
{
applyMethod: "immediate",
name: "rds.ibm_customer_id",
value: "0",
},
{
applyMethod: "immediate",
name: "rds.ibm_site_id",
value: "0",
},
],
});
// Create the RDS Db2 instance, use the data sources defined to set attributes
const exampleInstance = new aws.rds.Instance("example", {
allocatedStorage: 100,
backupRetentionPeriod: 7,
dbName: "test",
engine: example.then(example => example.engine),
engineVersion: example.then(example => example.engineVersion),
identifier: "db2-instance-demo",
instanceClass: example.then(example => example.instanceClass).apply((x) => aws.rds.InstanceType[x]),
parameterGroupName: exampleParameterGroup.name,
password: "avoid-plaintext-passwords",
username: "test",
});import pulumi
import pulumi_aws as aws
# Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
default = aws.rds.get_engine_version(engine="db2-se")
# Lookup the available instance classes for the engine in the region being operated in
example = aws.rds.get_orderable_db_instance(engine=default.engine,
engine_version=default.version,
license_model="bring-your-own-license",
storage_type="gp3",
preferred_instance_classes=[
"db.t3.small",
"db.r6i.large",
"db.m6i.large",
])
# The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
example_parameter_group = aws.rds.ParameterGroup("example",
name="db-db2-params",
family=default.parameter_group_family,
parameters=[
{
"apply_method": "immediate",
"name": "rds.ibm_customer_id",
"value": "0",
},
{
"apply_method": "immediate",
"name": "rds.ibm_site_id",
"value": "0",
},
])
# Create the RDS Db2 instance, use the data sources defined to set attributes
example_instance = aws.rds.Instance("example",
allocated_storage=100,
backup_retention_period=7,
db_name="test",
engine=example.engine,
engine_version=example.engine_version,
identifier="db2-instance-demo",
instance_class=example.instance_class,
parameter_group_name=example_parameter_group.name,
password="avoid-plaintext-passwords",
username="test")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
var @default = Aws.Rds.GetEngineVersion.Invoke(new()
{
Engine = "db2-se",
});
// Lookup the available instance classes for the engine in the region being operated in
var example = Aws.Rds.GetOrderableDbInstance.Invoke(new()
{
Engine = @default.Apply(getEngineVersionResult => getEngineVersionResult.Engine),
EngineVersion = @default.Apply(getEngineVersionResult => getEngineVersionResult.Version),
LicenseModel = "bring-your-own-license",
StorageType = "gp3",
PreferredInstanceClasses = new[]
{
"db.t3.small",
"db.r6i.large",
"db.m6i.large",
},
});
// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
var exampleParameterGroup = new Aws.Rds.ParameterGroup("example", new()
{
Name = "db-db2-params",
Family = @default.Apply(@default => @default.Apply(getEngineVersionResult => getEngineVersionResult.ParameterGroupFamily)),
Parameters = new[]
{
new Aws.Rds.Inputs.ParameterGroupParameterArgs
{
ApplyMethod = "immediate",
Name = "rds.ibm_customer_id",
Value = "0",
},
new Aws.Rds.Inputs.ParameterGroupParameterArgs
{
ApplyMethod = "immediate",
Name = "rds.ibm_site_id",
Value = "0",
},
},
});
// Create the RDS Db2 instance, use the data sources defined to set attributes
var exampleInstance = new Aws.Rds.Instance("example", new()
{
AllocatedStorage = 100,
BackupRetentionPeriod = 7,
DbName = "test",
Engine = example.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.Engine),
EngineVersion = example.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.EngineVersion),
Identifier = "db2-instance-demo",
InstanceClass = example.Apply(getOrderableDbInstanceResult => getOrderableDbInstanceResult.InstanceClass).Apply(System.Enum.Parse<Aws.Rds.InstanceType>),
ParameterGroupName = exampleParameterGroup.Name,
Password = "avoid-plaintext-passwords",
Username = "test",
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
_default, err := rds.GetEngineVersion(ctx, &rds.GetEngineVersionArgs{
Engine: "db2-se",
}, nil)
if err != nil {
return err
}
// Lookup the available instance classes for the engine in the region being operated in
example, err := rds.GetOrderableDbInstance(ctx, &rds.GetOrderableDbInstanceArgs{
Engine: _default.Engine,
EngineVersion: pulumi.StringRef(_default.Version),
LicenseModel: pulumi.StringRef("bring-your-own-license"),
StorageType: pulumi.StringRef("gp3"),
PreferredInstanceClasses: []string{
"db.t3.small",
"db.r6i.large",
"db.m6i.large",
},
}, nil)
if err != nil {
return err
}
// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
exampleParameterGroup, err := rds.NewParameterGroup(ctx, "example", &rds.ParameterGroupArgs{
Name: pulumi.String("db-db2-params"),
Family: pulumi.String(_default.ParameterGroupFamily),
Parameters: rds.ParameterGroupParameterArray{
&rds.ParameterGroupParameterArgs{
ApplyMethod: pulumi.String("immediate"),
Name: pulumi.String("rds.ibm_customer_id"),
Value: pulumi.String("0"),
},
&rds.ParameterGroupParameterArgs{
ApplyMethod: pulumi.String("immediate"),
Name: pulumi.String("rds.ibm_site_id"),
Value: pulumi.String("0"),
},
},
})
if err != nil {
return err
}
// Create the RDS Db2 instance, use the data sources defined to set attributes
_, err = rds.NewInstance(ctx, "example", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(100),
BackupRetentionPeriod: pulumi.Int(7),
DbName: pulumi.String("test"),
Engine: pulumi.String(example.Engine),
EngineVersion: pulumi.String(example.EngineVersion),
Identifier: pulumi.String("db2-instance-demo"),
InstanceClass: example.InstanceClass.ApplyT(func(x *string) rds.InstanceType { return rds.InstanceType(*x) }).(rds.InstanceTypeOutput),
ParameterGroupName: exampleParameterGroup.Name,
Password: pulumi.String("avoid-plaintext-passwords"),
Username: pulumi.String("test"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.RdsFunctions;
import com.pulumi.aws.rds.inputs.GetEngineVersionArgs;
import com.pulumi.aws.rds.inputs.GetOrderableDbInstanceArgs;
import com.pulumi.aws.rds.ParameterGroup;
import com.pulumi.aws.rds.ParameterGroupArgs;
import com.pulumi.aws.rds.inputs.ParameterGroupParameterArgs;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
final var default = RdsFunctions.getEngineVersion(GetEngineVersionArgs.builder()
.engine("db2-se")
.build());
// Lookup the available instance classes for the engine in the region being operated in
final var example = RdsFunctions.getOrderableDbInstance(GetOrderableDbInstanceArgs.builder()
.engine(default_.engine())
.engineVersion(default_.version())
.licenseModel("bring-your-own-license")
.storageType("gp3")
.preferredInstanceClasses(
"db.t3.small",
"db.r6i.large",
"db.m6i.large")
.build());
// The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
var exampleParameterGroup = new ParameterGroup("exampleParameterGroup", ParameterGroupArgs.builder()
.name("db-db2-params")
.family(default_.parameterGroupFamily())
.parameters(
ParameterGroupParameterArgs.builder()
.applyMethod("immediate")
.name("rds.ibm_customer_id")
.value("0")
.build(),
ParameterGroupParameterArgs.builder()
.applyMethod("immediate")
.name("rds.ibm_site_id")
.value("0")
.build())
.build());
// Create the RDS Db2 instance, use the data sources defined to set attributes
var exampleInstance = new Instance("exampleInstance", InstanceArgs.builder()
.allocatedStorage(100)
.backupRetentionPeriod(7)
.dbName("test")
.engine(example.engine())
.engineVersion(example.engineVersion())
.identifier("db2-instance-demo")
.instanceClass(example.instanceClass())
.parameterGroupName(exampleParameterGroup.name())
.password("avoid-plaintext-passwords")
.username("test")
.build());
}
}resources:
# The RDS Db2 instance resource requires licensing information. Create a new parameter group using the default paramater group as a source, and set license information.
exampleParameterGroup:
type: aws:rds:ParameterGroup
name: example
properties:
name: db-db2-params
family: ${default.parameterGroupFamily}
parameters:
- applyMethod: immediate
name: rds.ibm_customer_id
value: 0
- applyMethod: immediate
name: rds.ibm_site_id
value: 0
# Create the RDS Db2 instance, use the data sources defined to set attributes
exampleInstance:
type: aws:rds:Instance
name: example
properties:
allocatedStorage: 100
backupRetentionPeriod: 7
dbName: test
engine: ${example.engine}
engineVersion: ${example.engineVersion}
identifier: db2-instance-demo
instanceClass: ${example.instanceClass}
parameterGroupName: ${exampleParameterGroup.name}
password: avoid-plaintext-passwords
username: test
variables:
# Lookup the default version for the engine. Db2 Standard Edition is `db2-se`, Db2 Advanced Edition is `db2-ae`.
default:
fn::invoke:
function: aws:rds:getEngineVersion
arguments:
engine: db2-se
# Lookup the available instance classes for the engine in the region being operated in
example:
fn::invoke:
function: aws:rds:getOrderableDbInstance
arguments:
engine: ${default.engine}
engineVersion: ${default.version}
licenseModel: bring-your-own-license
storageType: gp3
preferredInstanceClasses:
- db.t3.small
- db.r6i.large
- db.m6i.largeStorage Autoscaling
To enable Storage Autoscaling with instances that support the feature, define the max_allocated_storage argument higher than the allocated_storage argument. This provider will automatically hide differences with the allocated_storage argument value if autoscaling occurs.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.rds.Instance("example", {
allocatedStorage: 50,
maxAllocatedStorage: 100,
});import pulumi
import pulumi_aws as aws
example = aws.rds.Instance("example",
allocated_storage=50,
max_allocated_storage=100)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Rds.Instance("example", new()
{
AllocatedStorage = 50,
MaxAllocatedStorage = 100,
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := rds.NewInstance(ctx, "example", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(50),
MaxAllocatedStorage: pulumi.Int(100),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Instance("example", InstanceArgs.builder()
.allocatedStorage(50)
.maxAllocatedStorage(100)
.build());
}
}resources:
example:
type: aws:rds:Instance
properties:
allocatedStorage: 50
maxAllocatedStorage: 100Managed Master Passwords via Secrets Manager, default KMS Key
More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the RDS User Guide and Aurora User Guide. You can specify the
manage_master_user_passwordattribute to enable managing the master password with Secrets Manager. You can also update an existing cluster to use Secrets Manager by specify themanage_master_user_passwordattribute and removing thepasswordattribute (removal is required).
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const _default = new aws.rds.Instance("default", {
allocatedStorage: 10,
dbName: "mydb",
engine: "mysql",
engineVersion: "8.0",
instanceClass: aws.rds.InstanceType.T3_Micro,
manageMasterUserPassword: true,
username: "foo",
parameterGroupName: "default.mysql8.0",
});import pulumi
import pulumi_aws as aws
default = aws.rds.Instance("default",
allocated_storage=10,
db_name="mydb",
engine="mysql",
engine_version="8.0",
instance_class=aws.rds.InstanceType.T3_MICRO,
manage_master_user_password=True,
username="foo",
parameter_group_name="default.mysql8.0")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var @default = new Aws.Rds.Instance("default", new()
{
AllocatedStorage = 10,
DbName = "mydb",
Engine = "mysql",
EngineVersion = "8.0",
InstanceClass = Aws.Rds.InstanceType.T3_Micro,
ManageMasterUserPassword = true,
Username = "foo",
ParameterGroupName = "default.mysql8.0",
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := rds.NewInstance(ctx, "default", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(10),
DbName: pulumi.String("mydb"),
Engine: pulumi.String("mysql"),
EngineVersion: pulumi.String("8.0"),
InstanceClass: pulumi.String(rds.InstanceType_T3_Micro),
ManageMasterUserPassword: pulumi.Bool(true),
Username: pulumi.String("foo"),
ParameterGroupName: pulumi.String("default.mysql8.0"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Instance("default", InstanceArgs.builder()
.allocatedStorage(10)
.dbName("mydb")
.engine("mysql")
.engineVersion("8.0")
.instanceClass("db.t3.micro")
.manageMasterUserPassword(true)
.username("foo")
.parameterGroupName("default.mysql8.0")
.build());
}
}resources:
default:
type: aws:rds:Instance
properties:
allocatedStorage: 10
dbName: mydb
engine: mysql
engineVersion: '8.0'
instanceClass: db.t3.micro
manageMasterUserPassword: true
username: foo
parameterGroupName: default.mysql8.0Managed Master Passwords via Secrets Manager, specific KMS Key
More information about RDS/Aurora Aurora integrates with Secrets Manager to manage master user passwords for your DB clusters can be found in the RDS User Guide and Aurora User Guide. You can specify the
master_user_secret_kms_key_idattribute to specify a specific KMS Key.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.kms.Key("example", {description: "Example KMS Key"});
const _default = new aws.rds.Instance("default", {
allocatedStorage: 10,
dbName: "mydb",
engine: "mysql",
engineVersion: "8.0",
instanceClass: aws.rds.InstanceType.T3_Micro,
manageMasterUserPassword: true,
masterUserSecretKmsKeyId: example.keyId,
username: "foo",
parameterGroupName: "default.mysql8.0",
});import pulumi
import pulumi_aws as aws
example = aws.kms.Key("example", description="Example KMS Key")
default = aws.rds.Instance("default",
allocated_storage=10,
db_name="mydb",
engine="mysql",
engine_version="8.0",
instance_class=aws.rds.InstanceType.T3_MICRO,
manage_master_user_password=True,
master_user_secret_kms_key_id=example.key_id,
username="foo",
parameter_group_name="default.mysql8.0")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Kms.Key("example", new()
{
Description = "Example KMS Key",
});
var @default = new Aws.Rds.Instance("default", new()
{
AllocatedStorage = 10,
DbName = "mydb",
Engine = "mysql",
EngineVersion = "8.0",
InstanceClass = Aws.Rds.InstanceType.T3_Micro,
ManageMasterUserPassword = true,
MasterUserSecretKmsKeyId = example.KeyId,
Username = "foo",
ParameterGroupName = "default.mysql8.0",
});
});package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := kms.NewKey(ctx, "example", &kms.KeyArgs{
Description: pulumi.String("Example KMS Key"),
})
if err != nil {
return err
}
_, err = rds.NewInstance(ctx, "default", &rds.InstanceArgs{
AllocatedStorage: pulumi.Int(10),
DbName: pulumi.String("mydb"),
Engine: pulumi.String("mysql"),
EngineVersion: pulumi.String("8.0"),
InstanceClass: pulumi.String(rds.InstanceType_T3_Micro),
ManageMasterUserPassword: pulumi.Bool(true),
MasterUserSecretKmsKeyId: example.KeyId,
Username: pulumi.String("foo"),
ParameterGroupName: pulumi.String("default.mysql8.0"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.rds.Instance;
import com.pulumi.aws.rds.InstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Key("example", KeyArgs.builder()
.description("Example KMS Key")
.build());
var default_ = new Instance("default", InstanceArgs.builder()
.allocatedStorage(10)
.dbName("mydb")
.engine("mysql")
.engineVersion("8.0")
.instanceClass("db.t3.micro")
.manageMasterUserPassword(true)
.masterUserSecretKmsKeyId(example.keyId())
.username("foo")
.parameterGroupName("default.mysql8.0")
.build());
}
}resources:
example:
type: aws:kms:Key
properties:
description: Example KMS Key
default:
type: aws:rds:Instance
properties:
allocatedStorage: 10
dbName: mydb
engine: mysql
engineVersion: '8.0'
instanceClass: db.t3.micro
manageMasterUserPassword: true
masterUserSecretKmsKeyId: ${example.keyId}
username: foo
parameterGroupName: default.mysql8.0Import
Using pulumi import, import DB Instances using the identifier. For example:
$ pulumi import aws:rds/instance:Instance default mydb-rds-instanceConstructors
Properties
The allocated storage in gibibytes. If max_allocated_storage is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. If replicate_source_db is set, the value is ignored during the creation of the instance.
Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible.
Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default is false. See [Amazon RDS Documentation for more
Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Defaults to true.
The AZ for the RDS instance.
The days to retain backups for. Must be between 0 and 35. Default is 0. Must be greater than 0 if the database is used as a source for a instance-replication, uses low-downtime updates, or will use blue-green.
Specifies where automated backups and manual snapshots are stored. Possible values are region (default) and outposts. See Working with Amazon RDS on AWS Outposts for more information.
The daily time range (in UTC) during which automated backups are created if they are enabled. Example: "09:46-10:16". Must not overlap with maintenance_window.
Enables low-downtime updates using blue-green. See blue_green_update below.
The identifier of the CA certificate for the DB instance.
The character set name to use for DB encoding in Oracle and Microsoft SQL instances (collation). This can't be changed. See Oracle Character Sets Supported in Amazon RDS or Server-Level Collation for Microsoft SQL Server for more information. Cannot be set with replicate_source_db, restore_to_point_in_time, s3_import, or snapshot_identifier.
Copy all Instance tags to snapshots. Default is false.
Indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. See CoIP for RDS on Outposts for more information.
The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.
The mode of Database Insights that is enabled for the instance. Valid values: standard, advanced .
The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. Note that this does not apply for Oracle or SQL Server engines. See the AWS documentation for more details on what applies for those engines. If you are providing an Oracle db name, it needs to be in all upper case. Cannot be specified for a replica.
Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default Subnet Group. When working with read replicas created in the same region, defaults to the Subnet Group Name of the source DB. When working with read replicas created in a different region, defaults to the default Subnet Group. See DBSubnetGroupName in API action CreateDBInstanceReadReplica for additional read replica constraints.
Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. See the AWS documentation for more details.
Specifies whether to remove automated backups immediately after the DB instance is deleted. Default is true.
If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is false.
The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with domain and domain_iam_role_name.
The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with domain and domain_iam_role_name.
The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with domain and domain_iam_role_name.
The name of the IAM role to be used when making API calls to the Directory Service. Conflicts with domain_fqdn, domain_ou, domain_auth_secret_arn and a domain_dns_ips.
Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. For supported values, see the EnableCloudwatchLogsExports.member.N parameter in API action CreateDBInstance.
The database engine to use. For supported values, see the Engine parameter in API action CreateDBInstance. Note that for Amazon Aurora instances the engine must match the DB cluster's engine'. For information on the difference between the available Aurora MySQL engines see Comparison between Aurora MySQL 1 and Aurora MySQL 2 in the Amazon RDS User Guide.
The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are open-source-rds-extended-support, open-source-rds-extended-support-disabled. Default value is open-source-rds-extended-support. Using Amazon RDS Extended Support: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
The engine version to use. If auto_minor_version_upgrade is enabled, you can provide a prefix of the version such as 8.0 (for 8.0.36). The actual engine version used is returned in the attribute engine_version_actual, see Attribute Reference below. For supported values, see the EngineVersion parameter in API action CreateDBInstance. Note that for Amazon Aurora instances the engine version must match the DB cluster's engine version'.
The name of your final DB snapshot when this DB instance is deleted. Must be provided if skip_final_snapshot is set to false. The value must begin with a letter, only contain alphanumeric characters and hyphens, and not end with a hyphen or contain two consecutive hyphens. Must not be provided when deleting a read replica.
Specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
The name of the RDS instance, if omitted, this provider will assign a random, unique identifier. Required if restore_to_point_in_time is specified.
Creates a unique identifier beginning with the specified prefix. Conflicts with identifier.
The instance type of the RDS instance.
The amount of provisioned IOPS. Setting this implies a storage_type of "io1" or "io2". Can only be set when storage_type is "io1", "io2 or "gp3". Cannot be specified for gp3 storage if the allocated_storage value is below a per-engine threshold. See the RDS User Guide for details.
License model information for this DB instance. Valid values for this field are as follows:
The window to perform maintenance in. Syntax: "ddd:hh24:mi-ddd:hh24:mi". Eg: "Mon:00:00-Mon:03:00". See [RDS
Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if password or password_wo is provided.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used.
Specifies the maximum storage (in GiB) that Amazon RDS can automatically scale to for this DB instance. By default, Storage Autoscaling is disabled. To enable Storage Autoscaling, set max_allocated_storage to greater than or equal to allocated_storage. Setting max_allocated_storage to 0 explicitly disables Storage Autoscaling. When configured, changes to allocated_storage will be automatically ignored as the storage can dynamically scale.
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.
The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS
The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. See [Oracle Character Sets
The network type of the DB instance. Valid values: IPV4, DUAL.
Name of the DB option group to associate.
Name of the DB parameter group to associate.
Specifies whether Performance Insights are enabled. Defaults to false.
The ARN for the KMS key to encrypt Performance Insights data. When specifying performance_insights_kms_key_id, performance_insights_enabled needs to be set to true. Once KMS key is set, it can never be changed.
Amount of time in days to retain Performance Insights data. Valid values are 7, 731 (2 years) or a multiple of 31. When specifying performance_insights_retention_period, performance_insights_enabled needs to be set to true. Defaults to '7'.
Bool to control if instance is publicly accessible. Default is false.
Specifies whether the replica is in either mounted or open-read-only mode. This attribute is only supported by Oracle instances. Oracle replicas operate in open-read-only mode unless otherwise specified. See Working with Oracle Read Replicas for more information.
Specifies that this resource is a Replica database, and to use this value as the source database. If replicating an Amazon RDS Database Instance in the same region, use the identifier of the source DB, unless also specifying the db_subnet_group_name. If specifying the db_subnet_group_name in the same region, use the arn of the source DB. If replicating an Instance in a different region, use the arn of the source DB. Note that if you are creating a cross-region replica of an encrypted database you will also need to specify a kms_key_id. See instance-replication and Working with PostgreSQL and MySQL Read Replicas for more information on using Replication.
A configuration block for restoring a DB instance to an arbitrary point in time. Requires the identifier argument to be set with the name of the new DB instance to be created. See Restore To Point In Time below for details.
Restore from a Percona Xtrabackup in S3. See Importing Data into an Amazon RDS MySQL DB Instance
Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final_snapshot_identifier. Default is false.
Specifies whether or not to create this database from a snapshot. This corresponds to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05.
Specifies whether the DB instance is encrypted. Note that if you are creating a cross-region read replica this field is ignored and you should instead declare kms_key_id with a valid ARN. The default is false if not specified.
The storage throughput value for the DB instance. Can only be set when storage_type is "gp3". Cannot be specified if the allocated_storage value is below a per-engine threshold. See the RDS User Guide for details.
One of "standard" (magnetic), "gp2" (general purpose SSD), "gp3" (general purpose SSD that needs iops independently) "io1" (provisioned IOPS SSD) or "io2" (block express storage provisioned IOPS SSD). The default is "io1" if iops is specified, "gp2" if not.
Whether to upgrade the storage file system configuration on the read replica. Can only be set with replicate_source_db.
List of VPC security groups to associate.