awsrds

package
v1.192.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 9, 2023 License: Apache-2.0 Imports: 15 Imported by: 3

README

Amazon Relational Database Service Construct Library

import rds "github.com/aws/aws-cdk-go/awscdk"

Starting a clustered database

To set up a clustered database (like Aurora), define a DatabaseCluster. You must always launch a database in a VPC. Use the vpcSubnets attribute to control whether your instances will be launched privately or publicly:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine.auroraMysql(&auroraMysqlClusterEngineProps{
		version: rds.auroraMysqlEngineVersion_VER_2_08_1(),
	}),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("clusteradmin")),
	 // Optional - will default to 'admin' username and generated password
	instanceProps: &instanceProps{
		// optional , defaults to t3.medium
		instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_SMALL),
		vpcSubnets: &subnetSelection{
			subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
		},
		vpc: vpc,
	},
})

If there isn't a constant for the exact version you want to use, all of the Version classes have a static of method that can be used to create an arbitrary version.

customEngineVersion := rds.auroraMysqlEngineVersion.of(jsii.String("5.7.mysql_aurora.2.08.1"))

By default, the master password will be generated and stored in AWS Secrets Manager with auto-generated description.

Your cluster will be empty by default. To add a default database upon construction, specify the defaultDatabaseName attribute.

Use DatabaseClusterFromSnapshot to create a cluster from a snapshot:

var vpc vpc

rds.NewDatabaseClusterFromSnapshot(this, jsii.String("Database"), &databaseClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_22_2(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Starting an instance database

To set up a instance database, define a DatabaseInstance. You must always launch a database in a VPC. Use the vpcSubnets attribute to control whether your instances will be launched privately or publicly:

var vpc vpc

instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_SMALL),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("syscdk")),
	 // Optional - will default to 'admin' username and generated password
	vpc: vpc,
	vpcSubnets: &subnetSelection{
		subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
	},
})

If there isn't a constant for the exact engine version you want to use, all of the Version classes have a static of method that can be used to create an arbitrary version.

customEngineVersion := rds.oracleEngineVersion.of(jsii.String("19.0.0.0.ru-2020-04.rur-2020-04.r1"), jsii.String("19"))

By default, the master password will be generated and stored in AWS Secrets Manager.

To use the storage auto scaling option of RDS you can specify the maximum allocated storage. This is the upper limit to which RDS can automatically scale the storage. More info can be found here Example for max storage configuration:

var vpc vpc

instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_SMALL),
	vpc: vpc,
	maxAllocatedStorage: jsii.Number(200),
})

Use DatabaseInstanceFromSnapshot and DatabaseInstanceReadReplica to create an instance from snapshot or a source database respectively:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Automatic backups of read replica instances are only supported for MySQL and MariaDB. By default, automatic backups are disabled for read replicas and can only be enabled (using backupRetention) if also enabled on the source instance.

Creating a "production" Oracle database instance with option and parameter groups:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Add XMLDB and OEM with option group

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Setting Public Accessibility

You can set public accessibility for the database instance or cluster using the publiclyAccessible property. If you specify true, it creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, it creates an internal instance with a DNS name that resolves to a private IP address. The default value depends on vpcSubnets. It will be true if vpcSubnets is subnetType: SubnetType.PUBLIC, false otherwise.

var vpc vpc

// Setting public accessibility for DB instance
// Setting public accessibility for DB instance
rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.mysql(&mySqlInstanceEngineProps{
		version: rds.mysqlEngineVersion_VER_8_0_19(),
	}),
	vpc: vpc,
	vpcSubnets: &subnetSelection{
		subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
	},
	publiclyAccessible: jsii.Boolean(true),
})

// Setting public accessibility for DB cluster
// Setting public accessibility for DB cluster
rds.NewDatabaseCluster(this, jsii.String("DatabaseCluster"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
		vpcSubnets: &subnetSelection{
			subnetType: ec2.*subnetType_PRIVATE_WITH_NAT,
		},
		publiclyAccessible: jsii.Boolean(true),
	},
})

Instance events

To define Amazon CloudWatch event rules for database instances, use the onEvent method:

var instance databaseInstance
var fn function

rule := instance.onEvent(jsii.String("InstanceEvent"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})

Login credentials

By default, database instances and clusters (with the exception of DatabaseInstanceFromSnapshot and ServerlessClusterFromSnapshot) will have admin user with an auto-generated password. An alternative username (and password) may be specified for the admin user instead of the default.

The following examples use a DatabaseInstance, but the same usage is applicable to DatabaseCluster.

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsername"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres")),
})

rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsernameAndPassword"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromPassword(jsii.String("postgres"), awscdk.SecretValue.ssmSecure(jsii.String("/dbPassword"), jsii.String("1"))),
})

mySecret := secretsmanager.secret.fromSecretName(this, jsii.String("DBSecret"), jsii.String("myDBLoginInfo"))
rds.NewDatabaseInstance(this, jsii.String("InstanceWithSecretLogin"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromSecret(mySecret),
})

Secrets generated by fromGeneratedSecret() can be customized:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstance(this, jsii.String("InstanceWithCustomizedSecret"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres"), &credentialsBaseOptions{
		secretName: jsii.String("my-cool-name"),
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})
Snapshot credentials

As noted above, Databases created with DatabaseInstanceFromSnapshot or ServerlessClusterFromSnapshot will not create user and auto-generated password by default because it's not possible to change the master username for a snapshot. Instead, they will use the existing username and password from the snapshot. You can still generate a new password - to generate a secret similarly to the other constructs, pass in credentials with fromGeneratedSecret() or fromGeneratedPassword().

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("InstanceFromSnapshotWithCustomizedSecret"), &databaseInstanceFromSnapshotProps{
	engine: engine,
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
	credentials: rds.snapshotCredentials.fromGeneratedSecret(jsii.String("username"), &snapshotCredentialsFromGeneratedPasswordOptions{
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Connecting

To control who can access the cluster or instance, use the .connections attribute. RDS databases have a default port, so you don't need to specify the port:

var cluster databaseCluster

cluster.connections.allowFromAnyIpv4(ec2.port.allTraffic(), jsii.String("Open to the world"))

The endpoints to access your database cluster will be available as the .clusterEndpoint and .readerEndpoint attributes:

var cluster databaseCluster

writeAddress := cluster.clusterEndpoint.socketAddress

For an instance database:

var instance databaseInstance

address := instance.instanceEndpoint.socketAddress

Rotating credentials

When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically:

import cdk "github.com/aws/aws-cdk-go/awscdk"

var instance databaseInstance

instance.addRotationSingleUser(&rotationSingleUserOptions{
	automaticallyAfter: cdk.duration.days(jsii.Number(7)),
	 // defaults to 30 days
	excludeCharacters: jsii.String("!@#$%^&*"),
})
cluster := rds.NewDatabaseCluster(stack, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_SMALL),
		vpc: vpc,
	},
})

cluster.addRotationSingleUser()

The multi user rotation scheme is also available:

var instance databaseInstance
var myImportedSecret databaseSecret

instance.addRotationMultiUser(jsii.String("MyUser"), &rotationMultiUserOptions{
	secret: myImportedSecret,
})

It's also possible to create user credentials together with the instance/cluster and add rotation:

var instance databaseInstance

myUserSecret := rds.NewDatabaseSecret(this, jsii.String("MyUserSecret"), &databaseSecretProps{
	username: jsii.String("myuser"),
	secretName: jsii.String("my-user-secret"),
	 // optional, defaults to a CloudFormation-generated name
	masterSecret: instance.secret,
	excludeCharacters: jsii.String("{}[]()'\"/\\"),
})
myUserSecretAttached := myUserSecret.attach(instance) // Adds DB connections information in the secret

instance.addRotationMultiUser(jsii.String("MyUser"), &rotationMultiUserOptions{
	 // Add rotation using the multi user scheme
	secret: myUserSecretAttached,
})

Note: This user must be created manually in the database using the master credentials. The rotation will start as soon as this user exists.

Access to the Secrets Manager API is required for the secret rotation. This can be achieved either with internet connectivity (through NAT) or with a VPC interface endpoint. By default, the rotation Lambda function is deployed in the same subnets as the instance/cluster. If access to the Secrets Manager API is not possible from those subnets or using the default API endpoint, use the vpcSubnets and/or endpoint options:

var instance databaseInstance
var myEndpoint interfaceVpcEndpoint


instance.addRotationSingleUser(&rotationSingleUserOptions{
	vpcSubnets: &subnetSelection{
		subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
	},
	 // Place rotation Lambda in private subnets
	endpoint: myEndpoint,
})

See also @aws-cdk/aws-secretsmanager for credentials rotation of existing clusters/instances.

IAM Authentication

You can also authenticate to a database instance using AWS Identity and Access Management (IAM) database authentication; See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html for more information and a list of supported versions and limitations.

Note: grantConnect() does not currently work - see this GitHub issue.

The following example shows enabling IAM authentication for a database instance and granting connection access to an IAM role.

var vpc vpc

instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.mysql(&mySqlInstanceEngineProps{
		version: rds.mysqlEngineVersion_VER_8_0_19(),
	}),
	vpc: vpc,
	iamAuthentication: jsii.Boolean(true),
})
role := iam.NewRole(this, jsii.String("DBRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
instance.grantConnect(role)

The following example shows granting connection access for RDS Proxy to an IAM role.

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Note: In addition to the setup above, a database user will need to be created to support IAM auth. See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.DBAccounts.html for setup instructions.

Kerberos Authentication

You can also authenticate using Kerberos to a database instance using AWS Managed Microsoft AD for authentication; See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html for more information and a list of supported versions and limitations.

The following example shows enabling domain support for a database instance and creating an IAM role to access Directory Services.

var vpc vpc

role := iam.NewRole(this, jsii.String("RDSDirectoryServicesRole"), &roleProps{
	assumedBy: iam.NewServicePrincipal(jsii.String("rds.amazonaws.com")),
	managedPolicies: []iManagedPolicy{
		iam.managedPolicy.fromAwsManagedPolicyName(jsii.String("service-role/AmazonRDSDirectoryServiceAccess")),
	},
})
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.mysql(&mySqlInstanceEngineProps{
		version: rds.mysqlEngineVersion_VER_8_0_19(),
	}),
	vpc: vpc,
	domain: jsii.String("d-????????"),
	 // The ID of the domain for the instance to join.
	domainRole: role,
})

Note: In addition to the setup above, you need to make sure that the database instance has network connectivity to the domain controllers. This includes enabling cross-VPC traffic if in a different VPC and setting up the appropriate security groups/network ACL to allow traffic between the database instance and domain controllers. Once configured, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html for details on configuring users for each available database engine.

Metrics

Database instances and clusters both expose metrics (cloudwatch.Metric):

// The number of database connections in use (average over 5 minutes)
var instance databaseInstance

// Average CPU utilization over 5 minutes
var cluster databaseCluster

dbConnections := instance.metricDatabaseConnections()
cpuUtilization := cluster.metricCPUUtilization()

// The average amount of time taken per disk I/O operation (average over 1 minute)
readLatency := instance.metric(jsii.String("ReadLatency"), &metricOptions{
	statistic: jsii.String("Average"),
	period: awscdk.Duration.seconds(jsii.Number(60)),
})

Enabling S3 integration

Data in S3 buckets can be imported to and exported from certain database engines using SQL queries. To enable this functionality, set the s3ImportBuckets and s3ExportBuckets properties for import and export respectively. When configured, the CDK automatically creates and configures IAM roles as required. Additionally, the s3ImportRole and s3ExportRole properties can be used to set this role directly.

You can read more about loading data to (or from) S3 here:

The following snippet sets up a database cluster with different S3 buckets where the data is imported and exported -

import s3 "github.com/aws/aws-cdk-go/awscdk"

var vpc vpc

importBucket := s3.NewBucket(this, jsii.String("importbucket"))
exportBucket := s3.NewBucket(this, jsii.String("exportbucket"))
rds.NewDatabaseCluster(this, jsii.String("dbcluster"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	s3ImportBuckets: []iBucket{
		importBucket,
	},
	s3ExportBuckets: []*iBucket{
		exportBucket,
	},
})

Creating a Database Proxy

Amazon RDS Proxy sits between your application and your relational database to efficiently manage connections to the database and improve scalability of the application. Learn more about at Amazon RDS Proxy

The following code configures an RDS Proxy for a DatabaseInstance.

var vpc vpc
var securityGroup securityGroup
var secrets []secret
var dbInstance databaseInstance


proxy := dbInstance.addProxy(jsii.String("proxy"), &databaseProxyOptions{
	borrowTimeout: awscdk.Duration.seconds(jsii.Number(30)),
	maxConnectionsPercent: jsii.Number(50),
	secrets: secrets,
	vpc: vpc,
})

Exporting Logs

You can publish database logs to Amazon CloudWatch Logs. With CloudWatch Logs, you can perform real-time analysis of the log data, store the data in highly durable storage, and manage the data with the CloudWatch Logs Agent. This is available for both database instances and clusters; the types of logs available depend on the database type and engine being used.

import logs "github.com/aws/aws-cdk-go/awscdk"
var myLogsPublishingRole role
var vpc vpc


// Exporting logs from a cluster
cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_17_9(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	cloudwatchLogsExports: []*string{
		jsii.String("error"),
		jsii.String("general"),
		jsii.String("slowquery"),
		jsii.String("audit"),
	},
	 // Export all available MySQL-based logs
	cloudwatchLogsRetention: logs.retentionDays_THREE_MONTHS,
	 // Optional - default is to never expire logs
	cloudwatchLogsRetentionRole: myLogsPublishingRole,
})

// Exporting logs from an instance
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	vpc: vpc,
	cloudwatchLogsExports: []*string{
		jsii.String("postgresql"),
	},
})

Option Groups

Some DB engines offer additional features that make it easier to manage data and databases, and to provide additional security for your database. Amazon RDS uses option groups to enable and configure these features. An option group can specify features, called options, that are available for a particular Amazon RDS DB instance.

var vpc vpc
var securityGroup securityGroup


rds.NewOptionGroup(this, jsii.String("Options"), &optionGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(5500),
			vpc: vpc,
			securityGroups: []iSecurityGroup{
				securityGroup,
			},
		},
	},
})

Parameter Groups

Database parameters specify how the database is configured. For example, database parameters can specify the amount of resources, such as memory, to allocate to a database. You manage your database configuration by associating your DB instances with parameter groups. Amazon RDS defines parameter groups with default settings.

You can create your own parameter group for your cluster or instance and associate it with your database:

var vpc vpc


parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.sqlServerEe(&sqlServerEeInstanceEngineProps{
		version: rds.sqlServerEngineVersion_VER_11(),
	}),
	parameters: map[string]*string{
		"locks": jsii.String("100"),
	},
})

rds.NewDatabaseInstance(this, jsii.String("Database"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine_SQL_SERVER_EE(),
	vpc: vpc,
	parameterGroup: parameterGroup,
})

Another way to specify parameters is to use the inline field parameters that creates an RDS parameter group for you. You can use this if you do not want to reuse the parameter group instance for different instances:

var vpc vpc


rds.NewDatabaseInstance(this, jsii.String("Database"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.sqlServerEe(&sqlServerEeInstanceEngineProps{
		version: rds.sqlServerEngineVersion_VER_11(),
	}),
	vpc: vpc,
	parameters: map[string]*string{
		"locks": jsii.String("100"),
	},
})

You cannot specify a parameter map and a parameter group at the same time.

Serverless

Amazon Aurora Serverless is an on-demand, auto-scaling configuration for Amazon Aurora. The database will automatically start up, shut down, and scale capacity up or down based on your application's needs. It enables you to run your database in the cloud without managing any database instances.

The following example initializes an Aurora Serverless PostgreSql cluster. Aurora Serverless clusters can specify scaling properties which will be used to automatically scale the database cluster seamlessly based on the workload.

var vpc vpc


cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_POSTGRESQL(),
	parameterGroup: rds.parameterGroup.fromParameterGroupName(this, jsii.String("ParameterGroup"), jsii.String("default.aurora-postgresql10")),
	vpc: vpc,
	scaling: &serverlessScalingOptions{
		autoPause: awscdk.Duration.minutes(jsii.Number(10)),
		 // default is to pause after 5 minutes of idle time
		minCapacity: rds.auroraCapacityUnit_ACU_8,
		 // default is 2 Aurora capacity units (ACUs)
		maxCapacity: rds.*auroraCapacityUnit_ACU_32,
	},
})

Aurora Serverless Clusters do not support the following features:

  • Loading data from an Amazon S3 bucket
  • Saving data to an Amazon S3 bucket
  • Invoking an AWS Lambda function with an Aurora MySQL native function
  • Aurora replicas
  • Backtracking
  • Multi-master clusters
  • Database cloning
  • IAM database cloning
  • IAM database authentication
  • Restoring a snapshot from MySQL DB instance
  • Performance Insights
  • RDS Proxy

Read more about the limitations of Aurora Serverless

Learn more about using Amazon Aurora Serverless by reading the documentation

Use ServerlessClusterFromSnapshot to create a serverless cluster from a snapshot:

var vpc vpc

rds.NewServerlessClusterFromSnapshot(this, jsii.String("Cluster"), &serverlessClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
})
Data API

You can access your Aurora Serverless DB cluster using the built-in Data API. The Data API doesn't require a persistent connection to the DB cluster. Instead, it provides a secure HTTP endpoint and integration with AWS SDKs.

The following example shows granting Data API access to a Lamba function.

var vpc vpc

var code code


cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	 // this parameter is optional for serverless Clusters
	enableDataApi: jsii.Boolean(true),
})
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &functionProps{
	runtime: lambda.runtime_NODEJS_14_X(),
	handler: jsii.String("index.handler"),
	code: code,
	environment: map[string]*string{
		"CLUSTER_ARN": cluster.clusterArn,
		"SECRET_ARN": cluster.secret.secretArn,
	},
})
cluster.grantDataApiAccess(fn)

Note: To invoke the Data API, the resource will need to read the secret associated with the cluster.

To learn more about using the Data API, see the documentation.

Default VPC

The vpc parameter is optional.

If not provided, the cluster will be created in the default VPC of the account and region. As this VPC is not deployed with AWS CDK, you can't configure the vpcSubnets, subnetGroup or securityGroups of the Aurora Serverless Cluster. If you want to provide one of vpcSubnets, subnetGroup or securityGroups parameter, please provide a vpc.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CfnDBClusterParameterGroup_CFN_RESOURCE_TYPE_NAME

func CfnDBClusterParameterGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBClusterParameterGroup_IsCfnElement

func CfnDBClusterParameterGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBClusterParameterGroup_IsCfnResource

func CfnDBClusterParameterGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBClusterParameterGroup_IsConstruct

func CfnDBClusterParameterGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBCluster_CFN_RESOURCE_TYPE_NAME

func CfnDBCluster_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBCluster_IsCfnElement

func CfnDBCluster_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBCluster_IsCfnResource

func CfnDBCluster_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBCluster_IsConstruct

func CfnDBCluster_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBInstance_CFN_RESOURCE_TYPE_NAME

func CfnDBInstance_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBInstance_IsCfnElement

func CfnDBInstance_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBInstance_IsCfnResource

func CfnDBInstance_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBInstance_IsConstruct

func CfnDBInstance_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBParameterGroup_CFN_RESOURCE_TYPE_NAME

func CfnDBParameterGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBParameterGroup_IsCfnElement

func CfnDBParameterGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBParameterGroup_IsCfnResource

func CfnDBParameterGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBParameterGroup_IsConstruct

func CfnDBParameterGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBProxyEndpoint_CFN_RESOURCE_TYPE_NAME

func CfnDBProxyEndpoint_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBProxyEndpoint_IsCfnElement

func CfnDBProxyEndpoint_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBProxyEndpoint_IsCfnResource

func CfnDBProxyEndpoint_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBProxyEndpoint_IsConstruct

func CfnDBProxyEndpoint_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBProxyTargetGroup_CFN_RESOURCE_TYPE_NAME

func CfnDBProxyTargetGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBProxyTargetGroup_IsCfnElement

func CfnDBProxyTargetGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBProxyTargetGroup_IsCfnResource

func CfnDBProxyTargetGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBProxyTargetGroup_IsConstruct

func CfnDBProxyTargetGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBProxy_CFN_RESOURCE_TYPE_NAME

func CfnDBProxy_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBProxy_IsCfnElement

func CfnDBProxy_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBProxy_IsCfnResource

func CfnDBProxy_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBProxy_IsConstruct

func CfnDBProxy_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBSecurityGroupIngress_CFN_RESOURCE_TYPE_NAME

func CfnDBSecurityGroupIngress_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBSecurityGroupIngress_IsCfnElement

func CfnDBSecurityGroupIngress_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBSecurityGroupIngress_IsCfnResource

func CfnDBSecurityGroupIngress_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBSecurityGroupIngress_IsConstruct

func CfnDBSecurityGroupIngress_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBSecurityGroup_CFN_RESOURCE_TYPE_NAME

func CfnDBSecurityGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBSecurityGroup_IsCfnElement

func CfnDBSecurityGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBSecurityGroup_IsCfnResource

func CfnDBSecurityGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBSecurityGroup_IsConstruct

func CfnDBSecurityGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDBSubnetGroup_CFN_RESOURCE_TYPE_NAME

func CfnDBSubnetGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnDBSubnetGroup_IsCfnElement

func CfnDBSubnetGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDBSubnetGroup_IsCfnResource

func CfnDBSubnetGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDBSubnetGroup_IsConstruct

func CfnDBSubnetGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnEventSubscription_CFN_RESOURCE_TYPE_NAME

func CfnEventSubscription_CFN_RESOURCE_TYPE_NAME() *string

func CfnEventSubscription_IsCfnElement

func CfnEventSubscription_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnEventSubscription_IsCfnResource

func CfnEventSubscription_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnEventSubscription_IsConstruct

func CfnEventSubscription_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnGlobalCluster_CFN_RESOURCE_TYPE_NAME

func CfnGlobalCluster_CFN_RESOURCE_TYPE_NAME() *string

func CfnGlobalCluster_IsCfnElement

func CfnGlobalCluster_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnGlobalCluster_IsCfnResource

func CfnGlobalCluster_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnGlobalCluster_IsConstruct

func CfnGlobalCluster_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnOptionGroup_CFN_RESOURCE_TYPE_NAME

func CfnOptionGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnOptionGroup_IsCfnElement

func CfnOptionGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnOptionGroup_IsCfnResource

func CfnOptionGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnOptionGroup_IsConstruct

func CfnOptionGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseClusterBase_IsConstruct

func DatabaseClusterBase_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseClusterBase_IsResource

func DatabaseClusterBase_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseClusterFromSnapshot_IsConstruct

func DatabaseClusterFromSnapshot_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseClusterFromSnapshot_IsResource

func DatabaseClusterFromSnapshot_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseCluster_IsConstruct

func DatabaseCluster_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseCluster_IsResource

func DatabaseCluster_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseInstanceBase_IsConstruct

func DatabaseInstanceBase_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseInstanceBase_IsResource

func DatabaseInstanceBase_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseInstanceFromSnapshot_IsConstruct

func DatabaseInstanceFromSnapshot_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseInstanceFromSnapshot_IsResource

func DatabaseInstanceFromSnapshot_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseInstanceReadReplica_IsConstruct

func DatabaseInstanceReadReplica_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseInstanceReadReplica_IsResource

func DatabaseInstanceReadReplica_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseInstance_IsConstruct

func DatabaseInstance_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseInstance_IsResource

func DatabaseInstance_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseProxy_IsConstruct

func DatabaseProxy_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseProxy_IsResource

func DatabaseProxy_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseSecret_FromSecretArn deprecated

func DatabaseSecret_FromSecretArn(scope constructs.Construct, id *string, secretArn *string) awssecretsmanager.ISecret

Deprecated: use `fromSecretCompleteArn` or `fromSecretPartialArn`.

func DatabaseSecret_FromSecretAttributes

func DatabaseSecret_FromSecretAttributes(scope constructs.Construct, id *string, attrs *awssecretsmanager.SecretAttributes) awssecretsmanager.ISecret

Import an existing secret into the Stack. Experimental.

func DatabaseSecret_FromSecretCompleteArn

func DatabaseSecret_FromSecretCompleteArn(scope constructs.Construct, id *string, secretCompleteArn *string) awssecretsmanager.ISecret

Imports a secret by complete ARN.

The complete ARN is the ARN with the Secrets Manager-supplied suffix. Experimental.

func DatabaseSecret_FromSecretName

func DatabaseSecret_FromSecretName(scope constructs.Construct, id *string, secretName *string) awssecretsmanager.ISecret

Imports a secret by secret name;

the ARN of the Secret will be set to the secret name. A secret with this name must exist in the same account & region. Deprecated: use `fromSecretNameV2`.

func DatabaseSecret_FromSecretNameV2

func DatabaseSecret_FromSecretNameV2(scope constructs.Construct, id *string, secretName *string) awssecretsmanager.ISecret

Imports a secret by secret name.

A secret with this name must exist in the same account & region. Replaces the deprecated `fromSecretName`. Experimental.

func DatabaseSecret_FromSecretPartialArn

func DatabaseSecret_FromSecretPartialArn(scope constructs.Construct, id *string, secretPartialArn *string) awssecretsmanager.ISecret

Imports a secret by partial ARN.

The partial ARN is the ARN without the Secrets Manager-supplied suffix. Experimental.

func DatabaseSecret_IsConstruct

func DatabaseSecret_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func DatabaseSecret_IsResource

func DatabaseSecret_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func NewCfnDBClusterParameterGroup_Override

func NewCfnDBClusterParameterGroup_Override(c CfnDBClusterParameterGroup, scope awscdk.Construct, id *string, props *CfnDBClusterParameterGroupProps)

Create a new `AWS::RDS::DBClusterParameterGroup`.

func NewCfnDBCluster_Override

func NewCfnDBCluster_Override(c CfnDBCluster, scope awscdk.Construct, id *string, props *CfnDBClusterProps)

Create a new `AWS::RDS::DBCluster`.

func NewCfnDBInstance_Override

func NewCfnDBInstance_Override(c CfnDBInstance, scope awscdk.Construct, id *string, props *CfnDBInstanceProps)

Create a new `AWS::RDS::DBInstance`.

func NewCfnDBParameterGroup_Override

func NewCfnDBParameterGroup_Override(c CfnDBParameterGroup, scope awscdk.Construct, id *string, props *CfnDBParameterGroupProps)

Create a new `AWS::RDS::DBParameterGroup`.

func NewCfnDBProxyEndpoint_Override

func NewCfnDBProxyEndpoint_Override(c CfnDBProxyEndpoint, scope awscdk.Construct, id *string, props *CfnDBProxyEndpointProps)

Create a new `AWS::RDS::DBProxyEndpoint`.

func NewCfnDBProxyTargetGroup_Override

func NewCfnDBProxyTargetGroup_Override(c CfnDBProxyTargetGroup, scope awscdk.Construct, id *string, props *CfnDBProxyTargetGroupProps)

Create a new `AWS::RDS::DBProxyTargetGroup`.

func NewCfnDBProxy_Override

func NewCfnDBProxy_Override(c CfnDBProxy, scope awscdk.Construct, id *string, props *CfnDBProxyProps)

Create a new `AWS::RDS::DBProxy`.

func NewCfnDBSecurityGroupIngress_Override

func NewCfnDBSecurityGroupIngress_Override(c CfnDBSecurityGroupIngress, scope awscdk.Construct, id *string, props *CfnDBSecurityGroupIngressProps)

Create a new `AWS::RDS::DBSecurityGroupIngress`.

func NewCfnDBSecurityGroup_Override

func NewCfnDBSecurityGroup_Override(c CfnDBSecurityGroup, scope awscdk.Construct, id *string, props *CfnDBSecurityGroupProps)

Create a new `AWS::RDS::DBSecurityGroup`.

func NewCfnDBSubnetGroup_Override

func NewCfnDBSubnetGroup_Override(c CfnDBSubnetGroup, scope awscdk.Construct, id *string, props *CfnDBSubnetGroupProps)

Create a new `AWS::RDS::DBSubnetGroup`.

func NewCfnEventSubscription_Override

func NewCfnEventSubscription_Override(c CfnEventSubscription, scope awscdk.Construct, id *string, props *CfnEventSubscriptionProps)

Create a new `AWS::RDS::EventSubscription`.

func NewCfnGlobalCluster_Override

func NewCfnGlobalCluster_Override(c CfnGlobalCluster, scope awscdk.Construct, id *string, props *CfnGlobalClusterProps)

Create a new `AWS::RDS::GlobalCluster`.

func NewCfnOptionGroup_Override

func NewCfnOptionGroup_Override(c CfnOptionGroup, scope awscdk.Construct, id *string, props *CfnOptionGroupProps)

Create a new `AWS::RDS::OptionGroup`.

func NewCredentials_Override

func NewCredentials_Override(c Credentials)

Experimental.

func NewDatabaseClusterBase_Override

func NewDatabaseClusterBase_Override(d DatabaseClusterBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

Experimental.

func NewDatabaseClusterEngine_Override

func NewDatabaseClusterEngine_Override(d DatabaseClusterEngine)

Experimental.

func NewDatabaseClusterFromSnapshot_Override

func NewDatabaseClusterFromSnapshot_Override(d DatabaseClusterFromSnapshot, scope constructs.Construct, id *string, props *DatabaseClusterFromSnapshotProps)

Experimental.

func NewDatabaseCluster_Override

func NewDatabaseCluster_Override(d DatabaseCluster, scope constructs.Construct, id *string, props *DatabaseClusterProps)

Experimental.

func NewDatabaseInstanceBase_Override

func NewDatabaseInstanceBase_Override(d DatabaseInstanceBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

Experimental.

func NewDatabaseInstanceEngine_Override

func NewDatabaseInstanceEngine_Override(d DatabaseInstanceEngine)

Experimental.

func NewDatabaseInstanceFromSnapshot_Override

func NewDatabaseInstanceFromSnapshot_Override(d DatabaseInstanceFromSnapshot, scope constructs.Construct, id *string, props *DatabaseInstanceFromSnapshotProps)

Experimental.

func NewDatabaseInstanceReadReplica_Override

func NewDatabaseInstanceReadReplica_Override(d DatabaseInstanceReadReplica, scope constructs.Construct, id *string, props *DatabaseInstanceReadReplicaProps)

Experimental.

func NewDatabaseInstance_Override

func NewDatabaseInstance_Override(d DatabaseInstance, scope constructs.Construct, id *string, props *DatabaseInstanceProps)

Experimental.

func NewDatabaseProxy_Override

func NewDatabaseProxy_Override(d DatabaseProxy, scope constructs.Construct, id *string, props *DatabaseProxyProps)

Experimental.

func NewDatabaseSecret_Override

func NewDatabaseSecret_Override(d DatabaseSecret, scope constructs.Construct, id *string, props *DatabaseSecretProps)

Experimental.

func NewEndpoint_Override

func NewEndpoint_Override(e Endpoint, address *string, port *float64)

Experimental.

func NewOptionGroup_Override

func NewOptionGroup_Override(o OptionGroup, scope constructs.Construct, id *string, props *OptionGroupProps)

Experimental.

func NewParameterGroup_Override

func NewParameterGroup_Override(p ParameterGroup, scope constructs.Construct, id *string, props *ParameterGroupProps)

Experimental.

func NewServerlessClusterFromSnapshot_Override

func NewServerlessClusterFromSnapshot_Override(s ServerlessClusterFromSnapshot, scope constructs.Construct, id *string, props *ServerlessClusterFromSnapshotProps)

Experimental.

func NewServerlessCluster_Override

func NewServerlessCluster_Override(s ServerlessCluster, scope constructs.Construct, id *string, props *ServerlessClusterProps)

Experimental.

func NewSnapshotCredentials_Override

func NewSnapshotCredentials_Override(s SnapshotCredentials)

Experimental.

func NewSubnetGroup_Override

func NewSubnetGroup_Override(s SubnetGroup, scope constructs.Construct, id *string, props *SubnetGroupProps)

Experimental.

func OptionGroup_IsConstruct

func OptionGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func OptionGroup_IsResource

func OptionGroup_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ParameterGroup_IsConstruct

func ParameterGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func ParameterGroup_IsResource

func ParameterGroup_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ServerlessClusterFromSnapshot_IsConstruct

func ServerlessClusterFromSnapshot_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func ServerlessClusterFromSnapshot_IsResource

func ServerlessClusterFromSnapshot_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ServerlessCluster_IsConstruct

func ServerlessCluster_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func ServerlessCluster_IsResource

func ServerlessCluster_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func SubnetGroup_IsConstruct

func SubnetGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func SubnetGroup_IsResource

func SubnetGroup_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

Types

type AuroraCapacityUnit

type AuroraCapacityUnit string

Aurora capacity units (ACUs).

Each ACU is a combination of processing and memory capacity.

Example:

var vpc vpc

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_POSTGRESQL(),
	parameterGroup: rds.parameterGroup.fromParameterGroupName(this, jsii.String("ParameterGroup"), jsii.String("default.aurora-postgresql10")),
	vpc: vpc,
	scaling: &serverlessScalingOptions{
		autoPause: awscdk.Duration.minutes(jsii.Number(10)),
		 // default is to pause after 5 minutes of idle time
		minCapacity: rds.auroraCapacityUnit_ACU_8,
		 // default is 2 Aurora capacity units (ACUs)
		maxCapacity: rds.*auroraCapacityUnit_ACU_32,
	},
})

See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.architecture

Experimental.

const (
	// 1 Aurora Capacity Unit.
	// Experimental.
	AuroraCapacityUnit_ACU_1 AuroraCapacityUnit = "ACU_1"
	// 2 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_2 AuroraCapacityUnit = "ACU_2"
	// 4 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_4 AuroraCapacityUnit = "ACU_4"
	// 8 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_8 AuroraCapacityUnit = "ACU_8"
	// 16 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_16 AuroraCapacityUnit = "ACU_16"
	// 32 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_32 AuroraCapacityUnit = "ACU_32"
	// 64 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_64 AuroraCapacityUnit = "ACU_64"
	// 128 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_128 AuroraCapacityUnit = "ACU_128"
	// 192 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_192 AuroraCapacityUnit = "ACU_192"
	// 256 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_256 AuroraCapacityUnit = "ACU_256"
	// 384 Aurora Capacity Units.
	// Experimental.
	AuroraCapacityUnit_ACU_384 AuroraCapacityUnit = "ACU_384"
)

type AuroraClusterEngineProps

type AuroraClusterEngineProps struct {
	// The version of the Aurora cluster engine.
	// Experimental.
	Version AuroraEngineVersion `field:"required" json:"version" yaml:"version"`
}

Creation properties of the plain Aurora database cluster engine.

Used in {@link DatabaseClusterEngine.aurora}.

Example:

var vpc vpc

rds.NewDatabaseClusterFromSnapshot(this, jsii.String("Database"), &databaseClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_22_2(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

type AuroraEngineVersion

type AuroraEngineVersion interface {
	// The full version string, for example, "5.6.mysql_aurora.1.78.3.6".
	// Experimental.
	AuroraFullVersion() *string
	// The major version of the engine.
	//
	// Currently, it's always "5.6".
	// Experimental.
	AuroraMajorVersion() *string
}

The versions for the Aurora cluster engine (those returned by {@link DatabaseClusterEngine.aurora}).

Example:

var vpc vpc

rds.NewDatabaseClusterFromSnapshot(this, jsii.String("Database"), &databaseClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_22_2(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

func AuroraEngineVersion_Of

func AuroraEngineVersion_Of(auroraFullVersion *string, auroraMajorVersion *string) AuroraEngineVersion

Create a new AuroraEngineVersion with an arbitrary version. Experimental.

func AuroraEngineVersion_VER_10A

func AuroraEngineVersion_VER_10A() AuroraEngineVersion

func AuroraEngineVersion_VER_1_17_9

func AuroraEngineVersion_VER_1_17_9() AuroraEngineVersion

func AuroraEngineVersion_VER_1_19_0

func AuroraEngineVersion_VER_1_19_0() AuroraEngineVersion

func AuroraEngineVersion_VER_1_19_1

func AuroraEngineVersion_VER_1_19_1() AuroraEngineVersion

func AuroraEngineVersion_VER_1_19_2

func AuroraEngineVersion_VER_1_19_2() AuroraEngineVersion

func AuroraEngineVersion_VER_1_19_5

func AuroraEngineVersion_VER_1_19_5() AuroraEngineVersion

func AuroraEngineVersion_VER_1_19_6

func AuroraEngineVersion_VER_1_19_6() AuroraEngineVersion

func AuroraEngineVersion_VER_1_20_0

func AuroraEngineVersion_VER_1_20_0() AuroraEngineVersion

func AuroraEngineVersion_VER_1_20_1

func AuroraEngineVersion_VER_1_20_1() AuroraEngineVersion

func AuroraEngineVersion_VER_1_21_0

func AuroraEngineVersion_VER_1_21_0() AuroraEngineVersion

func AuroraEngineVersion_VER_1_22_0

func AuroraEngineVersion_VER_1_22_0() AuroraEngineVersion

func AuroraEngineVersion_VER_1_22_1

func AuroraEngineVersion_VER_1_22_1() AuroraEngineVersion

func AuroraEngineVersion_VER_1_22_1_3

func AuroraEngineVersion_VER_1_22_1_3() AuroraEngineVersion

func AuroraEngineVersion_VER_1_22_2

func AuroraEngineVersion_VER_1_22_2() AuroraEngineVersion

type AuroraMysqlClusterEngineProps

type AuroraMysqlClusterEngineProps struct {
	// The version of the Aurora MySQL cluster engine.
	// Experimental.
	Version AuroraMysqlEngineVersion `field:"required" json:"version" yaml:"version"`
}

Creation properties of the Aurora MySQL database cluster engine.

Used in {@link DatabaseClusterEngine.auroraMysql}.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine.auroraMysql(&auroraMysqlClusterEngineProps{
		version: rds.auroraMysqlEngineVersion_VER_2_08_1(),
	}),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("clusteradmin")),
	 // Optional - will default to 'admin' username and generated password
	instanceProps: &instanceProps{
		// optional , defaults to t3.medium
		instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_SMALL),
		vpcSubnets: &subnetSelection{
			subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
		},
		vpc: vpc,
	},
})

Experimental.

type AuroraMysqlEngineVersion

type AuroraMysqlEngineVersion interface {
	// The full version string, for example, "5.7.mysql_aurora.1.78.3.6".
	// Experimental.
	AuroraMysqlFullVersion() *string
	// The major version of the engine.
	//
	// Currently, it's either "5.7", or "8.0".
	// Experimental.
	AuroraMysqlMajorVersion() *string
}

The versions for the Aurora MySQL cluster engine (those returned by {@link DatabaseClusterEngine.auroraMysql}).

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine.auroraMysql(&auroraMysqlClusterEngineProps{
		version: rds.auroraMysqlEngineVersion_VER_2_08_1(),
	}),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("clusteradmin")),
	 // Optional - will default to 'admin' username and generated password
	instanceProps: &instanceProps{
		// optional , defaults to t3.medium
		instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_SMALL),
		vpcSubnets: &subnetSelection{
			subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
		},
		vpc: vpc,
	},
})

Experimental.

func AuroraMysqlEngineVersion_Of

func AuroraMysqlEngineVersion_Of(auroraMysqlFullVersion *string, auroraMysqlMajorVersion *string) AuroraMysqlEngineVersion

Create a new AuroraMysqlEngineVersion with an arbitrary version. Experimental.

func AuroraMysqlEngineVersion_VER_2_03_2

func AuroraMysqlEngineVersion_VER_2_03_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_03_3

func AuroraMysqlEngineVersion_VER_2_03_3() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_03_4

func AuroraMysqlEngineVersion_VER_2_03_4() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_0

func AuroraMysqlEngineVersion_VER_2_04_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_1

func AuroraMysqlEngineVersion_VER_2_04_1() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_2

func AuroraMysqlEngineVersion_VER_2_04_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_3

func AuroraMysqlEngineVersion_VER_2_04_3() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_4

func AuroraMysqlEngineVersion_VER_2_04_4() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_5

func AuroraMysqlEngineVersion_VER_2_04_5() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_6

func AuroraMysqlEngineVersion_VER_2_04_6() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_7

func AuroraMysqlEngineVersion_VER_2_04_7() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_04_8

func AuroraMysqlEngineVersion_VER_2_04_8() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_05_0

func AuroraMysqlEngineVersion_VER_2_05_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_06_0

func AuroraMysqlEngineVersion_VER_2_06_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_07_0

func AuroraMysqlEngineVersion_VER_2_07_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_07_1

func AuroraMysqlEngineVersion_VER_2_07_1() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_07_2

func AuroraMysqlEngineVersion_VER_2_07_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_08_0

func AuroraMysqlEngineVersion_VER_2_08_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_08_1

func AuroraMysqlEngineVersion_VER_2_08_1() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_08_2

func AuroraMysqlEngineVersion_VER_2_08_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_09_0

func AuroraMysqlEngineVersion_VER_2_09_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_09_1

func AuroraMysqlEngineVersion_VER_2_09_1() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_09_2

func AuroraMysqlEngineVersion_VER_2_09_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_09_3

func AuroraMysqlEngineVersion_VER_2_09_3() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_10_0

func AuroraMysqlEngineVersion_VER_2_10_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_10_1

func AuroraMysqlEngineVersion_VER_2_10_1() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_2_10_2

func AuroraMysqlEngineVersion_VER_2_10_2() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_3_01_0

func AuroraMysqlEngineVersion_VER_3_01_0() AuroraMysqlEngineVersion

func AuroraMysqlEngineVersion_VER_5_7_12

func AuroraMysqlEngineVersion_VER_5_7_12() AuroraMysqlEngineVersion

type AuroraPostgresClusterEngineProps

type AuroraPostgresClusterEngineProps struct {
	// The version of the Aurora PostgreSQL cluster engine.
	// Experimental.
	Version AuroraPostgresEngineVersion `field:"required" json:"version" yaml:"version"`
}

Creation properties of the Aurora PostgreSQL database cluster engine.

Used in {@link DatabaseClusterEngine.auroraPostgres}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var auroraPostgresEngineVersion auroraPostgresEngineVersion

auroraPostgresClusterEngineProps := &auroraPostgresClusterEngineProps{
	version: auroraPostgresEngineVersion,
}

Experimental.

type AuroraPostgresEngineFeatures

type AuroraPostgresEngineFeatures struct {
	// Whether this version of the Aurora Postgres cluster engine supports the S3 data export feature.
	// Experimental.
	S3Export *bool `field:"optional" json:"s3Export" yaml:"s3Export"`
	// Whether this version of the Aurora Postgres cluster engine supports the S3 data import feature.
	// Experimental.
	S3Import *bool `field:"optional" json:"s3Import" yaml:"s3Import"`
}

Features supported by this version of the Aurora Postgres cluster engine.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

auroraPostgresEngineFeatures := &auroraPostgresEngineFeatures{
	s3Export: jsii.Boolean(false),
	s3Import: jsii.Boolean(false),
}

Experimental.

type AuroraPostgresEngineVersion

type AuroraPostgresEngineVersion interface {
	// The full version string, for example, "9.6.25.1".
	// Experimental.
	AuroraPostgresFullVersion() *string
	// The major version of the engine, for example, "9.6".
	// Experimental.
	AuroraPostgresMajorVersion() *string
}

The versions for the Aurora PostgreSQL cluster engine (those returned by {@link DatabaseClusterEngine.auroraPostgres}).

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

auroraPostgresEngineVersion := awscdk.Aws_rds.auroraPostgresEngineVersion_VER_10_11()

Experimental.

func AuroraPostgresEngineVersion_Of

func AuroraPostgresEngineVersion_Of(auroraPostgresFullVersion *string, auroraPostgresMajorVersion *string, auroraPostgresFeatures *AuroraPostgresEngineFeatures) AuroraPostgresEngineVersion

Create a new AuroraPostgresEngineVersion with an arbitrary version. Experimental.

func AuroraPostgresEngineVersion_VER_10_11

func AuroraPostgresEngineVersion_VER_10_11() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_12

func AuroraPostgresEngineVersion_VER_10_12() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_13

func AuroraPostgresEngineVersion_VER_10_13() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_14

func AuroraPostgresEngineVersion_VER_10_14() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_16

func AuroraPostgresEngineVersion_VER_10_16() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_18

func AuroraPostgresEngineVersion_VER_10_18() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_19

func AuroraPostgresEngineVersion_VER_10_19() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_20

func AuroraPostgresEngineVersion_VER_10_20() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_4

func AuroraPostgresEngineVersion_VER_10_4() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_5

func AuroraPostgresEngineVersion_VER_10_5() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_6

func AuroraPostgresEngineVersion_VER_10_6() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_10_7

func AuroraPostgresEngineVersion_VER_10_7() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_11

func AuroraPostgresEngineVersion_VER_11_11() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_13

func AuroraPostgresEngineVersion_VER_11_13() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_14

func AuroraPostgresEngineVersion_VER_11_14() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_15

func AuroraPostgresEngineVersion_VER_11_15() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_4

func AuroraPostgresEngineVersion_VER_11_4() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_6

func AuroraPostgresEngineVersion_VER_11_6() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_7

func AuroraPostgresEngineVersion_VER_11_7() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_8

func AuroraPostgresEngineVersion_VER_11_8() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_11_9

func AuroraPostgresEngineVersion_VER_11_9() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_12_10

func AuroraPostgresEngineVersion_VER_12_10() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_12_4

func AuroraPostgresEngineVersion_VER_12_4() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_12_6

func AuroraPostgresEngineVersion_VER_12_6() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_12_8

func AuroraPostgresEngineVersion_VER_12_8() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_12_9

func AuroraPostgresEngineVersion_VER_12_9() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_13_3

func AuroraPostgresEngineVersion_VER_13_3() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_13_4

func AuroraPostgresEngineVersion_VER_13_4() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_13_5

func AuroraPostgresEngineVersion_VER_13_5() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_13_6

func AuroraPostgresEngineVersion_VER_13_6() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_11

func AuroraPostgresEngineVersion_VER_9_6_11() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_12

func AuroraPostgresEngineVersion_VER_9_6_12() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_16

func AuroraPostgresEngineVersion_VER_9_6_16() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_17

func AuroraPostgresEngineVersion_VER_9_6_17() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_18

func AuroraPostgresEngineVersion_VER_9_6_18() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_19

func AuroraPostgresEngineVersion_VER_9_6_19() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_8

func AuroraPostgresEngineVersion_VER_9_6_8() AuroraPostgresEngineVersion

func AuroraPostgresEngineVersion_VER_9_6_9

func AuroraPostgresEngineVersion_VER_9_6_9() AuroraPostgresEngineVersion

type BackupProps

type BackupProps struct {
	// How many days to retain the backup.
	// Experimental.
	Retention awscdk.Duration `field:"required" json:"retention" yaml:"retention"`
	// A daily time range in 24-hours UTC format in which backups preferably execute.
	//
	// Must be at least 30 minutes long.
	//
	// Example: '01:00-02:00'.
	// Experimental.
	PreferredWindow *string `field:"optional" json:"preferredWindow" yaml:"preferredWindow"`
}

Backup configuration for RDS databases.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration

backupProps := &backupProps{
	retention: duration,

	// the properties below are optional
	preferredWindow: jsii.String("preferredWindow"),
}

See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow

Experimental.

type CfnDBCluster

type CfnDBCluster interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	AllocatedStorage() *float64
	SetAllocatedStorage(val *float64)
	// Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster.
	//
	// IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	AssociatedRoles() interface{}
	SetAssociatedRoles(val interface{})
	// The Amazon Resource Name (ARN) for the DB cluster.
	AttrDbClusterArn() *string
	// The AWS Region -unique, immutable identifier for the DB cluster.
	//
	// This identifier is found in AWS CloudTrail log entries whenever the KMS key for the DB cluster is accessed.
	AttrDbClusterResourceId() *string
	// The connection endpoint for the DB cluster.
	//
	// For example: `mystack-mydbcluster-123456789012.us-east-2.rds.amazonaws.com`
	AttrEndpointAddress() *string
	// The port number that will accept connections on this DB cluster.
	//
	// For example: `3306`.
	AttrEndpointPort() *string
	// The Amazon Resource Name (ARN) of the secret.
	AttrMasterUserSecretSecretArn() *string
	// The reader endpoint for the DB cluster.
	//
	// For example: `mystack-mydbcluster-ro-123456789012.us-east-2.rds.amazonaws.com`
	AttrReadEndpointAddress() *string
	// A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window.
	//
	// By default, minor engine upgrades are applied automatically.
	//
	// Valid for: Multi-AZ DB clusters only.
	AutoMinorVersionUpgrade() interface{}
	SetAutoMinorVersionUpgrade(val interface{})
	// A list of Availability Zones (AZs) where instances in the DB cluster can be created.
	//
	// For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	AvailabilityZones() *[]*string
	SetAvailabilityZones(val *[]*string)
	// The target backtrack window, in seconds. To disable backtracking, set this value to 0.
	//
	// > Currently, Backtrack is only supported for Aurora MySQL DB clusters.
	//
	// Default: 0
	//
	// Constraints:
	//
	// - If specified, this value must be set to a number from 0 to 259,200 (72 hours).
	//
	// Valid for: Aurora MySQL DB clusters only.
	BacktrackWindow() *float64
	SetBacktrackWindow(val *float64)
	// The number of days for which automated backups are retained.
	//
	// Default: 1
	//
	// Constraints:
	//
	// - Must be a value from 1 to 35
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	BackupRetentionPeriod() *float64
	SetBackupRetentionPeriod(val *float64)
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster.
	//
	// The default is not to copy them.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	CopyTagsToSnapshot() interface{}
	SetCopyTagsToSnapshot(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of your database.
	//
	// If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DatabaseName() *string
	SetDatabaseName(val *string)
	// The DB cluster identifier. This parameter is stored as a lowercase string.
	//
	// Constraints:
	//
	// - Must contain from 1 to 63 letters, numbers, or hyphens.
	// - First character must be a letter.
	// - Can't end with a hyphen or contain two consecutive hyphens.
	//
	// Example: `my-cluster1`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbClusterIdentifier() *string
	SetDbClusterIdentifier(val *string)
	// The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not all DB instance classes are available in all AWS Regions , or for all database engines.
	//
	// For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	DbClusterInstanceClass() *string
	SetDbClusterInstanceClass(val *string)
	// The name of the DB cluster parameter group to associate with this DB cluster.
	//
	// > If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.
	// >
	// > If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.
	//
	// To list all of the available DB cluster parameter group names, use the following command:
	//
	// `aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbClusterParameterGroupName() *string
	SetDbClusterParameterGroupName(val *string)
	// The name of the DB parameter group to apply to all instances of the DB cluster.
	//
	// > When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.
	//
	// Default: The existing name setting
	//
	// Constraints:
	//
	// - The DB parameter group must be in the same DB parameter group family as this DB cluster.
	DbInstanceParameterGroupName() *string
	SetDbInstanceParameterGroupName(val *string)
	// A DB subnet group that you want to associate with this DB cluster.
	//
	// If you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbSubnetGroupName() *string
	SetDbSubnetGroupName(val *string)
	// Reserved for future use.
	DbSystemId() *string
	SetDbSystemId(val *string)
	// A value that indicates whether the DB cluster has deletion protection enabled.
	//
	// The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DeletionProtection() interface{}
	SetDeletionProtection(val interface{})
	// Indicates the directory ID of the Active Directory to create the DB cluster.
	//
	// For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.
	//
	// For more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	Domain() *string
	SetDomain(val *string)
	// Specifies the name of the IAM role to use when making API calls to the Directory Service.
	//
	// Valid for: Aurora DB clusters only.
	DomainIamRoleName() *string
	SetDomainIamRoleName(val *string)
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	//
	// The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .
	//
	// *Aurora MySQL*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Aurora PostgreSQL*
	//
	// Valid values: `postgresql`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	EnableCloudwatchLogsExports() *[]*string
	SetEnableCloudwatchLogsExports(val *[]*string)
	// A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless DB cluster.
	//
	// By default, the HTTP endpoint is disabled.
	//
	// When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor.
	//
	// For more information, see [Using the Data API for Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	EnableHttpEndpoint() interface{}
	SetEnableHttpEndpoint(val interface{})
	// A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	//
	// By default, mapping is disabled.
	//
	// For more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*
	//
	// Valid for: Aurora DB clusters only.
	EnableIamDatabaseAuthentication() interface{}
	SetEnableIamDatabaseAuthentication(val interface{})
	// The name of the database engine to be used for this DB cluster.
	//
	// Valid Values:
	//
	// - `aurora` (for MySQL 5.6-compatible Aurora)
	// - `aurora-mysql` (for MySQL 5.7-compatible Aurora)
	// - `aurora-postgresql`
	// - `mysql`
	// - `postgres`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Engine() *string
	SetEngine(val *string)
	// The DB engine mode of the DB cluster, either `provisioned` , `serverless` , `parallelquery` , `global` , or `multimaster` .
	//
	// The `parallelquery` engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x versions.
	//
	// The `global` engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, and `global` engine mode isn't required for any 2.x versions.
	//
	// The `multimaster` engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.
	//
	// For Aurora PostgreSQL, the `global` engine mode isn't required, and both the `parallelquery` and the `multimaster` engine modes currently aren't supported.
	//
	// Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the *Amazon Aurora User Guide* :
	//
	// - [Limitations of Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)
	// - [Limitations of Parallel Query](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations)
	// - [Limitations of Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations)
	// - [Limitations of Multi-Master Clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations)
	//
	// Valid for: Aurora DB clusters only.
	EngineMode() *string
	SetEngineMode(val *string)
	// The version number of the database engine to use.
	//
	// To list all of the available engine versions for `aurora` (for MySQL 5.6-compatible Aurora), use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion"`
	//
	// To list all of the available engine versions for `aurora-mysql` (for MySQL 5.7-compatible Aurora), use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion"`
	//
	// To list all of the available engine versions for `aurora-postgresql` , use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion"`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	EngineVersion() *string
	SetEngineVersion(val *string)
	// If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster.
	//
	// To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.
	//
	// If you aren't configuring a global database cluster, don't specify this property.
	//
	// > To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property.
	//
	// For information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	GlobalClusterIdentifier() *string
	SetGlobalClusterIdentifier(val *string)
	// The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.
	//
	// For information about valid IOPS values, see [Amazon RDS Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	Iops() *float64
	SetIops(val *float64)
	// The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` .
	//
	// If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .
	//
	// If you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	KmsKeyId() *string
	SetKmsKeyId(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// A value that indicates whether to manage the master user password with AWS Secrets Manager.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*
	//
	// Constraints:
	//
	// - Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	ManageMasterUserPassword() interface{}
	SetManageMasterUserPassword(val interface{})
	// The name of the master user for the DB cluster.
	//
	// > If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	MasterUsername() *string
	SetMasterUsername(val *string)
	// The master password for the DB instance.
	//
	// > If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	MasterUserPassword() *string
	SetMasterUserPassword(val *string)
	// Contains the secret managed by RDS in AWS Secrets Manager for the master user password.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*
	MasterUserSecret() interface{}
	SetMasterUserSecret(val interface{})
	// The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.
	//
	// To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.
	//
	// If `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than 0.
	//
	// Valid Values: `0, 1, 5, 10, 15, 30, 60`
	//
	// Valid for: Multi-AZ DB clusters only.
	MonitoringInterval() *float64
	SetMonitoringInterval(val *float64)
	// The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.
	//
	// An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .
	//
	// If `MonitoringInterval` is set to a value other than 0, supply a `MonitoringRoleArn` value.
	//
	// Valid for: Multi-AZ DB clusters only.
	MonitoringRoleArn() *string
	SetMonitoringRoleArn(val *string)
	// The network type of the DB cluster.
	//
	// Valid values:
	//
	// - `IPV4`
	// - `DUAL`
	//
	// The network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).
	//
	// For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*
	//
	// Valid for: Aurora DB clusters only.
	NetworkType() *string
	SetNetworkType(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// A value that indicates whether to turn on Performance Insights for the DB cluster.
	//
	// For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsEnabled() interface{}
	SetPerformanceInsightsEnabled(val interface{})
	// The AWS KMS key identifier for encryption of Performance Insights data.
	//
	// The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
	//
	// If you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsKmsKeyId() *string
	SetPerformanceInsightsKmsKeyId(val *string)
	// The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:.
	//
	// - 7
	// - *month* * 31, where *month* is a number of months from 1-23
	// - 731
	//
	// For example, the following values are valid:
	//
	// - 93 (3 months * 31)
	// - 341 (11 months * 31)
	// - 589 (19 months * 31)
	// - 731
	//
	// If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsRetentionPeriod() *float64
	SetPerformanceInsightsRetentionPeriod(val *float64)
	// The port number on which the DB instances in the DB cluster accept connections.
	//
	// Default:
	//
	// - When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)
	// - When `EngineMode` is `serverless` :
	//
	// - `3306` when `Engine` is `aurora` or `aurora-mysql`
	// - `5432` when `Engine` is `aurora-postgresql`
	//
	// > The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Port() *float64
	SetPort(val *float64)
	// The daily time range during which automated backups are created.
	//
	// For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*
	//
	// Constraints:
	//
	// - Must be in the format `hh24:mi-hh24:mi` .
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	PreferredBackupWindow() *string
	SetPreferredBackupWindow(val *string)
	// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	//
	// The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*
	//
	// Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
	//
	// Constraints: Minimum 30-minute window.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	PreferredMaintenanceWindow() *string
	SetPreferredMaintenanceWindow(val *string)
	// A value that indicates whether the DB cluster is publicly accessible.
	//
	// When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.
	//
	// When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.
	//
	// Default: The default behavior varies depending on whether `DBSubnetGroupName` is specified.
	//
	// If `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:
	//
	// - If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private.
	// - If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.
	//
	// If `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:
	//
	// - If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private.
	// - If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.
	//
	// Valid for: Multi-AZ DB clusters only.
	PubliclyAccessible() interface{}
	SetPubliclyAccessible(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.
	//
	// Valid for: Aurora DB clusters only.
	ReplicationSourceIdentifier() *string
	SetReplicationSourceIdentifier(val *string)
	// The type of restore to be performed. You can specify one of the following values:.
	//
	// - `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.
	// - `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.
	//
	// Constraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.
	//
	// If you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	RestoreType() *string
	SetRestoreType(val *string)
	// The `ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless DB cluster.
	//
	// This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, use `ServerlessV2ScalingConfiguration` property.
	//
	// Valid for: Aurora DB clusters only.
	ScalingConfiguration() interface{}
	SetScalingConfiguration(val interface{})
	// The `ServerlessV2ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster.
	//
	// This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use `ScalingConfiguration` property.
	//
	// Valid for: Aurora DB clusters only.
	ServerlessV2ScalingConfiguration() interface{}
	SetServerlessV2ScalingConfiguration(val interface{})
	// The identifier for the DB snapshot or DB cluster snapshot to restore from.
	//
	// You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.
	//
	// After you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.
	//
	// If you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:
	//
	// - `GlobalClusterIdentifier`
	// - `MasterUsername`
	// - `MasterUserPassword`
	// - `ReplicationSourceIdentifier`
	// - `RestoreType`
	// - `SourceDBClusterIdentifier`
	// - `SourceRegion`
	// - `StorageEncrypted` (for an encrypted snapshot)
	// - `UseLatestRestorableTime`
	//
	// Constraints:
	//
	// - Must match the identifier of an existing Snapshot.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	SnapshotIdentifier() *string
	SetSnapshotIdentifier(val *string)
	// When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.
	//
	// Constraints:
	//
	// - Must match the identifier of an existing DBCluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	SourceDbClusterIdentifier() *string
	SetSourceDbClusterIdentifier(val *string)
	// The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .
	//
	// Valid for: Aurora DB clusters only.
	SourceRegion() *string
	SetSourceRegion(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Indicates whether the DB cluster is encrypted.
	//
	// If you specify the `KmsKeyId` property, then you must enable encryption.
	//
	// If you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	StorageEncrypted() interface{}
	SetStorageEncrypted(val interface{})
	// Specifies the storage type to be associated with the DB cluster.
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid values: `io1`
	//
	// When specified, a value for the `Iops` parameter is required.
	//
	// Default: `io1`
	//
	// Valid for: Multi-AZ DB clusters only.
	StorageType() *string
	SetStorageType(val *string)
	// An optional array of key-value pairs to apply to this DB cluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// A value that indicates whether to restore the DB cluster to the latest restorable backup time.
	//
	// By default, the DB cluster is not restored to the latest restorable backup time.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	UseLatestRestorableTime() interface{}
	SetUseLatestRestorableTime(val interface{})
	// A list of EC2 VPC security groups to associate with this DB cluster.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	VpcSecurityGroupIds() *[]*string
	SetVpcSecurityGroupIds(val *[]*string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBCluster`.

The `AWS::RDS::DBCluster` resource creates an Amazon Aurora DB cluster or Multi-AZ DB cluster.

For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide* .

For more information about creating a Multi-AZ DB cluster, see [Creating a Multi-AZ DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html) in the *Amazon RDS User Guide* .

> You can only create this resource in AWS Regions where Amazon Aurora or Multi-AZ DB clusters are supported.

*Updating DB clusters*

When properties labeled " *Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) " are updated, AWS CloudFormation first creates a replacement DB cluster, then changes references from other dependent resources to point to the replacement DB cluster, and finally deletes the old DB cluster.

> We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB cluster. To preserve your data, perform the following procedure: > > - Deactivate any applications that are using the DB cluster so that there's no activity on the DB instance. > - Create a snapshot of the DB cluster. For more information, see [Creating a DB Cluster Snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CreateSnapshotCluster.html) . > - If you want to restore your DB cluster using a DB cluster snapshot, modify the updated template with your DB cluster changes and add the `SnapshotIdentifier` property with the ID of the DB cluster snapshot that you want to use. > > After you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the DB cluster snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted. > - Update the stack.

Currently, when you are updating the stack for an Aurora Serverless DB cluster, you can't include changes to any other properties when you specify one of the following properties: `PreferredBackupWindow` , `PreferredMaintenanceWindow` , and `Port` . This limitation doesn't apply to provisioned DB clusters.

For more information about updating other properties of this resource, see `[ModifyDBCluster](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_ModifyDBCluster.html)` . For more information about updating stacks, see [AWS CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html) .

*Deleting DB clusters*

The default `DeletionPolicy` for `AWS::RDS::DBCluster` resources is `Snapshot` . For more information about how AWS CloudFormation deletes resources, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBCluster := awscdk.Aws_rds.NewCfnDBCluster(this, jsii.String("MyCfnDBCluster"), &cfnDBClusterProps{
	allocatedStorage: jsii.Number(123),
	associatedRoles: []interface{}{
		&dBClusterRoleProperty{
			roleArn: jsii.String("roleArn"),

			// the properties below are optional
			featureName: jsii.String("featureName"),
		},
	},
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZones: []*string{
		jsii.String("availabilityZones"),
	},
	backtrackWindow: jsii.Number(123),
	backupRetentionPeriod: jsii.Number(123),
	copyTagsToSnapshot: jsii.Boolean(false),
	databaseName: jsii.String("databaseName"),
	dbClusterIdentifier: jsii.String("dbClusterIdentifier"),
	dbClusterInstanceClass: jsii.String("dbClusterInstanceClass"),
	dbClusterParameterGroupName: jsii.String("dbClusterParameterGroupName"),
	dbInstanceParameterGroupName: jsii.String("dbInstanceParameterGroupName"),
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	dbSystemId: jsii.String("dbSystemId"),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainIamRoleName: jsii.String("domainIamRoleName"),
	enableCloudwatchLogsExports: []*string{
		jsii.String("enableCloudwatchLogsExports"),
	},
	enableHttpEndpoint: jsii.Boolean(false),
	enableIamDatabaseAuthentication: jsii.Boolean(false),
	engine: jsii.String("engine"),
	engineMode: jsii.String("engineMode"),
	engineVersion: jsii.String("engineVersion"),
	globalClusterIdentifier: jsii.String("globalClusterIdentifier"),
	iops: jsii.Number(123),
	kmsKeyId: jsii.String("kmsKeyId"),
	manageMasterUserPassword: jsii.Boolean(false),
	masterUsername: jsii.String("masterUsername"),
	masterUserPassword: jsii.String("masterUserPassword"),
	masterUserSecret: &masterUserSecretProperty{
		kmsKeyId: jsii.String("kmsKeyId"),
		secretArn: jsii.String("secretArn"),
	},
	monitoringInterval: jsii.Number(123),
	monitoringRoleArn: jsii.String("monitoringRoleArn"),
	networkType: jsii.String("networkType"),
	performanceInsightsEnabled: jsii.Boolean(false),
	performanceInsightsKmsKeyId: jsii.String("performanceInsightsKmsKeyId"),
	performanceInsightsRetentionPeriod: jsii.Number(123),
	port: jsii.Number(123),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	publiclyAccessible: jsii.Boolean(false),
	replicationSourceIdentifier: jsii.String("replicationSourceIdentifier"),
	restoreType: jsii.String("restoreType"),
	scalingConfiguration: &scalingConfigurationProperty{
		autoPause: jsii.Boolean(false),
		maxCapacity: jsii.Number(123),
		minCapacity: jsii.Number(123),
		secondsBeforeTimeout: jsii.Number(123),
		secondsUntilAutoPause: jsii.Number(123),
		timeoutAction: jsii.String("timeoutAction"),
	},
	serverlessV2ScalingConfiguration: &serverlessV2ScalingConfigurationProperty{
		maxCapacity: jsii.Number(123),
		minCapacity: jsii.Number(123),
	},
	snapshotIdentifier: jsii.String("snapshotIdentifier"),
	sourceDbClusterIdentifier: jsii.String("sourceDbClusterIdentifier"),
	sourceRegion: jsii.String("sourceRegion"),
	storageEncrypted: jsii.Boolean(false),
	storageType: jsii.String("storageType"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	useLatestRestorableTime: jsii.Boolean(false),
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
})

func NewCfnDBCluster

func NewCfnDBCluster(scope awscdk.Construct, id *string, props *CfnDBClusterProps) CfnDBCluster

Create a new `AWS::RDS::DBCluster`.

type CfnDBClusterParameterGroup

type CfnDBClusterParameterGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of the DB cluster parameter group.
	//
	// Constraints:
	//
	// - Must not match the name of an existing DB cluster parameter group.
	//
	// If you don't specify a value for `DBClusterParameterGroupName` property, a name is automatically created for the DB cluster paramter group.
	//
	// > This value is stored as a lowercase string.
	DbClusterParameterGroupName() *string
	SetDbClusterParameterGroupName(val *string)
	// A friendly description for this DB cluster parameter group.
	Description() *string
	SetDescription(val *string)
	// The DB cluster parameter group family name.
	//
	// A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a DB engine and engine version compatible with that DB cluster parameter group family.
	//
	// > The DB cluster parameter group family can't be changed when updating a DB cluster parameter group.
	//
	// To list all of the available parameter group families, use the following command:
	//
	// `aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"`
	//
	// The output contains duplicates.
	//
	// For more information, see `[CreateDBClusterParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html)` .
	Family() *string
	SetFamily(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Provides a list of parameters for the DB cluster parameter group.
	Parameters() interface{}
	SetParameters(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional array of key-value pairs to apply to this DB cluster parameter group.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBClusterParameterGroup`.

The `AWS::RDS::DBClusterParameterGroup` resource creates a new Amazon RDS DB cluster parameter group.

For information about configuring parameters for Amazon Aurora DB clusters, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .

> If you apply a parameter group to a DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting. > > If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var parameters interface{}

cfnDBClusterParameterGroup := awscdk.Aws_rds.NewCfnDBClusterParameterGroup(this, jsii.String("MyCfnDBClusterParameterGroup"), &cfnDBClusterParameterGroupProps{
	description: jsii.String("description"),
	family: jsii.String("family"),
	parameters: parameters,

	// the properties below are optional
	dbClusterParameterGroupName: jsii.String("dbClusterParameterGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnDBClusterParameterGroup

func NewCfnDBClusterParameterGroup(scope awscdk.Construct, id *string, props *CfnDBClusterParameterGroupProps) CfnDBClusterParameterGroup

Create a new `AWS::RDS::DBClusterParameterGroup`.

type CfnDBClusterParameterGroupProps

type CfnDBClusterParameterGroupProps struct {
	// A friendly description for this DB cluster parameter group.
	Description *string `field:"required" json:"description" yaml:"description"`
	// The DB cluster parameter group family name.
	//
	// A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a DB engine and engine version compatible with that DB cluster parameter group family.
	//
	// > The DB cluster parameter group family can't be changed when updating a DB cluster parameter group.
	//
	// To list all of the available parameter group families, use the following command:
	//
	// `aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"`
	//
	// The output contains duplicates.
	//
	// For more information, see `[CreateDBClusterParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html)` .
	Family *string `field:"required" json:"family" yaml:"family"`
	// Provides a list of parameters for the DB cluster parameter group.
	Parameters interface{} `field:"required" json:"parameters" yaml:"parameters"`
	// The name of the DB cluster parameter group.
	//
	// Constraints:
	//
	// - Must not match the name of an existing DB cluster parameter group.
	//
	// If you don't specify a value for `DBClusterParameterGroupName` property, a name is automatically created for the DB cluster paramter group.
	//
	// > This value is stored as a lowercase string.
	DbClusterParameterGroupName *string `field:"optional" json:"dbClusterParameterGroupName" yaml:"dbClusterParameterGroupName"`
	// An optional array of key-value pairs to apply to this DB cluster parameter group.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnDBClusterParameterGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var parameters interface{}

cfnDBClusterParameterGroupProps := &cfnDBClusterParameterGroupProps{
	description: jsii.String("description"),
	family: jsii.String("family"),
	parameters: parameters,

	// the properties below are optional
	dbClusterParameterGroupName: jsii.String("dbClusterParameterGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnDBClusterProps

type CfnDBClusterProps struct {
	// The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	AllocatedStorage *float64 `field:"optional" json:"allocatedStorage" yaml:"allocatedStorage"`
	// Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster.
	//
	// IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	AssociatedRoles interface{} `field:"optional" json:"associatedRoles" yaml:"associatedRoles"`
	// A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window.
	//
	// By default, minor engine upgrades are applied automatically.
	//
	// Valid for: Multi-AZ DB clusters only.
	AutoMinorVersionUpgrade interface{} `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// A list of Availability Zones (AZs) where instances in the DB cluster can be created.
	//
	// For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
	// The target backtrack window, in seconds. To disable backtracking, set this value to 0.
	//
	// > Currently, Backtrack is only supported for Aurora MySQL DB clusters.
	//
	// Default: 0
	//
	// Constraints:
	//
	// - If specified, this value must be set to a number from 0 to 259,200 (72 hours).
	//
	// Valid for: Aurora MySQL DB clusters only.
	BacktrackWindow *float64 `field:"optional" json:"backtrackWindow" yaml:"backtrackWindow"`
	// The number of days for which automated backups are retained.
	//
	// Default: 1
	//
	// Constraints:
	//
	// - Must be a value from 1 to 35
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	BackupRetentionPeriod *float64 `field:"optional" json:"backupRetentionPeriod" yaml:"backupRetentionPeriod"`
	// A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster.
	//
	// The default is not to copy them.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	CopyTagsToSnapshot interface{} `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// The name of your database.
	//
	// If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DatabaseName *string `field:"optional" json:"databaseName" yaml:"databaseName"`
	// The DB cluster identifier. This parameter is stored as a lowercase string.
	//
	// Constraints:
	//
	// - Must contain from 1 to 63 letters, numbers, or hyphens.
	// - First character must be a letter.
	// - Can't end with a hyphen or contain two consecutive hyphens.
	//
	// Example: `my-cluster1`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbClusterIdentifier *string `field:"optional" json:"dbClusterIdentifier" yaml:"dbClusterIdentifier"`
	// The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not all DB instance classes are available in all AWS Regions , or for all database engines.
	//
	// For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	DbClusterInstanceClass *string `field:"optional" json:"dbClusterInstanceClass" yaml:"dbClusterInstanceClass"`
	// The name of the DB cluster parameter group to associate with this DB cluster.
	//
	// > If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.
	// >
	// > If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.
	//
	// To list all of the available DB cluster parameter group names, use the following command:
	//
	// `aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbClusterParameterGroupName *string `field:"optional" json:"dbClusterParameterGroupName" yaml:"dbClusterParameterGroupName"`
	// The name of the DB parameter group to apply to all instances of the DB cluster.
	//
	// > When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.
	//
	// Default: The existing name setting
	//
	// Constraints:
	//
	// - The DB parameter group must be in the same DB parameter group family as this DB cluster.
	DbInstanceParameterGroupName *string `field:"optional" json:"dbInstanceParameterGroupName" yaml:"dbInstanceParameterGroupName"`
	// A DB subnet group that you want to associate with this DB cluster.
	//
	// If you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DbSubnetGroupName *string `field:"optional" json:"dbSubnetGroupName" yaml:"dbSubnetGroupName"`
	// Reserved for future use.
	DbSystemId *string `field:"optional" json:"dbSystemId" yaml:"dbSystemId"`
	// A value that indicates whether the DB cluster has deletion protection enabled.
	//
	// The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	DeletionProtection interface{} `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Indicates the directory ID of the Active Directory to create the DB cluster.
	//
	// For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.
	//
	// For more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// Specifies the name of the IAM role to use when making API calls to the Directory Service.
	//
	// Valid for: Aurora DB clusters only.
	DomainIamRoleName *string `field:"optional" json:"domainIamRoleName" yaml:"domainIamRoleName"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	//
	// The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .
	//
	// *Aurora MySQL*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Aurora PostgreSQL*
	//
	// Valid values: `postgresql`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	EnableCloudwatchLogsExports *[]*string `field:"optional" json:"enableCloudwatchLogsExports" yaml:"enableCloudwatchLogsExports"`
	// A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless DB cluster.
	//
	// By default, the HTTP endpoint is disabled.
	//
	// When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor.
	//
	// For more information, see [Using the Data API for Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	EnableHttpEndpoint interface{} `field:"optional" json:"enableHttpEndpoint" yaml:"enableHttpEndpoint"`
	// A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	//
	// By default, mapping is disabled.
	//
	// For more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*
	//
	// Valid for: Aurora DB clusters only.
	EnableIamDatabaseAuthentication interface{} `field:"optional" json:"enableIamDatabaseAuthentication" yaml:"enableIamDatabaseAuthentication"`
	// The name of the database engine to be used for this DB cluster.
	//
	// Valid Values:
	//
	// - `aurora` (for MySQL 5.6-compatible Aurora)
	// - `aurora-mysql` (for MySQL 5.7-compatible Aurora)
	// - `aurora-postgresql`
	// - `mysql`
	// - `postgres`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Engine *string `field:"optional" json:"engine" yaml:"engine"`
	// The DB engine mode of the DB cluster, either `provisioned` , `serverless` , `parallelquery` , `global` , or `multimaster` .
	//
	// The `parallelquery` engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x versions.
	//
	// The `global` engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, and `global` engine mode isn't required for any 2.x versions.
	//
	// The `multimaster` engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.
	//
	// For Aurora PostgreSQL, the `global` engine mode isn't required, and both the `parallelquery` and the `multimaster` engine modes currently aren't supported.
	//
	// Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the *Amazon Aurora User Guide* :
	//
	// - [Limitations of Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)
	// - [Limitations of Parallel Query](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations)
	// - [Limitations of Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations)
	// - [Limitations of Multi-Master Clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations)
	//
	// Valid for: Aurora DB clusters only.
	EngineMode *string `field:"optional" json:"engineMode" yaml:"engineMode"`
	// The version number of the database engine to use.
	//
	// To list all of the available engine versions for `aurora` (for MySQL 5.6-compatible Aurora), use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion"`
	//
	// To list all of the available engine versions for `aurora-mysql` (for MySQL 5.7-compatible Aurora), use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion"`
	//
	// To list all of the available engine versions for `aurora-postgresql` , use the following command:
	//
	// `aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion"`
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	EngineVersion *string `field:"optional" json:"engineVersion" yaml:"engineVersion"`
	// If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster.
	//
	// To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.
	//
	// If you aren't configuring a global database cluster, don't specify this property.
	//
	// > To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property.
	//
	// For information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .
	//
	// Valid for: Aurora DB clusters only.
	GlobalClusterIdentifier *string `field:"optional" json:"globalClusterIdentifier" yaml:"globalClusterIdentifier"`
	// The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.
	//
	// For information about valid IOPS values, see [Amazon RDS Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
	//
	// Valid for: Multi-AZ DB clusters only.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` .
	//
	// If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .
	//
	// If you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	KmsKeyId *string `field:"optional" json:"kmsKeyId" yaml:"kmsKeyId"`
	// A value that indicates whether to manage the master user password with AWS Secrets Manager.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*
	//
	// Constraints:
	//
	// - Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	ManageMasterUserPassword interface{} `field:"optional" json:"manageMasterUserPassword" yaml:"manageMasterUserPassword"`
	// The name of the master user for the DB cluster.
	//
	// > If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	MasterUsername *string `field:"optional" json:"masterUsername" yaml:"masterUsername"`
	// The master password for the DB instance.
	//
	// > If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	MasterUserPassword *string `field:"optional" json:"masterUserPassword" yaml:"masterUserPassword"`
	// Contains the secret managed by RDS in AWS Secrets Manager for the master user password.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*
	MasterUserSecret interface{} `field:"optional" json:"masterUserSecret" yaml:"masterUserSecret"`
	// The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.
	//
	// To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.
	//
	// If `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than 0.
	//
	// Valid Values: `0, 1, 5, 10, 15, 30, 60`
	//
	// Valid for: Multi-AZ DB clusters only.
	MonitoringInterval *float64 `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.
	//
	// An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .
	//
	// If `MonitoringInterval` is set to a value other than 0, supply a `MonitoringRoleArn` value.
	//
	// Valid for: Multi-AZ DB clusters only.
	MonitoringRoleArn *string `field:"optional" json:"monitoringRoleArn" yaml:"monitoringRoleArn"`
	// The network type of the DB cluster.
	//
	// Valid values:
	//
	// - `IPV4`
	// - `DUAL`
	//
	// The network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).
	//
	// For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*
	//
	// Valid for: Aurora DB clusters only.
	NetworkType *string `field:"optional" json:"networkType" yaml:"networkType"`
	// A value that indicates whether to turn on Performance Insights for the DB cluster.
	//
	// For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsEnabled interface{} `field:"optional" json:"performanceInsightsEnabled" yaml:"performanceInsightsEnabled"`
	// The AWS KMS key identifier for encryption of Performance Insights data.
	//
	// The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
	//
	// If you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsKmsKeyId *string `field:"optional" json:"performanceInsightsKmsKeyId" yaml:"performanceInsightsKmsKeyId"`
	// The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:.
	//
	// - 7
	// - *month* * 31, where *month* is a number of months from 1-23
	// - 731
	//
	// For example, the following values are valid:
	//
	// - 93 (3 months * 31)
	// - 341 (11 months * 31)
	// - 589 (19 months * 31)
	// - 731
	//
	// If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.
	//
	// Valid for: Multi-AZ DB clusters only.
	PerformanceInsightsRetentionPeriod *float64 `field:"optional" json:"performanceInsightsRetentionPeriod" yaml:"performanceInsightsRetentionPeriod"`
	// The port number on which the DB instances in the DB cluster accept connections.
	//
	// Default:
	//
	// - When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)
	// - When `EngineMode` is `serverless` :
	//
	// - `3306` when `Engine` is `aurora` or `aurora-mysql`
	// - `5432` when `Engine` is `aurora-postgresql`
	//
	// > The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are created.
	//
	// For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*
	//
	// Constraints:
	//
	// - Must be in the format `hh24:mi-hh24:mi` .
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	//
	// The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*
	//
	// Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
	//
	// Constraints: Minimum 30-minute window.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// A value that indicates whether the DB cluster is publicly accessible.
	//
	// When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.
	//
	// When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.
	//
	// Default: The default behavior varies depending on whether `DBSubnetGroupName` is specified.
	//
	// If `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:
	//
	// - If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private.
	// - If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.
	//
	// If `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:
	//
	// - If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private.
	// - If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.
	//
	// Valid for: Multi-AZ DB clusters only.
	PubliclyAccessible interface{} `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.
	//
	// Valid for: Aurora DB clusters only.
	ReplicationSourceIdentifier *string `field:"optional" json:"replicationSourceIdentifier" yaml:"replicationSourceIdentifier"`
	// The type of restore to be performed. You can specify one of the following values:.
	//
	// - `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.
	// - `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.
	//
	// Constraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.
	//
	// If you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	RestoreType *string `field:"optional" json:"restoreType" yaml:"restoreType"`
	// The `ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless DB cluster.
	//
	// This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, use `ServerlessV2ScalingConfiguration` property.
	//
	// Valid for: Aurora DB clusters only.
	ScalingConfiguration interface{} `field:"optional" json:"scalingConfiguration" yaml:"scalingConfiguration"`
	// The `ServerlessV2ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster.
	//
	// This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use `ScalingConfiguration` property.
	//
	// Valid for: Aurora DB clusters only.
	ServerlessV2ScalingConfiguration interface{} `field:"optional" json:"serverlessV2ScalingConfiguration" yaml:"serverlessV2ScalingConfiguration"`
	// The identifier for the DB snapshot or DB cluster snapshot to restore from.
	//
	// You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.
	//
	// After you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.
	//
	// If you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:
	//
	// - `GlobalClusterIdentifier`
	// - `MasterUsername`
	// - `MasterUserPassword`
	// - `ReplicationSourceIdentifier`
	// - `RestoreType`
	// - `SourceDBClusterIdentifier`
	// - `SourceRegion`
	// - `StorageEncrypted` (for an encrypted snapshot)
	// - `UseLatestRestorableTime`
	//
	// Constraints:
	//
	// - Must match the identifier of an existing Snapshot.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	SnapshotIdentifier *string `field:"optional" json:"snapshotIdentifier" yaml:"snapshotIdentifier"`
	// When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.
	//
	// Constraints:
	//
	// - Must match the identifier of an existing DBCluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	SourceDbClusterIdentifier *string `field:"optional" json:"sourceDbClusterIdentifier" yaml:"sourceDbClusterIdentifier"`
	// The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .
	//
	// Valid for: Aurora DB clusters only.
	SourceRegion *string `field:"optional" json:"sourceRegion" yaml:"sourceRegion"`
	// Indicates whether the DB cluster is encrypted.
	//
	// If you specify the `KmsKeyId` property, then you must enable encryption.
	//
	// If you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	StorageEncrypted interface{} `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// Specifies the storage type to be associated with the DB cluster.
	//
	// This setting is required to create a Multi-AZ DB cluster.
	//
	// Valid values: `io1`
	//
	// When specified, a value for the `Iops` parameter is required.
	//
	// Default: `io1`
	//
	// Valid for: Multi-AZ DB clusters only.
	StorageType *string `field:"optional" json:"storageType" yaml:"storageType"`
	// An optional array of key-value pairs to apply to this DB cluster.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// A value that indicates whether to restore the DB cluster to the latest restorable backup time.
	//
	// By default, the DB cluster is not restored to the latest restorable backup time.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	UseLatestRestorableTime interface{} `field:"optional" json:"useLatestRestorableTime" yaml:"useLatestRestorableTime"`
	// A list of EC2 VPC security groups to associate with this DB cluster.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	//
	// Valid for: Aurora DB clusters and Multi-AZ DB clusters.
	VpcSecurityGroupIds *[]*string `field:"optional" json:"vpcSecurityGroupIds" yaml:"vpcSecurityGroupIds"`
}

Properties for defining a `CfnDBCluster`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBClusterProps := &cfnDBClusterProps{
	allocatedStorage: jsii.Number(123),
	associatedRoles: []interface{}{
		&dBClusterRoleProperty{
			roleArn: jsii.String("roleArn"),

			// the properties below are optional
			featureName: jsii.String("featureName"),
		},
	},
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZones: []*string{
		jsii.String("availabilityZones"),
	},
	backtrackWindow: jsii.Number(123),
	backupRetentionPeriod: jsii.Number(123),
	copyTagsToSnapshot: jsii.Boolean(false),
	databaseName: jsii.String("databaseName"),
	dbClusterIdentifier: jsii.String("dbClusterIdentifier"),
	dbClusterInstanceClass: jsii.String("dbClusterInstanceClass"),
	dbClusterParameterGroupName: jsii.String("dbClusterParameterGroupName"),
	dbInstanceParameterGroupName: jsii.String("dbInstanceParameterGroupName"),
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	dbSystemId: jsii.String("dbSystemId"),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainIamRoleName: jsii.String("domainIamRoleName"),
	enableCloudwatchLogsExports: []*string{
		jsii.String("enableCloudwatchLogsExports"),
	},
	enableHttpEndpoint: jsii.Boolean(false),
	enableIamDatabaseAuthentication: jsii.Boolean(false),
	engine: jsii.String("engine"),
	engineMode: jsii.String("engineMode"),
	engineVersion: jsii.String("engineVersion"),
	globalClusterIdentifier: jsii.String("globalClusterIdentifier"),
	iops: jsii.Number(123),
	kmsKeyId: jsii.String("kmsKeyId"),
	manageMasterUserPassword: jsii.Boolean(false),
	masterUsername: jsii.String("masterUsername"),
	masterUserPassword: jsii.String("masterUserPassword"),
	masterUserSecret: &masterUserSecretProperty{
		kmsKeyId: jsii.String("kmsKeyId"),
		secretArn: jsii.String("secretArn"),
	},
	monitoringInterval: jsii.Number(123),
	monitoringRoleArn: jsii.String("monitoringRoleArn"),
	networkType: jsii.String("networkType"),
	performanceInsightsEnabled: jsii.Boolean(false),
	performanceInsightsKmsKeyId: jsii.String("performanceInsightsKmsKeyId"),
	performanceInsightsRetentionPeriod: jsii.Number(123),
	port: jsii.Number(123),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	publiclyAccessible: jsii.Boolean(false),
	replicationSourceIdentifier: jsii.String("replicationSourceIdentifier"),
	restoreType: jsii.String("restoreType"),
	scalingConfiguration: &scalingConfigurationProperty{
		autoPause: jsii.Boolean(false),
		maxCapacity: jsii.Number(123),
		minCapacity: jsii.Number(123),
		secondsBeforeTimeout: jsii.Number(123),
		secondsUntilAutoPause: jsii.Number(123),
		timeoutAction: jsii.String("timeoutAction"),
	},
	serverlessV2ScalingConfiguration: &serverlessV2ScalingConfigurationProperty{
		maxCapacity: jsii.Number(123),
		minCapacity: jsii.Number(123),
	},
	snapshotIdentifier: jsii.String("snapshotIdentifier"),
	sourceDbClusterIdentifier: jsii.String("sourceDbClusterIdentifier"),
	sourceRegion: jsii.String("sourceRegion"),
	storageEncrypted: jsii.Boolean(false),
	storageType: jsii.String("storageType"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	useLatestRestorableTime: jsii.Boolean(false),
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
}

type CfnDBCluster_DBClusterRoleProperty

type CfnDBCluster_DBClusterRoleProperty struct {
	// The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.
	RoleArn *string `field:"required" json:"roleArn" yaml:"roleArn"`
	// The name of the feature associated with the AWS Identity and Access Management (IAM) role.
	//
	// IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .
	FeatureName *string `field:"optional" json:"featureName" yaml:"featureName"`
}

Describes an AWS Identity and Access Management (IAM) role that is associated with a DB cluster.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

dBClusterRoleProperty := &dBClusterRoleProperty{
	roleArn: jsii.String("roleArn"),

	// the properties below are optional
	featureName: jsii.String("featureName"),
}

type CfnDBCluster_EndpointProperty

type CfnDBCluster_EndpointProperty struct {
	// Specifies the connection endpoint for the primary instance of the DB cluster.
	Address *string `field:"optional" json:"address" yaml:"address"`
	// Specifies the port that the database engine is listening on.
	Port *string `field:"optional" json:"port" yaml:"port"`
}

Specifies the connection endpoint for the primary instance of the DB cluster.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

endpointProperty := &endpointProperty{
	address: jsii.String("address"),
	port: jsii.String("port"),
}

type CfnDBCluster_MasterUserSecretProperty

type CfnDBCluster_MasterUserSecretProperty struct {
	// The AWS KMS key identifier that is used to encrypt the secret.
	KmsKeyId *string `field:"optional" json:"kmsKeyId" yaml:"kmsKeyId"`
	// The Amazon Resource Name (ARN) of the secret.
	SecretArn *string `field:"optional" json:"secretArn" yaml:"secretArn"`
}

Contains the secret managed by RDS in AWS Secrets Manager for the master user password.

For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

masterUserSecretProperty := &masterUserSecretProperty{
	kmsKeyId: jsii.String("kmsKeyId"),
	secretArn: jsii.String("secretArn"),
}

type CfnDBCluster_ReadEndpointProperty

type CfnDBCluster_ReadEndpointProperty struct {
	// The host address of the reader endpoint.
	Address *string `field:"optional" json:"address" yaml:"address"`
}

The `ReadEndpoint` return value specifies the reader endpoint for the DB cluster.

The reader endpoint for a DB cluster load-balances connections across the Aurora Replicas that are available in a DB cluster. As clients request new connections to the reader endpoint, Aurora distributes the connection requests among the Aurora Replicas in the DB cluster. This functionality can help balance your read workload across multiple Aurora Replicas in your DB cluster.

If a failover occurs, and the Aurora Replica that you are connected to is promoted to be the primary instance, your connection is dropped. To continue sending your read workload to other Aurora Replicas in the cluster, you can then reconnect to the reader endpoint.

For more information about Aurora endpoints, see [Amazon Aurora connection management](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html) in the *Amazon Aurora User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

readEndpointProperty := &readEndpointProperty{
	address: jsii.String("address"),
}

type CfnDBCluster_ScalingConfigurationProperty

type CfnDBCluster_ScalingConfigurationProperty struct {
	// A value that indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode.
	//
	// A DB cluster can be paused only when it's idle (it has no connections).
	//
	// > If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.
	AutoPause interface{} `field:"optional" json:"autoPause" yaml:"autoPause"`
	// The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.
	//
	// For Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .
	//
	// For Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .
	//
	// The maximum capacity must be greater than or equal to the minimum capacity.
	MaxCapacity *float64 `field:"optional" json:"maxCapacity" yaml:"maxCapacity"`
	// The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.
	//
	// For Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .
	//
	// For Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .
	//
	// The minimum capacity must be less than or equal to the maximum capacity.
	MinCapacity *float64 `field:"optional" json:"minCapacity" yaml:"minCapacity"`
	// The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action.
	//
	// The default is 300.
	//
	// Specify a value between 60 and 600 seconds.
	SecondsBeforeTimeout *float64 `field:"optional" json:"secondsBeforeTimeout" yaml:"secondsBeforeTimeout"`
	// The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.
	//
	// Specify a value between 300 and 86,400 seconds.
	SecondsUntilAutoPause *float64 `field:"optional" json:"secondsUntilAutoPause" yaml:"secondsUntilAutoPause"`
	// The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .
	//
	// `ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.
	//
	// `RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.
	//
	// > If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped.
	//
	// For more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .
	TimeoutAction *string `field:"optional" json:"timeoutAction" yaml:"timeoutAction"`
}

The `ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless DB cluster.

For more information, see [Using Amazon Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) in the *Amazon Aurora User Guide* .

This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, use `ServerlessV2ScalingConfiguration` property.

Valid for: Aurora DB clusters only.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

scalingConfigurationProperty := &scalingConfigurationProperty{
	autoPause: jsii.Boolean(false),
	maxCapacity: jsii.Number(123),
	minCapacity: jsii.Number(123),
	secondsBeforeTimeout: jsii.Number(123),
	secondsUntilAutoPause: jsii.Number(123),
	timeoutAction: jsii.String("timeoutAction"),
}

type CfnDBCluster_ServerlessV2ScalingConfigurationProperty

type CfnDBCluster_ServerlessV2ScalingConfigurationProperty struct {
	// The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster.
	//
	// You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.
	//
	// The maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .
	MaxCapacity *float64 `field:"optional" json:"maxCapacity" yaml:"maxCapacity"`
	// The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster.
	//
	// You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0.5.
	MinCapacity *float64 `field:"optional" json:"minCapacity" yaml:"minCapacity"`
}

The `ServerlessV2ScalingConfiguration` property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster.

For more information, see [Using Amazon Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html) in the *Amazon Aurora User Guide* .

If you have an Aurora cluster, you must set the `ScalingConfigurationInfo` attribute before you add a DB instance that uses the `db.serverless` DB instance class. For more information, see [Clusters that use Aurora Serverless v2 must have a capacity range specified](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html#aurora-serverless-v2.requirements.capacity-range) in the *Amazon Aurora User Guide* .

This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use `ScalingConfiguration` property.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

serverlessV2ScalingConfigurationProperty := &serverlessV2ScalingConfigurationProperty{
	maxCapacity: jsii.Number(123),
	minCapacity: jsii.Number(123),
}

type CfnDBInstance

type CfnDBInstance interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.
	//
	// > If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments).
	//
	// *Amazon Aurora*
	//
	// Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.
	//
	// *MySQL*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *MariaDB*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *PostgreSQL*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *Oracle*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 10 to 3072.
	//
	// *SQL Server*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 16384.
	// - Web and Express editions: Must be an integer from 20 to 16384.
	// - Provisioned IOPS storage (io1):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 16384.
	// - Web and Express editions: Must be an integer from 20 to 16384.
	// - Magnetic storage (standard):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 1024.
	// - Web and Express editions: Must be an integer from 20 to 1024.
	AllocatedStorage() *string
	SetAllocatedStorage(val *string)
	// A value that indicates whether major version upgrades are allowed.
	//
	// Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.
	//
	// Constraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.
	AllowMajorVersionUpgrade() interface{}
	SetAllowMajorVersionUpgrade(val interface{})
	// The AWS Identity and Access Management (IAM) roles associated with the DB instance.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The associated roles are managed by the DB cluster.
	AssociatedRoles() interface{}
	SetAssociatedRoles(val interface{})
	AttrCertificateDetailsCaIdentifier() *string
	AttrCertificateDetailsValidTill() *string
	// The Amazon Resource Name (ARN) for the DB instance.
	AttrDbInstanceArn() *string
	// The AWS Region-unique, immutable identifier for the DB instance.
	//
	// This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed.
	AttrDbiResourceId() *string
	// The Oracle system ID (Oracle SID) for a container database (CDB).
	//
	// The Oracle SID is also the name of the CDB.
	//
	// This setting is valid for RDS Custom only.
	AttrDbSystemId() *string
	// The connection endpoint for the database. For example: `mystack-mydb-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`.
	//
	// For Aurora Serverless DB clusters, the connection endpoint only applies to the DB cluster.
	AttrEndpointAddress() *string
	// The ID that Amazon Route 53 assigns when you create a hosted zone.
	AttrEndpointHostedZoneId() *string
	// The port number on which the database accepts connections.
	//
	// For example: `3306`.
	AttrEndpointPort() *string
	// The Amazon Resource Name (ARN) of the secret.
	AttrMasterUserSecretSecretArn() *string
	// A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	//
	// By default, minor engine upgrades are applied automatically.
	AutoMinorVersionUpgrade() interface{}
	SetAutoMinorVersionUpgrade(val interface{})
	// The Availability Zone (AZ) where the database will be created.
	//
	// For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .
	//
	// *Amazon Aurora*
	//
	// Each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.
	//
	// Default: A random, system-chosen Availability Zone in the endpoint's AWS Region .
	//
	// Example: `us-east-1d`
	//
	// Constraint: The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment. The specified Availability Zone must be in the same AWS Region as the current endpoint.
	AvailabilityZone() *string
	SetAvailabilityZone(val *string)
	// The number of days for which automated backups are retained.
	//
	// Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The retention period for automated backups is managed by the DB cluster.
	//
	// Default: 1
	//
	// Constraints:
	//
	// - Must be a value from 0 to 35
	// - Can't be set to 0 if the DB instance is a source to read replicas.
	BackupRetentionPeriod() *float64
	SetBackupRetentionPeriod(val *float64)
	// The identifier of the CA certificate for this DB instance.
	//
	// > Specifying or updating this property triggers a reboot.
	//
	// For more information about CA certificate identifiers for RDS DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide* .
	//
	// For more information about CA certificate identifiers for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .
	CaCertificateIdentifier() *string
	SetCaCertificateIdentifier(val *string)
	// The details of the DB instance's server certificate.
	CertificateDetails() interface{}
	SetCertificateDetails(val interface{})
	// A value that indicates whether the DB instance is restarted when you rotate your SSL/TLS certificate.
	//
	// By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.
	//
	// > Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.
	//
	// If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:
	//
	// - For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*
	// - For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	CertificateRotationRestart() interface{}
	SetCertificateRotationRestart(val interface{})
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// For supported engines, indicates that the DB instance should be associated with the specified character set.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .
	CharacterSetName() *string
	SetCharacterSetName(val *string)
	// A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance.
	//
	// By default, tags are not copied.
	//
	// *Amazon Aurora*
	//
	// Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.
	CopyTagsToSnapshot() interface{}
	SetCopyTagsToSnapshot(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.
	//
	// The instance profile must meet the following requirements:
	//
	// - The profile must exist in your account.
	// - The profile must have an IAM role that Amazon EC2 has permissions to assume.
	// - The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .
	//
	// For the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .
	//
	// This setting is required for RDS Custom.
	CustomIamInstanceProfile() *string
	SetCustomIamInstanceProfile(val *string)
	// The identifier of the DB cluster that the instance will belong to.
	DbClusterIdentifier() *string
	SetDbClusterIdentifier(val *string)
	// The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from.
	//
	// For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .
	//
	// Constraints:
	//
	// - Must match the identifier of an existing Multi-AZ DB cluster snapshot.
	// - Can't be specified when `DBSnapshotIdentifier` is specified.
	// - Must be specified when `DBSnapshotIdentifier` isn't specified.
	// - If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.
	// - Can't be the identifier of an Aurora DB cluster snapshot.
	// - Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.
	DbClusterSnapshotIdentifier() *string
	SetDbClusterSnapshotIdentifier(val *string)
	// The compute and memory capacity of the DB instance, for example, `db.m4.large` . Not all DB instance classes are available in all AWS Regions, or for all database engines.
	//
	// For the full list of DB instance classes, and availability for your engine, see [DB Instance Class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide.* For more information about DB instance class pricing and AWS Region support for DB instance classes, see [Amazon RDS Pricing](https://docs.aws.amazon.com/rds/pricing/) .
	DbInstanceClass() *string
	SetDbInstanceClass(val *string)
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .
	//
	// > If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
	DbInstanceIdentifier() *string
	SetDbInstanceIdentifier(val *string)
	// The meaning of this parameter differs according to the database engine you use.
	//
	// > If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The database name is managed by the DB cluster.
	//
	// *MySQL*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must contain 1 to 64 letters or numbers.
	// - Can't be a word reserved by the specified database engine
	//
	// *MariaDB*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must contain 1 to 64 letters or numbers.
	// - Can't be a word reserved by the specified database engine
	//
	// *PostgreSQL*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
	// - Must contain 1 to 63 characters.
	// - Can't be a word reserved by the specified database engine
	//
	// *Oracle*
	//
	// The Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .
	//
	// Default: `ORCL`
	//
	// Constraints:
	//
	// - Can't be longer than 8 characters
	//
	// *SQL Server*
	//
	// Not applicable. Must be null.
	DbName() *string
	SetDbName(val *string)
	// The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.
	//
	// To list all of the available DB parameter group names, use the following command:
	//
	// `aws rds describe-db-parameter-groups --query "DBParameterGroups[].DBParameterGroupName" --output text`
	//
	// > If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.
	//
	// If you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.
	DbParameterGroupName() *string
	SetDbParameterGroupName(val *string)
	// A list of the DB security groups to assign to the DB instance.
	//
	// The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.
	//
	// If you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.
	//
	// > If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:
	// >
	// > - `AllocatedStorage`
	// > - `AutoMinorVersionUpgrade`
	// > - `AvailabilityZone`
	// > - `BackupRetentionPeriod`
	// > - `CharacterSetName`
	// > - `DBInstanceClass`
	// > - `DBName`
	// > - `DBParameterGroupName`
	// > - `DBSecurityGroups`
	// > - `DBSubnetGroupName`
	// > - `Engine`
	// > - `EngineVersion`
	// > - `Iops`
	// > - `LicenseModel`
	// > - `MasterUsername`
	// > - `MasterUserPassword`
	// > - `MultiAZ`
	// > - `OptionGroupName`
	// > - `PreferredBackupWindow`
	// > - `PreferredMaintenanceWindow`
	// >
	// > All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.
	DbSecurityGroups() *[]*string
	SetDbSecurityGroups(val *[]*string)
	// The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance.
	//
	// If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.
	//
	// By specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.
	//
	// Some DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties. For information about the properties that you can specify, see the `RestoreDBInstanceFromDBSnapshot` action in the *Amazon RDS API Reference* .
	//
	// After you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.
	//
	// If you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:
	//
	// - `CharacterSetName`
	// - `DBClusterIdentifier`
	// - `DBName`
	// - `DeleteAutomatedBackups`
	// - `EnablePerformanceInsights`
	// - `KmsKeyId`
	// - `MasterUsername`
	// - `MasterUserPassword`
	// - `PerformanceInsightsKMSKeyId`
	// - `PerformanceInsightsRetentionPeriod`
	// - `PromotionTier`
	// - `SourceDBInstanceIdentifier`
	// - `SourceRegion`
	// - `StorageEncrypted` (for an encrypted snapshot)
	// - `Timezone`
	//
	// *Amazon Aurora*
	//
	// Not applicable. Snapshot restore is managed by the DB cluster.
	DbSnapshotIdentifier() *string
	SetDbSnapshotIdentifier(val *string)
	// A DB subnet group to associate with the DB instance.
	//
	// If you update this value, the new subnet group must be a subnet group in a new VPC.
	//
	// If there's no DB subnet group, then the DB instance isn't a VPC DB instance.
	//
	// For more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.
	DbSubnetGroupName() *string
	SetDbSubnetGroupName(val *string)
	// A value that indicates whether to remove automated backups immediately after the DB instance is deleted.
	//
	// This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.
	//
	// *Amazon Aurora*
	//
	// Not applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.
	DeleteAutomatedBackups() interface{}
	SetDeleteAutomatedBackups(val interface{})
	// A value that indicates whether the DB instance has deletion protection enabled.
	//
	// The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .
	//
	// *Amazon Aurora*
	//
	// Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.
	DeletionProtection() interface{}
	SetDeletionProtection(val interface{})
	// The Active Directory directory ID to create the DB instance in.
	//
	// Currently, only Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.
	//
	// For more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .
	Domain() *string
	SetDomain(val *string)
	// Specify the name of the IAM role to be used when making API calls to the Directory Service.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The domain is managed by the DB cluster.
	DomainIamRoleName() *string
	SetDomainIamRoleName(val *string)
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	//
	// The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. CloudWatch Logs exports are managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Microsoft SQL Server*
	//
	// Valid values: `agent` , `error`
	//
	// *MySQL*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Oracle*
	//
	// Valid values: `alert` , `audit` , `listener` , `trace`
	//
	// *PostgreSQL*
	//
	// Valid values: `postgresql` , `upgrade`.
	EnableCloudwatchLogsExports() *[]*string
	SetEnableCloudwatchLogsExports(val *[]*string)
	// A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	//
	// By default, mapping is disabled.
	//
	// This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*
	//
	// *Amazon Aurora*
	//
	// Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.
	EnableIamDatabaseAuthentication() interface{}
	SetEnableIamDatabaseAuthentication(val interface{})
	// A value that indicates whether to enable Performance Insights for the DB instance.
	//
	// For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	EnablePerformanceInsights() interface{}
	SetEnablePerformanceInsights(val interface{})
	// Specifies the connection endpoint.
	//
	// > The endpoint might not be shown for instances whose status is `creating` .
	Endpoint() interface{}
	SetEndpoint(val interface{})
	// The name of the database engine that you want to use for this DB instance.
	//
	// > When you are creating a DB instance, the `Engine` property is required.
	//
	// Valid Values:
	//
	// - `aurora` (for MySQL 5.6-compatible Aurora)
	// - `aurora-mysql` (for MySQL 5.7-compatible Aurora)
	// - `aurora-postgresql`
	// - `mariadb`
	// - `mysql`
	// - `oracle-ee`
	// - `oracle-ee-cdb`
	// - `oracle-se2`
	// - `oracle-se2-cdb`
	// - `postgres`
	// - `sqlserver-ee`
	// - `sqlserver-se`
	// - `sqlserver-ex`
	// - `sqlserver-web`.
	Engine() *string
	SetEngine(val *string)
	// The version number of the database engine to use.
	//
	// For a list of valid engine versions, use the `DescribeDBEngineVersions` action.
	//
	// The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// See [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*
	//
	// *Microsoft SQL Server*
	//
	// See [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*
	//
	// *MySQL*
	//
	// See [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*
	//
	// *Oracle*
	//
	// See [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*
	//
	// *PostgreSQL*
	//
	// See [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*
	EngineVersion() *string
	SetEngineVersion(val *string)
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	//
	// If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .
	//
	// > If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property.
	Iops() *float64
	SetIops(val *float64)
	// The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` .
	//
	// If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.
	//
	// If you specify the `SourceDBInstanceIdentifier` property, the value is inherited from the source DB instance if the read replica is created in the same region.
	//
	// If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.
	//
	// If you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The KMS key identifier is managed by the DB cluster.
	KmsKeyId() *string
	SetKmsKeyId(val *string)
	// License model information for this DB instance.
	//
	// Valid values:
	//
	// - Aurora MySQL - `general-public-license`
	// - Aurora PostgreSQL - `postgresql-license`
	// - MariaDB - `general-public-license`
	// - Microsoft SQL Server - `license-included`
	// - MySQL - `general-public-license`
	// - Oracle - `bring-your-own-license` or `license-included`
	// - PostgreSQL - `postgresql-license`
	//
	// > If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
	LicenseModel() *string
	SetLicenseModel(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// A value that indicates whether to manage the master user password with AWS Secrets Manager.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*
	//
	// Constraints:
	//
	// - Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.
	ManageMasterUserPassword() interface{}
	SetManageMasterUserPassword(val interface{})
	// The master user name for the DB instance.
	//
	// > If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The name for the master user is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Constraints:
	//
	// - Required for MariaDB.
	// - Must be 1 to 16 letters or numbers.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *Microsoft SQL Server*
	//
	// Constraints:
	//
	// - Required for SQL Server.
	// - Must be 1 to 128 letters or numbers.
	// - The first character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *MySQL*
	//
	// Constraints:
	//
	// - Required for MySQL.
	// - Must be 1 to 16 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *Oracle*
	//
	// Constraints:
	//
	// - Required for Oracle.
	// - Must be 1 to 30 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *PostgreSQL*
	//
	// Constraints:
	//
	// - Required for PostgreSQL.
	// - Must be 1 to 63 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	MasterUsername() *string
	SetMasterUsername(val *string)
	// The password for the master user. The password can include any printable ASCII character except "/", """, or "@".
	//
	// *Amazon Aurora*
	//
	// Not applicable. The password for the master user is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Constraints: Must contain from 8 to 41 characters.
	//
	// *Microsoft SQL Server*
	//
	// Constraints: Must contain from 8 to 128 characters.
	//
	// *MySQL*
	//
	// Constraints: Must contain from 8 to 41 characters.
	//
	// *Oracle*
	//
	// Constraints: Must contain from 8 to 30 characters.
	//
	// *PostgreSQL*
	//
	// Constraints: Must contain from 8 to 128 characters.
	MasterUserPassword() *string
	SetMasterUserPassword(val *string)
	// Contains the secret managed by RDS in AWS Secrets Manager for the master user password.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*
	MasterUserSecret() interface{}
	SetMasterUserSecret(val interface{})
	// The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.
	//
	// For more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable. Storage is managed by the DB cluster.
	MaxAllocatedStorage() *float64
	SetMaxAllocatedStorage(val *float64)
	// The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance.
	//
	// To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.
	//
	// If `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than 0.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// Valid Values: `0, 1, 5, 10, 15, 30, 60`.
	MonitoringInterval() *float64
	SetMonitoringInterval(val *float64)
	// The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
	//
	// For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .
	//
	// If `MonitoringInterval` is set to a value other than 0, then you must supply a `MonitoringRoleArn` value.
	//
	// This setting doesn't apply to RDS Custom.
	MonitoringRoleArn() *string
	SetMonitoringRoleArn(val *string)
	// Specifies whether the database instance is a Multi-AZ DB instance deployment.
	//
	// You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to true.
	//
	// Currently, you can't use AWS CloudFormation to create a Multi-AZ DB cluster deployment.
	//
	// For more information, see [Multi-AZ deployments for high availability](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. Amazon Aurora storage is replicated across all of the Availability Zones and doesn't require the `MultiAZ` option to be set.
	MultiAz() interface{}
	SetMultiAz(val interface{})
	// The name of the NCHAR character set for the Oracle DB instance.
	//
	// This parameter doesn't apply to RDS Custom.
	NcharCharacterSetName() *string
	SetNcharCharacterSetName(val *string)
	// The network type of the DB instance.
	//
	// Valid values:
	//
	// - `IPV4`
	// - `DUAL`
	//
	// The network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).
	//
	// For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*
	NetworkType() *string
	SetNetworkType(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Indicates that the DB instance should be associated with the specified option group.
	//
	// Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.
	OptionGroupName() *string
	SetOptionGroupName(val *string)
	// The AWS KMS key identifier for encryption of Performance Insights data.
	//
	// The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
	//
	// If you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.
	//
	// For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .
	PerformanceInsightsKmsKeyId() *string
	SetPerformanceInsightsKmsKeyId(val *string)
	// The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).
	//
	// For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .
	PerformanceInsightsRetentionPeriod() *float64
	SetPerformanceInsightsRetentionPeriod(val *float64)
	// The port number on which the database accepts connections.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The port number is managed by the DB cluster.
	Port() *string
	SetPort(val *string)
	// The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter.
	//
	// For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*
	//
	// Constraints:
	//
	// - Must be in the format `hh24:mi-hh24:mi` .
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The daily time range for creating automated backups is managed by the DB cluster.
	PreferredBackupWindow() *string
	SetPreferredBackupWindow(val *string)
	// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	//
	// The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*
	//
	// > This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.
	//
	// Constraints: Minimum 30-minute window.
	PreferredMaintenanceWindow() *string
	SetPreferredMaintenanceWindow(val *string)
	// The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable.
	ProcessorFeatures() interface{}
	SetProcessorFeatures(val interface{})
	// A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
	//
	// For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	//
	// Default: 1
	//
	// Valid Values: 0 - 15.
	PromotionTier() *float64
	SetPromotionTier(val *float64)
	// Indicates whether the DB instance is an internet-facing instance.
	//
	// If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.
	//
	// The default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .
	PubliclyAccessible() interface{}
	SetPubliclyAccessible(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The open mode of an Oracle read replica.
	//
	// For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .
	//
	// This setting is only supported in RDS for Oracle.
	//
	// Default: `open-read-only`
	//
	// Valid Values: `open-read-only` or `mounted`.
	ReplicaMode() *string
	SetReplicaMode(val *string)
	// The date and time to restore from.
	//
	// Valid Values: Value must be a time in Universal Coordinated Time (UTC) format
	//
	// Constraints:
	//
	// - Must be before the latest restorable time for the DB instance
	// - Can't be specified if the `UseLatestRestorableTime` parameter is enabled
	//
	// Example: `2009-09-07T23:45:00Z`.
	RestoreTime() *string
	SetRestoreTime(val *string)
	// The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .
	//
	// This setting doesn't apply to RDS Custom.
	SourceDbInstanceAutomatedBackupsArn() *string
	SetSourceDbInstanceAutomatedBackupsArn(val *string)
	// If you want to create a read replica DB instance, specify the ID of the source DB instance.
	//
	// Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .
	//
	// For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .
	//
	// The `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the Read Replica to a standalone DB instance.
	//
	// > - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.
	// > - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.
	// > - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.
	// > - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.
	// > - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .
	// > - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.
	SourceDbInstanceIdentifier() *string
	SetSourceDbInstanceIdentifier(val *string)
	// The resource ID of the source DB instance from which to restore.
	SourceDbiResourceId() *string
	SetSourceDbiResourceId(val *string)
	// The ID of the region that contains the source DB instance for the read replica.
	SourceRegion() *string
	SetSourceRegion(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.
	//
	// If you specify the `KmsKeyId` property, then you must enable encryption.
	//
	// If you specify the `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to `false` .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The encryption for DB instances is managed by the DB cluster.
	StorageEncrypted() interface{}
	SetStorageEncrypted(val interface{})
	// Specifies the storage throughput value for the DB instance. This setting applies only to the `gp3` storage type.
	//
	// This setting doesn't apply to RDS Custom or Amazon Aurora.
	StorageThroughput() *float64
	SetStorageThroughput(val *float64)
	// Specifies the storage type to be associated with the DB instance.
	//
	// Valid values: `gp2 | gp3 | io1 | standard`
	//
	// The `standard` value is also known as magnetic.
	//
	// If you specify `io1` or `gp3` , you must also include a value for the `Iops` parameter.
	//
	// Default: `io1` if the `Iops` parameter is specified, otherwise `gp2`
	//
	// For more information, see [Amazon RDS DB Instance Storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. Aurora data is stored in the cluster volume, which is a single, virtual volume that uses solid state drives (SSDs).
	StorageType() *string
	SetStorageType(val *string)
	// An optional array of key-value pairs to apply to this DB instance.
	Tags() awscdk.TagManager
	// The time zone of the DB instance.
	//
	// The time zone parameter is currently supported only by [Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .
	Timezone() *string
	SetTimezone(val *string)
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// A value that indicates whether the DB instance class of the DB instance uses its default processor features.
	//
	// This setting doesn't apply to RDS Custom.
	UseDefaultProcessorFeatures() interface{}
	SetUseDefaultProcessorFeatures(val interface{})
	// A value that indicates whether the DB instance is restored from the latest backup time.
	//
	// By default, the DB instance isn't restored from the latest backup time.
	//
	// Constraints: Can't be specified if the `RestoreTime` parameter is provided.
	UseLatestRestorableTime() interface{}
	SetUseLatestRestorableTime(val interface{})
	// A list of the VPC security group IDs to assign to the DB instance.
	//
	// The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	//
	// If you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.
	//
	// > You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:
	// >
	// > - You can't revert to using an RDS security group after you establish a VPC security group membership.
	// > - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.
	// > - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property.
	//
	// To avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.
	VpcSecurityGroups() *[]*string
	SetVpcSecurityGroups(val *[]*string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBInstance`.

The `AWS::RDS::DBInstance` resource creates an Amazon DB instance. The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster.

For more information about creating an RDS DB instance, see [Creating an Amazon RDS DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html) in the *Amazon RDS User Guide* .

For more information about creating a DB instance in an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide* .

If you import an existing DB instance, and the template configuration doesn't match the actual configuration of the DB instance, AWS CloudFormation applies the changes in the template during the import operation.

> If a DB instance is deleted or replaced during an update, AWS CloudFormation deletes all automated snapshots. However, it retains manual DB snapshots. During an update that requires replacement, you can apply a stack policy to prevent DB instances from being replaced. For more information, see [Prevent Updates to Stack Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) .

*Updating DB instances*

When properties labeled " *Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) " are updated, AWS CloudFormation first creates a replacement DB instance, then changes references from other dependent resources to point to the replacement DB instance, and finally deletes the old DB instance.

> We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB instance. To preserve your data, perform the following procedure: > > - Deactivate any applications that are using the DB instance so that there's no activity on the DB instance. > - Create a snapshot of the DB instance. For more information, see [Creating a DB Snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateSnapshot.html) . > - If you want to restore your instance using a DB snapshot, modify the updated template with your DB instance changes and add the `DBSnapshotIdentifier` property with the ID of the DB snapshot that you want to use. > > After you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted. > - Update the stack.

For more information about updating other properties of this resource, see `[ModifyDBInstance](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_ModifyDBInstance.html)` . For more information about updating stacks, see [AWS CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html) .

*Deleting DB instances*

For DB instances that are part of an Aurora DB cluster, you can set a deletion policy for your DB instance to control how AWS CloudFormation handles the DB instance when the stack is deleted. For Amazon RDS DB instances, you can choose to *retain* the DB instance, to *delete* the DB instance, or to *create a snapshot* of the DB instance. The default AWS CloudFormation behavior depends on the `DBClusterIdentifier` property:

- For `AWS::RDS::DBInstance` resources that don't specify the `DBClusterIdentifier` property, AWS CloudFormation saves a snapshot of the DB instance. - For `AWS::RDS::DBInstance` resources that do specify the `DBClusterIdentifier` property, AWS CloudFormation deletes the DB instance.

For more information, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBInstance := awscdk.Aws_rds.NewCfnDBInstance(this, jsii.String("MyCfnDBInstance"), &cfnDBInstanceProps{
	allocatedStorage: jsii.String("allocatedStorage"),
	allowMajorVersionUpgrade: jsii.Boolean(false),
	associatedRoles: []interface{}{
		&dBInstanceRoleProperty{
			featureName: jsii.String("featureName"),
			roleArn: jsii.String("roleArn"),
		},
	},
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZone: jsii.String("availabilityZone"),
	backupRetentionPeriod: jsii.Number(123),
	caCertificateIdentifier: jsii.String("caCertificateIdentifier"),
	certificateDetails: &certificateDetailsProperty{
		caIdentifier: jsii.String("caIdentifier"),
		validTill: jsii.String("validTill"),
	},
	certificateRotationRestart: jsii.Boolean(false),
	characterSetName: jsii.String("characterSetName"),
	copyTagsToSnapshot: jsii.Boolean(false),
	customIamInstanceProfile: jsii.String("customIamInstanceProfile"),
	dbClusterIdentifier: jsii.String("dbClusterIdentifier"),
	dbClusterSnapshotIdentifier: jsii.String("dbClusterSnapshotIdentifier"),
	dbInstanceClass: jsii.String("dbInstanceClass"),
	dbInstanceIdentifier: jsii.String("dbInstanceIdentifier"),
	dbName: jsii.String("dbName"),
	dbParameterGroupName: jsii.String("dbParameterGroupName"),
	dbSecurityGroups: []*string{
		jsii.String("dbSecurityGroups"),
	},
	dbSnapshotIdentifier: jsii.String("dbSnapshotIdentifier"),
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	deleteAutomatedBackups: jsii.Boolean(false),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainIamRoleName: jsii.String("domainIamRoleName"),
	enableCloudwatchLogsExports: []*string{
		jsii.String("enableCloudwatchLogsExports"),
	},
	enableIamDatabaseAuthentication: jsii.Boolean(false),
	enablePerformanceInsights: jsii.Boolean(false),
	endpoint: &endpointProperty{
		address: jsii.String("address"),
		hostedZoneId: jsii.String("hostedZoneId"),
		port: jsii.String("port"),
	},
	engine: jsii.String("engine"),
	engineVersion: jsii.String("engineVersion"),
	iops: jsii.Number(123),
	kmsKeyId: jsii.String("kmsKeyId"),
	licenseModel: jsii.String("licenseModel"),
	manageMasterUserPassword: jsii.Boolean(false),
	masterUsername: jsii.String("masterUsername"),
	masterUserPassword: jsii.String("masterUserPassword"),
	masterUserSecret: &masterUserSecretProperty{
		kmsKeyId: jsii.String("kmsKeyId"),
		secretArn: jsii.String("secretArn"),
	},
	maxAllocatedStorage: jsii.Number(123),
	monitoringInterval: jsii.Number(123),
	monitoringRoleArn: jsii.String("monitoringRoleArn"),
	multiAz: jsii.Boolean(false),
	ncharCharacterSetName: jsii.String("ncharCharacterSetName"),
	networkType: jsii.String("networkType"),
	optionGroupName: jsii.String("optionGroupName"),
	performanceInsightsKmsKeyId: jsii.String("performanceInsightsKmsKeyId"),
	performanceInsightsRetentionPeriod: jsii.Number(123),
	port: jsii.String("port"),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	processorFeatures: []interface{}{
		&processorFeatureProperty{
			name: jsii.String("name"),
			value: jsii.String("value"),
		},
	},
	promotionTier: jsii.Number(123),
	publiclyAccessible: jsii.Boolean(false),
	replicaMode: jsii.String("replicaMode"),
	restoreTime: jsii.String("restoreTime"),
	sourceDbInstanceAutomatedBackupsArn: jsii.String("sourceDbInstanceAutomatedBackupsArn"),
	sourceDbInstanceIdentifier: jsii.String("sourceDbInstanceIdentifier"),
	sourceDbiResourceId: jsii.String("sourceDbiResourceId"),
	sourceRegion: jsii.String("sourceRegion"),
	storageEncrypted: jsii.Boolean(false),
	storageThroughput: jsii.Number(123),
	storageType: jsii.String("storageType"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	timezone: jsii.String("timezone"),
	useDefaultProcessorFeatures: jsii.Boolean(false),
	useLatestRestorableTime: jsii.Boolean(false),
	vpcSecurityGroups: []*string{
		jsii.String("vpcSecurityGroups"),
	},
})

func NewCfnDBInstance

func NewCfnDBInstance(scope awscdk.Construct, id *string, props *CfnDBInstanceProps) CfnDBInstance

Create a new `AWS::RDS::DBInstance`.

type CfnDBInstanceProps

type CfnDBInstanceProps struct {
	// The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.
	//
	// > If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments).
	//
	// *Amazon Aurora*
	//
	// Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.
	//
	// *MySQL*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *MariaDB*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *PostgreSQL*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 5 to 3072.
	//
	// *Oracle*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
	// - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
	// - Magnetic storage (standard): Must be an integer from 10 to 3072.
	//
	// *SQL Server*
	//
	// Constraints to the amount of storage for each storage type are the following:
	//
	// - General Purpose (SSD) storage (gp2):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 16384.
	// - Web and Express editions: Must be an integer from 20 to 16384.
	// - Provisioned IOPS storage (io1):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 16384.
	// - Web and Express editions: Must be an integer from 20 to 16384.
	// - Magnetic storage (standard):
	//
	// - Enterprise and Standard editions: Must be an integer from 20 to 1024.
	// - Web and Express editions: Must be an integer from 20 to 1024.
	AllocatedStorage *string `field:"optional" json:"allocatedStorage" yaml:"allocatedStorage"`
	// A value that indicates whether major version upgrades are allowed.
	//
	// Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.
	//
	// Constraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.
	AllowMajorVersionUpgrade interface{} `field:"optional" json:"allowMajorVersionUpgrade" yaml:"allowMajorVersionUpgrade"`
	// The AWS Identity and Access Management (IAM) roles associated with the DB instance.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The associated roles are managed by the DB cluster.
	AssociatedRoles interface{} `field:"optional" json:"associatedRoles" yaml:"associatedRoles"`
	// A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	//
	// By default, minor engine upgrades are applied automatically.
	AutoMinorVersionUpgrade interface{} `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The Availability Zone (AZ) where the database will be created.
	//
	// For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .
	//
	// *Amazon Aurora*
	//
	// Each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.
	//
	// Default: A random, system-chosen Availability Zone in the endpoint's AWS Region .
	//
	// Example: `us-east-1d`
	//
	// Constraint: The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment. The specified Availability Zone must be in the same AWS Region as the current endpoint.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days for which automated backups are retained.
	//
	// Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The retention period for automated backups is managed by the DB cluster.
	//
	// Default: 1
	//
	// Constraints:
	//
	// - Must be a value from 0 to 35
	// - Can't be set to 0 if the DB instance is a source to read replicas.
	BackupRetentionPeriod *float64 `field:"optional" json:"backupRetentionPeriod" yaml:"backupRetentionPeriod"`
	// The identifier of the CA certificate for this DB instance.
	//
	// > Specifying or updating this property triggers a reboot.
	//
	// For more information about CA certificate identifiers for RDS DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide* .
	//
	// For more information about CA certificate identifiers for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .
	CaCertificateIdentifier *string `field:"optional" json:"caCertificateIdentifier" yaml:"caCertificateIdentifier"`
	// The details of the DB instance's server certificate.
	CertificateDetails interface{} `field:"optional" json:"certificateDetails" yaml:"certificateDetails"`
	// A value that indicates whether the DB instance is restarted when you rotate your SSL/TLS certificate.
	//
	// By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.
	//
	// > Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.
	//
	// If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:
	//
	// - For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*
	// - For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	CertificateRotationRestart interface{} `field:"optional" json:"certificateRotationRestart" yaml:"certificateRotationRestart"`
	// For supported engines, indicates that the DB instance should be associated with the specified character set.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .
	CharacterSetName *string `field:"optional" json:"characterSetName" yaml:"characterSetName"`
	// A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance.
	//
	// By default, tags are not copied.
	//
	// *Amazon Aurora*
	//
	// Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.
	CopyTagsToSnapshot interface{} `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.
	//
	// The instance profile must meet the following requirements:
	//
	// - The profile must exist in your account.
	// - The profile must have an IAM role that Amazon EC2 has permissions to assume.
	// - The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .
	//
	// For the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .
	//
	// This setting is required for RDS Custom.
	CustomIamInstanceProfile *string `field:"optional" json:"customIamInstanceProfile" yaml:"customIamInstanceProfile"`
	// The identifier of the DB cluster that the instance will belong to.
	DbClusterIdentifier *string `field:"optional" json:"dbClusterIdentifier" yaml:"dbClusterIdentifier"`
	// The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from.
	//
	// For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .
	//
	// Constraints:
	//
	// - Must match the identifier of an existing Multi-AZ DB cluster snapshot.
	// - Can't be specified when `DBSnapshotIdentifier` is specified.
	// - Must be specified when `DBSnapshotIdentifier` isn't specified.
	// - If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.
	// - Can't be the identifier of an Aurora DB cluster snapshot.
	// - Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.
	DbClusterSnapshotIdentifier *string `field:"optional" json:"dbClusterSnapshotIdentifier" yaml:"dbClusterSnapshotIdentifier"`
	// The compute and memory capacity of the DB instance, for example, `db.m4.large` . Not all DB instance classes are available in all AWS Regions, or for all database engines.
	//
	// For the full list of DB instance classes, and availability for your engine, see [DB Instance Class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide.* For more information about DB instance class pricing and AWS Region support for DB instance classes, see [Amazon RDS Pricing](https://docs.aws.amazon.com/rds/pricing/) .
	DbInstanceClass *string `field:"optional" json:"dbInstanceClass" yaml:"dbInstanceClass"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .
	//
	// > If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
	DbInstanceIdentifier *string `field:"optional" json:"dbInstanceIdentifier" yaml:"dbInstanceIdentifier"`
	// The meaning of this parameter differs according to the database engine you use.
	//
	// > If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The database name is managed by the DB cluster.
	//
	// *MySQL*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must contain 1 to 64 letters or numbers.
	// - Can't be a word reserved by the specified database engine
	//
	// *MariaDB*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must contain 1 to 64 letters or numbers.
	// - Can't be a word reserved by the specified database engine
	//
	// *PostgreSQL*
	//
	// The name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.
	//
	// Constraints:
	//
	// - Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
	// - Must contain 1 to 63 characters.
	// - Can't be a word reserved by the specified database engine
	//
	// *Oracle*
	//
	// The Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .
	//
	// Default: `ORCL`
	//
	// Constraints:
	//
	// - Can't be longer than 8 characters
	//
	// *SQL Server*
	//
	// Not applicable. Must be null.
	DbName *string `field:"optional" json:"dbName" yaml:"dbName"`
	// The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.
	//
	// To list all of the available DB parameter group names, use the following command:
	//
	// `aws rds describe-db-parameter-groups --query "DBParameterGroups[].DBParameterGroupName" --output text`
	//
	// > If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.
	//
	// If you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.
	DbParameterGroupName *string `field:"optional" json:"dbParameterGroupName" yaml:"dbParameterGroupName"`
	// A list of the DB security groups to assign to the DB instance.
	//
	// The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.
	//
	// If you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.
	//
	// > If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:
	// >
	// > - `AllocatedStorage`
	// > - `AutoMinorVersionUpgrade`
	// > - `AvailabilityZone`
	// > - `BackupRetentionPeriod`
	// > - `CharacterSetName`
	// > - `DBInstanceClass`
	// > - `DBName`
	// > - `DBParameterGroupName`
	// > - `DBSecurityGroups`
	// > - `DBSubnetGroupName`
	// > - `Engine`
	// > - `EngineVersion`
	// > - `Iops`
	// > - `LicenseModel`
	// > - `MasterUsername`
	// > - `MasterUserPassword`
	// > - `MultiAZ`
	// > - `OptionGroupName`
	// > - `PreferredBackupWindow`
	// > - `PreferredMaintenanceWindow`
	// >
	// > All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.
	DbSecurityGroups *[]*string `field:"optional" json:"dbSecurityGroups" yaml:"dbSecurityGroups"`
	// The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance.
	//
	// If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.
	//
	// By specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.
	//
	// Some DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties. For information about the properties that you can specify, see the `RestoreDBInstanceFromDBSnapshot` action in the *Amazon RDS API Reference* .
	//
	// After you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.
	//
	// If you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:
	//
	// - `CharacterSetName`
	// - `DBClusterIdentifier`
	// - `DBName`
	// - `DeleteAutomatedBackups`
	// - `EnablePerformanceInsights`
	// - `KmsKeyId`
	// - `MasterUsername`
	// - `MasterUserPassword`
	// - `PerformanceInsightsKMSKeyId`
	// - `PerformanceInsightsRetentionPeriod`
	// - `PromotionTier`
	// - `SourceDBInstanceIdentifier`
	// - `SourceRegion`
	// - `StorageEncrypted` (for an encrypted snapshot)
	// - `Timezone`
	//
	// *Amazon Aurora*
	//
	// Not applicable. Snapshot restore is managed by the DB cluster.
	DbSnapshotIdentifier *string `field:"optional" json:"dbSnapshotIdentifier" yaml:"dbSnapshotIdentifier"`
	// A DB subnet group to associate with the DB instance.
	//
	// If you update this value, the new subnet group must be a subnet group in a new VPC.
	//
	// If there's no DB subnet group, then the DB instance isn't a VPC DB instance.
	//
	// For more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.
	DbSubnetGroupName *string `field:"optional" json:"dbSubnetGroupName" yaml:"dbSubnetGroupName"`
	// A value that indicates whether to remove automated backups immediately after the DB instance is deleted.
	//
	// This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.
	//
	// *Amazon Aurora*
	//
	// Not applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.
	DeleteAutomatedBackups interface{} `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// A value that indicates whether the DB instance has deletion protection enabled.
	//
	// The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .
	//
	// *Amazon Aurora*
	//
	// Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.
	DeletionProtection interface{} `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	//
	// Currently, only Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.
	//
	// For more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// Specify the name of the IAM role to be used when making API calls to the Directory Service.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The domain is managed by the DB cluster.
	DomainIamRoleName *string `field:"optional" json:"domainIamRoleName" yaml:"domainIamRoleName"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	//
	// The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. CloudWatch Logs exports are managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Microsoft SQL Server*
	//
	// Valid values: `agent` , `error`
	//
	// *MySQL*
	//
	// Valid values: `audit` , `error` , `general` , `slowquery`
	//
	// *Oracle*
	//
	// Valid values: `alert` , `audit` , `listener` , `trace`
	//
	// *PostgreSQL*
	//
	// Valid values: `postgresql` , `upgrade`.
	EnableCloudwatchLogsExports *[]*string `field:"optional" json:"enableCloudwatchLogsExports" yaml:"enableCloudwatchLogsExports"`
	// A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	//
	// By default, mapping is disabled.
	//
	// This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*
	//
	// *Amazon Aurora*
	//
	// Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.
	EnableIamDatabaseAuthentication interface{} `field:"optional" json:"enableIamDatabaseAuthentication" yaml:"enableIamDatabaseAuthentication"`
	// A value that indicates whether to enable Performance Insights for the DB instance.
	//
	// For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	EnablePerformanceInsights interface{} `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Specifies the connection endpoint.
	//
	// > The endpoint might not be shown for instances whose status is `creating` .
	Endpoint interface{} `field:"optional" json:"endpoint" yaml:"endpoint"`
	// The name of the database engine that you want to use for this DB instance.
	//
	// > When you are creating a DB instance, the `Engine` property is required.
	//
	// Valid Values:
	//
	// - `aurora` (for MySQL 5.6-compatible Aurora)
	// - `aurora-mysql` (for MySQL 5.7-compatible Aurora)
	// - `aurora-postgresql`
	// - `mariadb`
	// - `mysql`
	// - `oracle-ee`
	// - `oracle-ee-cdb`
	// - `oracle-se2`
	// - `oracle-se2-cdb`
	// - `postgres`
	// - `sqlserver-ee`
	// - `sqlserver-se`
	// - `sqlserver-ex`
	// - `sqlserver-web`.
	Engine *string `field:"optional" json:"engine" yaml:"engine"`
	// The version number of the database engine to use.
	//
	// For a list of valid engine versions, use the `DescribeDBEngineVersions` action.
	//
	// The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// See [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*
	//
	// *Microsoft SQL Server*
	//
	// See [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*
	//
	// *MySQL*
	//
	// See [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*
	//
	// *Oracle*
	//
	// See [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*
	//
	// *PostgreSQL*
	//
	// See [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*
	EngineVersion *string `field:"optional" json:"engineVersion" yaml:"engineVersion"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	//
	// If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .
	//
	// > If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` .
	//
	// If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.
	//
	// If you specify the `SourceDBInstanceIdentifier` property, the value is inherited from the source DB instance if the read replica is created in the same region.
	//
	// If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.
	//
	// If you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The KMS key identifier is managed by the DB cluster.
	KmsKeyId *string `field:"optional" json:"kmsKeyId" yaml:"kmsKeyId"`
	// License model information for this DB instance.
	//
	// Valid values:
	//
	// - Aurora MySQL - `general-public-license`
	// - Aurora PostgreSQL - `postgresql-license`
	// - MariaDB - `general-public-license`
	// - Microsoft SQL Server - `license-included`
	// - MySQL - `general-public-license`
	// - Oracle - `bring-your-own-license` or `license-included`
	// - PostgreSQL - `postgresql-license`
	//
	// > If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
	LicenseModel *string `field:"optional" json:"licenseModel" yaml:"licenseModel"`
	// A value that indicates whether to manage the master user password with AWS Secrets Manager.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*
	//
	// Constraints:
	//
	// - Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.
	ManageMasterUserPassword interface{} `field:"optional" json:"manageMasterUserPassword" yaml:"manageMasterUserPassword"`
	// The master user name for the DB instance.
	//
	// > If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The name for the master user is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Constraints:
	//
	// - Required for MariaDB.
	// - Must be 1 to 16 letters or numbers.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *Microsoft SQL Server*
	//
	// Constraints:
	//
	// - Required for SQL Server.
	// - Must be 1 to 128 letters or numbers.
	// - The first character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *MySQL*
	//
	// Constraints:
	//
	// - Required for MySQL.
	// - Must be 1 to 16 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *Oracle*
	//
	// Constraints:
	//
	// - Required for Oracle.
	// - Must be 1 to 30 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	//
	// *PostgreSQL*
	//
	// Constraints:
	//
	// - Required for PostgreSQL.
	// - Must be 1 to 63 letters or numbers.
	// - First character must be a letter.
	// - Can't be a reserved word for the chosen database engine.
	MasterUsername *string `field:"optional" json:"masterUsername" yaml:"masterUsername"`
	// The password for the master user. The password can include any printable ASCII character except "/", """, or "@".
	//
	// *Amazon Aurora*
	//
	// Not applicable. The password for the master user is managed by the DB cluster.
	//
	// *MariaDB*
	//
	// Constraints: Must contain from 8 to 41 characters.
	//
	// *Microsoft SQL Server*
	//
	// Constraints: Must contain from 8 to 128 characters.
	//
	// *MySQL*
	//
	// Constraints: Must contain from 8 to 41 characters.
	//
	// *Oracle*
	//
	// Constraints: Must contain from 8 to 30 characters.
	//
	// *PostgreSQL*
	//
	// Constraints: Must contain from 8 to 128 characters.
	MasterUserPassword *string `field:"optional" json:"masterUserPassword" yaml:"masterUserPassword"`
	// Contains the secret managed by RDS in AWS Secrets Manager for the master user password.
	//
	// For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*
	MasterUserSecret interface{} `field:"optional" json:"masterUserSecret" yaml:"masterUserSecret"`
	// The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.
	//
	// For more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable. Storage is managed by the DB cluster.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance.
	//
	// To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.
	//
	// If `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than 0.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// Valid Values: `0, 1, 5, 10, 15, 30, 60`.
	MonitoringInterval *float64 `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
	//
	// For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .
	//
	// If `MonitoringInterval` is set to a value other than 0, then you must supply a `MonitoringRoleArn` value.
	//
	// This setting doesn't apply to RDS Custom.
	MonitoringRoleArn *string `field:"optional" json:"monitoringRoleArn" yaml:"monitoringRoleArn"`
	// Specifies whether the database instance is a Multi-AZ DB instance deployment.
	//
	// You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to true.
	//
	// Currently, you can't use AWS CloudFormation to create a Multi-AZ DB cluster deployment.
	//
	// For more information, see [Multi-AZ deployments for high availability](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. Amazon Aurora storage is replicated across all of the Availability Zones and doesn't require the `MultiAZ` option to be set.
	MultiAz interface{} `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The name of the NCHAR character set for the Oracle DB instance.
	//
	// This parameter doesn't apply to RDS Custom.
	NcharCharacterSetName *string `field:"optional" json:"ncharCharacterSetName" yaml:"ncharCharacterSetName"`
	// The network type of the DB instance.
	//
	// Valid values:
	//
	// - `IPV4`
	// - `DUAL`
	//
	// The network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).
	//
	// For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*
	NetworkType *string `field:"optional" json:"networkType" yaml:"networkType"`
	// Indicates that the DB instance should be associated with the specified option group.
	//
	// Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.
	OptionGroupName *string `field:"optional" json:"optionGroupName" yaml:"optionGroupName"`
	// The AWS KMS key identifier for encryption of Performance Insights data.
	//
	// The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
	//
	// If you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.
	//
	// For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .
	PerformanceInsightsKmsKeyId *string `field:"optional" json:"performanceInsightsKmsKeyId" yaml:"performanceInsightsKmsKeyId"`
	// The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).
	//
	// For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .
	PerformanceInsightsRetentionPeriod *float64 `field:"optional" json:"performanceInsightsRetentionPeriod" yaml:"performanceInsightsRetentionPeriod"`
	// The port number on which the database accepts connections.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The port number is managed by the DB cluster.
	Port *string `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter.
	//
	// For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*
	//
	// Constraints:
	//
	// - Must be in the format `hh24:mi-hh24:mi` .
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The daily time range for creating automated backups is managed by the DB cluster.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	//
	// The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*
	//
	// > This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.
	//
	// Constraints: Minimum 30-minute window.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.
	//
	// This setting doesn't apply to RDS Custom.
	//
	// *Amazon Aurora*
	//
	// Not applicable.
	ProcessorFeatures interface{} `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
	//
	// For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .
	//
	// This setting doesn't apply to RDS Custom.
	//
	// Default: 1
	//
	// Valid Values: 0 - 15.
	PromotionTier *float64 `field:"optional" json:"promotionTier" yaml:"promotionTier"`
	// Indicates whether the DB instance is an internet-facing instance.
	//
	// If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.
	//
	// The default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .
	PubliclyAccessible interface{} `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The open mode of an Oracle read replica.
	//
	// For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .
	//
	// This setting is only supported in RDS for Oracle.
	//
	// Default: `open-read-only`
	//
	// Valid Values: `open-read-only` or `mounted`.
	ReplicaMode *string `field:"optional" json:"replicaMode" yaml:"replicaMode"`
	// The date and time to restore from.
	//
	// Valid Values: Value must be a time in Universal Coordinated Time (UTC) format
	//
	// Constraints:
	//
	// - Must be before the latest restorable time for the DB instance
	// - Can't be specified if the `UseLatestRestorableTime` parameter is enabled
	//
	// Example: `2009-09-07T23:45:00Z`.
	RestoreTime *string `field:"optional" json:"restoreTime" yaml:"restoreTime"`
	// The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .
	//
	// This setting doesn't apply to RDS Custom.
	SourceDbInstanceAutomatedBackupsArn *string `field:"optional" json:"sourceDbInstanceAutomatedBackupsArn" yaml:"sourceDbInstanceAutomatedBackupsArn"`
	// If you want to create a read replica DB instance, specify the ID of the source DB instance.
	//
	// Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .
	//
	// For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .
	//
	// The `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the Read Replica to a standalone DB instance.
	//
	// > - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.
	// > - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.
	// > - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.
	// > - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.
	// > - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .
	// > - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.
	SourceDbInstanceIdentifier *string `field:"optional" json:"sourceDbInstanceIdentifier" yaml:"sourceDbInstanceIdentifier"`
	// The resource ID of the source DB instance from which to restore.
	SourceDbiResourceId *string `field:"optional" json:"sourceDbiResourceId" yaml:"sourceDbiResourceId"`
	// The ID of the region that contains the source DB instance for the read replica.
	SourceRegion *string `field:"optional" json:"sourceRegion" yaml:"sourceRegion"`
	// A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.
	//
	// If you specify the `KmsKeyId` property, then you must enable encryption.
	//
	// If you specify the `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.
	//
	// If you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to `false` .
	//
	// *Amazon Aurora*
	//
	// Not applicable. The encryption for DB instances is managed by the DB cluster.
	StorageEncrypted interface{} `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// Specifies the storage throughput value for the DB instance. This setting applies only to the `gp3` storage type.
	//
	// This setting doesn't apply to RDS Custom or Amazon Aurora.
	StorageThroughput *float64 `field:"optional" json:"storageThroughput" yaml:"storageThroughput"`
	// Specifies the storage type to be associated with the DB instance.
	//
	// Valid values: `gp2 | gp3 | io1 | standard`
	//
	// The `standard` value is also known as magnetic.
	//
	// If you specify `io1` or `gp3` , you must also include a value for the `Iops` parameter.
	//
	// Default: `io1` if the `Iops` parameter is specified, otherwise `gp2`
	//
	// For more information, see [Amazon RDS DB Instance Storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) in the *Amazon RDS User Guide* .
	//
	// *Amazon Aurora*
	//
	// Not applicable. Aurora data is stored in the cluster volume, which is a single, virtual volume that uses solid state drives (SSDs).
	StorageType *string `field:"optional" json:"storageType" yaml:"storageType"`
	// An optional array of key-value pairs to apply to this DB instance.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// The time zone of the DB instance.
	//
	// The time zone parameter is currently supported only by [Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .
	Timezone *string `field:"optional" json:"timezone" yaml:"timezone"`
	// A value that indicates whether the DB instance class of the DB instance uses its default processor features.
	//
	// This setting doesn't apply to RDS Custom.
	UseDefaultProcessorFeatures interface{} `field:"optional" json:"useDefaultProcessorFeatures" yaml:"useDefaultProcessorFeatures"`
	// A value that indicates whether the DB instance is restored from the latest backup time.
	//
	// By default, the DB instance isn't restored from the latest backup time.
	//
	// Constraints: Can't be specified if the `RestoreTime` parameter is provided.
	UseLatestRestorableTime interface{} `field:"optional" json:"useLatestRestorableTime" yaml:"useLatestRestorableTime"`
	// A list of the VPC security group IDs to assign to the DB instance.
	//
	// The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	//
	// If you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.
	//
	// > You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:
	// >
	// > - You can't revert to using an RDS security group after you establish a VPC security group membership.
	// > - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.
	// > - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property.
	//
	// To avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.
	//
	// *Amazon Aurora*
	//
	// Not applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.
	VpcSecurityGroups *[]*string `field:"optional" json:"vpcSecurityGroups" yaml:"vpcSecurityGroups"`
}

Properties for defining a `CfnDBInstance`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBInstanceProps := &cfnDBInstanceProps{
	allocatedStorage: jsii.String("allocatedStorage"),
	allowMajorVersionUpgrade: jsii.Boolean(false),
	associatedRoles: []interface{}{
		&dBInstanceRoleProperty{
			featureName: jsii.String("featureName"),
			roleArn: jsii.String("roleArn"),
		},
	},
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZone: jsii.String("availabilityZone"),
	backupRetentionPeriod: jsii.Number(123),
	caCertificateIdentifier: jsii.String("caCertificateIdentifier"),
	certificateDetails: &certificateDetailsProperty{
		caIdentifier: jsii.String("caIdentifier"),
		validTill: jsii.String("validTill"),
	},
	certificateRotationRestart: jsii.Boolean(false),
	characterSetName: jsii.String("characterSetName"),
	copyTagsToSnapshot: jsii.Boolean(false),
	customIamInstanceProfile: jsii.String("customIamInstanceProfile"),
	dbClusterIdentifier: jsii.String("dbClusterIdentifier"),
	dbClusterSnapshotIdentifier: jsii.String("dbClusterSnapshotIdentifier"),
	dbInstanceClass: jsii.String("dbInstanceClass"),
	dbInstanceIdentifier: jsii.String("dbInstanceIdentifier"),
	dbName: jsii.String("dbName"),
	dbParameterGroupName: jsii.String("dbParameterGroupName"),
	dbSecurityGroups: []*string{
		jsii.String("dbSecurityGroups"),
	},
	dbSnapshotIdentifier: jsii.String("dbSnapshotIdentifier"),
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	deleteAutomatedBackups: jsii.Boolean(false),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainIamRoleName: jsii.String("domainIamRoleName"),
	enableCloudwatchLogsExports: []*string{
		jsii.String("enableCloudwatchLogsExports"),
	},
	enableIamDatabaseAuthentication: jsii.Boolean(false),
	enablePerformanceInsights: jsii.Boolean(false),
	endpoint: &endpointProperty{
		address: jsii.String("address"),
		hostedZoneId: jsii.String("hostedZoneId"),
		port: jsii.String("port"),
	},
	engine: jsii.String("engine"),
	engineVersion: jsii.String("engineVersion"),
	iops: jsii.Number(123),
	kmsKeyId: jsii.String("kmsKeyId"),
	licenseModel: jsii.String("licenseModel"),
	manageMasterUserPassword: jsii.Boolean(false),
	masterUsername: jsii.String("masterUsername"),
	masterUserPassword: jsii.String("masterUserPassword"),
	masterUserSecret: &masterUserSecretProperty{
		kmsKeyId: jsii.String("kmsKeyId"),
		secretArn: jsii.String("secretArn"),
	},
	maxAllocatedStorage: jsii.Number(123),
	monitoringInterval: jsii.Number(123),
	monitoringRoleArn: jsii.String("monitoringRoleArn"),
	multiAz: jsii.Boolean(false),
	ncharCharacterSetName: jsii.String("ncharCharacterSetName"),
	networkType: jsii.String("networkType"),
	optionGroupName: jsii.String("optionGroupName"),
	performanceInsightsKmsKeyId: jsii.String("performanceInsightsKmsKeyId"),
	performanceInsightsRetentionPeriod: jsii.Number(123),
	port: jsii.String("port"),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	processorFeatures: []interface{}{
		&processorFeatureProperty{
			name: jsii.String("name"),
			value: jsii.String("value"),
		},
	},
	promotionTier: jsii.Number(123),
	publiclyAccessible: jsii.Boolean(false),
	replicaMode: jsii.String("replicaMode"),
	restoreTime: jsii.String("restoreTime"),
	sourceDbInstanceAutomatedBackupsArn: jsii.String("sourceDbInstanceAutomatedBackupsArn"),
	sourceDbInstanceIdentifier: jsii.String("sourceDbInstanceIdentifier"),
	sourceDbiResourceId: jsii.String("sourceDbiResourceId"),
	sourceRegion: jsii.String("sourceRegion"),
	storageEncrypted: jsii.Boolean(false),
	storageThroughput: jsii.Number(123),
	storageType: jsii.String("storageType"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	timezone: jsii.String("timezone"),
	useDefaultProcessorFeatures: jsii.Boolean(false),
	useLatestRestorableTime: jsii.Boolean(false),
	vpcSecurityGroups: []*string{
		jsii.String("vpcSecurityGroups"),
	},
}

type CfnDBInstance_CertificateDetailsProperty

type CfnDBInstance_CertificateDetailsProperty struct {
	// The CA identifier of the CA certificate used for the DB instance's server certificate.
	CaIdentifier *string `field:"optional" json:"caIdentifier" yaml:"caIdentifier"`
	// The expiration date of the DB instance’s server certificate.
	ValidTill *string `field:"optional" json:"validTill" yaml:"validTill"`
}

Returns the details of the DB instance’s server certificate.

For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

certificateDetailsProperty := &certificateDetailsProperty{
	caIdentifier: jsii.String("caIdentifier"),
	validTill: jsii.String("validTill"),
}

type CfnDBInstance_DBInstanceRoleProperty

type CfnDBInstance_DBInstanceRoleProperty struct {
	// The name of the feature associated with the AWS Identity and Access Management (IAM) role.
	//
	// IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .
	FeatureName *string `field:"required" json:"featureName" yaml:"featureName"`
	// The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.
	RoleArn *string `field:"required" json:"roleArn" yaml:"roleArn"`
}

Describes an AWS Identity and Access Management (IAM) role that is associated with a DB instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

dBInstanceRoleProperty := &dBInstanceRoleProperty{
	featureName: jsii.String("featureName"),
	roleArn: jsii.String("roleArn"),
}

type CfnDBInstance_EndpointProperty

type CfnDBInstance_EndpointProperty struct {
	// Specifies the DNS address of the DB instance.
	Address *string `field:"optional" json:"address" yaml:"address"`
	// Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.
	HostedZoneId *string `field:"optional" json:"hostedZoneId" yaml:"hostedZoneId"`
	// Specifies the port that the database engine is listening on.
	Port *string `field:"optional" json:"port" yaml:"port"`
}

This data type represents the information you need to connect to an Amazon RDS DB instance.

This data type is used as a response element in the following actions:

- `CreateDBInstance` - `DescribeDBInstances` - `DeleteDBInstance`

For the data structure that represents Amazon Aurora DB cluster endpoints, see `DBClusterEndpoint` .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

endpointProperty := &endpointProperty{
	address: jsii.String("address"),
	hostedZoneId: jsii.String("hostedZoneId"),
	port: jsii.String("port"),
}

type CfnDBInstance_MasterUserSecretProperty

type CfnDBInstance_MasterUserSecretProperty struct {
	// The AWS KMS key identifier that is used to encrypt the secret.
	KmsKeyId *string `field:"optional" json:"kmsKeyId" yaml:"kmsKeyId"`
	// The Amazon Resource Name (ARN) of the secret.
	SecretArn *string `field:"optional" json:"secretArn" yaml:"secretArn"`
}

Contains the secret managed by RDS in AWS Secrets Manager for the master user password.

For more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

masterUserSecretProperty := &masterUserSecretProperty{
	kmsKeyId: jsii.String("kmsKeyId"),
	secretArn: jsii.String("secretArn"),
}

type CfnDBInstance_ProcessorFeatureProperty

type CfnDBInstance_ProcessorFeatureProperty struct {
	// The name of the processor feature.
	//
	// Valid names are `coreCount` and `threadsPerCore` .
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The value of a processor feature name.
	Value *string `field:"optional" json:"value" yaml:"value"`
}

The `ProcessorFeature` property type specifies the processor features of a DB instance class status.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

processorFeatureProperty := &processorFeatureProperty{
	name: jsii.String("name"),
	value: jsii.String("value"),
}

type CfnDBParameterGroup

type CfnDBParameterGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The name of the DB parameter group.
	AttrDbParameterGroupName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of the DB parameter group.
	//
	// Constraints:
	//
	// - Must be 1 to 255 letters, numbers, or hyphens.
	// - First character must be a letter
	// - Can't end with a hyphen or contain two consecutive hyphens
	//
	// If you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.
	//
	// > This value is stored as a lowercase string.
	DbParameterGroupName() *string
	SetDbParameterGroupName(val *string)
	// Provides the customer-specified description for this DB parameter group.
	Description() *string
	SetDescription(val *string)
	// The DB parameter group family name.
	//
	// A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a DB engine and engine version compatible with that DB parameter group family.
	//
	// > The DB parameter group family can't be changed when updating a DB parameter group.
	//
	// To list all of the available parameter group families, use the following command:
	//
	// `aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"`
	//
	// The output contains duplicates.
	//
	// For more information, see `[CreateDBParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html)` .
	Family() *string
	SetFamily(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// An array of parameter names and values for the parameter update.
	//
	// At least one parameter name and value must be supplied. Subsequent arguments are optional.
	//
	// For more information about DB parameters and DB parameter groups for Amazon RDS DB engines, see [Working with DB Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* .
	//
	// For more information about DB cluster and DB instance parameters and parameter groups for Amazon Aurora DB engines, see [Working with DB Parameter Groups and DB Cluster Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .
	//
	// > AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.
	Parameters() interface{}
	SetParameters(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional array of key-value pairs to apply to this DB parameter group.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBParameterGroup`.

The `AWS::RDS::DBParameterGroup` resource creates a custom parameter group for an RDS database family.

This type can be declared in a template and referenced in the `DBParameterGroupName` property of an `[AWS::RDS::DBInstance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html)` resource.

For information about configuring parameters for Amazon RDS DB instances, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* .

For information about configuring parameters for Amazon Aurora DB instances, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .

> Applying a parameter group to a DB instance may require the DB instance to reboot, resulting in a database outage for the duration of the reboot.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var parameters interface{}

cfnDBParameterGroup := awscdk.Aws_rds.NewCfnDBParameterGroup(this, jsii.String("MyCfnDBParameterGroup"), &cfnDBParameterGroupProps{
	description: jsii.String("description"),
	family: jsii.String("family"),

	// the properties below are optional
	dbParameterGroupName: jsii.String("dbParameterGroupName"),
	parameters: parameters,
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnDBParameterGroup

func NewCfnDBParameterGroup(scope awscdk.Construct, id *string, props *CfnDBParameterGroupProps) CfnDBParameterGroup

Create a new `AWS::RDS::DBParameterGroup`.

type CfnDBParameterGroupProps

type CfnDBParameterGroupProps struct {
	// Provides the customer-specified description for this DB parameter group.
	Description *string `field:"required" json:"description" yaml:"description"`
	// The DB parameter group family name.
	//
	// A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a DB engine and engine version compatible with that DB parameter group family.
	//
	// > The DB parameter group family can't be changed when updating a DB parameter group.
	//
	// To list all of the available parameter group families, use the following command:
	//
	// `aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"`
	//
	// The output contains duplicates.
	//
	// For more information, see `[CreateDBParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html)` .
	Family *string `field:"required" json:"family" yaml:"family"`
	// The name of the DB parameter group.
	//
	// Constraints:
	//
	// - Must be 1 to 255 letters, numbers, or hyphens.
	// - First character must be a letter
	// - Can't end with a hyphen or contain two consecutive hyphens
	//
	// If you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.
	//
	// > This value is stored as a lowercase string.
	DbParameterGroupName *string `field:"optional" json:"dbParameterGroupName" yaml:"dbParameterGroupName"`
	// An array of parameter names and values for the parameter update.
	//
	// At least one parameter name and value must be supplied. Subsequent arguments are optional.
	//
	// For more information about DB parameters and DB parameter groups for Amazon RDS DB engines, see [Working with DB Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* .
	//
	// For more information about DB cluster and DB instance parameters and parameter groups for Amazon Aurora DB engines, see [Working with DB Parameter Groups and DB Cluster Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .
	//
	// > AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.
	Parameters interface{} `field:"optional" json:"parameters" yaml:"parameters"`
	// An optional array of key-value pairs to apply to this DB parameter group.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnDBParameterGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var parameters interface{}

cfnDBParameterGroupProps := &cfnDBParameterGroupProps{
	description: jsii.String("description"),
	family: jsii.String("family"),

	// the properties below are optional
	dbParameterGroupName: jsii.String("dbParameterGroupName"),
	parameters: parameters,
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnDBProxy

type CfnDBProxy interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) representing the target group.
	AttrDbProxyArn() *string
	// The writer endpoint for the RDS DB instance or Aurora DB cluster.
	AttrEndpoint() *string
	// The VPC ID to associate with the DB proxy.
	AttrVpcId() *string
	// The authorization mechanism that the proxy uses.
	Auth() interface{}
	SetAuth(val interface{})
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The identifier for the proxy.
	//
	// This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.
	DbProxyName() *string
	SetDbProxyName(val *string)
	// Whether the proxy includes detailed information about SQL statements in its logs.
	//
	// This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.
	DebugLogging() interface{}
	SetDebugLogging(val interface{})
	// The kinds of databases that the proxy can connect to.
	//
	// This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .
	//
	// *Valid values* : `MYSQL` | `POSTGRESQL` | `SQLSERVER`.
	EngineFamily() *string
	SetEngineFamily(val *string)
	// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
	//
	// You can set this value higher or lower than the connection timeout limit for the associated database.
	IdleClientTimeout() *float64
	SetIdleClientTimeout(val *float64)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
	//
	// By enabling this setting, you can enforce encrypted TLS connections to the proxy.
	RequireTls() interface{}
	SetRequireTls(val interface{})
	// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
	RoleArn() *string
	SetRoleArn(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
	Tags() *[]*CfnDBProxy_TagFormatProperty
	SetTags(val *[]*CfnDBProxy_TagFormatProperty)
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// One or more VPC security group IDs to associate with the new proxy.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	VpcSecurityGroupIds() *[]*string
	SetVpcSecurityGroupIds(val *[]*string)
	// One or more VPC subnet IDs to associate with the new proxy.
	VpcSubnetIds() *[]*string
	SetVpcSubnetIds(val *[]*string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBProxy`.

The `AWS::RDS::DBProxy` resource creates or updates a DB proxy.

For information about RDS Proxy for Amazon RDS, see [Managing Connections with Amazon RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html) in the *Amazon RDS User Guide* .

For information about RDS Proxy for Amazon Aurora, see [Managing Connections with Amazon RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy.html) in the *Amazon Aurora User Guide* .

> Limitations apply to RDS Proxy, including DB engine version limitations and AWS Region limitations. > > For information about limitations that apply to RDS Proxy for Amazon RDS, see [Limitations for RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html#rds-proxy.limitations) in the *Amazon RDS User Guide* . > > For information about that apply to RDS Proxy for Amazon Aurora, see [Limitations for RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy.html#rds-proxy.limitations) in the *Amazon Aurora User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxy := awscdk.Aws_rds.NewCfnDBProxy(this, jsii.String("MyCfnDBProxy"), &cfnDBProxyProps{
	auth: []interface{}{
		&authFormatProperty{
			authScheme: jsii.String("authScheme"),
			clientPasswordAuthType: jsii.String("clientPasswordAuthType"),
			description: jsii.String("description"),
			iamAuth: jsii.String("iamAuth"),
			secretArn: jsii.String("secretArn"),
		},
	},
	dbProxyName: jsii.String("dbProxyName"),
	engineFamily: jsii.String("engineFamily"),
	roleArn: jsii.String("roleArn"),
	vpcSubnetIds: []*string{
		jsii.String("vpcSubnetIds"),
	},

	// the properties below are optional
	debugLogging: jsii.Boolean(false),
	idleClientTimeout: jsii.Number(123),
	requireTls: jsii.Boolean(false),
	tags: []tagFormatProperty{
		&tagFormatProperty{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
})

func NewCfnDBProxy

func NewCfnDBProxy(scope awscdk.Construct, id *string, props *CfnDBProxyProps) CfnDBProxy

Create a new `AWS::RDS::DBProxy`.

type CfnDBProxyEndpoint

type CfnDBProxyEndpoint interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) representing the DB proxy endpoint.
	AttrDbProxyEndpointArn() *string
	// The custom endpoint for the RDS DB instance or Aurora DB cluster.
	AttrEndpoint() *string
	// A value that indicates whether this endpoint is the default endpoint for the associated DB proxy.
	//
	// Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only.
	AttrIsDefault() awscdk.IResolvable
	AttrTargetRole() *string
	// The VPC ID of the DB proxy endpoint.
	AttrVpcId() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of the DB proxy endpoint to create.
	DbProxyEndpointName() *string
	SetDbProxyEndpointName(val *string)
	// The name of the DB proxy associated with the DB proxy endpoint that you create.
	DbProxyName() *string
	SetDbProxyName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
	Tags() *[]*CfnDBProxyEndpoint_TagFormatProperty
	SetTags(val *[]*CfnDBProxyEndpoint_TagFormatProperty)
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The VPC security group IDs for the DB proxy endpoint that you create.
	//
	// You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
	VpcSecurityGroupIds() *[]*string
	SetVpcSecurityGroupIds(val *[]*string)
	// The VPC subnet IDs for the DB proxy endpoint that you create.
	//
	// You can specify a different set of subnet IDs than for the original DB proxy.
	VpcSubnetIds() *[]*string
	SetVpcSubnetIds(val *[]*string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBProxyEndpoint`.

The `AWS::RDS::DBProxyEndpoint` resource creates or updates a DB proxy endpoint. You can use custom proxy endpoints to access a proxy through a different VPC than the proxy's default VPC.

For more information about RDS Proxy, see [AWS::RDS::DBProxy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxyEndpoint := awscdk.Aws_rds.NewCfnDBProxyEndpoint(this, jsii.String("MyCfnDBProxyEndpoint"), &cfnDBProxyEndpointProps{
	dbProxyEndpointName: jsii.String("dbProxyEndpointName"),
	dbProxyName: jsii.String("dbProxyName"),
	vpcSubnetIds: []*string{
		jsii.String("vpcSubnetIds"),
	},

	// the properties below are optional
	tags: []tagFormatProperty{
		&tagFormatProperty{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
})

func NewCfnDBProxyEndpoint

func NewCfnDBProxyEndpoint(scope awscdk.Construct, id *string, props *CfnDBProxyEndpointProps) CfnDBProxyEndpoint

Create a new `AWS::RDS::DBProxyEndpoint`.

type CfnDBProxyEndpointProps

type CfnDBProxyEndpointProps struct {
	// The name of the DB proxy endpoint to create.
	DbProxyEndpointName *string `field:"required" json:"dbProxyEndpointName" yaml:"dbProxyEndpointName"`
	// The name of the DB proxy associated with the DB proxy endpoint that you create.
	DbProxyName *string `field:"required" json:"dbProxyName" yaml:"dbProxyName"`
	// The VPC subnet IDs for the DB proxy endpoint that you create.
	//
	// You can specify a different set of subnet IDs than for the original DB proxy.
	VpcSubnetIds *[]*string `field:"required" json:"vpcSubnetIds" yaml:"vpcSubnetIds"`
	// An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
	Tags *[]*CfnDBProxyEndpoint_TagFormatProperty `field:"optional" json:"tags" yaml:"tags"`
	// The VPC security group IDs for the DB proxy endpoint that you create.
	//
	// You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
	VpcSecurityGroupIds *[]*string `field:"optional" json:"vpcSecurityGroupIds" yaml:"vpcSecurityGroupIds"`
}

Properties for defining a `CfnDBProxyEndpoint`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxyEndpointProps := &cfnDBProxyEndpointProps{
	dbProxyEndpointName: jsii.String("dbProxyEndpointName"),
	dbProxyName: jsii.String("dbProxyName"),
	vpcSubnetIds: []*string{
		jsii.String("vpcSubnetIds"),
	},

	// the properties below are optional
	tags: []tagFormatProperty{
		&tagFormatProperty{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
}

type CfnDBProxyEndpoint_TagFormatProperty

type CfnDBProxyEndpoint_TagFormatProperty struct {
	// A value is the optional value of the tag.
	//
	// The string value can be 1-256 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").
	Key *string `field:"optional" json:"key" yaml:"key"`
	// Metadata assigned to a DB instance consisting of a key-value pair.
	Value *string `field:"optional" json:"value" yaml:"value"`
}

Metadata assigned to a DB proxy endpoint consisting of a key-value pair.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tagFormatProperty := &tagFormatProperty{
	key: jsii.String("key"),
	value: jsii.String("value"),
}

type CfnDBProxyProps

type CfnDBProxyProps struct {
	// The authorization mechanism that the proxy uses.
	Auth interface{} `field:"required" json:"auth" yaml:"auth"`
	// The identifier for the proxy.
	//
	// This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.
	DbProxyName *string `field:"required" json:"dbProxyName" yaml:"dbProxyName"`
	// The kinds of databases that the proxy can connect to.
	//
	// This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .
	//
	// *Valid values* : `MYSQL` | `POSTGRESQL` | `SQLSERVER`.
	EngineFamily *string `field:"required" json:"engineFamily" yaml:"engineFamily"`
	// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
	RoleArn *string `field:"required" json:"roleArn" yaml:"roleArn"`
	// One or more VPC subnet IDs to associate with the new proxy.
	VpcSubnetIds *[]*string `field:"required" json:"vpcSubnetIds" yaml:"vpcSubnetIds"`
	// Whether the proxy includes detailed information about SQL statements in its logs.
	//
	// This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.
	DebugLogging interface{} `field:"optional" json:"debugLogging" yaml:"debugLogging"`
	// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
	//
	// You can set this value higher or lower than the connection timeout limit for the associated database.
	IdleClientTimeout *float64 `field:"optional" json:"idleClientTimeout" yaml:"idleClientTimeout"`
	// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
	//
	// By enabling this setting, you can enforce encrypted TLS connections to the proxy.
	RequireTls interface{} `field:"optional" json:"requireTls" yaml:"requireTls"`
	// An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
	Tags *[]*CfnDBProxy_TagFormatProperty `field:"optional" json:"tags" yaml:"tags"`
	// One or more VPC security group IDs to associate with the new proxy.
	//
	// If you plan to update the resource, don't specify VPC security groups in a shared VPC.
	VpcSecurityGroupIds *[]*string `field:"optional" json:"vpcSecurityGroupIds" yaml:"vpcSecurityGroupIds"`
}

Properties for defining a `CfnDBProxy`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxyProps := &cfnDBProxyProps{
	auth: []interface{}{
		&authFormatProperty{
			authScheme: jsii.String("authScheme"),
			clientPasswordAuthType: jsii.String("clientPasswordAuthType"),
			description: jsii.String("description"),
			iamAuth: jsii.String("iamAuth"),
			secretArn: jsii.String("secretArn"),
		},
	},
	dbProxyName: jsii.String("dbProxyName"),
	engineFamily: jsii.String("engineFamily"),
	roleArn: jsii.String("roleArn"),
	vpcSubnetIds: []*string{
		jsii.String("vpcSubnetIds"),
	},

	// the properties below are optional
	debugLogging: jsii.Boolean(false),
	idleClientTimeout: jsii.Number(123),
	requireTls: jsii.Boolean(false),
	tags: []tagFormatProperty{
		&tagFormatProperty{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	vpcSecurityGroupIds: []*string{
		jsii.String("vpcSecurityGroupIds"),
	},
}

type CfnDBProxyTargetGroup

type CfnDBProxyTargetGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) representing the target group.
	AttrTargetGroupArn() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Settings that control the size and behavior of the connection pool associated with a `DBProxyTargetGroup` .
	ConnectionPoolConfigurationInfo() interface{}
	SetConnectionPoolConfigurationInfo(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// One or more DB cluster identifiers.
	DbClusterIdentifiers() *[]*string
	SetDbClusterIdentifiers(val *[]*string)
	// One or more DB instance identifiers.
	DbInstanceIdentifiers() *[]*string
	SetDbInstanceIdentifiers(val *[]*string)
	// The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .
	DbProxyName() *string
	SetDbProxyName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// The identifier for the target group.
	//
	// > Currently, this property must be set to `default` .
	TargetGroupName() *string
	SetTargetGroupName(val *string)
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBProxyTargetGroup`.

The `AWS::RDS::DBProxyTargetGroup` resource represents a set of RDS DB instances, Aurora DB clusters, or both that a proxy can connect to. Currently, each target group is associated with exactly one RDS DB instance or Aurora DB cluster.

This data type is used as a response element in the `DescribeDBProxyTargetGroups` action.

For information about RDS Proxy for Amazon RDS, see [Managing Connections with Amazon RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html) in the *Amazon RDS User Guide* .

For information about RDS Proxy for Amazon Aurora, see [Managing Connections with Amazon RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy.html) in the *Amazon Aurora User Guide* .

For a sample template that creates a DB proxy and registers a DB instance, see [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html#aws-resource-rds-dbproxy--examples) in AWS::RDS::DBProxy.

> Limitations apply to RDS Proxy, including DB engine version limitations and AWS Region limitations. > > For information about limitations that apply to RDS Proxy for Amazon RDS, see [Limitations for RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html#rds-proxy.limitations) in the *Amazon RDS User Guide* . > > For information about that apply to RDS Proxy for Amazon Aurora, see [Limitations for RDS Proxy](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy.html#rds-proxy.limitations) in the *Amazon Aurora User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxyTargetGroup := awscdk.Aws_rds.NewCfnDBProxyTargetGroup(this, jsii.String("MyCfnDBProxyTargetGroup"), &cfnDBProxyTargetGroupProps{
	dbProxyName: jsii.String("dbProxyName"),
	targetGroupName: jsii.String("targetGroupName"),

	// the properties below are optional
	connectionPoolConfigurationInfo: &connectionPoolConfigurationInfoFormatProperty{
		connectionBorrowTimeout: jsii.Number(123),
		initQuery: jsii.String("initQuery"),
		maxConnectionsPercent: jsii.Number(123),
		maxIdleConnectionsPercent: jsii.Number(123),
		sessionPinningFilters: []*string{
			jsii.String("sessionPinningFilters"),
		},
	},
	dbClusterIdentifiers: []*string{
		jsii.String("dbClusterIdentifiers"),
	},
	dbInstanceIdentifiers: []*string{
		jsii.String("dbInstanceIdentifiers"),
	},
})

func NewCfnDBProxyTargetGroup

func NewCfnDBProxyTargetGroup(scope awscdk.Construct, id *string, props *CfnDBProxyTargetGroupProps) CfnDBProxyTargetGroup

Create a new `AWS::RDS::DBProxyTargetGroup`.

type CfnDBProxyTargetGroupProps

type CfnDBProxyTargetGroupProps struct {
	// The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .
	DbProxyName *string `field:"required" json:"dbProxyName" yaml:"dbProxyName"`
	// The identifier for the target group.
	//
	// > Currently, this property must be set to `default` .
	TargetGroupName *string `field:"required" json:"targetGroupName" yaml:"targetGroupName"`
	// Settings that control the size and behavior of the connection pool associated with a `DBProxyTargetGroup` .
	ConnectionPoolConfigurationInfo interface{} `field:"optional" json:"connectionPoolConfigurationInfo" yaml:"connectionPoolConfigurationInfo"`
	// One or more DB cluster identifiers.
	DbClusterIdentifiers *[]*string `field:"optional" json:"dbClusterIdentifiers" yaml:"dbClusterIdentifiers"`
	// One or more DB instance identifiers.
	DbInstanceIdentifiers *[]*string `field:"optional" json:"dbInstanceIdentifiers" yaml:"dbInstanceIdentifiers"`
}

Properties for defining a `CfnDBProxyTargetGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBProxyTargetGroupProps := &cfnDBProxyTargetGroupProps{
	dbProxyName: jsii.String("dbProxyName"),
	targetGroupName: jsii.String("targetGroupName"),

	// the properties below are optional
	connectionPoolConfigurationInfo: &connectionPoolConfigurationInfoFormatProperty{
		connectionBorrowTimeout: jsii.Number(123),
		initQuery: jsii.String("initQuery"),
		maxConnectionsPercent: jsii.Number(123),
		maxIdleConnectionsPercent: jsii.Number(123),
		sessionPinningFilters: []*string{
			jsii.String("sessionPinningFilters"),
		},
	},
	dbClusterIdentifiers: []*string{
		jsii.String("dbClusterIdentifiers"),
	},
	dbInstanceIdentifiers: []*string{
		jsii.String("dbInstanceIdentifiers"),
	},
}

type CfnDBProxyTargetGroup_ConnectionPoolConfigurationInfoFormatProperty

type CfnDBProxyTargetGroup_ConnectionPoolConfigurationInfoFormatProperty struct {
	// The number of seconds for a proxy to wait for a connection to become available in the connection pool.
	//
	// Only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.
	//
	// Default: 120
	//
	// Constraints: between 1 and 3600, or 0 representing unlimited.
	ConnectionBorrowTimeout *float64 `field:"optional" json:"connectionBorrowTimeout" yaml:"connectionBorrowTimeout"`
	// One or more SQL statements for the proxy to run when opening each new database connection.
	//
	// Typically used with `SET` statements to make sure that each connection has identical settings such as time zone and character set. For multiple statements, use semicolons as the separator. You can also include multiple variables in a single `SET` statement, such as `SET x=1, y=2` .
	//
	// Default: no initialization query.
	InitQuery *string `field:"optional" json:"initQuery" yaml:"initQuery"`
	// The maximum size of the connection pool for each target in a target group.
	//
	// The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.
	//
	// If you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.
	//
	// Default: 10 for RDS for Microsoft SQL Server, and 100 for all other engines
	//
	// Constraints: Must be between 1 and 100.
	MaxConnectionsPercent *float64 `field:"optional" json:"maxConnectionsPercent" yaml:"maxConnectionsPercent"`
	// Controls how actively the proxy closes idle database connections in the connection pool.
	//
	// The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.
	//
	// If you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .
	//
	// Default: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is 5, and for all other engines, the default is 50.
	//
	// Constraints: Must be between 0 and the value of `MaxConnectionsPercent` .
	MaxIdleConnectionsPercent *float64 `field:"optional" json:"maxIdleConnectionsPercent" yaml:"maxIdleConnectionsPercent"`
	// Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection.
	//
	// Including an item in the list exempts that class of SQL operations from the pinning behavior.
	//
	// Default: no session pinning filters.
	SessionPinningFilters *[]*string `field:"optional" json:"sessionPinningFilters" yaml:"sessionPinningFilters"`
}

Specifies the settings that control the size and behavior of the connection pool associated with a `DBProxyTargetGroup` .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

connectionPoolConfigurationInfoFormatProperty := &connectionPoolConfigurationInfoFormatProperty{
	connectionBorrowTimeout: jsii.Number(123),
	initQuery: jsii.String("initQuery"),
	maxConnectionsPercent: jsii.Number(123),
	maxIdleConnectionsPercent: jsii.Number(123),
	sessionPinningFilters: []*string{
		jsii.String("sessionPinningFilters"),
	},
}

type CfnDBProxy_AuthFormatProperty

type CfnDBProxy_AuthFormatProperty struct {
	// The type of authentication that the proxy uses for connections from the proxy to the underlying database.
	//
	// Valid Values: `SECRETS`.
	AuthScheme *string `field:"optional" json:"authScheme" yaml:"authScheme"`
	// `CfnDBProxy.AuthFormatProperty.ClientPasswordAuthType`.
	ClientPasswordAuthType *string `field:"optional" json:"clientPasswordAuthType" yaml:"clientPasswordAuthType"`
	// A user-specified description about the authentication used by a proxy to log in as a specific database user.
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy.
	//
	// The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.
	//
	// Valid Values: `ENABLED | DISABLED | REQUIRED`.
	IamAuth *string `field:"optional" json:"iamAuth" yaml:"iamAuth"`
	// The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster.
	//
	// These secrets are stored within Amazon Secrets Manager.
	SecretArn *string `field:"optional" json:"secretArn" yaml:"secretArn"`
}

Specifies the details of authentication used by a proxy to log in as a specific database user.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

authFormatProperty := &authFormatProperty{
	authScheme: jsii.String("authScheme"),
	clientPasswordAuthType: jsii.String("clientPasswordAuthType"),
	description: jsii.String("description"),
	iamAuth: jsii.String("iamAuth"),
	secretArn: jsii.String("secretArn"),
}

type CfnDBProxy_TagFormatProperty

type CfnDBProxy_TagFormatProperty struct {
	// A key is the required name of the tag.
	//
	// The string value can be 1-128 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").
	Key *string `field:"optional" json:"key" yaml:"key"`
	// A value is the optional value of the tag.
	//
	// The string value can be 1-256 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").
	Value *string `field:"optional" json:"value" yaml:"value"`
}

Metadata assigned to a DB proxy consisting of a key-value pair.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tagFormatProperty := &tagFormatProperty{
	key: jsii.String("key"),
	value: jsii.String("value"),
}

type CfnDBSecurityGroup

type CfnDBSecurityGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// Ingress rules to be applied to the DB security group.
	DbSecurityGroupIngress() interface{}
	SetDbSecurityGroupIngress(val interface{})
	// The identifier of an Amazon VPC. This property indicates the VPC that this DB security group belongs to.
	//
	// > The `EC2VpcId` property is for backward compatibility with older regions, and is no longer recommended for providing security information to an RDS DB instance.
	Ec2VpcId() *string
	SetEc2VpcId(val *string)
	// Provides the description of the DB security group.
	GroupDescription() *string
	SetGroupDescription(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional array of key-value pairs to apply to this DB security group.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBSecurityGroup`.

The `AWS::RDS::DBSecurityGroup` resource creates or updates an Amazon RDS DB security group.

> EC2-Classic was retired on August 15, 2022. If you haven't migrated from EC2-Classic to a VPC, we recommend that you migrate as soon as possible. For more information, see [Migrate from EC2-Classic to a VPC](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) in the *Amazon EC2 User Guide* , the blog [EC2-Classic Networking is Retiring – Here’s How to Prepare](https://docs.aws.amazon.com/aws/ec2-classic-is-retiring-heres-how-to-prepare/) , and [Moving a DB instance not in a VPC into a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Non-VPC2VPC.html) in the *Amazon RDS User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSecurityGroup := awscdk.Aws_rds.NewCfnDBSecurityGroup(this, jsii.String("MyCfnDBSecurityGroup"), &cfnDBSecurityGroupProps{
	dbSecurityGroupIngress: []interface{}{
		&ingressProperty{
			cidrip: jsii.String("cidrip"),
			ec2SecurityGroupId: jsii.String("ec2SecurityGroupId"),
			ec2SecurityGroupName: jsii.String("ec2SecurityGroupName"),
			ec2SecurityGroupOwnerId: jsii.String("ec2SecurityGroupOwnerId"),
		},
	},
	groupDescription: jsii.String("groupDescription"),

	// the properties below are optional
	ec2VpcId: jsii.String("ec2VpcId"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnDBSecurityGroup

func NewCfnDBSecurityGroup(scope awscdk.Construct, id *string, props *CfnDBSecurityGroupProps) CfnDBSecurityGroup

Create a new `AWS::RDS::DBSecurityGroup`.

type CfnDBSecurityGroupIngress

type CfnDBSecurityGroupIngress interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// The IP range to authorize.
	Cidrip() *string
	SetCidrip(val *string)
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of the DB security group to add authorization to.
	DbSecurityGroupName() *string
	SetDbSecurityGroupName(val *string)
	// Id of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupId() *string
	SetEc2SecurityGroupId(val *string)
	// Name of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupName() *string
	SetEc2SecurityGroupName(val *string)
	// AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter.
	//
	// The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupOwnerId() *string
	SetEc2SecurityGroupOwnerId(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBSecurityGroupIngress`.

The `AWS::RDS::DBSecurityGroupIngress` resource enables ingress to a DB security group using one of two forms of authorization. First, you can add EC2 or VPC security groups to the DB security group if the application using the database is running on EC2 or VPC instances. Second, IP ranges are available if the application accessing your database is running on the Internet.

This type supports updates. For more information about updating stacks, see [AWS CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html) .

For details about the settings for DB security group ingress, see [AuthorizeDBSecurityGroupIngress](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AuthorizeDBSecurityGroupIngress.html) .

> EC2-Classic was retired on August 15, 2022. If you haven't migrated from EC2-Classic to a VPC, we recommend that you migrate as soon as possible. For more information, see [Migrate from EC2-Classic to a VPC](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) in the *Amazon EC2 User Guide* , the blog [EC2-Classic Networking is Retiring – Here’s How to Prepare](https://docs.aws.amazon.com/aws/ec2-classic-is-retiring-heres-how-to-prepare/) , and [Moving a DB instance not in a VPC into a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Non-VPC2VPC.html) in the *Amazon RDS User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSecurityGroupIngress := awscdk.Aws_rds.NewCfnDBSecurityGroupIngress(this, jsii.String("MyCfnDBSecurityGroupIngress"), &cfnDBSecurityGroupIngressProps{
	dbSecurityGroupName: jsii.String("dbSecurityGroupName"),

	// the properties below are optional
	cidrip: jsii.String("cidrip"),
	ec2SecurityGroupId: jsii.String("ec2SecurityGroupId"),
	ec2SecurityGroupName: jsii.String("ec2SecurityGroupName"),
	ec2SecurityGroupOwnerId: jsii.String("ec2SecurityGroupOwnerId"),
})

func NewCfnDBSecurityGroupIngress

func NewCfnDBSecurityGroupIngress(scope awscdk.Construct, id *string, props *CfnDBSecurityGroupIngressProps) CfnDBSecurityGroupIngress

Create a new `AWS::RDS::DBSecurityGroupIngress`.

type CfnDBSecurityGroupIngressProps

type CfnDBSecurityGroupIngressProps struct {
	// The name of the DB security group to add authorization to.
	DbSecurityGroupName *string `field:"required" json:"dbSecurityGroupName" yaml:"dbSecurityGroupName"`
	// The IP range to authorize.
	Cidrip *string `field:"optional" json:"cidrip" yaml:"cidrip"`
	// Id of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupId *string `field:"optional" json:"ec2SecurityGroupId" yaml:"ec2SecurityGroupId"`
	// Name of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupName *string `field:"optional" json:"ec2SecurityGroupName" yaml:"ec2SecurityGroupName"`
	// AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter.
	//
	// The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupOwnerId *string `field:"optional" json:"ec2SecurityGroupOwnerId" yaml:"ec2SecurityGroupOwnerId"`
}

Properties for defining a `CfnDBSecurityGroupIngress`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSecurityGroupIngressProps := &cfnDBSecurityGroupIngressProps{
	dbSecurityGroupName: jsii.String("dbSecurityGroupName"),

	// the properties below are optional
	cidrip: jsii.String("cidrip"),
	ec2SecurityGroupId: jsii.String("ec2SecurityGroupId"),
	ec2SecurityGroupName: jsii.String("ec2SecurityGroupName"),
	ec2SecurityGroupOwnerId: jsii.String("ec2SecurityGroupOwnerId"),
}

type CfnDBSecurityGroupProps

type CfnDBSecurityGroupProps struct {
	// Ingress rules to be applied to the DB security group.
	DbSecurityGroupIngress interface{} `field:"required" json:"dbSecurityGroupIngress" yaml:"dbSecurityGroupIngress"`
	// Provides the description of the DB security group.
	GroupDescription *string `field:"required" json:"groupDescription" yaml:"groupDescription"`
	// The identifier of an Amazon VPC. This property indicates the VPC that this DB security group belongs to.
	//
	// > The `EC2VpcId` property is for backward compatibility with older regions, and is no longer recommended for providing security information to an RDS DB instance.
	Ec2VpcId *string `field:"optional" json:"ec2VpcId" yaml:"ec2VpcId"`
	// An optional array of key-value pairs to apply to this DB security group.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnDBSecurityGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSecurityGroupProps := &cfnDBSecurityGroupProps{
	dbSecurityGroupIngress: []interface{}{
		&ingressProperty{
			cidrip: jsii.String("cidrip"),
			ec2SecurityGroupId: jsii.String("ec2SecurityGroupId"),
			ec2SecurityGroupName: jsii.String("ec2SecurityGroupName"),
			ec2SecurityGroupOwnerId: jsii.String("ec2SecurityGroupOwnerId"),
		},
	},
	groupDescription: jsii.String("groupDescription"),

	// the properties below are optional
	ec2VpcId: jsii.String("ec2VpcId"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnDBSecurityGroup_IngressProperty

type CfnDBSecurityGroup_IngressProperty struct {
	// The IP range to authorize.
	Cidrip *string `field:"optional" json:"cidrip" yaml:"cidrip"`
	// Id of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupId *string `field:"optional" json:"ec2SecurityGroupId" yaml:"ec2SecurityGroupId"`
	// Name of the EC2 security group to authorize.
	//
	// For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupName *string `field:"optional" json:"ec2SecurityGroupName" yaml:"ec2SecurityGroupName"`
	// AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter.
	//
	// The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.
	Ec2SecurityGroupOwnerId *string `field:"optional" json:"ec2SecurityGroupOwnerId" yaml:"ec2SecurityGroupOwnerId"`
}

The `Ingress` property type specifies an individual ingress rule within an `AWS::RDS::DBSecurityGroup` resource.

> EC2-Classic was retired on August 15, 2022. If you haven't migrated from EC2-Classic to a VPC, we recommend that you migrate as soon as possible. For more information, see [Migrate from EC2-Classic to a VPC](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) in the *Amazon EC2 User Guide* , the blog [EC2-Classic Networking is Retiring – Here’s How to Prepare](https://docs.aws.amazon.com/aws/ec2-classic-is-retiring-heres-how-to-prepare/) , and [Moving a DB instance not in a VPC into a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Non-VPC2VPC.html) in the *Amazon RDS User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

ingressProperty := &ingressProperty{
	cidrip: jsii.String("cidrip"),
	ec2SecurityGroupId: jsii.String("ec2SecurityGroupId"),
	ec2SecurityGroupName: jsii.String("ec2SecurityGroupName"),
	ec2SecurityGroupOwnerId: jsii.String("ec2SecurityGroupOwnerId"),
}

type CfnDBSubnetGroup

type CfnDBSubnetGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The description for the DB subnet group.
	DbSubnetGroupDescription() *string
	SetDbSubnetGroupDescription(val *string)
	// The name for the DB subnet group. This value is stored as a lowercase string.
	//
	// Constraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be "Default".
	//
	// Example: `mysubnetgroup`.
	DbSubnetGroupName() *string
	SetDbSubnetGroupName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// The EC2 Subnet IDs for the DB subnet group.
	SubnetIds() *[]*string
	SetSubnetIds(val *[]*string)
	// An optional array of key-value pairs to apply to this DB subnet group.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::DBSubnetGroup`.

The `AWS::RDS::DBSubnetGroup` resource creates a database subnet group. Subnet groups must contain at least two subnets in two different Availability Zones in the same region.

For more information, see [Working with DB subnet groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Subnets) in the *Amazon RDS User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSubnetGroup := awscdk.Aws_rds.NewCfnDBSubnetGroup(this, jsii.String("MyCfnDBSubnetGroup"), &cfnDBSubnetGroupProps{
	dbSubnetGroupDescription: jsii.String("dbSubnetGroupDescription"),
	subnetIds: []*string{
		jsii.String("subnetIds"),
	},

	// the properties below are optional
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnDBSubnetGroup

func NewCfnDBSubnetGroup(scope awscdk.Construct, id *string, props *CfnDBSubnetGroupProps) CfnDBSubnetGroup

Create a new `AWS::RDS::DBSubnetGroup`.

type CfnDBSubnetGroupProps

type CfnDBSubnetGroupProps struct {
	// The description for the DB subnet group.
	DbSubnetGroupDescription *string `field:"required" json:"dbSubnetGroupDescription" yaml:"dbSubnetGroupDescription"`
	// The EC2 Subnet IDs for the DB subnet group.
	SubnetIds *[]*string `field:"required" json:"subnetIds" yaml:"subnetIds"`
	// The name for the DB subnet group. This value is stored as a lowercase string.
	//
	// Constraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be "Default".
	//
	// Example: `mysubnetgroup`.
	DbSubnetGroupName *string `field:"optional" json:"dbSubnetGroupName" yaml:"dbSubnetGroupName"`
	// An optional array of key-value pairs to apply to this DB subnet group.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnDBSubnetGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnDBSubnetGroupProps := &cfnDBSubnetGroupProps{
	dbSubnetGroupDescription: jsii.String("dbSubnetGroupDescription"),
	subnetIds: []*string{
		jsii.String("subnetIds"),
	},

	// the properties below are optional
	dbSubnetGroupName: jsii.String("dbSubnetGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnEventSubscription

type CfnEventSubscription interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// A value that indicates whether to activate the subscription.
	//
	// If the event notification subscription isn't activated, the subscription is created but not active.
	Enabled() interface{}
	SetEnabled(val interface{})
	// A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to.
	//
	// You can see a list of the categories for a given source type in the "Amazon RDS event categories and event messages" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.
	EventCategories() *[]*string
	SetEventCategories(val *[]*string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The Amazon Resource Name (ARN) of the SNS topic created for event notification.
	//
	// The ARN is created by Amazon SNS when you create a topic and subscribe to it.
	SnsTopicArn() *string
	SetSnsTopicArn(val *string)
	// The list of identifiers of the event sources for which events are returned.
	//
	// If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.
	//
	// Constraints:
	//
	// - If a `SourceIds` value is supplied, `SourceType` must also be provided.
	// - If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.
	// - If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.
	// - If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.
	// - If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.
	// - If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.
	// - If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.
	SourceIds() *[]*string
	SetSourceIds(val *[]*string)
	// The type of source that is generating the events.
	//
	// For example, if you want to be notified of events generated by a DB instance, set this parameter to `db-instance` . If this value isn't specified, all events are returned.
	//
	// Valid values: `db-instance` | `db-cluster` | `db-parameter-group` | `db-security-group` | `db-snapshot` | `db-cluster-snapshot`.
	SourceType() *string
	SetSourceType(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// The name of the subscription.
	//
	// Constraints: The name must be less than 255 characters.
	SubscriptionName() *string
	SetSubscriptionName(val *string)
	// An optional array of key-value pairs to apply to this subscription.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::EventSubscription`.

The `AWS::RDS::EventSubscription` resource allows you to receive notifications for Amazon Relational Database Service events through the Amazon Simple Notification Service (Amazon SNS). For more information, see [Using Amazon RDS Event Notification](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html) in the *Amazon RDS User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventSubscription := awscdk.Aws_rds.NewCfnEventSubscription(this, jsii.String("MyCfnEventSubscription"), &cfnEventSubscriptionProps{
	snsTopicArn: jsii.String("snsTopicArn"),

	// the properties below are optional
	enabled: jsii.Boolean(false),
	eventCategories: []*string{
		jsii.String("eventCategories"),
	},
	sourceIds: []*string{
		jsii.String("sourceIds"),
	},
	sourceType: jsii.String("sourceType"),
	subscriptionName: jsii.String("subscriptionName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnEventSubscription

func NewCfnEventSubscription(scope awscdk.Construct, id *string, props *CfnEventSubscriptionProps) CfnEventSubscription

Create a new `AWS::RDS::EventSubscription`.

type CfnEventSubscriptionProps

type CfnEventSubscriptionProps struct {
	// The Amazon Resource Name (ARN) of the SNS topic created for event notification.
	//
	// The ARN is created by Amazon SNS when you create a topic and subscribe to it.
	SnsTopicArn *string `field:"required" json:"snsTopicArn" yaml:"snsTopicArn"`
	// A value that indicates whether to activate the subscription.
	//
	// If the event notification subscription isn't activated, the subscription is created but not active.
	Enabled interface{} `field:"optional" json:"enabled" yaml:"enabled"`
	// A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to.
	//
	// You can see a list of the categories for a given source type in the "Amazon RDS event categories and event messages" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.
	EventCategories *[]*string `field:"optional" json:"eventCategories" yaml:"eventCategories"`
	// The list of identifiers of the event sources for which events are returned.
	//
	// If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.
	//
	// Constraints:
	//
	// - If a `SourceIds` value is supplied, `SourceType` must also be provided.
	// - If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.
	// - If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.
	// - If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.
	// - If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.
	// - If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.
	// - If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.
	SourceIds *[]*string `field:"optional" json:"sourceIds" yaml:"sourceIds"`
	// The type of source that is generating the events.
	//
	// For example, if you want to be notified of events generated by a DB instance, set this parameter to `db-instance` . If this value isn't specified, all events are returned.
	//
	// Valid values: `db-instance` | `db-cluster` | `db-parameter-group` | `db-security-group` | `db-snapshot` | `db-cluster-snapshot`.
	SourceType *string `field:"optional" json:"sourceType" yaml:"sourceType"`
	// The name of the subscription.
	//
	// Constraints: The name must be less than 255 characters.
	SubscriptionName *string `field:"optional" json:"subscriptionName" yaml:"subscriptionName"`
	// An optional array of key-value pairs to apply to this subscription.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnEventSubscription`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventSubscriptionProps := &cfnEventSubscriptionProps{
	snsTopicArn: jsii.String("snsTopicArn"),

	// the properties below are optional
	enabled: jsii.Boolean(false),
	eventCategories: []*string{
		jsii.String("eventCategories"),
	},
	sourceIds: []*string{
		jsii.String("sourceIds"),
	},
	sourceType: jsii.String("sourceType"),
	subscriptionName: jsii.String("subscriptionName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnGlobalCluster

type CfnGlobalCluster interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The deletion protection setting for the new global database.
	//
	// The global database can't be deleted when deletion protection is enabled.
	DeletionProtection() interface{}
	SetDeletionProtection(val interface{})
	// The name of the database engine to be used for this DB cluster.
	//
	// If this property isn't specified, the database engine is derived from the source DB cluster specified by the `SourceDBClusterIdentifier` property.
	//
	// > If the `SourceDBClusterIdentifier` property isn't specified, this property is required. If the `SourceDBClusterIdentifier` property is specified, make sure this property isn't specified.
	Engine() *string
	SetEngine(val *string)
	// The engine version of the Aurora global database.
	EngineVersion() *string
	SetEngineVersion(val *string)
	// The cluster identifier of the global database cluster.
	GlobalClusterIdentifier() *string
	SetGlobalClusterIdentifier(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The DB cluster identifier or Amazon Resource Name (ARN) to use as the primary cluster of the global database.
	//
	// > If the `Engine` property isn't specified, this property is required. If the `Engine` property is specified, make sure this property isn't specified.
	SourceDbClusterIdentifier() *string
	SetSourceDbClusterIdentifier(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// The storage encryption setting for the global database cluster.
	StorageEncrypted() interface{}
	SetStorageEncrypted(val interface{})
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::GlobalCluster`.

The `AWS::RDS::GlobalCluster` resource creates or updates an Amazon Aurora global database spread across multiple AWS Regions.

The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.

You can create a global database that is initially empty, and then add a primary cluster and a secondary cluster to it.

For information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnGlobalCluster := awscdk.Aws_rds.NewCfnGlobalCluster(this, jsii.String("MyCfnGlobalCluster"), &cfnGlobalClusterProps{
	deletionProtection: jsii.Boolean(false),
	engine: jsii.String("engine"),
	engineVersion: jsii.String("engineVersion"),
	globalClusterIdentifier: jsii.String("globalClusterIdentifier"),
	sourceDbClusterIdentifier: jsii.String("sourceDbClusterIdentifier"),
	storageEncrypted: jsii.Boolean(false),
})

func NewCfnGlobalCluster

func NewCfnGlobalCluster(scope awscdk.Construct, id *string, props *CfnGlobalClusterProps) CfnGlobalCluster

Create a new `AWS::RDS::GlobalCluster`.

type CfnGlobalClusterProps

type CfnGlobalClusterProps struct {
	// The deletion protection setting for the new global database.
	//
	// The global database can't be deleted when deletion protection is enabled.
	DeletionProtection interface{} `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The name of the database engine to be used for this DB cluster.
	//
	// If this property isn't specified, the database engine is derived from the source DB cluster specified by the `SourceDBClusterIdentifier` property.
	//
	// > If the `SourceDBClusterIdentifier` property isn't specified, this property is required. If the `SourceDBClusterIdentifier` property is specified, make sure this property isn't specified.
	Engine *string `field:"optional" json:"engine" yaml:"engine"`
	// The engine version of the Aurora global database.
	EngineVersion *string `field:"optional" json:"engineVersion" yaml:"engineVersion"`
	// The cluster identifier of the global database cluster.
	GlobalClusterIdentifier *string `field:"optional" json:"globalClusterIdentifier" yaml:"globalClusterIdentifier"`
	// The DB cluster identifier or Amazon Resource Name (ARN) to use as the primary cluster of the global database.
	//
	// > If the `Engine` property isn't specified, this property is required. If the `Engine` property is specified, make sure this property isn't specified.
	SourceDbClusterIdentifier *string `field:"optional" json:"sourceDbClusterIdentifier" yaml:"sourceDbClusterIdentifier"`
	// The storage encryption setting for the global database cluster.
	StorageEncrypted interface{} `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
}

Properties for defining a `CfnGlobalCluster`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnGlobalClusterProps := &cfnGlobalClusterProps{
	deletionProtection: jsii.Boolean(false),
	engine: jsii.String("engine"),
	engineVersion: jsii.String("engineVersion"),
	globalClusterIdentifier: jsii.String("globalClusterIdentifier"),
	sourceDbClusterIdentifier: jsii.String("sourceDbClusterIdentifier"),
	storageEncrypted: jsii.Boolean(false),
}

type CfnOptionGroup

type CfnOptionGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// Specifies the name of the engine that this option group should be associated with.
	//
	// Valid Values:
	//
	// - `mariadb`
	// - `mysql`
	// - `oracle-ee`
	// - `oracle-ee-cdb`
	// - `oracle-se2`
	// - `oracle-se2-cdb`
	// - `postgres`
	// - `sqlserver-ee`
	// - `sqlserver-se`
	// - `sqlserver-ex`
	// - `sqlserver-web`.
	EngineName() *string
	SetEngineName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// Specifies the major version of the engine that this option group should be associated with.
	MajorEngineVersion() *string
	SetMajorEngineVersion(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// A list of options and the settings for each option.
	OptionConfigurations() interface{}
	SetOptionConfigurations(val interface{})
	// The description of the option group.
	OptionGroupDescription() *string
	SetOptionGroupDescription(val *string)
	// The name of the option group to be created.
	//
	// Constraints:
	//
	// - Must be 1 to 255 letters, numbers, or hyphens
	// - First character must be a letter
	// - Can't end with a hyphen or contain two consecutive hyphens
	//
	// Example: `myoptiongroup`
	//
	// If you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.
	//
	// > This value is stored as a lowercase string.
	OptionGroupName() *string
	SetOptionGroupName(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// An optional array of key-value pairs to apply to this option group.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::RDS::OptionGroup`.

The `AWS::RDS::OptionGroup` resource creates or updates an option group, to enable and configure features that are specific to a particular DB engine.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnOptionGroup := awscdk.Aws_rds.NewCfnOptionGroup(this, jsii.String("MyCfnOptionGroup"), &cfnOptionGroupProps{
	engineName: jsii.String("engineName"),
	majorEngineVersion: jsii.String("majorEngineVersion"),
	optionGroupDescription: jsii.String("optionGroupDescription"),

	// the properties below are optional
	optionConfigurations: []interface{}{
		&optionConfigurationProperty{
			optionName: jsii.String("optionName"),

			// the properties below are optional
			dbSecurityGroupMemberships: []*string{
				jsii.String("dbSecurityGroupMemberships"),
			},
			optionSettings: []interface{}{
				&optionSettingProperty{
					name: jsii.String("name"),
					value: jsii.String("value"),
				},
			},
			optionVersion: jsii.String("optionVersion"),
			port: jsii.Number(123),
			vpcSecurityGroupMemberships: []*string{
				jsii.String("vpcSecurityGroupMemberships"),
			},
		},
	},
	optionGroupName: jsii.String("optionGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnOptionGroup

func NewCfnOptionGroup(scope awscdk.Construct, id *string, props *CfnOptionGroupProps) CfnOptionGroup

Create a new `AWS::RDS::OptionGroup`.

type CfnOptionGroupProps

type CfnOptionGroupProps struct {
	// Specifies the name of the engine that this option group should be associated with.
	//
	// Valid Values:
	//
	// - `mariadb`
	// - `mysql`
	// - `oracle-ee`
	// - `oracle-ee-cdb`
	// - `oracle-se2`
	// - `oracle-se2-cdb`
	// - `postgres`
	// - `sqlserver-ee`
	// - `sqlserver-se`
	// - `sqlserver-ex`
	// - `sqlserver-web`.
	EngineName *string `field:"required" json:"engineName" yaml:"engineName"`
	// Specifies the major version of the engine that this option group should be associated with.
	MajorEngineVersion *string `field:"required" json:"majorEngineVersion" yaml:"majorEngineVersion"`
	// The description of the option group.
	OptionGroupDescription *string `field:"required" json:"optionGroupDescription" yaml:"optionGroupDescription"`
	// A list of options and the settings for each option.
	OptionConfigurations interface{} `field:"optional" json:"optionConfigurations" yaml:"optionConfigurations"`
	// The name of the option group to be created.
	//
	// Constraints:
	//
	// - Must be 1 to 255 letters, numbers, or hyphens
	// - First character must be a letter
	// - Can't end with a hyphen or contain two consecutive hyphens
	//
	// Example: `myoptiongroup`
	//
	// If you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.
	//
	// > This value is stored as a lowercase string.
	OptionGroupName *string `field:"optional" json:"optionGroupName" yaml:"optionGroupName"`
	// An optional array of key-value pairs to apply to this option group.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnOptionGroup`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnOptionGroupProps := &cfnOptionGroupProps{
	engineName: jsii.String("engineName"),
	majorEngineVersion: jsii.String("majorEngineVersion"),
	optionGroupDescription: jsii.String("optionGroupDescription"),

	// the properties below are optional
	optionConfigurations: []interface{}{
		&optionConfigurationProperty{
			optionName: jsii.String("optionName"),

			// the properties below are optional
			dbSecurityGroupMemberships: []*string{
				jsii.String("dbSecurityGroupMemberships"),
			},
			optionSettings: []interface{}{
				&optionSettingProperty{
					name: jsii.String("name"),
					value: jsii.String("value"),
				},
			},
			optionVersion: jsii.String("optionVersion"),
			port: jsii.Number(123),
			vpcSecurityGroupMemberships: []*string{
				jsii.String("vpcSecurityGroupMemberships"),
			},
		},
	},
	optionGroupName: jsii.String("optionGroupName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnOptionGroup_OptionConfigurationProperty

type CfnOptionGroup_OptionConfigurationProperty struct {
	// The configuration of options to include in a group.
	OptionName *string `field:"required" json:"optionName" yaml:"optionName"`
	// A list of DBSecurityGroupMembership name strings used for this option.
	DbSecurityGroupMemberships *[]*string `field:"optional" json:"dbSecurityGroupMemberships" yaml:"dbSecurityGroupMemberships"`
	// The option settings to include in an option group.
	OptionSettings interface{} `field:"optional" json:"optionSettings" yaml:"optionSettings"`
	// The version for the option.
	OptionVersion *string `field:"optional" json:"optionVersion" yaml:"optionVersion"`
	// The optional port for the option.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// A list of VpcSecurityGroupMembership name strings used for this option.
	VpcSecurityGroupMemberships *[]*string `field:"optional" json:"vpcSecurityGroupMemberships" yaml:"vpcSecurityGroupMemberships"`
}

The `OptionConfiguration` property type specifies an individual option, and its settings, within an `AWS::RDS::OptionGroup` resource.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

optionConfigurationProperty := &optionConfigurationProperty{
	optionName: jsii.String("optionName"),

	// the properties below are optional
	dbSecurityGroupMemberships: []*string{
		jsii.String("dbSecurityGroupMemberships"),
	},
	optionSettings: []interface{}{
		&optionSettingProperty{
			name: jsii.String("name"),
			value: jsii.String("value"),
		},
	},
	optionVersion: jsii.String("optionVersion"),
	port: jsii.Number(123),
	vpcSecurityGroupMemberships: []*string{
		jsii.String("vpcSecurityGroupMemberships"),
	},
}

type CfnOptionGroup_OptionSettingProperty

type CfnOptionGroup_OptionSettingProperty struct {
	// The name of the option that has settings that you can set.
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The current value of the option setting.
	Value *string `field:"optional" json:"value" yaml:"value"`
}

The `OptionSetting` property type specifies the value for an option within an `OptionSetting` property.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

optionSettingProperty := &optionSettingProperty{
	name: jsii.String("name"),
	value: jsii.String("value"),
}

type ClusterEngineBindOptions

type ClusterEngineBindOptions struct {
	// The customer-provided ParameterGroup.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The role used for S3 exporting.
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// The role used for S3 importing.
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
}

The extra options passed to the {@link IClusterEngine.bindToCluster} method.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var parameterGroup parameterGroup
var role role

clusterEngineBindOptions := &clusterEngineBindOptions{
	parameterGroup: parameterGroup,
	s3ExportRole: role,
	s3ImportRole: role,
}

Experimental.

type ClusterEngineConfig

type ClusterEngineConfig struct {
	// Features supported by the database engine.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html
	//
	// Experimental.
	Features *ClusterEngineFeatures `field:"optional" json:"features" yaml:"features"`
	// The ParameterGroup to use for the cluster.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The port to use for this cluster, unless the customer specified the port directly.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
}

The type returned from the {@link IClusterEngine.bindToCluster} method.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var parameterGroup parameterGroup

clusterEngineConfig := &clusterEngineConfig{
	features: &clusterEngineFeatures{
		s3Export: jsii.String("s3Export"),
		s3Import: jsii.String("s3Import"),
	},
	parameterGroup: parameterGroup,
	port: jsii.Number(123),
}

Experimental.

type ClusterEngineFeatures

type ClusterEngineFeatures struct {
	// Feature name for the DB instance that the IAM role to export to S3 bucket is to be associated with.
	// Experimental.
	S3Export *string `field:"optional" json:"s3Export" yaml:"s3Export"`
	// Feature name for the DB instance that the IAM role to access the S3 bucket for import is to be associated with.
	// Experimental.
	S3Import *string `field:"optional" json:"s3Import" yaml:"s3Import"`
}

Represents Database Engine features.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

clusterEngineFeatures := &clusterEngineFeatures{
	s3Export: jsii.String("s3Export"),
	s3Import: jsii.String("s3Import"),
}

Experimental.

type CommonRotationUserOptions

type CommonRotationUserOptions struct {
	// Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
	// Experimental.
	AutomaticallyAfter awscdk.Duration `field:"optional" json:"automaticallyAfter" yaml:"automaticallyAfter"`
	// The VPC interface endpoint to use for the Secrets Manager API.
	//
	// If you enable private DNS hostnames for your VPC private endpoint (the default), you don't
	// need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager
	// CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically
	// resolves to your VPC endpoint.
	// Experimental.
	Endpoint awsec2.IInterfaceVpcEndpoint `field:"optional" json:"endpoint" yaml:"endpoint"`
	// Specifies characters to not include in generated passwords.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// Where to place the rotation Lambda function.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties common to single-user and multi-user rotation options.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration
var interfaceVpcEndpoint interfaceVpcEndpoint
var subnet subnet
var subnetFilter subnetFilter

commonRotationUserOptions := &commonRotationUserOptions{
	automaticallyAfter: duration,
	endpoint: interfaceVpcEndpoint,
	excludeCharacters: jsii.String("excludeCharacters"),
	vpcSubnets: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []iSubnet{
			subnet,
		},
		subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
	},
}

Experimental.

type Credentials

type Credentials interface {
	// KMS encryption key to encrypt the generated secret.
	// Experimental.
	EncryptionKey() awskms.IKey
	// The characters to exclude from the generated password.
	//
	// Only used if {@link password} has not been set.
	// Experimental.
	ExcludeCharacters() *string
	// Password.
	//
	// Do not put passwords in your CDK code directly.
	// Experimental.
	Password() awscdk.SecretValue
	// A list of regions where to replicate the generated secret.
	// Experimental.
	ReplicaRegions() *[]*awssecretsmanager.ReplicaRegion
	// Secret used to instantiate this Login.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// The name to use for the Secret if a new Secret is to be generated in SecretsManager for these Credentials.
	// Experimental.
	SecretName() *string
	// Username.
	// Experimental.
	Username() *string
	// Whether the username should be referenced as a string and not as a dynamic reference to the username in the secret.
	// Experimental.
	UsernameAsString() *bool
}

Username and password combination.

Example:

// Build a data source for AppSync to access the database.
var api graphqlApi
// Create username and password secret for DB Cluster
secret := rds.NewDatabaseSecret(this, jsii.String("AuroraSecret"), &databaseSecretProps{
	username: jsii.String("clusteradmin"),
})

// The VPC to place the cluster in
vpc := ec2.NewVpc(this, jsii.String("AuroraVpc"))

// Create the serverless cluster, provide all values needed to customise the database.
cluster := rds.NewServerlessCluster(this, jsii.String("AuroraCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	credentials: map[string]*string{
		"username": jsii.String("clusteradmin"),
	},
	clusterIdentifier: jsii.String("db-endpoint-test"),
	defaultDatabaseName: jsii.String("demos"),
})
rdsDS := api.addRdsDataSource(jsii.String("rds"), cluster, secret, jsii.String("demos"))

// Set up a resolver for an RDS query.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Query"),
	fieldName: jsii.String("getDemosRds"),
	requestMappingTemplate: appsync.mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"SELECT * FROM demos\"\n    ]\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])\n  ")),
})

// Set up a resolver for an RDS mutation.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Mutation"),
	fieldName: jsii.String("addDemoRds"),
	requestMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"INSERT INTO demos VALUES (:id, :version)\",\n      \"SELECT * WHERE id = :id\"\n    ],\n    \"variableMap\": {\n      \":id\": $util.toJson($util.autoId()),\n      \":version\": $util.toJson($ctx.args.version)\n    }\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])\n  ")),
})

Experimental.

func Credentials_FromGeneratedSecret

func Credentials_FromGeneratedSecret(username *string, options *CredentialsBaseOptions) Credentials

Creates Credentials with a password generated and stored in Secrets Manager. Experimental.

func Credentials_FromPassword

func Credentials_FromPassword(username *string, password awscdk.SecretValue) Credentials

Creates Credentials from a password.

Do not put passwords in your CDK code directly. Experimental.

func Credentials_FromSecret

func Credentials_FromSecret(secret awssecretsmanager.ISecret, username *string) Credentials

Creates Credentials from an existing Secrets Manager “Secret“ (or “DatabaseSecret“).

The Secret must be a JSON string with a “username“ and “password“ field: ```

{
   ...
   "username": <required: username>,
   "password": <required: password>,
}

```. Experimental.

func Credentials_FromUsername

func Credentials_FromUsername(username *string, options *CredentialsFromUsernameOptions) Credentials

Creates Credentials for the given username, and optional password and key.

If no password is provided, one will be generated and stored in Secrets Manager. Experimental.

type CredentialsBaseOptions

type CredentialsBaseOptions struct {
	// KMS encryption key to encrypt the generated secret.
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// The characters to exclude from the generated password.
	//
	// Has no effect if {@link password} has been provided.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// A list of regions where to replicate this secret.
	// Experimental.
	ReplicaRegions *[]*awssecretsmanager.ReplicaRegion `field:"optional" json:"replicaRegions" yaml:"replicaRegions"`
	// The name of the secret.
	// Experimental.
	SecretName *string `field:"optional" json:"secretName" yaml:"secretName"`
}

Base options for creating Credentials.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstance(this, jsii.String("InstanceWithCustomizedSecret"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres"), &credentialsBaseOptions{
		secretName: jsii.String("my-cool-name"),
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Experimental.

type CredentialsFromUsernameOptions

type CredentialsFromUsernameOptions struct {
	// KMS encryption key to encrypt the generated secret.
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// The characters to exclude from the generated password.
	//
	// Has no effect if {@link password} has been provided.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// A list of regions where to replicate this secret.
	// Experimental.
	ReplicaRegions *[]*awssecretsmanager.ReplicaRegion `field:"optional" json:"replicaRegions" yaml:"replicaRegions"`
	// The name of the secret.
	// Experimental.
	SecretName *string `field:"optional" json:"secretName" yaml:"secretName"`
	// Password.
	//
	// Do not put passwords in your CDK code directly.
	// Experimental.
	Password awscdk.SecretValue `field:"optional" json:"password" yaml:"password"`
}

Options for creating Credentials from a username.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var key key
var secretValue secretValue

credentialsFromUsernameOptions := &credentialsFromUsernameOptions{
	encryptionKey: key,
	excludeCharacters: jsii.String("excludeCharacters"),
	password: secretValue,
	replicaRegions: []replicaRegion{
		&replicaRegion{
			region: jsii.String("region"),

			// the properties below are optional
			encryptionKey: key,
		},
	},
	secretName: jsii.String("secretName"),
}

Experimental.

type DatabaseCluster

type DatabaseCluster interface {
	DatabaseClusterBase
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// Endpoint to use for load-balanced read-only operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The engine for this Cluster.
	//
	// Never undefined.
	// Experimental.
	Engine() IClusterEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Endpoints which address each individual replica.
	// Experimental.
	InstanceEndpoints() *[]Endpoint
	// Identifiers of the replicas.
	// Experimental.
	InstanceIdentifiers() *[]*string
	// Application for multi user rotation to this cluster.
	// Experimental.
	MultiUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// Experimental.
	NewCfnProps() *CfnDBClusterProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The secret attached to this cluster.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SecurityGroups() *[]awsec2.ISecurityGroup
	// Application for single user rotation of the master password to this cluster.
	// Experimental.
	SingleUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Experimental.
	SubnetGroup() ISubnetGroup
	// The VPC network to place the cluster in.
	// Experimental.
	Vpc() awsec2.IVpc
	// The cluster's subnets.
	// Experimental.
	VpcSubnets() *awsec2.SubnetSelection
	// Add a new db proxy to this cluster.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Adds the multi user rotation to this cluster.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this cluster.
	// Experimental.
	AddRotationSingleUser(options *RotationSingleUserOptions) awssecretsmanager.SecretRotation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Return the given named metric for this DBCluster.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of deadlocks in the database per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDeadlocks(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of time that the instance has been running, in seconds.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricEngineUptime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of local storage available, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeLocalStorage(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput received from clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkReceiveThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput sent to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkTransmitThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricSnapshotStorageUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes for which you are billed.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricTotalBackupStorageBilled(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of storage used by your Aurora DB instance, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeBytesUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeReadIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeWriteIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Create a clustered database with a given number of instances.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

func NewDatabaseCluster

func NewDatabaseCluster(scope constructs.Construct, id *string, props *DatabaseClusterProps) DatabaseCluster

Experimental.

type DatabaseClusterAttributes

type DatabaseClusterAttributes struct {
	// Identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"required" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Cluster endpoint address.
	// Experimental.
	ClusterEndpointAddress *string `field:"optional" json:"clusterEndpointAddress" yaml:"clusterEndpointAddress"`
	// The engine of the existing Cluster.
	// Experimental.
	Engine IClusterEngine `field:"optional" json:"engine" yaml:"engine"`
	// Endpoint addresses of individual instances.
	// Experimental.
	InstanceEndpointAddresses *[]*string `field:"optional" json:"instanceEndpointAddresses" yaml:"instanceEndpointAddresses"`
	// Identifier for the instances.
	// Experimental.
	InstanceIdentifiers *[]*string `field:"optional" json:"instanceIdentifiers" yaml:"instanceIdentifiers"`
	// The database port.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Reader endpoint address.
	// Experimental.
	ReaderEndpointAddress *string `field:"optional" json:"readerEndpointAddress" yaml:"readerEndpointAddress"`
	// The security groups of the database cluster.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
}

Properties that describe an existing cluster instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var clusterEngine iClusterEngine
var securityGroup securityGroup

databaseClusterAttributes := &databaseClusterAttributes{
	clusterIdentifier: jsii.String("clusterIdentifier"),

	// the properties below are optional
	clusterEndpointAddress: jsii.String("clusterEndpointAddress"),
	engine: clusterEngine,
	instanceEndpointAddresses: []*string{
		jsii.String("instanceEndpointAddresses"),
	},
	instanceIdentifiers: []*string{
		jsii.String("instanceIdentifiers"),
	},
	port: jsii.Number(123),
	readerEndpointAddress: jsii.String("readerEndpointAddress"),
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
}

Experimental.

type DatabaseClusterBase

type DatabaseClusterBase interface {
	awscdk.Resource
	IDatabaseCluster
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// Endpoint to use for load-balanced read-only operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The engine of this Cluster.
	//
	// May be not known for imported Clusters if it wasn't provided explicitly.
	// Experimental.
	Engine() IClusterEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Endpoints which address each individual replica.
	// Experimental.
	InstanceEndpoints() *[]Endpoint
	// Identifiers of the replicas.
	// Experimental.
	InstanceIdentifiers() *[]*string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Add a new db proxy to this cluster.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Return the given named metric for this DBCluster.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of deadlocks in the database per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDeadlocks(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of time that the instance has been running, in seconds.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricEngineUptime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of local storage available, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeLocalStorage(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput received from clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkReceiveThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput sent to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkTransmitThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricSnapshotStorageUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes for which you are billed.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricTotalBackupStorageBilled(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of storage used by your Aurora DB instance, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeBytesUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeReadIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeWriteIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A new or imported clustered database. Experimental.

type DatabaseClusterEngine

type DatabaseClusterEngine interface {
}

A database cluster engine.

Provides mapping to the serverless application used for secret rotation.

Example:

var vpc vpc

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_POSTGRESQL(),
	parameterGroup: rds.parameterGroup.fromParameterGroupName(this, jsii.String("ParameterGroup"), jsii.String("default.aurora-postgresql10")),
	vpc: vpc,
	scaling: &serverlessScalingOptions{
		autoPause: awscdk.Duration.minutes(jsii.Number(10)),
		 // default is to pause after 5 minutes of idle time
		minCapacity: rds.auroraCapacityUnit_ACU_8,
		 // default is 2 Aurora capacity units (ACUs)
		maxCapacity: rds.*auroraCapacityUnit_ACU_32,
	},
})

Experimental.

func NewDatabaseClusterEngine

func NewDatabaseClusterEngine() DatabaseClusterEngine

Experimental.

type DatabaseClusterFromSnapshot

type DatabaseClusterFromSnapshot interface {
	DatabaseClusterBase
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// Endpoint to use for load-balanced read-only operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The engine for this Cluster.
	//
	// Never undefined.
	// Experimental.
	Engine() IClusterEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Endpoints which address each individual replica.
	// Experimental.
	InstanceEndpoints() *[]Endpoint
	// Identifiers of the replicas.
	// Experimental.
	InstanceIdentifiers() *[]*string
	// Application for multi user rotation to this cluster.
	// Experimental.
	MultiUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// Experimental.
	NewCfnProps() *CfnDBClusterProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The secret attached to this cluster.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SecurityGroups() *[]awsec2.ISecurityGroup
	// Application for single user rotation of the master password to this cluster.
	// Experimental.
	SingleUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Experimental.
	SubnetGroup() ISubnetGroup
	// The VPC network to place the cluster in.
	// Experimental.
	Vpc() awsec2.IVpc
	// The cluster's subnets.
	// Experimental.
	VpcSubnets() *awsec2.SubnetSelection
	// Add a new db proxy to this cluster.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Adds the multi user rotation to this cluster.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this cluster.
	// Experimental.
	AddRotationSingleUser(options *RotationSingleUserOptions) awssecretsmanager.SecretRotation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Return the given named metric for this DBCluster.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of deadlocks in the database per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDeadlocks(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of time that the instance has been running, in seconds.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricEngineUptime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of local storage available, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeLocalStorage(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput received from clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkReceiveThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput sent to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkTransmitThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricSnapshotStorageUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes for which you are billed.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricTotalBackupStorageBilled(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of storage used by your Aurora DB instance, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeBytesUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeReadIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeWriteIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A database cluster restored from a snapshot.

Example:

var vpc vpc

rds.NewDatabaseClusterFromSnapshot(this, jsii.String("Database"), &databaseClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_22_2(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

func NewDatabaseClusterFromSnapshot

func NewDatabaseClusterFromSnapshot(scope constructs.Construct, id *string, props *DatabaseClusterFromSnapshotProps) DatabaseClusterFromSnapshot

Experimental.

type DatabaseClusterFromSnapshotProps

type DatabaseClusterFromSnapshotProps struct {
	// What kind of database to start.
	// Experimental.
	Engine IClusterEngine `field:"required" json:"engine" yaml:"engine"`
	// Settings for the individual instances that are launched.
	// Experimental.
	InstanceProps *InstanceProps `field:"required" json:"instanceProps" yaml:"instanceProps"`
	// The identifier for the DB instance snapshot or DB cluster snapshot to restore from.
	//
	// You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot.
	// However, you can use only the ARN to specify a DB instance snapshot.
	// Experimental.
	SnapshotIdentifier *string `field:"required" json:"snapshotIdentifier" yaml:"snapshotIdentifier"`
	// The number of seconds to set a cluster's target backtrack window to.
	//
	// This feature is only supported by the Aurora MySQL database engine and
	// cannot be enabled on existing clusters.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Managing.Backtrack.html
	//
	// Experimental.
	BacktrackWindow awscdk.Duration `field:"optional" json:"backtrackWindow" yaml:"backtrackWindow"`
	// Backup settings.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
	//
	// Experimental.
	Backup *BackupProps `field:"optional" json:"backup" yaml:"backup"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// An optional identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"optional" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Whether to copy tags to the snapshot when a snapshot is created.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Credentials for the administrative user.
	// Experimental.
	Credentials Credentials `field:"optional" json:"credentials" yaml:"credentials"`
	// Name of a database which is automatically created inside the cluster.
	// Experimental.
	DefaultDatabaseName *string `field:"optional" json:"defaultDatabaseName" yaml:"defaultDatabaseName"`
	// Indicates whether the DB cluster should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// Base identifier for instances.
	//
	// Every replica is named by appending the replica number to this string, 1-based.
	// Experimental.
	InstanceIdentifierBase *string `field:"optional" json:"instanceIdentifierBase" yaml:"instanceIdentifierBase"`
	// How many replicas/instances to create.
	//
	// Has to be at least 1.
	// Experimental.
	Instances *float64 `field:"optional" json:"instances" yaml:"instances"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instances.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instances monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Additional parameters to pass to the database engine.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The parameters in the DBClusterParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBClusterParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// What port to listen on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
	//
	// Example: 'Sun:23:45-Mon:00:15'.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
	//
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The removal policy to apply when the cluster and its instances are removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into. This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB cluster to enable S3 export.
	//
	// This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from. This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB cluster to enable S3 import.
	//
	// This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// Whether to enable storage encryption.
	// Experimental.
	StorageEncrypted *bool `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// The KMS key for storage encryption.
	//
	// If specified, {@link storageEncrypted} will be set to `true`.
	// Experimental.
	StorageEncryptionKey awskms.IKey `field:"optional" json:"storageEncryptionKey" yaml:"storageEncryptionKey"`
	// Existing subnet group for the cluster.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
}

Properties for “DatabaseClusterFromSnapshot“.

Example:

var vpc vpc

rds.NewDatabaseClusterFromSnapshot(this, jsii.String("Database"), &databaseClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine.aurora(&auroraClusterEngineProps{
		version: rds.auroraEngineVersion_VER_1_22_2(),
	}),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

type DatabaseClusterProps

type DatabaseClusterProps struct {
	// What kind of database to start.
	// Experimental.
	Engine IClusterEngine `field:"required" json:"engine" yaml:"engine"`
	// Settings for the individual instances that are launched.
	// Experimental.
	InstanceProps *InstanceProps `field:"required" json:"instanceProps" yaml:"instanceProps"`
	// The number of seconds to set a cluster's target backtrack window to.
	//
	// This feature is only supported by the Aurora MySQL database engine and
	// cannot be enabled on existing clusters.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Managing.Backtrack.html
	//
	// Experimental.
	BacktrackWindow awscdk.Duration `field:"optional" json:"backtrackWindow" yaml:"backtrackWindow"`
	// Backup settings.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
	//
	// Experimental.
	Backup *BackupProps `field:"optional" json:"backup" yaml:"backup"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// An optional identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"optional" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Whether to copy tags to the snapshot when a snapshot is created.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Credentials for the administrative user.
	// Experimental.
	Credentials Credentials `field:"optional" json:"credentials" yaml:"credentials"`
	// Name of a database which is automatically created inside the cluster.
	// Experimental.
	DefaultDatabaseName *string `field:"optional" json:"defaultDatabaseName" yaml:"defaultDatabaseName"`
	// Indicates whether the DB cluster should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// Base identifier for instances.
	//
	// Every replica is named by appending the replica number to this string, 1-based.
	// Experimental.
	InstanceIdentifierBase *string `field:"optional" json:"instanceIdentifierBase" yaml:"instanceIdentifierBase"`
	// How many replicas/instances to create.
	//
	// Has to be at least 1.
	// Experimental.
	Instances *float64 `field:"optional" json:"instances" yaml:"instances"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instances.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instances monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Additional parameters to pass to the database engine.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The parameters in the DBClusterParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBClusterParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// What port to listen on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
	//
	// Example: 'Sun:23:45-Mon:00:15'.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
	//
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The removal policy to apply when the cluster and its instances are removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into. This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB cluster to enable S3 export.
	//
	// This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from. This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB cluster to enable S3 import.
	//
	// This feature is only supported by the Aurora database engine.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For MySQL:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// Whether to enable storage encryption.
	// Experimental.
	StorageEncrypted *bool `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// The KMS key for storage encryption.
	//
	// If specified, {@link storageEncrypted} will be set to `true`.
	// Experimental.
	StorageEncryptionKey awskms.IKey `field:"optional" json:"storageEncryptionKey" yaml:"storageEncryptionKey"`
	// Existing subnet group for the cluster.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
}

Properties for a new database cluster.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

type DatabaseInstance

type DatabaseInstance interface {
	DatabaseInstanceBase
	IDatabaseInstance
	// Access to network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The instance endpoint address.
	// Experimental.
	DbInstanceEndpointAddress() *string
	// The instance endpoint port.
	// Experimental.
	DbInstanceEndpointPort() *string
	// Experimental.
	EnableIamAuthentication() *bool
	// Experimental.
	SetEnableIamAuthentication(val *bool)
	// The engine of this database Instance.
	//
	// May be not known for imported Instances if it wasn't provided explicitly,
	// or for read replicas.
	// Experimental.
	Engine() IInstanceEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The instance arn.
	// Experimental.
	InstanceArn() *string
	// The instance endpoint.
	// Experimental.
	InstanceEndpoint() Endpoint
	// The instance identifier.
	// Experimental.
	InstanceIdentifier() *string
	// Experimental.
	InstanceType() awsec2.InstanceType
	// Experimental.
	NewCfnProps() *CfnDBInstanceProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The AWS Secrets Manager secret attached to the instance.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SourceCfnProps() *CfnDBInstanceProps
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The VPC where this database instance is deployed.
	// Experimental.
	Vpc() awsec2.IVpc
	// Experimental.
	VpcPlacement() *awsec2.SubnetSelection
	// Add a new db proxy to this instance.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Adds the multi user rotation to this instance.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this instance.
	// Experimental.
	AddRotationSingleUser(options *RotationSingleUserOptions) awssecretsmanager.SecretRotation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity connection access to the database.
	//
	// **Note**: this method does not currently work, see https://github.com/aws/aws-cdk/issues/11851 for details.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable) awsiam.Grant
	// Return the given named metric for this DBInstance.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available storage space.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeStorageSpace(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk write I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricReadIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk read I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricWriteIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Defines a CloudWatch event rule which triggers for instance events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Experimental.
	SetLogRetention()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A database instance.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsername"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres")),
})

rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsernameAndPassword"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromPassword(jsii.String("postgres"), awscdk.SecretValue.ssmSecure(jsii.String("/dbPassword"), jsii.String("1"))),
})

mySecret := secretsmanager.secret.fromSecretName(this, jsii.String("DBSecret"), jsii.String("myDBLoginInfo"))
rds.NewDatabaseInstance(this, jsii.String("InstanceWithSecretLogin"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromSecret(mySecret),
})

Experimental.

func NewDatabaseInstance

func NewDatabaseInstance(scope constructs.Construct, id *string, props *DatabaseInstanceProps) DatabaseInstance

Experimental.

type DatabaseInstanceAttributes

type DatabaseInstanceAttributes struct {
	// The endpoint address.
	// Experimental.
	InstanceEndpointAddress *string `field:"required" json:"instanceEndpointAddress" yaml:"instanceEndpointAddress"`
	// The instance identifier.
	// Experimental.
	InstanceIdentifier *string `field:"required" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The database port.
	// Experimental.
	Port *float64 `field:"required" json:"port" yaml:"port"`
	// The security groups of the instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"required" json:"securityGroups" yaml:"securityGroups"`
	// The engine of the existing database Instance.
	// Experimental.
	Engine IInstanceEngine `field:"optional" json:"engine" yaml:"engine"`
}

Properties that describe an existing instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var instanceEngine iInstanceEngine
var securityGroup securityGroup

databaseInstanceAttributes := &databaseInstanceAttributes{
	instanceEndpointAddress: jsii.String("instanceEndpointAddress"),
	instanceIdentifier: jsii.String("instanceIdentifier"),
	port: jsii.Number(123),
	securityGroups: []iSecurityGroup{
		securityGroup,
	},

	// the properties below are optional
	engine: instanceEngine,
}

Experimental.

type DatabaseInstanceBase

type DatabaseInstanceBase interface {
	awscdk.Resource
	IDatabaseInstance
	// Access to network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The instance endpoint address.
	// Experimental.
	DbInstanceEndpointAddress() *string
	// The instance endpoint port.
	// Experimental.
	DbInstanceEndpointPort() *string
	// Experimental.
	EnableIamAuthentication() *bool
	// Experimental.
	SetEnableIamAuthentication(val *bool)
	// The engine of this database Instance.
	//
	// May be not known for imported Instances if it wasn't provided explicitly,
	// or for read replicas.
	// Experimental.
	Engine() IInstanceEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The instance arn.
	// Experimental.
	InstanceArn() *string
	// The instance endpoint.
	// Experimental.
	InstanceEndpoint() Endpoint
	// The instance identifier.
	// Experimental.
	InstanceIdentifier() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Add a new db proxy to this instance.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity connection access to the database.
	//
	// **Note**: this method does not currently work, see https://github.com/aws/aws-cdk/issues/11851 for details.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable) awsiam.Grant
	// Return the given named metric for this DBInstance.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available storage space.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeStorageSpace(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk write I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricReadIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk read I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricWriteIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Defines a CloudWatch event rule which triggers for instance events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A new or imported database instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var instanceEngine iInstanceEngine
var securityGroup securityGroup

databaseInstanceBase := awscdk.Aws_rds.databaseInstanceBase.fromDatabaseInstanceAttributes(this, jsii.String("MyDatabaseInstanceBase"), &databaseInstanceAttributes{
	instanceEndpointAddress: jsii.String("instanceEndpointAddress"),
	instanceIdentifier: jsii.String("instanceIdentifier"),
	port: jsii.Number(123),
	securityGroups: []iSecurityGroup{
		securityGroup,
	},

	// the properties below are optional
	engine: instanceEngine,
})

Experimental.

type DatabaseInstanceEngine

type DatabaseInstanceEngine interface {
}

A database instance engine.

Provides mapping to DatabaseEngine used for secret rotation.

Example:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Experimental.

func NewDatabaseInstanceEngine

func NewDatabaseInstanceEngine() DatabaseInstanceEngine

Experimental.

type DatabaseInstanceFromSnapshot

type DatabaseInstanceFromSnapshot interface {
	DatabaseInstanceBase
	IDatabaseInstance
	// Access to network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The instance endpoint address.
	// Experimental.
	DbInstanceEndpointAddress() *string
	// The instance endpoint port.
	// Experimental.
	DbInstanceEndpointPort() *string
	// Experimental.
	EnableIamAuthentication() *bool
	// Experimental.
	SetEnableIamAuthentication(val *bool)
	// The engine of this database Instance.
	//
	// May be not known for imported Instances if it wasn't provided explicitly,
	// or for read replicas.
	// Experimental.
	Engine() IInstanceEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The instance arn.
	// Experimental.
	InstanceArn() *string
	// The instance endpoint.
	// Experimental.
	InstanceEndpoint() Endpoint
	// The instance identifier.
	// Experimental.
	InstanceIdentifier() *string
	// Experimental.
	InstanceType() awsec2.InstanceType
	// Experimental.
	NewCfnProps() *CfnDBInstanceProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The AWS Secrets Manager secret attached to the instance.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SourceCfnProps() *CfnDBInstanceProps
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The VPC where this database instance is deployed.
	// Experimental.
	Vpc() awsec2.IVpc
	// Experimental.
	VpcPlacement() *awsec2.SubnetSelection
	// Add a new db proxy to this instance.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Adds the multi user rotation to this instance.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this instance.
	// Experimental.
	AddRotationSingleUser(options *RotationSingleUserOptions) awssecretsmanager.SecretRotation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity connection access to the database.
	//
	// **Note**: this method does not currently work, see https://github.com/aws/aws-cdk/issues/11851 for details.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable) awsiam.Grant
	// Return the given named metric for this DBInstance.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available storage space.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeStorageSpace(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk write I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricReadIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk read I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricWriteIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Defines a CloudWatch event rule which triggers for instance events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Experimental.
	SetLogRetention()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A database instance restored from a snapshot.

Example:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Experimental.

func NewDatabaseInstanceFromSnapshot

func NewDatabaseInstanceFromSnapshot(scope constructs.Construct, id *string, props *DatabaseInstanceFromSnapshotProps) DatabaseInstanceFromSnapshot

Experimental.

type DatabaseInstanceFromSnapshotProps

type DatabaseInstanceFromSnapshotProps struct {
	// The VPC network where the DB subnet group should be created.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The name of the Availability Zone where the DB instance will be located.
	// Experimental.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Set to zero to disable backups.
	// When creating a read replica, you must enable automatic backups on the source
	// database instance by setting the backup retention to a value other than zero.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Indicates whether automated backups should be deleted or retained when you delete a DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Indicates whether the DB instance should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The IAM role to be used when making API calls to the Directory Service.
	//
	// The role needs the AWS-managed policy
	// AmazonRDSDirectoryServiceAccess or equivalent.
	// Experimental.
	DomainRole awsiam.IRole `field:"optional" json:"domainRole" yaml:"domainRole"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation
	// converts it to lowercase.
	// Experimental.
	InstanceIdentifier *string `field:"optional" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	// Experimental.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// Upper limit to which RDS can scale the storage in GiB(Gibibyte).
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
	//
	// Experimental.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instance monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Specifies if the database instance is a multiple Availability Zone deployment.
	// Experimental.
	MultiAz *bool `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The option group to associate with the instance.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// The port for the instance.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are performed.
	//
	// Constraints:
	// - Must be in the format `hh24:mi-hh24:mi`.
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	// Experimental.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range (in UTC) during which system maintenance can occur.
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	// Constraint: Minimum 30-minute window.
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core.
	// Experimental.
	ProcessorFeatures *ProcessorFeatures `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB instance to enable S3 export.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB instance to enable S3 import.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The security groups to assign to the DB instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The storage type.
	//
	// Storage types supported are gp2, io1, standard.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
	//
	// Experimental.
	StorageType StorageType `field:"optional" json:"storageType" yaml:"storageType"`
	// Existing subnet group for the instance.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The type of subnets to add to the created DB subnet group.
	// Deprecated: use `vpcSubnets`.
	VpcPlacement *awsec2.SubnetSelection `field:"optional" json:"vpcPlacement" yaml:"vpcPlacement"`
	// The type of subnets to add to the created DB subnet group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The database engine.
	// Experimental.
	Engine IInstanceEngine `field:"required" json:"engine" yaml:"engine"`
	// The allocated storage size, specified in gigabytes (GB).
	// Experimental.
	AllocatedStorage *float64 `field:"optional" json:"allocatedStorage" yaml:"allocatedStorage"`
	// Whether to allow major version upgrades.
	// Experimental.
	AllowMajorVersionUpgrade *bool `field:"optional" json:"allowMajorVersionUpgrade" yaml:"allowMajorVersionUpgrade"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"optional" json:"databaseName" yaml:"databaseName"`
	// The name of the compute and memory capacity for the instance.
	// Experimental.
	InstanceType awsec2.InstanceType `field:"optional" json:"instanceType" yaml:"instanceType"`
	// The license model.
	// Experimental.
	LicenseModel LicenseModel `field:"optional" json:"licenseModel" yaml:"licenseModel"`
	// The parameters in the DBParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// The time zone of the instance.
	//
	// This is currently supported only by Microsoft Sql Server.
	// Experimental.
	Timezone *string `field:"optional" json:"timezone" yaml:"timezone"`
	// The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance.
	//
	// If you're restoring from a shared manual DB
	// snapshot, you must specify the ARN of the snapshot.
	// Experimental.
	SnapshotIdentifier *string `field:"required" json:"snapshotIdentifier" yaml:"snapshotIdentifier"`
	// Master user credentials.
	//
	// Note - It is not possible to change the master username for a snapshot;
	// however, it is possible to provide (or generate) a new password.
	// Experimental.
	Credentials SnapshotCredentials `field:"optional" json:"credentials" yaml:"credentials"`
}

Construction properties for a DatabaseInstanceFromSnapshot.

Example:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Experimental.

type DatabaseInstanceNewProps

type DatabaseInstanceNewProps struct {
	// The VPC network where the DB subnet group should be created.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The name of the Availability Zone where the DB instance will be located.
	// Experimental.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Set to zero to disable backups.
	// When creating a read replica, you must enable automatic backups on the source
	// database instance by setting the backup retention to a value other than zero.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Indicates whether automated backups should be deleted or retained when you delete a DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Indicates whether the DB instance should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The IAM role to be used when making API calls to the Directory Service.
	//
	// The role needs the AWS-managed policy
	// AmazonRDSDirectoryServiceAccess or equivalent.
	// Experimental.
	DomainRole awsiam.IRole `field:"optional" json:"domainRole" yaml:"domainRole"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation
	// converts it to lowercase.
	// Experimental.
	InstanceIdentifier *string `field:"optional" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	// Experimental.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// Upper limit to which RDS can scale the storage in GiB(Gibibyte).
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
	//
	// Experimental.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instance monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Specifies if the database instance is a multiple Availability Zone deployment.
	// Experimental.
	MultiAz *bool `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The option group to associate with the instance.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// The port for the instance.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are performed.
	//
	// Constraints:
	// - Must be in the format `hh24:mi-hh24:mi`.
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	// Experimental.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range (in UTC) during which system maintenance can occur.
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	// Constraint: Minimum 30-minute window.
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core.
	// Experimental.
	ProcessorFeatures *ProcessorFeatures `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB instance to enable S3 export.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB instance to enable S3 import.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The security groups to assign to the DB instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The storage type.
	//
	// Storage types supported are gp2, io1, standard.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
	//
	// Experimental.
	StorageType StorageType `field:"optional" json:"storageType" yaml:"storageType"`
	// Existing subnet group for the instance.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The type of subnets to add to the created DB subnet group.
	// Deprecated: use `vpcSubnets`.
	VpcPlacement *awsec2.SubnetSelection `field:"optional" json:"vpcPlacement" yaml:"vpcPlacement"`
	// The type of subnets to add to the created DB subnet group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Construction properties for a DatabaseInstanceNew.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var bucket bucket
var duration duration
var key key
var optionGroup optionGroup
var parameterGroup parameterGroup
var role role
var securityGroup securityGroup
var subnet subnet
var subnetFilter subnetFilter
var subnetGroup subnetGroup
var vpc vpc

databaseInstanceNewProps := &databaseInstanceNewProps{
	vpc: vpc,

	// the properties below are optional
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZone: jsii.String("availabilityZone"),
	backupRetention: duration,
	cloudwatchLogsExports: []*string{
		jsii.String("cloudwatchLogsExports"),
	},
	cloudwatchLogsRetention: awscdk.Aws_logs.retentionDays_ONE_DAY,
	cloudwatchLogsRetentionRole: role,
	copyTagsToSnapshot: jsii.Boolean(false),
	deleteAutomatedBackups: jsii.Boolean(false),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainRole: role,
	enablePerformanceInsights: jsii.Boolean(false),
	iamAuthentication: jsii.Boolean(false),
	instanceIdentifier: jsii.String("instanceIdentifier"),
	iops: jsii.Number(123),
	maxAllocatedStorage: jsii.Number(123),
	monitoringInterval: duration,
	monitoringRole: role,
	multiAz: jsii.Boolean(false),
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	performanceInsightEncryptionKey: key,
	performanceInsightRetention: awscdk.Aws_rds.performanceInsightRetention_DEFAULT,
	port: jsii.Number(123),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	processorFeatures: &processorFeatures{
		coreCount: jsii.Number(123),
		threadsPerCore: jsii.Number(123),
	},
	publiclyAccessible: jsii.Boolean(false),
	removalPolicy: monocdk.removalPolicy_DESTROY,
	s3ExportBuckets: []iBucket{
		bucket,
	},
	s3ExportRole: role,
	s3ImportBuckets: []*iBucket{
		bucket,
	},
	s3ImportRole: role,
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
	storageType: awscdk.*Aws_rds.storageType_STANDARD,
	subnetGroup: subnetGroup,
	vpcPlacement: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []iSubnet{
			subnet,
		},
		subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
	},
	vpcSubnets: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []*iSubnet{
			subnet,
		},
		subnetType: awscdk.*Aws_ec2.*subnetType_ISOLATED,
	},
}

Experimental.

type DatabaseInstanceProps

type DatabaseInstanceProps struct {
	// The VPC network where the DB subnet group should be created.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The name of the Availability Zone where the DB instance will be located.
	// Experimental.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Set to zero to disable backups.
	// When creating a read replica, you must enable automatic backups on the source
	// database instance by setting the backup retention to a value other than zero.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Indicates whether automated backups should be deleted or retained when you delete a DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Indicates whether the DB instance should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The IAM role to be used when making API calls to the Directory Service.
	//
	// The role needs the AWS-managed policy
	// AmazonRDSDirectoryServiceAccess or equivalent.
	// Experimental.
	DomainRole awsiam.IRole `field:"optional" json:"domainRole" yaml:"domainRole"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation
	// converts it to lowercase.
	// Experimental.
	InstanceIdentifier *string `field:"optional" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	// Experimental.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// Upper limit to which RDS can scale the storage in GiB(Gibibyte).
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
	//
	// Experimental.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instance monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Specifies if the database instance is a multiple Availability Zone deployment.
	// Experimental.
	MultiAz *bool `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The option group to associate with the instance.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// The port for the instance.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are performed.
	//
	// Constraints:
	// - Must be in the format `hh24:mi-hh24:mi`.
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	// Experimental.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range (in UTC) during which system maintenance can occur.
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	// Constraint: Minimum 30-minute window.
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core.
	// Experimental.
	ProcessorFeatures *ProcessorFeatures `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB instance to enable S3 export.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB instance to enable S3 import.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The security groups to assign to the DB instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The storage type.
	//
	// Storage types supported are gp2, io1, standard.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
	//
	// Experimental.
	StorageType StorageType `field:"optional" json:"storageType" yaml:"storageType"`
	// Existing subnet group for the instance.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The type of subnets to add to the created DB subnet group.
	// Deprecated: use `vpcSubnets`.
	VpcPlacement *awsec2.SubnetSelection `field:"optional" json:"vpcPlacement" yaml:"vpcPlacement"`
	// The type of subnets to add to the created DB subnet group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The database engine.
	// Experimental.
	Engine IInstanceEngine `field:"required" json:"engine" yaml:"engine"`
	// The allocated storage size, specified in gigabytes (GB).
	// Experimental.
	AllocatedStorage *float64 `field:"optional" json:"allocatedStorage" yaml:"allocatedStorage"`
	// Whether to allow major version upgrades.
	// Experimental.
	AllowMajorVersionUpgrade *bool `field:"optional" json:"allowMajorVersionUpgrade" yaml:"allowMajorVersionUpgrade"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"optional" json:"databaseName" yaml:"databaseName"`
	// The name of the compute and memory capacity for the instance.
	// Experimental.
	InstanceType awsec2.InstanceType `field:"optional" json:"instanceType" yaml:"instanceType"`
	// The license model.
	// Experimental.
	LicenseModel LicenseModel `field:"optional" json:"licenseModel" yaml:"licenseModel"`
	// The parameters in the DBParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// The time zone of the instance.
	//
	// This is currently supported only by Microsoft Sql Server.
	// Experimental.
	Timezone *string `field:"optional" json:"timezone" yaml:"timezone"`
	// For supported engines, specifies the character set to associate with the DB instance.
	// Experimental.
	CharacterSetName *string `field:"optional" json:"characterSetName" yaml:"characterSetName"`
	// Credentials for the administrative user.
	// Experimental.
	Credentials Credentials `field:"optional" json:"credentials" yaml:"credentials"`
	// Indicates whether the DB instance is encrypted.
	// Experimental.
	StorageEncrypted *bool `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// The KMS key that's used to encrypt the DB instance.
	// Experimental.
	StorageEncryptionKey awskms.IKey `field:"optional" json:"storageEncryptionKey" yaml:"storageEncryptionKey"`
}

Construction properties for a DatabaseInstance.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsername"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres")),
})

rds.NewDatabaseInstance(this, jsii.String("InstanceWithUsernameAndPassword"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromPassword(jsii.String("postgres"), awscdk.SecretValue.ssmSecure(jsii.String("/dbPassword"), jsii.String("1"))),
})

mySecret := secretsmanager.secret.fromSecretName(this, jsii.String("DBSecret"), jsii.String("myDBLoginInfo"))
rds.NewDatabaseInstance(this, jsii.String("InstanceWithSecretLogin"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.*credentials.fromSecret(mySecret),
})

Experimental.

type DatabaseInstanceReadReplica

type DatabaseInstanceReadReplica interface {
	DatabaseInstanceBase
	IDatabaseInstance
	// Access to network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The instance endpoint address.
	// Experimental.
	DbInstanceEndpointAddress() *string
	// The instance endpoint port.
	// Experimental.
	DbInstanceEndpointPort() *string
	// Experimental.
	EnableIamAuthentication() *bool
	// Experimental.
	SetEnableIamAuthentication(val *bool)
	// The engine of this database Instance.
	//
	// May be not known for imported Instances if it wasn't provided explicitly,
	// or for read replicas.
	// Experimental.
	Engine() IInstanceEngine
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The instance arn.
	// Experimental.
	InstanceArn() *string
	// The instance endpoint.
	// Experimental.
	InstanceEndpoint() Endpoint
	// The instance identifier.
	// Experimental.
	InstanceIdentifier() *string
	// Experimental.
	InstanceType() awsec2.InstanceType
	// Experimental.
	NewCfnProps() *CfnDBInstanceProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The VPC where this database instance is deployed.
	// Experimental.
	Vpc() awsec2.IVpc
	// Experimental.
	VpcPlacement() *awsec2.SubnetSelection
	// Add a new db proxy to this instance.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity connection access to the database.
	//
	// **Note**: this method does not currently work, see https://github.com/aws/aws-cdk/issues/11851 for details.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable) awsiam.Grant
	// Return the given named metric for this DBInstance.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available storage space.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeStorageSpace(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk write I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricReadIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk read I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricWriteIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Defines a CloudWatch event rule which triggers for instance events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Experimental.
	SetLogRetention()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A read replica database instance.

Example:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Experimental.

func NewDatabaseInstanceReadReplica

func NewDatabaseInstanceReadReplica(scope constructs.Construct, id *string, props *DatabaseInstanceReadReplicaProps) DatabaseInstanceReadReplica

Experimental.

type DatabaseInstanceReadReplicaProps

type DatabaseInstanceReadReplicaProps struct {
	// The VPC network where the DB subnet group should be created.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The name of the Availability Zone where the DB instance will be located.
	// Experimental.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Set to zero to disable backups.
	// When creating a read replica, you must enable automatic backups on the source
	// database instance by setting the backup retention to a value other than zero.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Indicates whether automated backups should be deleted or retained when you delete a DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Indicates whether the DB instance should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The IAM role to be used when making API calls to the Directory Service.
	//
	// The role needs the AWS-managed policy
	// AmazonRDSDirectoryServiceAccess or equivalent.
	// Experimental.
	DomainRole awsiam.IRole `field:"optional" json:"domainRole" yaml:"domainRole"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation
	// converts it to lowercase.
	// Experimental.
	InstanceIdentifier *string `field:"optional" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	// Experimental.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// Upper limit to which RDS can scale the storage in GiB(Gibibyte).
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
	//
	// Experimental.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instance monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Specifies if the database instance is a multiple Availability Zone deployment.
	// Experimental.
	MultiAz *bool `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The option group to associate with the instance.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// The port for the instance.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are performed.
	//
	// Constraints:
	// - Must be in the format `hh24:mi-hh24:mi`.
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	// Experimental.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range (in UTC) during which system maintenance can occur.
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	// Constraint: Minimum 30-minute window.
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core.
	// Experimental.
	ProcessorFeatures *ProcessorFeatures `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB instance to enable S3 export.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB instance to enable S3 import.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The security groups to assign to the DB instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The storage type.
	//
	// Storage types supported are gp2, io1, standard.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
	//
	// Experimental.
	StorageType StorageType `field:"optional" json:"storageType" yaml:"storageType"`
	// Existing subnet group for the instance.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The type of subnets to add to the created DB subnet group.
	// Deprecated: use `vpcSubnets`.
	VpcPlacement *awsec2.SubnetSelection `field:"optional" json:"vpcPlacement" yaml:"vpcPlacement"`
	// The type of subnets to add to the created DB subnet group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The name of the compute and memory capacity classes.
	// Experimental.
	InstanceType awsec2.InstanceType `field:"required" json:"instanceType" yaml:"instanceType"`
	// The source database instance.
	//
	// Each DB instance can have a limited number of read replicas. For more
	// information, see https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html.
	// Experimental.
	SourceDatabaseInstance IDatabaseInstance `field:"required" json:"sourceDatabaseInstance" yaml:"sourceDatabaseInstance"`
	// Indicates whether the DB instance is encrypted.
	// Experimental.
	StorageEncrypted *bool `field:"optional" json:"storageEncrypted" yaml:"storageEncrypted"`
	// The KMS key that's used to encrypt the DB instance.
	// Experimental.
	StorageEncryptionKey awskms.IKey `field:"optional" json:"storageEncryptionKey" yaml:"storageEncryptionKey"`
}

Construction properties for a DatabaseInstanceReadReplica.

Example:

var vpc vpc

var sourceInstance databaseInstance

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("Instance"), &databaseInstanceFromSnapshotProps{
	snapshotIdentifier: jsii.String("my-snapshot"),
	engine: rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
		version: rds.postgresEngineVersion_VER_12_3(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE2, ec2.instanceSize_LARGE),
	vpc: vpc,
})
rds.NewDatabaseInstanceReadReplica(this, jsii.String("ReadReplica"), &databaseInstanceReadReplicaProps{
	sourceDatabaseInstance: sourceInstance,
	instanceType: ec2.*instanceType.of(ec2.*instanceClass_BURSTABLE2, ec2.*instanceSize_LARGE),
	vpc: vpc,
})

Experimental.

type DatabaseInstanceSourceProps

type DatabaseInstanceSourceProps struct {
	// The VPC network where the DB subnet group should be created.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// The name of the Availability Zone where the DB instance will be located.
	// Experimental.
	AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Set to zero to disable backups.
	// When creating a read replica, you must enable automatic backups on the source
	// database instance by setting the backup retention to a value other than zero.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// The list of log types that need to be enabled for exporting to CloudWatch Logs.
	// Experimental.
	CloudwatchLogsExports *[]*string `field:"optional" json:"cloudwatchLogsExports" yaml:"cloudwatchLogsExports"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `Infinity`.
	// Experimental.
	CloudwatchLogsRetention awslogs.RetentionDays `field:"optional" json:"cloudwatchLogsRetention" yaml:"cloudwatchLogsRetention"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	// Experimental.
	CloudwatchLogsRetentionRole awsiam.IRole `field:"optional" json:"cloudwatchLogsRetentionRole" yaml:"cloudwatchLogsRetentionRole"`
	// Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
	// Experimental.
	CopyTagsToSnapshot *bool `field:"optional" json:"copyTagsToSnapshot" yaml:"copyTagsToSnapshot"`
	// Indicates whether automated backups should be deleted or retained when you delete a DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Indicates whether the DB instance should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The IAM role to be used when making API calls to the Directory Service.
	//
	// The role needs the AWS-managed policy
	// AmazonRDSDirectoryServiceAccess or equivalent.
	// Experimental.
	DomainRole awsiam.IRole `field:"optional" json:"domainRole" yaml:"domainRole"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
	// Experimental.
	IamAuthentication *bool `field:"optional" json:"iamAuthentication" yaml:"iamAuthentication"`
	// A name for the DB instance.
	//
	// If you specify a name, AWS CloudFormation
	// converts it to lowercase.
	// Experimental.
	InstanceIdentifier *string `field:"optional" json:"instanceIdentifier" yaml:"instanceIdentifier"`
	// The number of I/O operations per second (IOPS) that the database provisions.
	//
	// The value must be equal to or greater than 1000.
	// Experimental.
	Iops *float64 `field:"optional" json:"iops" yaml:"iops"`
	// Upper limit to which RDS can scale the storage in GiB(Gibibyte).
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
	//
	// Experimental.
	MaxAllocatedStorage *float64 `field:"optional" json:"maxAllocatedStorage" yaml:"maxAllocatedStorage"`
	// The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
	// Experimental.
	MonitoringInterval awscdk.Duration `field:"optional" json:"monitoringInterval" yaml:"monitoringInterval"`
	// Role that will be used to manage DB instance monitoring.
	// Experimental.
	MonitoringRole awsiam.IRole `field:"optional" json:"monitoringRole" yaml:"monitoringRole"`
	// Specifies if the database instance is a multiple Availability Zone deployment.
	// Experimental.
	MultiAz *bool `field:"optional" json:"multiAz" yaml:"multiAz"`
	// The option group to associate with the instance.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// The port for the instance.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// The daily time range during which automated backups are performed.
	//
	// Constraints:
	// - Must be in the format `hh24:mi-hh24:mi`.
	// - Must be in Universal Coordinated Time (UTC).
	// - Must not conflict with the preferred maintenance window.
	// - Must be at least 30 minutes.
	// Experimental.
	PreferredBackupWindow *string `field:"optional" json:"preferredBackupWindow" yaml:"preferredBackupWindow"`
	// The weekly time range (in UTC) during which system maintenance can occur.
	//
	// Format: `ddd:hh24:mi-ddd:hh24:mi`
	// Constraint: Minimum 30-minute window.
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// The number of CPU cores and the number of threads per core.
	// Experimental.
	ProcessorFeatures *ProcessorFeatures `field:"optional" json:"processorFeatures" yaml:"processorFeatures"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// S3 buckets that you want to load data into.
	//
	// This property must not be used if `s3ExportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportBuckets *[]awss3.IBucket `field:"optional" json:"s3ExportBuckets" yaml:"s3ExportBuckets"`
	// Role that will be associated with this DB instance to enable S3 export.
	//
	// This property must not be used if `s3ExportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
	//
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// S3 buckets that you want to load data from.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportRole` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportBuckets *[]awss3.IBucket `field:"optional" json:"s3ImportBuckets" yaml:"s3ImportBuckets"`
	// Role that will be associated with this DB instance to enable S3 import.
	//
	// This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
	//
	// This property must not be used if `s3ImportBuckets` is used.
	//
	// For Microsoft SQL Server:.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
	//
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The security groups to assign to the DB instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The storage type.
	//
	// Storage types supported are gp2, io1, standard.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
	//
	// Experimental.
	StorageType StorageType `field:"optional" json:"storageType" yaml:"storageType"`
	// Existing subnet group for the instance.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The type of subnets to add to the created DB subnet group.
	// Deprecated: use `vpcSubnets`.
	VpcPlacement *awsec2.SubnetSelection `field:"optional" json:"vpcPlacement" yaml:"vpcPlacement"`
	// The type of subnets to add to the created DB subnet group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The database engine.
	// Experimental.
	Engine IInstanceEngine `field:"required" json:"engine" yaml:"engine"`
	// The allocated storage size, specified in gigabytes (GB).
	// Experimental.
	AllocatedStorage *float64 `field:"optional" json:"allocatedStorage" yaml:"allocatedStorage"`
	// Whether to allow major version upgrades.
	// Experimental.
	AllowMajorVersionUpgrade *bool `field:"optional" json:"allowMajorVersionUpgrade" yaml:"allowMajorVersionUpgrade"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"optional" json:"databaseName" yaml:"databaseName"`
	// The name of the compute and memory capacity for the instance.
	// Experimental.
	InstanceType awsec2.InstanceType `field:"optional" json:"instanceType" yaml:"instanceType"`
	// The license model.
	// Experimental.
	LicenseModel LicenseModel `field:"optional" json:"licenseModel" yaml:"licenseModel"`
	// The parameters in the DBParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// The time zone of the instance.
	//
	// This is currently supported only by Microsoft Sql Server.
	// Experimental.
	Timezone *string `field:"optional" json:"timezone" yaml:"timezone"`
}

Construction properties for a DatabaseInstanceSource.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var bucket bucket
var duration duration
var instanceEngine iInstanceEngine
var instanceType instanceType
var key key
var optionGroup optionGroup
var parameterGroup parameterGroup
var role role
var securityGroup securityGroup
var subnet subnet
var subnetFilter subnetFilter
var subnetGroup subnetGroup
var vpc vpc

databaseInstanceSourceProps := &databaseInstanceSourceProps{
	engine: instanceEngine,
	vpc: vpc,

	// the properties below are optional
	allocatedStorage: jsii.Number(123),
	allowMajorVersionUpgrade: jsii.Boolean(false),
	autoMinorVersionUpgrade: jsii.Boolean(false),
	availabilityZone: jsii.String("availabilityZone"),
	backupRetention: duration,
	cloudwatchLogsExports: []*string{
		jsii.String("cloudwatchLogsExports"),
	},
	cloudwatchLogsRetention: awscdk.Aws_logs.retentionDays_ONE_DAY,
	cloudwatchLogsRetentionRole: role,
	copyTagsToSnapshot: jsii.Boolean(false),
	databaseName: jsii.String("databaseName"),
	deleteAutomatedBackups: jsii.Boolean(false),
	deletionProtection: jsii.Boolean(false),
	domain: jsii.String("domain"),
	domainRole: role,
	enablePerformanceInsights: jsii.Boolean(false),
	iamAuthentication: jsii.Boolean(false),
	instanceIdentifier: jsii.String("instanceIdentifier"),
	instanceType: instanceType,
	iops: jsii.Number(123),
	licenseModel: awscdk.Aws_rds.licenseModel_LICENSE_INCLUDED,
	maxAllocatedStorage: jsii.Number(123),
	monitoringInterval: duration,
	monitoringRole: role,
	multiAz: jsii.Boolean(false),
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	parameters: map[string]*string{
		"parametersKey": jsii.String("parameters"),
	},
	performanceInsightEncryptionKey: key,
	performanceInsightRetention: awscdk.*Aws_rds.performanceInsightRetention_DEFAULT,
	port: jsii.Number(123),
	preferredBackupWindow: jsii.String("preferredBackupWindow"),
	preferredMaintenanceWindow: jsii.String("preferredMaintenanceWindow"),
	processorFeatures: &processorFeatures{
		coreCount: jsii.Number(123),
		threadsPerCore: jsii.Number(123),
	},
	publiclyAccessible: jsii.Boolean(false),
	removalPolicy: monocdk.removalPolicy_DESTROY,
	s3ExportBuckets: []iBucket{
		bucket,
	},
	s3ExportRole: role,
	s3ImportBuckets: []*iBucket{
		bucket,
	},
	s3ImportRole: role,
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
	storageType: awscdk.*Aws_rds.storageType_STANDARD,
	subnetGroup: subnetGroup,
	timezone: jsii.String("timezone"),
	vpcPlacement: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []iSubnet{
			subnet,
		},
		subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
	},
	vpcSubnets: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []*iSubnet{
			subnet,
		},
		subnetType: awscdk.*Aws_ec2.*subnetType_ISOLATED,
	},
}

Experimental.

type DatabaseProxy

type DatabaseProxy interface {
	awscdk.Resource
	awsec2.IConnectable
	IDatabaseProxy
	awssecretsmanager.ISecretAttachmentTarget
	// Access to network connections.
	// Experimental.
	Connections() awsec2.Connections
	// DB Proxy ARN.
	// Experimental.
	DbProxyArn() *string
	// DB Proxy Name.
	// Experimental.
	DbProxyName() *string
	// Endpoint.
	// Experimental.
	Endpoint() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity connection access to the proxy.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable, dbUser *string) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

RDS Database Proxy.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

func NewDatabaseProxy

func NewDatabaseProxy(scope constructs.Construct, id *string, props *DatabaseProxyProps) DatabaseProxy

Experimental.

type DatabaseProxyAttributes

type DatabaseProxyAttributes struct {
	// DB Proxy ARN.
	// Experimental.
	DbProxyArn *string `field:"required" json:"dbProxyArn" yaml:"dbProxyArn"`
	// DB Proxy Name.
	// Experimental.
	DbProxyName *string `field:"required" json:"dbProxyName" yaml:"dbProxyName"`
	// Endpoint.
	// Experimental.
	Endpoint *string `field:"required" json:"endpoint" yaml:"endpoint"`
	// The security groups of the instance.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"required" json:"securityGroups" yaml:"securityGroups"`
}

Properties that describe an existing DB Proxy.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var securityGroup securityGroup

databaseProxyAttributes := &databaseProxyAttributes{
	dbProxyArn: jsii.String("dbProxyArn"),
	dbProxyName: jsii.String("dbProxyName"),
	endpoint: jsii.String("endpoint"),
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
}

Experimental.

type DatabaseProxyOptions

type DatabaseProxyOptions struct {
	// The secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster.
	//
	// These secrets are stored within Amazon Secrets Manager.
	// One or more secrets are required.
	// Experimental.
	Secrets *[]awssecretsmanager.ISecret `field:"required" json:"secrets" yaml:"secrets"`
	// The VPC to associate with the new proxy.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// The duration for a proxy to wait for a connection to become available in the connection pool.
	//
	// Only applies when the proxy has opened its maximum number of connections and all connections are busy with client
	// sessions.
	//
	// Value must be between 1 second and 1 hour, or `Duration.seconds(0)` to represent unlimited.
	// Experimental.
	BorrowTimeout awscdk.Duration `field:"optional" json:"borrowTimeout" yaml:"borrowTimeout"`
	// The identifier for the proxy.
	//
	// This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
	// An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens;
	// it can't end with a hyphen or contain two consecutive hyphens.
	// Experimental.
	DbProxyName *string `field:"optional" json:"dbProxyName" yaml:"dbProxyName"`
	// Whether the proxy includes detailed information about SQL statements in its logs.
	//
	// This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections.
	// The debug information includes the text of SQL statements that you submit through the proxy.
	// Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive
	// information that appears in the logs.
	// Experimental.
	DebugLogging *bool `field:"optional" json:"debugLogging" yaml:"debugLogging"`
	// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy.
	// Experimental.
	IamAuth *bool `field:"optional" json:"iamAuth" yaml:"iamAuth"`
	// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
	//
	// You can set this value higher or lower than the connection timeout limit for the associated database.
	// Experimental.
	IdleClientTimeout awscdk.Duration `field:"optional" json:"idleClientTimeout" yaml:"idleClientTimeout"`
	// One or more SQL statements for the proxy to run when opening each new database connection.
	//
	// Typically used with SET statements to make sure that each connection has identical settings such as time zone
	// and character set.
	// For multiple statements, use semicolons as the separator.
	// You can also include multiple variables in a single SET statement, such as SET x=1, y=2.
	//
	// not currently supported for PostgreSQL.
	// Experimental.
	InitQuery *string `field:"optional" json:"initQuery" yaml:"initQuery"`
	// The maximum size of the connection pool for each target in a target group.
	//
	// For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance or Aurora DB
	// cluster used by the target group.
	//
	// 1-100.
	// Experimental.
	MaxConnectionsPercent *float64 `field:"optional" json:"maxConnectionsPercent" yaml:"maxConnectionsPercent"`
	// Controls how actively the proxy closes idle database connections in the connection pool.
	//
	// A high value enables the proxy to leave a high percentage of idle connections open.
	// A low value causes the proxy to close idle client connections and return the underlying database connections
	// to the connection pool.
	// For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance
	// or Aurora DB cluster used by the target group.
	//
	// between 0 and MaxConnectionsPercent.
	// Experimental.
	MaxIdleConnectionsPercent *float64 `field:"optional" json:"maxIdleConnectionsPercent" yaml:"maxIdleConnectionsPercent"`
	// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
	//
	// By enabling this setting, you can enforce encrypted TLS connections to the proxy.
	// Experimental.
	RequireTLS *bool `field:"optional" json:"requireTLS" yaml:"requireTLS"`
	// IAM role that the proxy uses to access secrets in AWS Secrets Manager.
	// Experimental.
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// One or more VPC security groups to associate with the new proxy.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection.
	//
	// Including an item in the list exempts that class of SQL operations from the pinning behavior.
	// Experimental.
	SessionPinningFilters *[]SessionPinningFilter `field:"optional" json:"sessionPinningFilters" yaml:"sessionPinningFilters"`
	// The subnets used by the proxy.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Options for a new DatabaseProxy.

Example:

var vpc vpc
var securityGroup securityGroup
var secrets []secret
var dbInstance databaseInstance

proxy := dbInstance.addProxy(jsii.String("proxy"), &databaseProxyOptions{
	borrowTimeout: awscdk.Duration.seconds(jsii.Number(30)),
	maxConnectionsPercent: jsii.Number(50),
	secrets: secrets,
	vpc: vpc,
})

Experimental.

type DatabaseProxyProps

type DatabaseProxyProps struct {
	// The secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster.
	//
	// These secrets are stored within Amazon Secrets Manager.
	// One or more secrets are required.
	// Experimental.
	Secrets *[]awssecretsmanager.ISecret `field:"required" json:"secrets" yaml:"secrets"`
	// The VPC to associate with the new proxy.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// The duration for a proxy to wait for a connection to become available in the connection pool.
	//
	// Only applies when the proxy has opened its maximum number of connections and all connections are busy with client
	// sessions.
	//
	// Value must be between 1 second and 1 hour, or `Duration.seconds(0)` to represent unlimited.
	// Experimental.
	BorrowTimeout awscdk.Duration `field:"optional" json:"borrowTimeout" yaml:"borrowTimeout"`
	// The identifier for the proxy.
	//
	// This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
	// An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens;
	// it can't end with a hyphen or contain two consecutive hyphens.
	// Experimental.
	DbProxyName *string `field:"optional" json:"dbProxyName" yaml:"dbProxyName"`
	// Whether the proxy includes detailed information about SQL statements in its logs.
	//
	// This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections.
	// The debug information includes the text of SQL statements that you submit through the proxy.
	// Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive
	// information that appears in the logs.
	// Experimental.
	DebugLogging *bool `field:"optional" json:"debugLogging" yaml:"debugLogging"`
	// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy.
	// Experimental.
	IamAuth *bool `field:"optional" json:"iamAuth" yaml:"iamAuth"`
	// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
	//
	// You can set this value higher or lower than the connection timeout limit for the associated database.
	// Experimental.
	IdleClientTimeout awscdk.Duration `field:"optional" json:"idleClientTimeout" yaml:"idleClientTimeout"`
	// One or more SQL statements for the proxy to run when opening each new database connection.
	//
	// Typically used with SET statements to make sure that each connection has identical settings such as time zone
	// and character set.
	// For multiple statements, use semicolons as the separator.
	// You can also include multiple variables in a single SET statement, such as SET x=1, y=2.
	//
	// not currently supported for PostgreSQL.
	// Experimental.
	InitQuery *string `field:"optional" json:"initQuery" yaml:"initQuery"`
	// The maximum size of the connection pool for each target in a target group.
	//
	// For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance or Aurora DB
	// cluster used by the target group.
	//
	// 1-100.
	// Experimental.
	MaxConnectionsPercent *float64 `field:"optional" json:"maxConnectionsPercent" yaml:"maxConnectionsPercent"`
	// Controls how actively the proxy closes idle database connections in the connection pool.
	//
	// A high value enables the proxy to leave a high percentage of idle connections open.
	// A low value causes the proxy to close idle client connections and return the underlying database connections
	// to the connection pool.
	// For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance
	// or Aurora DB cluster used by the target group.
	//
	// between 0 and MaxConnectionsPercent.
	// Experimental.
	MaxIdleConnectionsPercent *float64 `field:"optional" json:"maxIdleConnectionsPercent" yaml:"maxIdleConnectionsPercent"`
	// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
	//
	// By enabling this setting, you can enforce encrypted TLS connections to the proxy.
	// Experimental.
	RequireTLS *bool `field:"optional" json:"requireTLS" yaml:"requireTLS"`
	// IAM role that the proxy uses to access secrets in AWS Secrets Manager.
	// Experimental.
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// One or more VPC security groups to associate with the new proxy.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection.
	//
	// Including an item in the list exempts that class of SQL operations from the pinning behavior.
	// Experimental.
	SessionPinningFilters *[]SessionPinningFilter `field:"optional" json:"sessionPinningFilters" yaml:"sessionPinningFilters"`
	// The subnets used by the proxy.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// DB proxy target: Instance or Cluster.
	// Experimental.
	ProxyTarget ProxyTarget `field:"required" json:"proxyTarget" yaml:"proxyTarget"`
}

Construction properties for a DatabaseProxy.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

type DatabaseSecret

type DatabaseSecret interface {
	awssecretsmanager.Secret
	// Provides an identifier for this secret for use in IAM policies.
	//
	// If there is a full ARN, this is just the ARN;
	// if we have a partial ARN -- due to either importing by secret name or partial ARN --
	// then we need to add a suffix to capture the full ARN's format.
	// Experimental.
	ArnForPolicies() *string
	// Experimental.
	AutoCreatePolicy() *bool
	// The customer-managed encryption key that is used to encrypt this secret, if any.
	//
	// When not specified, the default
	// KMS key for the account and region is being used.
	// Experimental.
	EncryptionKey() awskms.IKey
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The ARN of the secret in AWS Secrets Manager.
	//
	// Will return the full ARN if available, otherwise a partial arn.
	// For secrets imported by the deprecated `fromSecretName`, it will return the `secretName`.
	// Experimental.
	SecretArn() *string
	// The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.
	//
	// This is equal to `secretArn` in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).
	// Experimental.
	SecretFullArn() *string
	// The name of the secret.
	//
	// For "owned" secrets, this will be the full resource name (secret name + suffix), unless the
	// '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.
	// Experimental.
	SecretName() *string
	// Retrieve the value of the stored secret as a `SecretValue`.
	// Experimental.
	SecretValue() awscdk.SecretValue
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a replica region for the secret.
	// Experimental.
	AddReplicaRegion(region *string, encryptionKey awskms.IKey)
	// Adds a rotation schedule to the secret.
	// Experimental.
	AddRotationSchedule(id *string, options *awssecretsmanager.RotationScheduleOptions) awssecretsmanager.RotationSchedule
	// Adds a target attachment to the secret.
	//
	// Returns: an AttachedSecret.
	// Deprecated: use `attach()` instead.
	AddTargetAttachment(id *string, options *awssecretsmanager.AttachedSecretOptions) awssecretsmanager.SecretTargetAttachment
	// Adds a statement to the IAM resource policy associated with this secret.
	//
	// If this secret was created in this stack, a resource policy will be
	// automatically created upon the first call to `addToResourcePolicy`. If
	// the secret is imported, then this is a no-op.
	// Experimental.
	AddToResourcePolicy(statement awsiam.PolicyStatement) *awsiam.AddToResourcePolicyResult
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Attach a target to this secret.
	//
	// Returns: An attached secret.
	// Experimental.
	Attach(target awssecretsmanager.ISecretAttachmentTarget) awssecretsmanager.ISecret
	// Denies the `DeleteSecret` action to all principals within the current account.
	// Experimental.
	DenyAccountRootDelete()
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grants reading the secret value to some role.
	// Experimental.
	GrantRead(grantee awsiam.IGrantable, versionStages *[]*string) awsiam.Grant
	// Grants writing and updating the secret value to some role.
	// Experimental.
	GrantWrite(grantee awsiam.IGrantable) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Interpret the secret as a JSON object and return a field's value from it as a `SecretValue`.
	// Experimental.
	SecretValueFromJson(jsonField *string) awscdk.SecretValue
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	// Experimental.
	Validate() *[]*string
}

A database secret.

Example:

// Build a data source for AppSync to access the database.
var api graphqlApi
// Create username and password secret for DB Cluster
secret := rds.NewDatabaseSecret(this, jsii.String("AuroraSecret"), &databaseSecretProps{
	username: jsii.String("clusteradmin"),
})

// The VPC to place the cluster in
vpc := ec2.NewVpc(this, jsii.String("AuroraVpc"))

// Create the serverless cluster, provide all values needed to customise the database.
cluster := rds.NewServerlessCluster(this, jsii.String("AuroraCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	credentials: map[string]*string{
		"username": jsii.String("clusteradmin"),
	},
	clusterIdentifier: jsii.String("db-endpoint-test"),
	defaultDatabaseName: jsii.String("demos"),
})
rdsDS := api.addRdsDataSource(jsii.String("rds"), cluster, secret, jsii.String("demos"))

// Set up a resolver for an RDS query.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Query"),
	fieldName: jsii.String("getDemosRds"),
	requestMappingTemplate: appsync.mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"SELECT * FROM demos\"\n    ]\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])\n  ")),
})

// Set up a resolver for an RDS mutation.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Mutation"),
	fieldName: jsii.String("addDemoRds"),
	requestMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"INSERT INTO demos VALUES (:id, :version)\",\n      \"SELECT * WHERE id = :id\"\n    ],\n    \"variableMap\": {\n      \":id\": $util.toJson($util.autoId()),\n      \":version\": $util.toJson($ctx.args.version)\n    }\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])\n  ")),
})

Experimental.

func NewDatabaseSecret

func NewDatabaseSecret(scope constructs.Construct, id *string, props *DatabaseSecretProps) DatabaseSecret

Experimental.

type DatabaseSecretProps

type DatabaseSecretProps struct {
	// The username.
	// Experimental.
	Username *string `field:"required" json:"username" yaml:"username"`
	// The KMS key to use to encrypt the secret.
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// Characters to not include in the generated password.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// The master secret which will be used to rotate this secret.
	// Experimental.
	MasterSecret awssecretsmanager.ISecret `field:"optional" json:"masterSecret" yaml:"masterSecret"`
	// Whether to replace this secret when the criteria for the password change.
	//
	// This is achieved by overriding the logical id of the AWS::SecretsManager::Secret
	// with a hash of the options that influence the password generation. This
	// way a new secret will be created when the password is regenerated and the
	// cluster or instance consuming this secret will have its credentials updated.
	// Experimental.
	ReplaceOnPasswordCriteriaChanges *bool `field:"optional" json:"replaceOnPasswordCriteriaChanges" yaml:"replaceOnPasswordCriteriaChanges"`
	// A list of regions where to replicate this secret.
	// Experimental.
	ReplicaRegions *[]*awssecretsmanager.ReplicaRegion `field:"optional" json:"replicaRegions" yaml:"replicaRegions"`
	// A name for the secret.
	// Experimental.
	SecretName *string `field:"optional" json:"secretName" yaml:"secretName"`
}

Construction properties for a DatabaseSecret.

Example:

// Build a data source for AppSync to access the database.
var api graphqlApi
// Create username and password secret for DB Cluster
secret := rds.NewDatabaseSecret(this, jsii.String("AuroraSecret"), &databaseSecretProps{
	username: jsii.String("clusteradmin"),
})

// The VPC to place the cluster in
vpc := ec2.NewVpc(this, jsii.String("AuroraVpc"))

// Create the serverless cluster, provide all values needed to customise the database.
cluster := rds.NewServerlessCluster(this, jsii.String("AuroraCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	credentials: map[string]*string{
		"username": jsii.String("clusteradmin"),
	},
	clusterIdentifier: jsii.String("db-endpoint-test"),
	defaultDatabaseName: jsii.String("demos"),
})
rdsDS := api.addRdsDataSource(jsii.String("rds"), cluster, secret, jsii.String("demos"))

// Set up a resolver for an RDS query.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Query"),
	fieldName: jsii.String("getDemosRds"),
	requestMappingTemplate: appsync.mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"SELECT * FROM demos\"\n    ]\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])\n  ")),
})

// Set up a resolver for an RDS mutation.
rdsDS.createResolver(&baseResolverProps{
	typeName: jsii.String("Mutation"),
	fieldName: jsii.String("addDemoRds"),
	requestMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"INSERT INTO demos VALUES (:id, :version)\",\n      \"SELECT * WHERE id = :id\"\n    ],\n    \"variableMap\": {\n      \":id\": $util.toJson($util.autoId()),\n      \":version\": $util.toJson($ctx.args.version)\n    }\n  }\n  ")),
	responseMappingTemplate: appsync.*mappingTemplate.fromString(jsii.String("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])\n  ")),
})

Experimental.

type Endpoint

type Endpoint interface {
	// The hostname of the endpoint.
	// Experimental.
	Hostname() *string
	// The port of the endpoint.
	// Experimental.
	Port() *float64
	// The combination of "HOSTNAME:PORT" for this endpoint.
	// Experimental.
	SocketAddress() *string
}

Connection endpoint of a database cluster or instance.

Consists of a combination of hostname and port.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

endpoint := awscdk.Aws_rds.NewEndpoint(jsii.String("address"), jsii.Number(123))

Experimental.

func NewEndpoint

func NewEndpoint(address *string, port *float64) Endpoint

Experimental.

type EngineVersion

type EngineVersion struct {
	// The major version of the engine, for example, "5.6". Used in specifying the ParameterGroup family and OptionGroup version for this engine.
	// Experimental.
	MajorVersion *string `field:"required" json:"majorVersion" yaml:"majorVersion"`
	// The full version string of the engine, for example, "5.6.mysql_aurora.1.22.1". It can be undefined, which means RDS should use whatever version it deems appropriate for the given engine type.
	// Experimental.
	FullVersion *string `field:"optional" json:"fullVersion" yaml:"fullVersion"`
}

A version of an engine - for either a cluster, or instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

engineVersion := &engineVersion{
	majorVersion: jsii.String("majorVersion"),

	// the properties below are optional
	fullVersion: jsii.String("fullVersion"),
}

Experimental.

type IClusterEngine

type IClusterEngine interface {
	IEngine
	// Method called when the engine is used to create a new cluster.
	// Experimental.
	BindToCluster(scope awscdk.Construct, options *ClusterEngineBindOptions) *ClusterEngineConfig
	// Whether the IAM Roles used for data importing and exporting need to be combined for this Engine, or can they be kept separate.
	// Experimental.
	CombineImportAndExportRoles() *bool
	// The application used by this engine to perform rotation for a multi-user scenario.
	// Experimental.
	MultiUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// The application used by this engine to perform rotation for a single-user scenario.
	// Experimental.
	SingleUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// The log types that are available with this engine type.
	// Experimental.
	SupportedLogTypes() *[]*string
}

The interface representing a database cluster (as opposed to instance) engine. Experimental.

func DatabaseClusterEngine_AURORA

func DatabaseClusterEngine_AURORA() IClusterEngine

func DatabaseClusterEngine_AURORA_MYSQL

func DatabaseClusterEngine_AURORA_MYSQL() IClusterEngine

func DatabaseClusterEngine_AURORA_POSTGRESQL

func DatabaseClusterEngine_AURORA_POSTGRESQL() IClusterEngine

func DatabaseClusterEngine_Aurora

func DatabaseClusterEngine_Aurora(props *AuroraClusterEngineProps) IClusterEngine

Creates a new plain Aurora database cluster engine. Experimental.

func DatabaseClusterEngine_AuroraMysql

func DatabaseClusterEngine_AuroraMysql(props *AuroraMysqlClusterEngineProps) IClusterEngine

Creates a new Aurora MySQL database cluster engine. Experimental.

func DatabaseClusterEngine_AuroraPostgres

func DatabaseClusterEngine_AuroraPostgres(props *AuroraPostgresClusterEngineProps) IClusterEngine

Creates a new Aurora PostgreSQL database cluster engine. Experimental.

type IDatabaseCluster

type IDatabaseCluster interface {
	awsec2.IConnectable
	awscdk.IResource
	awssecretsmanager.ISecretAttachmentTarget
	// Add a new db proxy to this cluster.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Return the given named metric for this DBCluster.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of deadlocks in the database per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDeadlocks(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of time that the instance has been running, in seconds.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricEngineUptime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of local storage available, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeLocalStorage(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput received from clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkReceiveThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of network throughput sent to clients by each instance, in bytes per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricNetworkTransmitThroughput(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricSnapshotStorageUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The total amount of backup storage in bytes for which you are billed.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricTotalBackupStorageBilled(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of storage used by your Aurora DB instance, in bytes.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeBytesUsed(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeReadIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricVolumeWriteIOPs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// Endpoint to use for load-balanced read-only operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// The engine of this Cluster.
	//
	// May be not known for imported Clusters if it wasn't provided explicitly.
	// Experimental.
	Engine() IClusterEngine
	// Endpoints which address each individual replica.
	// Experimental.
	InstanceEndpoints() *[]Endpoint
	// Identifiers of the replicas.
	// Experimental.
	InstanceIdentifiers() *[]*string
}

Create a clustered database with a given number of instances. Experimental.

func DatabaseCluster_FromDatabaseClusterAttributes

func DatabaseCluster_FromDatabaseClusterAttributes(scope constructs.Construct, id *string, attrs *DatabaseClusterAttributes) IDatabaseCluster

Import an existing DatabaseCluster from properties. Experimental.

type IDatabaseInstance

type IDatabaseInstance interface {
	awsec2.IConnectable
	awscdk.IResource
	awssecretsmanager.ISecretAttachmentTarget
	// Add a new db proxy to this instance.
	// Experimental.
	AddProxy(id *string, options *DatabaseProxyOptions) DatabaseProxy
	// Grant the given identity connection access to the database.
	//
	// **Note**: this method does not currently work, see https://github.com/aws/aws-cdk/issues/11851 for details.
	// See: https://github.com/aws/aws-cdk/issues/11851
	//
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable) awsiam.Grant
	// Return the given named metric for this DBInstance.
	// Experimental.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The percentage of CPU utilization.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricCPUUtilization(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The number of database connections in use.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricDatabaseConnections(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available random access memory.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeableMemory(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The amount of available storage space.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricFreeStorageSpace(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk write I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricReadIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The average number of disk read I/O operations per second.
	//
	// Average over 5 minutes.
	// Experimental.
	MetricWriteIOPS(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Defines a CloudWatch event rule which triggers for instance events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// The instance endpoint address.
	// Experimental.
	DbInstanceEndpointAddress() *string
	// The instance endpoint port.
	// Experimental.
	DbInstanceEndpointPort() *string
	// The engine of this database Instance.
	//
	// May be not known for imported Instances if it wasn't provided explicitly,
	// or for read replicas.
	// Experimental.
	Engine() IInstanceEngine
	// The instance arn.
	// Experimental.
	InstanceArn() *string
	// The instance endpoint.
	// Experimental.
	InstanceEndpoint() Endpoint
	// The instance identifier.
	// Experimental.
	InstanceIdentifier() *string
}

A database instance. Experimental.

func DatabaseInstanceBase_FromDatabaseInstanceAttributes

func DatabaseInstanceBase_FromDatabaseInstanceAttributes(scope constructs.Construct, id *string, attrs *DatabaseInstanceAttributes) IDatabaseInstance

Import an existing database instance. Experimental.

func DatabaseInstanceFromSnapshot_FromDatabaseInstanceAttributes

func DatabaseInstanceFromSnapshot_FromDatabaseInstanceAttributes(scope constructs.Construct, id *string, attrs *DatabaseInstanceAttributes) IDatabaseInstance

Import an existing database instance. Experimental.

func DatabaseInstanceReadReplica_FromDatabaseInstanceAttributes

func DatabaseInstanceReadReplica_FromDatabaseInstanceAttributes(scope constructs.Construct, id *string, attrs *DatabaseInstanceAttributes) IDatabaseInstance

Import an existing database instance. Experimental.

func DatabaseInstance_FromDatabaseInstanceAttributes

func DatabaseInstance_FromDatabaseInstanceAttributes(scope constructs.Construct, id *string, attrs *DatabaseInstanceAttributes) IDatabaseInstance

Import an existing database instance. Experimental.

type IDatabaseProxy

type IDatabaseProxy interface {
	awscdk.IResource
	// Grant the given identity connection access to the proxy.
	// Experimental.
	GrantConnect(grantee awsiam.IGrantable, dbUser *string) awsiam.Grant
	// DB Proxy ARN.
	// Experimental.
	DbProxyArn() *string
	// DB Proxy Name.
	// Experimental.
	DbProxyName() *string
	// Endpoint.
	// Experimental.
	Endpoint() *string
}

DB Proxy. Experimental.

func DatabaseProxy_FromDatabaseProxyAttributes

func DatabaseProxy_FromDatabaseProxyAttributes(scope constructs.Construct, id *string, attrs *DatabaseProxyAttributes) IDatabaseProxy

Import an existing database proxy. Experimental.

type IEngine

type IEngine interface {
	// The default name of the master database user if one was not provided explicitly.
	//
	// The global default of 'admin' will be used if this is `undefined`.
	// Note that 'admin' is a reserved word in PostgreSQL and cannot be used.
	// Experimental.
	DefaultUsername() *string
	// The family this engine belongs to, like "MYSQL", or "POSTGRESQL".
	//
	// This property is used when creating a Database Proxy.
	// Most engines don't belong to any family
	// (and because of that, you can't create Database Proxies for their Clusters or Instances).
	// Experimental.
	EngineFamily() *string
	// The type of the engine, for example "mysql".
	// Experimental.
	EngineType() *string
	// The exact version of the engine that is used, for example "5.1.42".
	// Experimental.
	EngineVersion() *EngineVersion
	// The family to use for ParameterGroups using this engine.
	//
	// This is usually equal to "<engineType><engineMajorVersion>",
	// but can sometimes be a variation of that.
	// You can pass this property when creating new ParameterGroup.
	// Experimental.
	ParameterGroupFamily() *string
}

A common interface for database engines.

Don't implement this interface directly, instead implement one of the known sub-interfaces, like IClusterEngine and IInstanceEngine. Experimental.

type IInstanceEngine

type IInstanceEngine interface {
	IEngine
	// Method called when the engine is used to create a new instance.
	// Experimental.
	BindToInstance(scope awscdk.Construct, options *InstanceEngineBindOptions) *InstanceEngineConfig
	// The application used by this engine to perform rotation for a multi-user scenario.
	// Experimental.
	MultiUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// The application used by this engine to perform rotation for a single-user scenario.
	// Experimental.
	SingleUserRotationApplication() awssecretsmanager.SecretRotationApplication
	// Whether this engine supports automatic backups of a read replica instance.
	// Experimental.
	SupportsReadReplicaBackups() *bool
}

Interface representing a database instance (as opposed to cluster) engine. Experimental.

func DatabaseInstanceEngine_MARIADB

func DatabaseInstanceEngine_MARIADB() IInstanceEngine

func DatabaseInstanceEngine_MYSQL

func DatabaseInstanceEngine_MYSQL() IInstanceEngine

func DatabaseInstanceEngine_MariaDb

func DatabaseInstanceEngine_MariaDb(props *MariaDbInstanceEngineProps) IInstanceEngine

Creates a new MariaDB instance engine. Experimental.

func DatabaseInstanceEngine_Mysql

func DatabaseInstanceEngine_Mysql(props *MySqlInstanceEngineProps) IInstanceEngine

Creates a new MySQL instance engine. Experimental.

func DatabaseInstanceEngine_ORACLE_EE

func DatabaseInstanceEngine_ORACLE_EE() IInstanceEngine

func DatabaseInstanceEngine_ORACLE_SE

func DatabaseInstanceEngine_ORACLE_SE() IInstanceEngine

func DatabaseInstanceEngine_ORACLE_SE1

func DatabaseInstanceEngine_ORACLE_SE1() IInstanceEngine

func DatabaseInstanceEngine_ORACLE_SE2

func DatabaseInstanceEngine_ORACLE_SE2() IInstanceEngine

func DatabaseInstanceEngine_OracleEe

func DatabaseInstanceEngine_OracleEe(props *OracleEeInstanceEngineProps) IInstanceEngine

Creates a new Oracle Enterprise Edition instance engine. Experimental.

func DatabaseInstanceEngine_OracleSe

func DatabaseInstanceEngine_OracleSe(props *OracleSeInstanceEngineProps) IInstanceEngine

Creates a new Oracle Standard Edition instance engine. Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341

func DatabaseInstanceEngine_OracleSe1

func DatabaseInstanceEngine_OracleSe1(props *OracleSe1InstanceEngineProps) IInstanceEngine

Creates a new Oracle Standard Edition 1 instance engine. Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341

func DatabaseInstanceEngine_OracleSe2

func DatabaseInstanceEngine_OracleSe2(props *OracleSe2InstanceEngineProps) IInstanceEngine

Creates a new Oracle Standard Edition 1 instance engine. Experimental.

func DatabaseInstanceEngine_POSTGRES

func DatabaseInstanceEngine_POSTGRES() IInstanceEngine

func DatabaseInstanceEngine_Postgres

func DatabaseInstanceEngine_Postgres(props *PostgresInstanceEngineProps) IInstanceEngine

Creates a new PostgreSQL instance engine. Experimental.

func DatabaseInstanceEngine_SQL_SERVER_EE

func DatabaseInstanceEngine_SQL_SERVER_EE() IInstanceEngine

func DatabaseInstanceEngine_SQL_SERVER_EX

func DatabaseInstanceEngine_SQL_SERVER_EX() IInstanceEngine

func DatabaseInstanceEngine_SQL_SERVER_SE

func DatabaseInstanceEngine_SQL_SERVER_SE() IInstanceEngine

func DatabaseInstanceEngine_SQL_SERVER_WEB

func DatabaseInstanceEngine_SQL_SERVER_WEB() IInstanceEngine

func DatabaseInstanceEngine_SqlServerEe

func DatabaseInstanceEngine_SqlServerEe(props *SqlServerEeInstanceEngineProps) IInstanceEngine

Creates a new SQL Server Enterprise Edition instance engine. Experimental.

func DatabaseInstanceEngine_SqlServerEx

func DatabaseInstanceEngine_SqlServerEx(props *SqlServerExInstanceEngineProps) IInstanceEngine

Creates a new SQL Server Express Edition instance engine. Experimental.

func DatabaseInstanceEngine_SqlServerSe

func DatabaseInstanceEngine_SqlServerSe(props *SqlServerSeInstanceEngineProps) IInstanceEngine

Creates a new SQL Server Standard Edition instance engine. Experimental.

func DatabaseInstanceEngine_SqlServerWeb

func DatabaseInstanceEngine_SqlServerWeb(props *SqlServerWebInstanceEngineProps) IInstanceEngine

Creates a new SQL Server Web Edition instance engine. Experimental.

type IOptionGroup

type IOptionGroup interface {
	awscdk.IResource
	// Adds a configuration to this OptionGroup.
	//
	// This method is a no-op for an imported OptionGroup.
	//
	// Returns: true if the OptionConfiguration was successfully added.
	// Experimental.
	AddConfiguration(configuration *OptionConfiguration) *bool
	// The name of the option group.
	// Experimental.
	OptionGroupName() *string
}

An option group. Experimental.

func OptionGroup_FromOptionGroupName

func OptionGroup_FromOptionGroupName(scope constructs.Construct, id *string, optionGroupName *string) IOptionGroup

Import an existing option group. Experimental.

type IParameterGroup

type IParameterGroup interface {
	awscdk.IResource
	// Adds a parameter to this group.
	//
	// If this is an imported parameter group,
	// this method does nothing.
	//
	// Returns: true if the parameter was actually added
	// (i.e., this ParameterGroup is not imported),
	// false otherwise.
	// Experimental.
	AddParameter(key *string, value *string) *bool
	// Method called when this Parameter Group is used when defining a database cluster.
	// Experimental.
	BindToCluster(options *ParameterGroupClusterBindOptions) *ParameterGroupClusterConfig
	// Method called when this Parameter Group is used when defining a database instance.
	// Experimental.
	BindToInstance(options *ParameterGroupInstanceBindOptions) *ParameterGroupInstanceConfig
}

A parameter group.

Represents both a cluster parameter group, and an instance parameter group. Experimental.

func ParameterGroup_FromParameterGroupName

func ParameterGroup_FromParameterGroupName(scope constructs.Construct, id *string, parameterGroupName *string) IParameterGroup

Imports a parameter group. Experimental.

type IServerlessCluster

type IServerlessCluster interface {
	awsec2.IConnectable
	awscdk.IResource
	awssecretsmanager.ISecretAttachmentTarget
	// Grant the given identity to access to the Data API.
	// Experimental.
	GrantDataApiAccess(grantee awsiam.IGrantable) awsiam.Grant
	// The ARN of the cluster.
	// Experimental.
	ClusterArn() *string
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// Endpoint to use for load-balanced read-only operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
}

Interface representing a serverless database cluster. Experimental.

func ServerlessCluster_FromServerlessClusterAttributes

func ServerlessCluster_FromServerlessClusterAttributes(scope constructs.Construct, id *string, attrs *ServerlessClusterAttributes) IServerlessCluster

Import an existing DatabaseCluster from properties. Experimental.

type ISubnetGroup

type ISubnetGroup interface {
	awscdk.IResource
	// The name of the subnet group.
	// Experimental.
	SubnetGroupName() *string
}

Interface for a subnet group. Experimental.

func SubnetGroup_FromSubnetGroupName

func SubnetGroup_FromSubnetGroupName(scope constructs.Construct, id *string, subnetGroupName *string) ISubnetGroup

Imports an existing subnet group by name. Experimental.

type InstanceEngineBindOptions

type InstanceEngineBindOptions struct {
	// The Active Directory directory ID to create the DB instance in.
	// Experimental.
	Domain *string `field:"optional" json:"domain" yaml:"domain"`
	// The option group of the database.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
	// The role used for S3 exporting.
	// Experimental.
	S3ExportRole awsiam.IRole `field:"optional" json:"s3ExportRole" yaml:"s3ExportRole"`
	// The role used for S3 importing.
	// Experimental.
	S3ImportRole awsiam.IRole `field:"optional" json:"s3ImportRole" yaml:"s3ImportRole"`
	// The timezone of the database, set by the customer.
	// Experimental.
	Timezone *string `field:"optional" json:"timezone" yaml:"timezone"`
}

The options passed to {@link IInstanceEngine.bind}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var optionGroup optionGroup
var role role

instanceEngineBindOptions := &instanceEngineBindOptions{
	domain: jsii.String("domain"),
	optionGroup: optionGroup,
	s3ExportRole: role,
	s3ImportRole: role,
	timezone: jsii.String("timezone"),
}

Experimental.

type InstanceEngineConfig

type InstanceEngineConfig struct {
	// Features supported by the database engine.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html
	//
	// Experimental.
	Features *InstanceEngineFeatures `field:"optional" json:"features" yaml:"features"`
	// Option group of the database.
	// Experimental.
	OptionGroup IOptionGroup `field:"optional" json:"optionGroup" yaml:"optionGroup"`
}

The type returned from the {@link IInstanceEngine.bind} method.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var optionGroup optionGroup

instanceEngineConfig := &instanceEngineConfig{
	features: &instanceEngineFeatures{
		s3Export: jsii.String("s3Export"),
		s3Import: jsii.String("s3Import"),
	},
	optionGroup: optionGroup,
}

Experimental.

type InstanceEngineFeatures

type InstanceEngineFeatures struct {
	// Feature name for the DB instance that the IAM role to export to S3 bucket is to be associated with.
	// Experimental.
	S3Export *string `field:"optional" json:"s3Export" yaml:"s3Export"`
	// Feature name for the DB instance that the IAM role to access the S3 bucket for import is to be associated with.
	// Experimental.
	S3Import *string `field:"optional" json:"s3Import" yaml:"s3Import"`
}

Represents Database Engine features.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

instanceEngineFeatures := &instanceEngineFeatures{
	s3Export: jsii.String("s3Export"),
	s3Import: jsii.String("s3Import"),
}

Experimental.

type InstanceProps

type InstanceProps struct {
	// What subnets to run the RDS instances in.
	//
	// Must be at least 2 subnets in two different AZs.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Whether to allow upgrade of major version for the DB instance.
	// Experimental.
	AllowMajorVersionUpgrade *bool `field:"optional" json:"allowMajorVersionUpgrade" yaml:"allowMajorVersionUpgrade"`
	// Whether to enable automatic upgrade of minor version for the DB instance.
	// Experimental.
	AutoMinorVersionUpgrade *bool `field:"optional" json:"autoMinorVersionUpgrade" yaml:"autoMinorVersionUpgrade"`
	// Whether to remove automated backups immediately after the DB instance is deleted for the DB instance.
	// Experimental.
	DeleteAutomatedBackups *bool `field:"optional" json:"deleteAutomatedBackups" yaml:"deleteAutomatedBackups"`
	// Whether to enable Performance Insights for the DB instance.
	// Experimental.
	EnablePerformanceInsights *bool `field:"optional" json:"enablePerformanceInsights" yaml:"enablePerformanceInsights"`
	// What type of instance to start for the replicas.
	// Experimental.
	InstanceType awsec2.InstanceType `field:"optional" json:"instanceType" yaml:"instanceType"`
	// The DB parameter group to associate with the instance.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The parameters in the DBParameterGroup to create automatically.
	//
	// You can only specify parameterGroup or parameters but not both.
	// You need to use a versioned engine to auto-generate a DBParameterGroup.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
	// The AWS KMS key for encryption of Performance Insights data.
	// Experimental.
	PerformanceInsightEncryptionKey awskms.IKey `field:"optional" json:"performanceInsightEncryptionKey" yaml:"performanceInsightEncryptionKey"`
	// The amount of time, in days, to retain Performance Insights data.
	// Experimental.
	PerformanceInsightRetention PerformanceInsightRetention `field:"optional" json:"performanceInsightRetention" yaml:"performanceInsightRetention"`
	// Indicates whether the DB instance is an internet-facing instance.
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// Security group.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Where to place the instances within the VPC.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Instance properties for database instances.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

type LicenseModel

type LicenseModel string

The license model.

Example:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Experimental.

const (
	// License included.
	// Experimental.
	LicenseModel_LICENSE_INCLUDED LicenseModel = "LICENSE_INCLUDED"
	// Bring your own licencse.
	// Experimental.
	LicenseModel_BRING_YOUR_OWN_LICENSE LicenseModel = "BRING_YOUR_OWN_LICENSE"
	// General public license.
	// Experimental.
	LicenseModel_GENERAL_PUBLIC_LICENSE LicenseModel = "GENERAL_PUBLIC_LICENSE"
)

type MariaDbEngineVersion

type MariaDbEngineVersion interface {
	// The full version string, for example, "10.5.28".
	// Experimental.
	MariaDbFullVersion() *string
	// The major version of the engine, for example, "10.5".
	// Experimental.
	MariaDbMajorVersion() *string
}

The versions for the MariaDB instance engines (those returned by {@link DatabaseInstanceEngine.mariaDb}).

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

mariaDbEngineVersion := awscdk.Aws_rds.mariaDbEngineVersion_VER_10_0()

Experimental.

func MariaDbEngineVersion_Of

func MariaDbEngineVersion_Of(mariaDbFullVersion *string, mariaDbMajorVersion *string) MariaDbEngineVersion

Create a new MariaDbEngineVersion with an arbitrary version. Experimental.

func MariaDbEngineVersion_VER_10_0

func MariaDbEngineVersion_VER_10_0() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_17

func MariaDbEngineVersion_VER_10_0_17() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_24

func MariaDbEngineVersion_VER_10_0_24() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_28

func MariaDbEngineVersion_VER_10_0_28() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_31

func MariaDbEngineVersion_VER_10_0_31() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_32

func MariaDbEngineVersion_VER_10_0_32() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_34

func MariaDbEngineVersion_VER_10_0_34() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_0_35

func MariaDbEngineVersion_VER_10_0_35() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1

func MariaDbEngineVersion_VER_10_1() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_14

func MariaDbEngineVersion_VER_10_1_14() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_19

func MariaDbEngineVersion_VER_10_1_19() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_23

func MariaDbEngineVersion_VER_10_1_23() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_26

func MariaDbEngineVersion_VER_10_1_26() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_31

func MariaDbEngineVersion_VER_10_1_31() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_1_34

func MariaDbEngineVersion_VER_10_1_34() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2

func MariaDbEngineVersion_VER_10_2() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_11

func MariaDbEngineVersion_VER_10_2_11() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_12

func MariaDbEngineVersion_VER_10_2_12() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_15

func MariaDbEngineVersion_VER_10_2_15() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_21

func MariaDbEngineVersion_VER_10_2_21() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_32

func MariaDbEngineVersion_VER_10_2_32() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_37

func MariaDbEngineVersion_VER_10_2_37() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_39

func MariaDbEngineVersion_VER_10_2_39() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_40

func MariaDbEngineVersion_VER_10_2_40() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_2_41

func MariaDbEngineVersion_VER_10_2_41() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3

func MariaDbEngineVersion_VER_10_3() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_13

func MariaDbEngineVersion_VER_10_3_13() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_20

func MariaDbEngineVersion_VER_10_3_20() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_23

func MariaDbEngineVersion_VER_10_3_23() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_28

func MariaDbEngineVersion_VER_10_3_28() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_31

func MariaDbEngineVersion_VER_10_3_31() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_32

func MariaDbEngineVersion_VER_10_3_32() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_3_8

func MariaDbEngineVersion_VER_10_3_8() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4

func MariaDbEngineVersion_VER_10_4() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4_13

func MariaDbEngineVersion_VER_10_4_13() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4_18

func MariaDbEngineVersion_VER_10_4_18() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4_21

func MariaDbEngineVersion_VER_10_4_21() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4_22

func MariaDbEngineVersion_VER_10_4_22() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_4_8

func MariaDbEngineVersion_VER_10_4_8() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_5

func MariaDbEngineVersion_VER_10_5() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_5_12

func MariaDbEngineVersion_VER_10_5_12() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_5_13

func MariaDbEngineVersion_VER_10_5_13() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_5_8

func MariaDbEngineVersion_VER_10_5_8() MariaDbEngineVersion

func MariaDbEngineVersion_VER_10_5_9

func MariaDbEngineVersion_VER_10_5_9() MariaDbEngineVersion

type MariaDbInstanceEngineProps

type MariaDbInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version MariaDbEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for MariaDB instance engines.

Used in {@link DatabaseInstanceEngine.mariaDb}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mariaDbEngineVersion mariaDbEngineVersion

mariaDbInstanceEngineProps := &mariaDbInstanceEngineProps{
	version: mariaDbEngineVersion,
}

Experimental.

type MySqlInstanceEngineProps

type MySqlInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version MysqlEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for MySQL instance engines.

Used in {@link DatabaseInstanceEngine.mysql}.

Example:

var vpc vpc

role := iam.NewRole(this, jsii.String("RDSDirectoryServicesRole"), &roleProps{
	assumedBy: iam.NewServicePrincipal(jsii.String("rds.amazonaws.com")),
	managedPolicies: []iManagedPolicy{
		iam.managedPolicy.fromAwsManagedPolicyName(jsii.String("service-role/AmazonRDSDirectoryServiceAccess")),
	},
})
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.mysql(&mySqlInstanceEngineProps{
		version: rds.mysqlEngineVersion_VER_8_0_19(),
	}),
	vpc: vpc,
	domain: jsii.String("d-????????"),
	 // The ID of the domain for the instance to join.
	domainRole: role,
})

Experimental.

type MysqlEngineVersion

type MysqlEngineVersion interface {
	// The full version string, for example, "10.5.28".
	// Experimental.
	MysqlFullVersion() *string
	// The major version of the engine, for example, "10.5".
	// Experimental.
	MysqlMajorVersion() *string
}

The versions for the MySQL instance engines (those returned by {@link DatabaseInstanceEngine.mysql}).

Example:

var vpc vpc

role := iam.NewRole(this, jsii.String("RDSDirectoryServicesRole"), &roleProps{
	assumedBy: iam.NewServicePrincipal(jsii.String("rds.amazonaws.com")),
	managedPolicies: []iManagedPolicy{
		iam.managedPolicy.fromAwsManagedPolicyName(jsii.String("service-role/AmazonRDSDirectoryServiceAccess")),
	},
})
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.mysql(&mySqlInstanceEngineProps{
		version: rds.mysqlEngineVersion_VER_8_0_19(),
	}),
	vpc: vpc,
	domain: jsii.String("d-????????"),
	 // The ID of the domain for the instance to join.
	domainRole: role,
})

Experimental.

func MysqlEngineVersion_Of

func MysqlEngineVersion_Of(mysqlFullVersion *string, mysqlMajorVersion *string) MysqlEngineVersion

Create a new MysqlEngineVersion with an arbitrary version. Experimental.

func MysqlEngineVersion_VER_5_5

func MysqlEngineVersion_VER_5_5() MysqlEngineVersion

func MysqlEngineVersion_VER_5_5_46

func MysqlEngineVersion_VER_5_5_46() MysqlEngineVersion

func MysqlEngineVersion_VER_5_5_53

func MysqlEngineVersion_VER_5_5_53() MysqlEngineVersion

func MysqlEngineVersion_VER_5_5_57

func MysqlEngineVersion_VER_5_5_57() MysqlEngineVersion

func MysqlEngineVersion_VER_5_5_59

func MysqlEngineVersion_VER_5_5_59() MysqlEngineVersion

func MysqlEngineVersion_VER_5_5_61

func MysqlEngineVersion_VER_5_5_61() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6

func MysqlEngineVersion_VER_5_6() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_34

func MysqlEngineVersion_VER_5_6_34() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_35

func MysqlEngineVersion_VER_5_6_35() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_37

func MysqlEngineVersion_VER_5_6_37() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_39

func MysqlEngineVersion_VER_5_6_39() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_40

func MysqlEngineVersion_VER_5_6_40() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_41

func MysqlEngineVersion_VER_5_6_41() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_43

func MysqlEngineVersion_VER_5_6_43() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_44

func MysqlEngineVersion_VER_5_6_44() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_46

func MysqlEngineVersion_VER_5_6_46() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_48

func MysqlEngineVersion_VER_5_6_48() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_49

func MysqlEngineVersion_VER_5_6_49() MysqlEngineVersion

func MysqlEngineVersion_VER_5_6_51

func MysqlEngineVersion_VER_5_6_51() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7

func MysqlEngineVersion_VER_5_7() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_16

func MysqlEngineVersion_VER_5_7_16() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_17

func MysqlEngineVersion_VER_5_7_17() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_19

func MysqlEngineVersion_VER_5_7_19() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_21

func MysqlEngineVersion_VER_5_7_21() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_22

func MysqlEngineVersion_VER_5_7_22() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_23

func MysqlEngineVersion_VER_5_7_23() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_24

func MysqlEngineVersion_VER_5_7_24() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_25

func MysqlEngineVersion_VER_5_7_25() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_26

func MysqlEngineVersion_VER_5_7_26() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_28

func MysqlEngineVersion_VER_5_7_28() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_30

func MysqlEngineVersion_VER_5_7_30() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_31

func MysqlEngineVersion_VER_5_7_31() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_33

func MysqlEngineVersion_VER_5_7_33() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_34

func MysqlEngineVersion_VER_5_7_34() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_35

func MysqlEngineVersion_VER_5_7_35() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_36

func MysqlEngineVersion_VER_5_7_36() MysqlEngineVersion

func MysqlEngineVersion_VER_5_7_37

func MysqlEngineVersion_VER_5_7_37() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0

func MysqlEngineVersion_VER_8_0() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_11

func MysqlEngineVersion_VER_8_0_11() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_13

func MysqlEngineVersion_VER_8_0_13() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_15

func MysqlEngineVersion_VER_8_0_15() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_16

func MysqlEngineVersion_VER_8_0_16() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_17

func MysqlEngineVersion_VER_8_0_17() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_19

func MysqlEngineVersion_VER_8_0_19() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_20

func MysqlEngineVersion_VER_8_0_20() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_21

func MysqlEngineVersion_VER_8_0_21() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_23

func MysqlEngineVersion_VER_8_0_23() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_25

func MysqlEngineVersion_VER_8_0_25() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_26

func MysqlEngineVersion_VER_8_0_26() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_27

func MysqlEngineVersion_VER_8_0_27() MysqlEngineVersion

func MysqlEngineVersion_VER_8_0_28

func MysqlEngineVersion_VER_8_0_28() MysqlEngineVersion

type OptionConfiguration

type OptionConfiguration struct {
	// The name of the option.
	// Experimental.
	Name *string `field:"required" json:"name" yaml:"name"`
	// The port number that this option uses.
	//
	// If `port` is specified then `vpc`
	// must also be specified.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Optional list of security groups to use for this option, if `vpc` is specified.
	//
	// If no groups are provided, a default one will be created.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The settings for the option.
	// Experimental.
	Settings *map[string]*string `field:"optional" json:"settings" yaml:"settings"`
	// The version for the option.
	// Experimental.
	Version *string `field:"optional" json:"version" yaml:"version"`
	// The VPC where a security group should be created for this option.
	//
	// If `vpc`
	// is specified then `port` must also be specified.
	// Experimental.
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}

Configuration properties for an option.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var securityGroup securityGroup
var vpc vpc

optionConfiguration := &optionConfiguration{
	name: jsii.String("name"),

	// the properties below are optional
	port: jsii.Number(123),
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
	settings: map[string]*string{
		"settingsKey": jsii.String("settings"),
	},
	version: jsii.String("version"),
	vpc: vpc,
}

Experimental.

type OptionGroup

type OptionGroup interface {
	awscdk.Resource
	IOptionGroup
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// The connections object for the options.
	// Experimental.
	OptionConnections() *map[string]awsec2.Connections
	// The name of the option group.
	// Experimental.
	OptionGroupName() *string
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a configuration to this OptionGroup.
	//
	// This method is a no-op for an imported OptionGroup.
	// Experimental.
	AddConfiguration(configuration *OptionConfiguration) *bool
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

An option group.

Example:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Experimental.

func NewOptionGroup

func NewOptionGroup(scope constructs.Construct, id *string, props *OptionGroupProps) OptionGroup

Experimental.

type OptionGroupProps

type OptionGroupProps struct {
	// The configurations for this option group.
	// Experimental.
	Configurations *[]*OptionConfiguration `field:"required" json:"configurations" yaml:"configurations"`
	// The database engine that this option group is associated with.
	// Experimental.
	Engine IInstanceEngine `field:"required" json:"engine" yaml:"engine"`
	// A description of the option group.
	// Experimental.
	Description *string `field:"optional" json:"description" yaml:"description"`
}

Construction properties for an OptionGroup.

Example:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Experimental.

type OracleEeInstanceEngineProps

type OracleEeInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version OracleEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for Oracle Enterprise Edition instance engines.

Used in {@link DatabaseInstanceEngine.oracleEe}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var oracleEngineVersion oracleEngineVersion

oracleEeInstanceEngineProps := &oracleEeInstanceEngineProps{
	version: oracleEngineVersion,
}

Experimental.

type OracleEngineVersion

type OracleEngineVersion interface {
	// The full version string, for example, "19.0.0.0.ru-2019-10.rur-2019-10.r1".
	// Experimental.
	OracleFullVersion() *string
	// The major version of the engine, for example, "19".
	// Experimental.
	OracleMajorVersion() *string
}

The versions for the Oracle instance engines (those returned by {@link DatabaseInstanceEngine.oracleSe2} and {@link DatabaseInstanceEngine.oracleEe}).

Example:

var vpc vpc

instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_SMALL),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("syscdk")),
	 // Optional - will default to 'admin' username and generated password
	vpc: vpc,
	vpcSubnets: &subnetSelection{
		subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
	},
})

Experimental.

func OracleEngineVersion_Of

func OracleEngineVersion_Of(oracleFullVersion *string, oracleMajorVersion *string) OracleEngineVersion

Creates a new OracleEngineVersion with an arbitrary version. Experimental.

func OracleEngineVersion_VER_12_1

func OracleEngineVersion_VER_12_1() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V1

func OracleEngineVersion_VER_12_1_0_2_V1() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V10

func OracleEngineVersion_VER_12_1_0_2_V10() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V11

func OracleEngineVersion_VER_12_1_0_2_V11() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V12

func OracleEngineVersion_VER_12_1_0_2_V12() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V13

func OracleEngineVersion_VER_12_1_0_2_V13() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V14

func OracleEngineVersion_VER_12_1_0_2_V14() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V15

func OracleEngineVersion_VER_12_1_0_2_V15() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V16

func OracleEngineVersion_VER_12_1_0_2_V16() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V17

func OracleEngineVersion_VER_12_1_0_2_V17() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V18

func OracleEngineVersion_VER_12_1_0_2_V18() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V19

func OracleEngineVersion_VER_12_1_0_2_V19() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V2

func OracleEngineVersion_VER_12_1_0_2_V2() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V20

func OracleEngineVersion_VER_12_1_0_2_V20() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V21

func OracleEngineVersion_VER_12_1_0_2_V21() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V22

func OracleEngineVersion_VER_12_1_0_2_V22() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V23

func OracleEngineVersion_VER_12_1_0_2_V23() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V24

func OracleEngineVersion_VER_12_1_0_2_V24() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V3

func OracleEngineVersion_VER_12_1_0_2_V3() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V4

func OracleEngineVersion_VER_12_1_0_2_V4() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V5

func OracleEngineVersion_VER_12_1_0_2_V5() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V6

func OracleEngineVersion_VER_12_1_0_2_V6() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V7

func OracleEngineVersion_VER_12_1_0_2_V7() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V8

func OracleEngineVersion_VER_12_1_0_2_V8() OracleEngineVersion

func OracleEngineVersion_VER_12_1_0_2_V9

func OracleEngineVersion_VER_12_1_0_2_V9() OracleEngineVersion

func OracleEngineVersion_VER_12_2

func OracleEngineVersion_VER_12_2() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2018_10_R1

func OracleEngineVersion_VER_12_2_0_1_2018_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2019_01_R1

func OracleEngineVersion_VER_12_2_0_1_2019_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2019_04_R1

func OracleEngineVersion_VER_12_2_0_1_2019_04_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2019_07_R1

func OracleEngineVersion_VER_12_2_0_1_2019_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2019_10_R1

func OracleEngineVersion_VER_12_2_0_1_2019_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2020_01_R1

func OracleEngineVersion_VER_12_2_0_1_2020_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2020_04_R1

func OracleEngineVersion_VER_12_2_0_1_2020_04_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2020_07_R1

func OracleEngineVersion_VER_12_2_0_1_2020_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2020_10_R1

func OracleEngineVersion_VER_12_2_0_1_2020_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2021_01_R1

func OracleEngineVersion_VER_12_2_0_1_2021_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_12_2_0_1_2021_04_R1

func OracleEngineVersion_VER_12_2_0_1_2021_04_R1() OracleEngineVersion

func OracleEngineVersion_VER_18

func OracleEngineVersion_VER_18() OracleEngineVersion

func OracleEngineVersion_VER_18_0_0_0_2019_07_R1

func OracleEngineVersion_VER_18_0_0_0_2019_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_18_0_0_0_2019_10_R1

func OracleEngineVersion_VER_18_0_0_0_2019_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_18_0_0_0_2020_01_R1

func OracleEngineVersion_VER_18_0_0_0_2020_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_18_0_0_0_2020_04_R1

func OracleEngineVersion_VER_18_0_0_0_2020_04_R1() OracleEngineVersion

func OracleEngineVersion_VER_18_0_0_0_2020_07_R1

func OracleEngineVersion_VER_18_0_0_0_2020_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_19

func OracleEngineVersion_VER_19() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2019_07_R1

func OracleEngineVersion_VER_19_0_0_0_2019_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2019_10_R1

func OracleEngineVersion_VER_19_0_0_0_2019_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2020_01_R1

func OracleEngineVersion_VER_19_0_0_0_2020_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2020_04_R1

func OracleEngineVersion_VER_19_0_0_0_2020_04_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2020_07_R1

func OracleEngineVersion_VER_19_0_0_0_2020_07_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2020_10_R1

func OracleEngineVersion_VER_19_0_0_0_2020_10_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2021_01_R1

func OracleEngineVersion_VER_19_0_0_0_2021_01_R1() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2021_01_R2

func OracleEngineVersion_VER_19_0_0_0_2021_01_R2() OracleEngineVersion

func OracleEngineVersion_VER_19_0_0_0_2021_04_R1

func OracleEngineVersion_VER_19_0_0_0_2021_04_R1() OracleEngineVersion

type OracleLegacyEngineVersion deprecated

type OracleLegacyEngineVersion interface {
	// The full version string, for example, "11.2.0.4.v24".
	// Deprecated: instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341
	OracleLegacyFullVersion() *string
	// The major version of the engine, for example, "11.2".
	// Deprecated: instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341
	OracleLegacyMajorVersion() *string
}

The versions for the legacy Oracle instance engines (those returned by {@link DatabaseInstanceEngine.oracleSe} and {@link DatabaseInstanceEngine.oracleSe1}). Note: RDS will stop allowing creating new databases with this version in August 2020.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

oracleLegacyEngineVersion := awscdk.Aws_rds.oracleLegacyEngineVersion_VER_11_2()

Deprecated: instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341

func OracleLegacyEngineVersion_VER_11_2

func OracleLegacyEngineVersion_VER_11_2() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_2_V2

func OracleLegacyEngineVersion_VER_11_2_0_2_V2() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V1

func OracleLegacyEngineVersion_VER_11_2_0_4_V1() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V10

func OracleLegacyEngineVersion_VER_11_2_0_4_V10() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V11

func OracleLegacyEngineVersion_VER_11_2_0_4_V11() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V12

func OracleLegacyEngineVersion_VER_11_2_0_4_V12() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V13

func OracleLegacyEngineVersion_VER_11_2_0_4_V13() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V14

func OracleLegacyEngineVersion_VER_11_2_0_4_V14() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V15

func OracleLegacyEngineVersion_VER_11_2_0_4_V15() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V16

func OracleLegacyEngineVersion_VER_11_2_0_4_V16() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V17

func OracleLegacyEngineVersion_VER_11_2_0_4_V17() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V18

func OracleLegacyEngineVersion_VER_11_2_0_4_V18() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V19

func OracleLegacyEngineVersion_VER_11_2_0_4_V19() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V20

func OracleLegacyEngineVersion_VER_11_2_0_4_V20() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V21

func OracleLegacyEngineVersion_VER_11_2_0_4_V21() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V22

func OracleLegacyEngineVersion_VER_11_2_0_4_V22() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V23

func OracleLegacyEngineVersion_VER_11_2_0_4_V23() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V24

func OracleLegacyEngineVersion_VER_11_2_0_4_V24() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V25

func OracleLegacyEngineVersion_VER_11_2_0_4_V25() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V3

func OracleLegacyEngineVersion_VER_11_2_0_4_V3() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V4

func OracleLegacyEngineVersion_VER_11_2_0_4_V4() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V5

func OracleLegacyEngineVersion_VER_11_2_0_4_V5() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V6

func OracleLegacyEngineVersion_VER_11_2_0_4_V6() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V7

func OracleLegacyEngineVersion_VER_11_2_0_4_V7() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V8

func OracleLegacyEngineVersion_VER_11_2_0_4_V8() OracleLegacyEngineVersion

func OracleLegacyEngineVersion_VER_11_2_0_4_V9

func OracleLegacyEngineVersion_VER_11_2_0_4_V9() OracleLegacyEngineVersion

type OracleSe1InstanceEngineProps deprecated

type OracleSe1InstanceEngineProps struct {
	// The exact version of the engine to use.
	// Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341
	Version OracleLegacyEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for Oracle Standard Edition 1 instance engines.

Used in {@link DatabaseInstanceEngine.oracleSe1}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var oracleLegacyEngineVersion oracleLegacyEngineVersion

oracleSe1InstanceEngineProps := &oracleSe1InstanceEngineProps{
	version: oracleLegacyEngineVersion,
}

Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341

type OracleSe2InstanceEngineProps

type OracleSe2InstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version OracleEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for Oracle Standard Edition 2 instance engines.

Used in {@link DatabaseInstanceEngine.oracleSe2}.

Example:

var vpc vpc

instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	// optional, defaults to m5.large
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_SMALL),
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("syscdk")),
	 // Optional - will default to 'admin' username and generated password
	vpc: vpc,
	vpcSubnets: &subnetSelection{
		subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
	},
})

Experimental.

type OracleSeInstanceEngineProps deprecated

type OracleSeInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341
	Version OracleLegacyEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for Oracle Standard Edition instance engines.

Used in {@link DatabaseInstanceEngine.oracleSe}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var oracleLegacyEngineVersion oracleLegacyEngineVersion

oracleSeInstanceEngineProps := &oracleSeInstanceEngineProps{
	version: oracleLegacyEngineVersion,
}

Deprecated: instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341

type ParameterGroup

type ParameterGroup interface {
	awscdk.Resource
	IParameterGroup
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Add a parameter to this parameter group.
	// Experimental.
	AddParameter(key *string, value *string) *bool
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Method called when this Parameter Group is used when defining a database cluster.
	// Experimental.
	BindToCluster(_options *ParameterGroupClusterBindOptions) *ParameterGroupClusterConfig
	// Method called when this Parameter Group is used when defining a database instance.
	// Experimental.
	BindToInstance(_options *ParameterGroupInstanceBindOptions) *ParameterGroupInstanceConfig
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A parameter group.

Represents both a cluster parameter group, and an instance parameter group.

Example:

var vpc vpc

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_POSTGRESQL(),
	parameterGroup: rds.parameterGroup.fromParameterGroupName(this, jsii.String("ParameterGroup"), jsii.String("default.aurora-postgresql10")),
	vpc: vpc,
	scaling: &serverlessScalingOptions{
		autoPause: awscdk.Duration.minutes(jsii.Number(10)),
		 // default is to pause after 5 minutes of idle time
		minCapacity: rds.auroraCapacityUnit_ACU_8,
		 // default is 2 Aurora capacity units (ACUs)
		maxCapacity: rds.*auroraCapacityUnit_ACU_32,
	},
})

Experimental.

func NewParameterGroup

func NewParameterGroup(scope constructs.Construct, id *string, props *ParameterGroupProps) ParameterGroup

Experimental.

type ParameterGroupClusterBindOptions

type ParameterGroupClusterBindOptions struct {
}

Options for {@link IParameterGroup.bindToCluster}. Empty for now, but can be extended later.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

parameterGroupClusterBindOptions := &parameterGroupClusterBindOptions{
}

Experimental.

type ParameterGroupClusterConfig

type ParameterGroupClusterConfig struct {
	// The name of this parameter group.
	// Experimental.
	ParameterGroupName *string `field:"required" json:"parameterGroupName" yaml:"parameterGroupName"`
}

The type returned from {@link IParameterGroup.bindToCluster}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

parameterGroupClusterConfig := &parameterGroupClusterConfig{
	parameterGroupName: jsii.String("parameterGroupName"),
}

Experimental.

type ParameterGroupInstanceBindOptions

type ParameterGroupInstanceBindOptions struct {
}

Options for {@link IParameterGroup.bindToInstance}. Empty for now, but can be extended later.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

parameterGroupInstanceBindOptions := &parameterGroupInstanceBindOptions{
}

Experimental.

type ParameterGroupInstanceConfig

type ParameterGroupInstanceConfig struct {
	// The name of this parameter group.
	// Experimental.
	ParameterGroupName *string `field:"required" json:"parameterGroupName" yaml:"parameterGroupName"`
}

The type returned from {@link IParameterGroup.bindToInstance}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

parameterGroupInstanceConfig := &parameterGroupInstanceConfig{
	parameterGroupName: jsii.String("parameterGroupName"),
}

Experimental.

type ParameterGroupProps

type ParameterGroupProps struct {
	// The database engine for this parameter group.
	// Experimental.
	Engine IEngine `field:"required" json:"engine" yaml:"engine"`
	// Description for this parameter group.
	// Experimental.
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The parameters in this parameter group.
	// Experimental.
	Parameters *map[string]*string `field:"optional" json:"parameters" yaml:"parameters"`
}

Properties for a parameter group.

Example:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Experimental.

type PerformanceInsightRetention

type PerformanceInsightRetention string

The retention period for Performance Insight. Experimental.

const (
	// Default retention period of 7 days.
	// Experimental.
	PerformanceInsightRetention_DEFAULT PerformanceInsightRetention = "DEFAULT"
	// Long term retention period of 2 years.
	// Experimental.
	PerformanceInsightRetention_LONG_TERM PerformanceInsightRetention = "LONG_TERM"
)

type PostgresEngineFeatures

type PostgresEngineFeatures struct {
	// Whether this version of the Postgres engine supports the S3 data export feature.
	// Experimental.
	S3Export *bool `field:"optional" json:"s3Export" yaml:"s3Export"`
	// Whether this version of the Postgres engine supports the S3 data import feature.
	// Experimental.
	S3Import *bool `field:"optional" json:"s3Import" yaml:"s3Import"`
}

Features supported by the Postgres database engine.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

postgresEngineFeatures := &postgresEngineFeatures{
	s3Export: jsii.Boolean(false),
	s3Import: jsii.Boolean(false),
}

Experimental.

type PostgresEngineVersion

type PostgresEngineVersion interface {
	// The full version string, for example, "13.11".
	// Experimental.
	PostgresFullVersion() *string
	// The major version of the engine, for example, "13".
	// Experimental.
	PostgresMajorVersion() *string
}

The versions for the PostgreSQL instance engines (those returned by {@link DatabaseInstanceEngine.postgres}).

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstance(this, jsii.String("InstanceWithCustomizedSecret"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres"), &credentialsBaseOptions{
		secretName: jsii.String("my-cool-name"),
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Experimental.

func PostgresEngineVersion_Of

func PostgresEngineVersion_Of(postgresFullVersion *string, postgresMajorVersion *string, postgresFeatures *PostgresEngineFeatures) PostgresEngineVersion

Create a new PostgresEngineVersion with an arbitrary version. Experimental.

func PostgresEngineVersion_VER_10

func PostgresEngineVersion_VER_10() PostgresEngineVersion

func PostgresEngineVersion_VER_10_1

func PostgresEngineVersion_VER_10_1() PostgresEngineVersion

func PostgresEngineVersion_VER_10_10

func PostgresEngineVersion_VER_10_10() PostgresEngineVersion

func PostgresEngineVersion_VER_10_11

func PostgresEngineVersion_VER_10_11() PostgresEngineVersion

func PostgresEngineVersion_VER_10_12

func PostgresEngineVersion_VER_10_12() PostgresEngineVersion

func PostgresEngineVersion_VER_10_13

func PostgresEngineVersion_VER_10_13() PostgresEngineVersion

func PostgresEngineVersion_VER_10_14

func PostgresEngineVersion_VER_10_14() PostgresEngineVersion

func PostgresEngineVersion_VER_10_15

func PostgresEngineVersion_VER_10_15() PostgresEngineVersion

func PostgresEngineVersion_VER_10_16

func PostgresEngineVersion_VER_10_16() PostgresEngineVersion

func PostgresEngineVersion_VER_10_17

func PostgresEngineVersion_VER_10_17() PostgresEngineVersion

func PostgresEngineVersion_VER_10_18

func PostgresEngineVersion_VER_10_18() PostgresEngineVersion

func PostgresEngineVersion_VER_10_19

func PostgresEngineVersion_VER_10_19() PostgresEngineVersion

func PostgresEngineVersion_VER_10_20

func PostgresEngineVersion_VER_10_20() PostgresEngineVersion

func PostgresEngineVersion_VER_10_3

func PostgresEngineVersion_VER_10_3() PostgresEngineVersion

func PostgresEngineVersion_VER_10_4

func PostgresEngineVersion_VER_10_4() PostgresEngineVersion

func PostgresEngineVersion_VER_10_5

func PostgresEngineVersion_VER_10_5() PostgresEngineVersion

func PostgresEngineVersion_VER_10_6

func PostgresEngineVersion_VER_10_6() PostgresEngineVersion

func PostgresEngineVersion_VER_10_7

func PostgresEngineVersion_VER_10_7() PostgresEngineVersion

func PostgresEngineVersion_VER_10_9

func PostgresEngineVersion_VER_10_9() PostgresEngineVersion

func PostgresEngineVersion_VER_11

func PostgresEngineVersion_VER_11() PostgresEngineVersion

func PostgresEngineVersion_VER_11_1

func PostgresEngineVersion_VER_11_1() PostgresEngineVersion

func PostgresEngineVersion_VER_11_10

func PostgresEngineVersion_VER_11_10() PostgresEngineVersion

func PostgresEngineVersion_VER_11_11

func PostgresEngineVersion_VER_11_11() PostgresEngineVersion

func PostgresEngineVersion_VER_11_12

func PostgresEngineVersion_VER_11_12() PostgresEngineVersion

func PostgresEngineVersion_VER_11_13

func PostgresEngineVersion_VER_11_13() PostgresEngineVersion

func PostgresEngineVersion_VER_11_14

func PostgresEngineVersion_VER_11_14() PostgresEngineVersion

func PostgresEngineVersion_VER_11_15

func PostgresEngineVersion_VER_11_15() PostgresEngineVersion

func PostgresEngineVersion_VER_11_2

func PostgresEngineVersion_VER_11_2() PostgresEngineVersion

func PostgresEngineVersion_VER_11_4

func PostgresEngineVersion_VER_11_4() PostgresEngineVersion

func PostgresEngineVersion_VER_11_5

func PostgresEngineVersion_VER_11_5() PostgresEngineVersion

func PostgresEngineVersion_VER_11_6

func PostgresEngineVersion_VER_11_6() PostgresEngineVersion

func PostgresEngineVersion_VER_11_7

func PostgresEngineVersion_VER_11_7() PostgresEngineVersion

func PostgresEngineVersion_VER_11_8

func PostgresEngineVersion_VER_11_8() PostgresEngineVersion

func PostgresEngineVersion_VER_11_9

func PostgresEngineVersion_VER_11_9() PostgresEngineVersion

func PostgresEngineVersion_VER_12

func PostgresEngineVersion_VER_12() PostgresEngineVersion

func PostgresEngineVersion_VER_12_10

func PostgresEngineVersion_VER_12_10() PostgresEngineVersion

func PostgresEngineVersion_VER_12_2

func PostgresEngineVersion_VER_12_2() PostgresEngineVersion

func PostgresEngineVersion_VER_12_3

func PostgresEngineVersion_VER_12_3() PostgresEngineVersion

func PostgresEngineVersion_VER_12_4

func PostgresEngineVersion_VER_12_4() PostgresEngineVersion

func PostgresEngineVersion_VER_12_5

func PostgresEngineVersion_VER_12_5() PostgresEngineVersion

func PostgresEngineVersion_VER_12_6

func PostgresEngineVersion_VER_12_6() PostgresEngineVersion

func PostgresEngineVersion_VER_12_7

func PostgresEngineVersion_VER_12_7() PostgresEngineVersion

func PostgresEngineVersion_VER_12_8

func PostgresEngineVersion_VER_12_8() PostgresEngineVersion

func PostgresEngineVersion_VER_12_9

func PostgresEngineVersion_VER_12_9() PostgresEngineVersion

func PostgresEngineVersion_VER_13

func PostgresEngineVersion_VER_13() PostgresEngineVersion

func PostgresEngineVersion_VER_13_1

func PostgresEngineVersion_VER_13_1() PostgresEngineVersion

func PostgresEngineVersion_VER_13_2

func PostgresEngineVersion_VER_13_2() PostgresEngineVersion

func PostgresEngineVersion_VER_13_3

func PostgresEngineVersion_VER_13_3() PostgresEngineVersion

func PostgresEngineVersion_VER_13_4

func PostgresEngineVersion_VER_13_4() PostgresEngineVersion

func PostgresEngineVersion_VER_13_5

func PostgresEngineVersion_VER_13_5() PostgresEngineVersion

func PostgresEngineVersion_VER_13_6

func PostgresEngineVersion_VER_13_6() PostgresEngineVersion

func PostgresEngineVersion_VER_14

func PostgresEngineVersion_VER_14() PostgresEngineVersion

func PostgresEngineVersion_VER_14_1

func PostgresEngineVersion_VER_14_1() PostgresEngineVersion

func PostgresEngineVersion_VER_14_2

func PostgresEngineVersion_VER_14_2() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5

func PostgresEngineVersion_VER_9_5() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_10

func PostgresEngineVersion_VER_9_5_10() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_12

func PostgresEngineVersion_VER_9_5_12() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_13

func PostgresEngineVersion_VER_9_5_13() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_14

func PostgresEngineVersion_VER_9_5_14() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_15

func PostgresEngineVersion_VER_9_5_15() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_16

func PostgresEngineVersion_VER_9_5_16() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_18

func PostgresEngineVersion_VER_9_5_18() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_19

func PostgresEngineVersion_VER_9_5_19() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_2

func PostgresEngineVersion_VER_9_5_2() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_20

func PostgresEngineVersion_VER_9_5_20() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_21

func PostgresEngineVersion_VER_9_5_21() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_22

func PostgresEngineVersion_VER_9_5_22() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_23

func PostgresEngineVersion_VER_9_5_23() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_24

func PostgresEngineVersion_VER_9_5_24() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_25

func PostgresEngineVersion_VER_9_5_25() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_4

func PostgresEngineVersion_VER_9_5_4() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_6

func PostgresEngineVersion_VER_9_5_6() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_7

func PostgresEngineVersion_VER_9_5_7() PostgresEngineVersion

func PostgresEngineVersion_VER_9_5_9

func PostgresEngineVersion_VER_9_5_9() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6

func PostgresEngineVersion_VER_9_6() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_1

func PostgresEngineVersion_VER_9_6_1() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_10

func PostgresEngineVersion_VER_9_6_10() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_11

func PostgresEngineVersion_VER_9_6_11() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_12

func PostgresEngineVersion_VER_9_6_12() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_14

func PostgresEngineVersion_VER_9_6_14() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_15

func PostgresEngineVersion_VER_9_6_15() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_16

func PostgresEngineVersion_VER_9_6_16() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_17

func PostgresEngineVersion_VER_9_6_17() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_18

func PostgresEngineVersion_VER_9_6_18() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_19

func PostgresEngineVersion_VER_9_6_19() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_2

func PostgresEngineVersion_VER_9_6_2() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_20

func PostgresEngineVersion_VER_9_6_20() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_21

func PostgresEngineVersion_VER_9_6_21() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_22

func PostgresEngineVersion_VER_9_6_22() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_23

func PostgresEngineVersion_VER_9_6_23() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_24

func PostgresEngineVersion_VER_9_6_24() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_3

func PostgresEngineVersion_VER_9_6_3() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_5

func PostgresEngineVersion_VER_9_6_5() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_6

func PostgresEngineVersion_VER_9_6_6() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_8

func PostgresEngineVersion_VER_9_6_8() PostgresEngineVersion

func PostgresEngineVersion_VER_9_6_9

func PostgresEngineVersion_VER_9_6_9() PostgresEngineVersion

type PostgresInstanceEngineProps

type PostgresInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version PostgresEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for PostgreSQL instance engines.

Used in {@link DatabaseInstanceEngine.postgres}.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstance(this, jsii.String("InstanceWithCustomizedSecret"), &databaseInstanceProps{
	engine: engine,
	vpc: vpc,
	credentials: rds.credentials.fromGeneratedSecret(jsii.String("postgres"), &credentialsBaseOptions{
		secretName: jsii.String("my-cool-name"),
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Experimental.

type ProcessorFeatures

type ProcessorFeatures struct {
	// The number of CPU core.
	// Experimental.
	CoreCount *float64 `field:"optional" json:"coreCount" yaml:"coreCount"`
	// The number of threads per core.
	// Experimental.
	ThreadsPerCore *float64 `field:"optional" json:"threadsPerCore" yaml:"threadsPerCore"`
}

The processor features.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

processorFeatures := &processorFeatures{
	coreCount: jsii.Number(123),
	threadsPerCore: jsii.Number(123),
}

Experimental.

type ProxyTarget

type ProxyTarget interface {
	// Bind this target to the specified database proxy.
	// Experimental.
	Bind(proxy DatabaseProxy) *ProxyTargetConfig
}

Proxy target: Instance or Cluster.

A target group is a collection of databases that the proxy can connect to. Currently, you can specify only one RDS DB instance or Aurora DB cluster.

Example:

var vpc vpc

cluster := rds.NewDatabaseCluster(this, jsii.String("Database"), &databaseClusterProps{
	engine: rds.databaseClusterEngine_AURORA(),
	instanceProps: &instanceProps{
		vpc: vpc,
	},
})

proxy := rds.NewDatabaseProxy(this, jsii.String("Proxy"), &databaseProxyProps{
	proxyTarget: rds.proxyTarget.fromCluster(cluster),
	secrets: []iSecret{
		cluster.secret,
	},
	vpc: vpc,
})

role := iam.NewRole(this, jsii.String("DBProxyRole"), &roleProps{
	assumedBy: iam.NewAccountPrincipal(this.account),
})
proxy.grantConnect(role, jsii.String("admin"))

Experimental.

func ProxyTarget_FromCluster

func ProxyTarget_FromCluster(cluster IDatabaseCluster) ProxyTarget

From cluster. Experimental.

func ProxyTarget_FromInstance

func ProxyTarget_FromInstance(instance IDatabaseInstance) ProxyTarget

From instance. Experimental.

type ProxyTargetConfig

type ProxyTargetConfig struct {
	// The engine family of the database instance or cluster this proxy connects with.
	// Experimental.
	EngineFamily *string `field:"required" json:"engineFamily" yaml:"engineFamily"`
	// The database clusters to which this proxy connects.
	//
	// Either this or `dbInstances` will be set and the other `undefined`.
	// Experimental.
	DbClusters *[]IDatabaseCluster `field:"optional" json:"dbClusters" yaml:"dbClusters"`
	// The database instances to which this proxy connects.
	//
	// Either this or `dbClusters` will be set and the other `undefined`.
	// Experimental.
	DbInstances *[]IDatabaseInstance `field:"optional" json:"dbInstances" yaml:"dbInstances"`
}

The result of binding a `ProxyTarget` to a `DatabaseProxy`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var databaseCluster databaseCluster
var databaseInstance databaseInstance

proxyTargetConfig := &proxyTargetConfig{
	engineFamily: jsii.String("engineFamily"),

	// the properties below are optional
	dbClusters: []iDatabaseCluster{
		databaseCluster,
	},
	dbInstances: []iDatabaseInstance{
		databaseInstance,
	},
}

Experimental.

type RotationMultiUserOptions

type RotationMultiUserOptions struct {
	// Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
	// Experimental.
	AutomaticallyAfter awscdk.Duration `field:"optional" json:"automaticallyAfter" yaml:"automaticallyAfter"`
	// The VPC interface endpoint to use for the Secrets Manager API.
	//
	// If you enable private DNS hostnames for your VPC private endpoint (the default), you don't
	// need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager
	// CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically
	// resolves to your VPC endpoint.
	// Experimental.
	Endpoint awsec2.IInterfaceVpcEndpoint `field:"optional" json:"endpoint" yaml:"endpoint"`
	// Specifies characters to not include in generated passwords.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// Where to place the rotation Lambda function.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The secret to rotate.
	//
	// It must be a JSON string with the following format:
	// “`
	// {
	//    "engine": <required: database engine>,
	//    "host": <required: instance host name>,
	//    "username": <required: username>,
	//    "password": <required: password>,
	//    "dbname": <optional: database name>,
	//    "port": <optional: if not specified, default port will be used>,
	//    "masterarn": <required: the arn of the master secret which will be used to create users/change passwords>
	// }
	// “`.
	// Experimental.
	Secret awssecretsmanager.ISecret `field:"required" json:"secret" yaml:"secret"`
}

Options to add the multi user rotation.

Example:

var instance databaseInstance
var myImportedSecret databaseSecret

instance.addRotationMultiUser(jsii.String("MyUser"), &rotationMultiUserOptions{
	secret: myImportedSecret,
})

Experimental.

type RotationSingleUserOptions

type RotationSingleUserOptions struct {
	// Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
	// Experimental.
	AutomaticallyAfter awscdk.Duration `field:"optional" json:"automaticallyAfter" yaml:"automaticallyAfter"`
	// The VPC interface endpoint to use for the Secrets Manager API.
	//
	// If you enable private DNS hostnames for your VPC private endpoint (the default), you don't
	// need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager
	// CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically
	// resolves to your VPC endpoint.
	// Experimental.
	Endpoint awsec2.IInterfaceVpcEndpoint `field:"optional" json:"endpoint" yaml:"endpoint"`
	// Specifies characters to not include in generated passwords.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// Where to place the rotation Lambda function.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Options to add the multi user rotation.

Example:

import cdk "github.com/aws/aws-cdk-go/awscdk"

var instance databaseInstance

instance.addRotationSingleUser(&rotationSingleUserOptions{
	automaticallyAfter: cdk.duration.days(jsii.Number(7)),
	 // defaults to 30 days
	excludeCharacters: jsii.String("!@#$%^&*"),
})

Experimental.

type ServerlessCluster

type ServerlessCluster interface {
	awscdk.Resource
	IServerlessCluster
	// The ARN of the cluster.
	// Experimental.
	ClusterArn() *string
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// Experimental.
	EnableDataApi() *bool
	// Experimental.
	SetEnableDataApi(val *bool)
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Experimental.
	NewCfnProps() *CfnDBClusterProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The secret attached to this cluster.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SecurityGroups() *[]awsec2.ISecurityGroup
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds the multi user rotation to this cluster.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this cluster.
	// Experimental.
	AddRotationSingleUser(options *RotationSingleUserOptions) awssecretsmanager.SecretRotation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity to access to the Data API, including read access to the secret attached to the cluster if present.
	// Experimental.
	GrantDataApiAccess(grantee awsiam.IGrantable) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Create an Aurora Serverless Cluster.

Example:

var vpc vpc

var code code

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	 // this parameter is optional for serverless Clusters
	enableDataApi: jsii.Boolean(true),
})
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &functionProps{
	runtime: lambda.runtime_NODEJS_14_X(),
	handler: jsii.String("index.handler"),
	code: code,
	environment: map[string]*string{
		"CLUSTER_ARN": cluster.clusterArn,
		"SECRET_ARN": cluster.secret.secretArn,
	},
})
cluster.grantDataApiAccess(fn)

Experimental.

func NewServerlessCluster

func NewServerlessCluster(scope constructs.Construct, id *string, props *ServerlessClusterProps) ServerlessCluster

Experimental.

type ServerlessClusterAttributes

type ServerlessClusterAttributes struct {
	// Identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"required" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Cluster endpoint address.
	// Experimental.
	ClusterEndpointAddress *string `field:"optional" json:"clusterEndpointAddress" yaml:"clusterEndpointAddress"`
	// The database port.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Reader endpoint address.
	// Experimental.
	ReaderEndpointAddress *string `field:"optional" json:"readerEndpointAddress" yaml:"readerEndpointAddress"`
	// The secret attached to the database cluster.
	// Experimental.
	Secret awssecretsmanager.ISecret `field:"optional" json:"secret" yaml:"secret"`
	// The security groups of the database cluster.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
}

Properties that describe an existing cluster instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var secret secret
var securityGroup securityGroup

serverlessClusterAttributes := &serverlessClusterAttributes{
	clusterIdentifier: jsii.String("clusterIdentifier"),

	// the properties below are optional
	clusterEndpointAddress: jsii.String("clusterEndpointAddress"),
	port: jsii.Number(123),
	readerEndpointAddress: jsii.String("readerEndpointAddress"),
	secret: secret,
	securityGroups: []iSecurityGroup{
		securityGroup,
	},
}

Experimental.

type ServerlessClusterFromSnapshot

type ServerlessClusterFromSnapshot interface {
	awscdk.Resource
	IServerlessCluster
	// The ARN of the cluster.
	// Experimental.
	ClusterArn() *string
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterIdentifier() *string
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterReadEndpoint() Endpoint
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// Experimental.
	EnableDataApi() *bool
	// Experimental.
	SetEnableDataApi(val *bool)
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Experimental.
	NewCfnProps() *CfnDBClusterProps
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The secret attached to this cluster.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// Experimental.
	SecurityGroups() *[]awsec2.ISecurityGroup
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity to access to the Data API, including read access to the secret attached to the cluster if present.
	// Experimental.
	GrantDataApiAccess(grantee awsiam.IGrantable) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

A Aurora Serverless Cluster restored from a snapshot.

Example:

var vpc vpc

rds.NewServerlessClusterFromSnapshot(this, jsii.String("Cluster"), &serverlessClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

func NewServerlessClusterFromSnapshot

func NewServerlessClusterFromSnapshot(scope constructs.Construct, id *string, props *ServerlessClusterFromSnapshotProps) ServerlessClusterFromSnapshot

Experimental.

type ServerlessClusterFromSnapshotProps

type ServerlessClusterFromSnapshotProps struct {
	// What kind of database to start.
	// Experimental.
	Engine IClusterEngine `field:"required" json:"engine" yaml:"engine"`
	// The identifier for the DB instance snapshot or DB cluster snapshot to restore from.
	//
	// You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot.
	// However, you can use only the ARN to specify a DB instance snapshot.
	// Experimental.
	SnapshotIdentifier *string `field:"required" json:"snapshotIdentifier" yaml:"snapshotIdentifier"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Automatic backup retention cannot be disabled on serverless clusters.
	// Must be a value from 1 day to 35 days.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// An optional identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"optional" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Master user credentials.
	//
	// Note - It is not possible to change the master username for a snapshot;
	// however, it is possible to provide (or generate) a new password.
	// Experimental.
	Credentials SnapshotCredentials `field:"optional" json:"credentials" yaml:"credentials"`
	// Name of a database which is automatically created inside the cluster.
	// Experimental.
	DefaultDatabaseName *string `field:"optional" json:"defaultDatabaseName" yaml:"defaultDatabaseName"`
	// Indicates whether the DB cluster should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Whether to enable the Data API.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html
	//
	// Experimental.
	EnableDataApi *bool `field:"optional" json:"enableDataApi" yaml:"enableDataApi"`
	// Additional parameters to pass to the database engine.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The removal policy to apply when the cluster and its instances are removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// Scaling configuration of an Aurora Serverless database cluster.
	// Experimental.
	Scaling *ServerlessScalingOptions `field:"optional" json:"scaling" yaml:"scaling"`
	// Security group.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Existing subnet group for the cluster.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The VPC that this Aurora Serverless cluster has been created in.
	// Experimental.
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the instances within the VPC.
	//
	// If provided, the `vpc` property must also be specified.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties for “ServerlessClusterFromSnapshot“.

Example:

var vpc vpc

rds.NewServerlessClusterFromSnapshot(this, jsii.String("Cluster"), &serverlessClusterFromSnapshotProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
})

Experimental.

type ServerlessClusterProps

type ServerlessClusterProps struct {
	// What kind of database to start.
	// Experimental.
	Engine IClusterEngine `field:"required" json:"engine" yaml:"engine"`
	// The number of days during which automatic DB snapshots are retained.
	//
	// Automatic backup retention cannot be disabled on serverless clusters.
	// Must be a value from 1 day to 35 days.
	// Experimental.
	BackupRetention awscdk.Duration `field:"optional" json:"backupRetention" yaml:"backupRetention"`
	// An optional identifier for the cluster.
	// Experimental.
	ClusterIdentifier *string `field:"optional" json:"clusterIdentifier" yaml:"clusterIdentifier"`
	// Credentials for the administrative user.
	// Experimental.
	Credentials Credentials `field:"optional" json:"credentials" yaml:"credentials"`
	// Name of a database which is automatically created inside the cluster.
	// Experimental.
	DefaultDatabaseName *string `field:"optional" json:"defaultDatabaseName" yaml:"defaultDatabaseName"`
	// Indicates whether the DB cluster should have deletion protection enabled.
	// Experimental.
	DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Whether to enable the Data API.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html
	//
	// Experimental.
	EnableDataApi *bool `field:"optional" json:"enableDataApi" yaml:"enableDataApi"`
	// Additional parameters to pass to the database engine.
	// Experimental.
	ParameterGroup IParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// The removal policy to apply when the cluster and its instances are removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// Scaling configuration of an Aurora Serverless database cluster.
	// Experimental.
	Scaling *ServerlessScalingOptions `field:"optional" json:"scaling" yaml:"scaling"`
	// Security group.
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// The KMS key for storage encryption.
	// Experimental.
	StorageEncryptionKey awskms.IKey `field:"optional" json:"storageEncryptionKey" yaml:"storageEncryptionKey"`
	// Existing subnet group for the cluster.
	// Experimental.
	SubnetGroup ISubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// The VPC that this Aurora Serverless cluster has been created in.
	// Experimental.
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the instances within the VPC.
	//
	// If provided, the `vpc` property must also be specified.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties for a new Aurora Serverless Cluster.

Example:

var vpc vpc

var code code

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_MYSQL(),
	vpc: vpc,
	 // this parameter is optional for serverless Clusters
	enableDataApi: jsii.Boolean(true),
})
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &functionProps{
	runtime: lambda.runtime_NODEJS_14_X(),
	handler: jsii.String("index.handler"),
	code: code,
	environment: map[string]*string{
		"CLUSTER_ARN": cluster.clusterArn,
		"SECRET_ARN": cluster.secret.secretArn,
	},
})
cluster.grantDataApiAccess(fn)

Experimental.

type ServerlessScalingOptions

type ServerlessScalingOptions struct {
	// The time before an Aurora Serverless database cluster is paused.
	//
	// A database cluster can be paused only when it is idle (it has no connections).
	// Auto pause time must be between 5 minutes and 1 day.
	//
	// If a DB cluster is paused for more than seven days, the DB cluster might be
	// backed up with a snapshot. In this case, the DB cluster is restored when there
	// is a request to connect to it.
	//
	// Set to 0 to disable.
	// Experimental.
	AutoPause awscdk.Duration `field:"optional" json:"autoPause" yaml:"autoPause"`
	// The maximum capacity for an Aurora Serverless database cluster.
	// Experimental.
	MaxCapacity AuroraCapacityUnit `field:"optional" json:"maxCapacity" yaml:"maxCapacity"`
	// The minimum capacity for an Aurora Serverless database cluster.
	// Experimental.
	MinCapacity AuroraCapacityUnit `field:"optional" json:"minCapacity" yaml:"minCapacity"`
}

Options for configuring scaling on an Aurora Serverless cluster.

Example:

var vpc vpc

cluster := rds.NewServerlessCluster(this, jsii.String("AnotherCluster"), &serverlessClusterProps{
	engine: rds.databaseClusterEngine_AURORA_POSTGRESQL(),
	parameterGroup: rds.parameterGroup.fromParameterGroupName(this, jsii.String("ParameterGroup"), jsii.String("default.aurora-postgresql10")),
	vpc: vpc,
	scaling: &serverlessScalingOptions{
		autoPause: awscdk.Duration.minutes(jsii.Number(10)),
		 // default is to pause after 5 minutes of idle time
		minCapacity: rds.auroraCapacityUnit_ACU_8,
		 // default is 2 Aurora capacity units (ACUs)
		maxCapacity: rds.*auroraCapacityUnit_ACU_32,
	},
})

Experimental.

type SessionPinningFilter

type SessionPinningFilter interface {
	// Filter name.
	// Experimental.
	FilterName() *string
}

SessionPinningFilter.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

sessionPinningFilter := awscdk.Aws_rds.sessionPinningFilter.of(jsii.String("filterName"))

See: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html#rds-proxy-pinning

Experimental.

func SessionPinningFilter_EXCLUDE_VARIABLE_SETS

func SessionPinningFilter_EXCLUDE_VARIABLE_SETS() SessionPinningFilter

func SessionPinningFilter_Of

func SessionPinningFilter_Of(filterName *string) SessionPinningFilter

custom filter. Experimental.

type SnapshotCredentials

type SnapshotCredentials interface {
	// KMS encryption key to encrypt the generated secret.
	// Experimental.
	EncryptionKey() awskms.IKey
	// The characters to exclude from the generated password.
	//
	// Only used if {@link generatePassword} if true.
	// Experimental.
	ExcludeCharacters() *string
	// Whether a new password should be generated.
	// Experimental.
	GeneratePassword() *bool
	// The master user password.
	//
	// Do not put passwords in your CDK code directly.
	// Experimental.
	Password() awscdk.SecretValue
	// Whether to replace the generated secret when the criteria for the password change.
	// Experimental.
	ReplaceOnPasswordCriteriaChanges() *bool
	// A list of regions where to replicate the generated secret.
	// Experimental.
	ReplicaRegions() *[]*awssecretsmanager.ReplicaRegion
	// Secret used to instantiate this Login.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// The master user name.
	//
	// Must be the **current** master user name of the snapshot.
	// It is not possible to change the master user name of a RDS instance.
	// Experimental.
	Username() *string
}

Credentials to update the password for a “DatabaseInstanceFromSnapshot“.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("InstanceFromSnapshotWithCustomizedSecret"), &databaseInstanceFromSnapshotProps{
	engine: engine,
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
	credentials: rds.snapshotCredentials.fromGeneratedSecret(jsii.String("username"), &snapshotCredentialsFromGeneratedPasswordOptions{
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Experimental.

func SnapshotCredentials_FromGeneratedPassword

func SnapshotCredentials_FromGeneratedPassword(username *string, options *SnapshotCredentialsFromGeneratedPasswordOptions) SnapshotCredentials

Generate a new password for the snapshot, using the existing username and an optional encryption key.

Note - The username must match the existing master username of the snapshot.

NOTE: use `fromGeneratedSecret()` for new Clusters and Instances. Switching from `fromGeneratedPassword()` to `fromGeneratedSecret()` for already deployed Clusters or Instances will update their master password. Experimental.

func SnapshotCredentials_FromGeneratedSecret

func SnapshotCredentials_FromGeneratedSecret(username *string, options *SnapshotCredentialsFromGeneratedPasswordOptions) SnapshotCredentials

Generate a new password for the snapshot, using the existing username and an optional encryption key.

The new credentials are stored in Secrets Manager.

Note - The username must match the existing master username of the snapshot. Experimental.

func SnapshotCredentials_FromPassword

func SnapshotCredentials_FromPassword(password awscdk.SecretValue) SnapshotCredentials

Update the snapshot login with an existing password. Experimental.

func SnapshotCredentials_FromSecret

func SnapshotCredentials_FromSecret(secret awssecretsmanager.ISecret) SnapshotCredentials

Update the snapshot login with an existing password from a Secret.

The Secret must be a JSON string with a “password“ field: ```

{
   ...
   "password": <required: password>,
}

```. Experimental.

type SnapshotCredentialsFromGeneratedPasswordOptions

type SnapshotCredentialsFromGeneratedPasswordOptions struct {
	// KMS encryption key to encrypt the generated secret.
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// The characters to exclude from the generated password.
	// Experimental.
	ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
	// A list of regions where to replicate this secret.
	// Experimental.
	ReplicaRegions *[]*awssecretsmanager.ReplicaRegion `field:"optional" json:"replicaRegions" yaml:"replicaRegions"`
}

Options used in the {@link SnapshotCredentials.fromGeneratedPassword} method.

Example:

var vpc vpc

engine := rds.databaseInstanceEngine.postgres(&postgresInstanceEngineProps{
	version: rds.postgresEngineVersion_VER_12_3(),
})
myKey := kms.NewKey(this, jsii.String("MyKey"))

rds.NewDatabaseInstanceFromSnapshot(this, jsii.String("InstanceFromSnapshotWithCustomizedSecret"), &databaseInstanceFromSnapshotProps{
	engine: engine,
	vpc: vpc,
	snapshotIdentifier: jsii.String("mySnapshot"),
	credentials: rds.snapshotCredentials.fromGeneratedSecret(jsii.String("username"), &snapshotCredentialsFromGeneratedPasswordOptions{
		encryptionKey: myKey,
		excludeCharacters: jsii.String("!&*^#@()"),
		replicaRegions: []replicaRegion{
			&replicaRegion{
				region: jsii.String("eu-west-1"),
			},
			&replicaRegion{
				region: jsii.String("eu-west-2"),
			},
		},
	}),
})

Experimental.

type SqlServerEeInstanceEngineProps

type SqlServerEeInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version SqlServerEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for SQL Server Enterprise Edition instance engines.

Used in {@link DatabaseInstanceEngine.sqlServerEe}.

Example:

var vpc vpc

parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.sqlServerEe(&sqlServerEeInstanceEngineProps{
		version: rds.sqlServerEngineVersion_VER_11(),
	}),
	parameters: map[string]*string{
		"locks": jsii.String("100"),
	},
})

rds.NewDatabaseInstance(this, jsii.String("Database"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine_SQL_SERVER_EE(),
	vpc: vpc,
	parameterGroup: parameterGroup,
})

Experimental.

type SqlServerEngineVersion

type SqlServerEngineVersion interface {
	// The full version string, for example, "15.00.3049.1.v1".
	// Experimental.
	SqlServerFullVersion() *string
	// The major version of the engine, for example, "15.00".
	// Experimental.
	SqlServerMajorVersion() *string
}

The versions for the SQL Server instance engines (those returned by {@link DatabaseInstanceEngine.sqlServerSe}, {@link DatabaseInstanceEngine.sqlServerEx}, {@link DatabaseInstanceEngine.sqlServerWeb} and {@link DatabaseInstanceEngine.sqlServerEe}).

Example:

var vpc vpc

parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.sqlServerEe(&sqlServerEeInstanceEngineProps{
		version: rds.sqlServerEngineVersion_VER_11(),
	}),
	parameters: map[string]*string{
		"locks": jsii.String("100"),
	},
})

rds.NewDatabaseInstance(this, jsii.String("Database"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine_SQL_SERVER_EE(),
	vpc: vpc,
	parameterGroup: parameterGroup,
})

Experimental.

func SqlServerEngineVersion_Of

func SqlServerEngineVersion_Of(sqlServerFullVersion *string, sqlServerMajorVersion *string) SqlServerEngineVersion

Create a new SqlServerEngineVersion with an arbitrary version. Experimental.

func SqlServerEngineVersion_VER_11

func SqlServerEngineVersion_VER_11() SqlServerEngineVersion

func SqlServerEngineVersion_VER_11_00_5058_0_V1

func SqlServerEngineVersion_VER_11_00_5058_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_11_00_6020_0_V1

func SqlServerEngineVersion_VER_11_00_6020_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_11_00_6594_0_V1

func SqlServerEngineVersion_VER_11_00_6594_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_11_00_7462_6_V1

func SqlServerEngineVersion_VER_11_00_7462_6_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_11_00_7493_4_V1

func SqlServerEngineVersion_VER_11_00_7493_4_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12

func SqlServerEngineVersion_VER_12() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12_00_5000_0_V1

func SqlServerEngineVersion_VER_12_00_5000_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12_00_5546_0_V1

func SqlServerEngineVersion_VER_12_00_5546_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12_00_5571_0_V1

func SqlServerEngineVersion_VER_12_00_5571_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12_00_6293_0_V1

func SqlServerEngineVersion_VER_12_00_6293_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_12_00_6329_1_V1

func SqlServerEngineVersion_VER_12_00_6329_1_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13

func SqlServerEngineVersion_VER_13() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_2164_0_V1

func SqlServerEngineVersion_VER_13_00_2164_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_4422_0_V1

func SqlServerEngineVersion_VER_13_00_4422_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_4451_0_V1

func SqlServerEngineVersion_VER_13_00_4451_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_4466_4_V1

func SqlServerEngineVersion_VER_13_00_4466_4_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_4522_0_V1

func SqlServerEngineVersion_VER_13_00_4522_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5216_0_V1

func SqlServerEngineVersion_VER_13_00_5216_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5292_0_V1

func SqlServerEngineVersion_VER_13_00_5292_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5366_0_V1

func SqlServerEngineVersion_VER_13_00_5366_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5426_0_V1

func SqlServerEngineVersion_VER_13_00_5426_0_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5598_27_V1

func SqlServerEngineVersion_VER_13_00_5598_27_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5820_21_V1

func SqlServerEngineVersion_VER_13_00_5820_21_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5850_14_V1

func SqlServerEngineVersion_VER_13_00_5850_14_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_13_00_5882_1_V1

func SqlServerEngineVersion_VER_13_00_5882_1_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14

func SqlServerEngineVersion_VER_14() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_1000_169_V1

func SqlServerEngineVersion_VER_14_00_1000_169_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3015_40_V1

func SqlServerEngineVersion_VER_14_00_3015_40_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3035_2_V1

func SqlServerEngineVersion_VER_14_00_3035_2_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3049_1_V1

func SqlServerEngineVersion_VER_14_00_3049_1_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3192_2_V1

func SqlServerEngineVersion_VER_14_00_3192_2_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3223_3_V1

func SqlServerEngineVersion_VER_14_00_3223_3_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3281_6_V1

func SqlServerEngineVersion_VER_14_00_3281_6_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3294_2_V1

func SqlServerEngineVersion_VER_14_00_3294_2_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3356_20_V1

func SqlServerEngineVersion_VER_14_00_3356_20_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_14_00_3381_3_V1

func SqlServerEngineVersion_VER_14_00_3381_3_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_15

func SqlServerEngineVersion_VER_15() SqlServerEngineVersion

func SqlServerEngineVersion_VER_15_00_4043_16_V1

func SqlServerEngineVersion_VER_15_00_4043_16_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_15_00_4043_23_V1

func SqlServerEngineVersion_VER_15_00_4043_23_V1() SqlServerEngineVersion

func SqlServerEngineVersion_VER_15_00_4073_23_V1

func SqlServerEngineVersion_VER_15_00_4073_23_V1() SqlServerEngineVersion

type SqlServerExInstanceEngineProps

type SqlServerExInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version SqlServerEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for SQL Server Express Edition instance engines.

Used in {@link DatabaseInstanceEngine.sqlServerEx}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var sqlServerEngineVersion sqlServerEngineVersion

sqlServerExInstanceEngineProps := &sqlServerExInstanceEngineProps{
	version: sqlServerEngineVersion,
}

Experimental.

type SqlServerSeInstanceEngineProps

type SqlServerSeInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version SqlServerEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for SQL Server Standard Edition instance engines.

Used in {@link DatabaseInstanceEngine.sqlServerSe}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var sqlServerEngineVersion sqlServerEngineVersion

sqlServerSeInstanceEngineProps := &sqlServerSeInstanceEngineProps{
	version: sqlServerEngineVersion,
}

Experimental.

type SqlServerWebInstanceEngineProps

type SqlServerWebInstanceEngineProps struct {
	// The exact version of the engine to use.
	// Experimental.
	Version SqlServerEngineVersion `field:"required" json:"version" yaml:"version"`
}

Properties for SQL Server Web Edition instance engines.

Used in {@link DatabaseInstanceEngine.sqlServerWeb}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var sqlServerEngineVersion sqlServerEngineVersion

sqlServerWebInstanceEngineProps := &sqlServerWebInstanceEngineProps{
	version: sqlServerEngineVersion,
}

Experimental.

type StorageType

type StorageType string

The type of storage.

Example:

// Set open cursors with parameter group
parameterGroup := rds.NewParameterGroup(this, jsii.String("ParameterGroup"), &parameterGroupProps{
	engine: rds.databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	parameters: map[string]*string{
		"open_cursors": jsii.String("2500"),
	},
})

optionGroup := rds.NewOptionGroup(this, jsii.String("OptionGroup"), &optionGroupProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	configurations: []optionConfiguration{
		&optionConfiguration{
			name: jsii.String("LOCATOR"),
		},
		&optionConfiguration{
			name: jsii.String("OEM"),
			port: jsii.Number(1158),
			vpc: vpc,
		},
	},
})

// Allow connections to OEM
optionGroup.optionConnections.oEM.connections.allowDefaultPortFromAnyIpv4()

// Database instance with production values
instance := rds.NewDatabaseInstance(this, jsii.String("Instance"), &databaseInstanceProps{
	engine: rds.*databaseInstanceEngine.oracleSe2(&oracleSe2InstanceEngineProps{
		version: rds.*oracleEngineVersion_VER_19_0_0_0_2020_04_R1(),
	}),
	licenseModel: rds.licenseModel_BRING_YOUR_OWN_LICENSE,
	instanceType: ec2.instanceType.of(ec2.instanceClass_BURSTABLE3, ec2.instanceSize_MEDIUM),
	multiAz: jsii.Boolean(true),
	storageType: rds.storageType_IO1,
	credentials: rds.credentials.fromUsername(jsii.String("syscdk")),
	vpc: vpc,
	databaseName: jsii.String("ORCL"),
	storageEncrypted: jsii.Boolean(true),
	backupRetention: cdk.duration.days(jsii.Number(7)),
	monitoringInterval: cdk.*duration.seconds(jsii.Number(60)),
	enablePerformanceInsights: jsii.Boolean(true),
	cloudwatchLogsExports: []*string{
		jsii.String("trace"),
		jsii.String("audit"),
		jsii.String("alert"),
		jsii.String("listener"),
	},
	cloudwatchLogsRetention: logs.retentionDays_ONE_MONTH,
	autoMinorVersionUpgrade: jsii.Boolean(true),
	 // required to be true if LOCATOR is used in the option group
	optionGroup: optionGroup,
	parameterGroup: parameterGroup,
	removalPolicy: awscdk.RemovalPolicy_DESTROY,
})

// Allow connections on default port from any IPV4
instance.connections.allowDefaultPortFromAnyIpv4()

// Rotate the master user password every 30 days
instance.addRotationSingleUser()

// Add alarm for high CPU
// Add alarm for high CPU
cloudwatch.NewAlarm(this, jsii.String("HighCPU"), &alarmProps{
	metric: instance.metricCPUUtilization(),
	threshold: jsii.Number(90),
	evaluationPeriods: jsii.Number(1),
})

// Trigger Lambda function on instance availability events
fn := lambda.NewFunction(this, jsii.String("Function"), &functionProps{
	code: lambda.code.fromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	handler: jsii.String("index.handler"),
	runtime: lambda.runtime_NODEJS_14_X(),
})

availabilityRule := instance.onEvent(jsii.String("Availability"), &onEventOptions{
	target: targets.NewLambdaFunction(fn),
})
availabilityRule.addEventPattern(&eventPattern{
	detail: map[string]interface{}{
		"EventCategories": []interface{}{
			jsii.String("availability"),
		},
	},
})

Experimental.

const (
	// Standard.
	// Experimental.
	StorageType_STANDARD StorageType = "STANDARD"
	// General purpose (SSD).
	// Experimental.
	StorageType_GP2 StorageType = "GP2"
	// Provisioned IOPS (SSD).
	// Experimental.
	StorageType_IO1 StorageType = "IO1"
)

type SubnetGroup

type SubnetGroup interface {
	awscdk.Resource
	ISubnetGroup
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The name of the subnet group.
	// Experimental.
	SubnetGroupName() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Class for creating a RDS DB subnet group.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var subnet subnet
var subnetFilter subnetFilter
var vpc vpc

subnetGroup := awscdk.Aws_rds.NewSubnetGroup(this, jsii.String("MySubnetGroup"), &subnetGroupProps{
	description: jsii.String("description"),
	vpc: vpc,

	// the properties below are optional
	removalPolicy: monocdk.removalPolicy_DESTROY,
	subnetGroupName: jsii.String("subnetGroupName"),
	vpcSubnets: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []iSubnet{
			subnet,
		},
		subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
	},
})

Experimental.

func NewSubnetGroup

func NewSubnetGroup(scope constructs.Construct, id *string, props *SubnetGroupProps) SubnetGroup

Experimental.

type SubnetGroupProps

type SubnetGroupProps struct {
	// Description of the subnet group.
	// Experimental.
	Description *string `field:"required" json:"description" yaml:"description"`
	// The VPC to place the subnet group in.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// The removal policy to apply when the subnet group are removed from the stack or replaced during an update.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// The name of the subnet group.
	// Experimental.
	SubnetGroupName *string `field:"optional" json:"subnetGroupName" yaml:"subnetGroupName"`
	// Which subnets within the VPC to associate with this group.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties for creating a SubnetGroup.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var subnet subnet
var subnetFilter subnetFilter
var vpc vpc

subnetGroupProps := &subnetGroupProps{
	description: jsii.String("description"),
	vpc: vpc,

	// the properties below are optional
	removalPolicy: monocdk.removalPolicy_DESTROY,
	subnetGroupName: jsii.String("subnetGroupName"),
	vpcSubnets: &subnetSelection{
		availabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		onePerAz: jsii.Boolean(false),
		subnetFilters: []*subnetFilter{
			subnetFilter,
		},
		subnetGroupName: jsii.String("subnetGroupName"),
		subnetName: jsii.String("subnetName"),
		subnets: []iSubnet{
			subnet,
		},
		subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
	},
}

Experimental.

Source Files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL