| tags map |
A list of tags. |
| allocated-storage |
The amount of storage to allocate in gibibytes. Not applicable for Aurora. |
| allow-major-version-upgrade |
Allow or disallow major version upgrades. |
| apply-immediately |
Apply modifications in this request and any pending modifications asynchronously as soon as possible, regardless of the preferred-maintenance-window. Default is false. |
| auto-minor-version-upgrade |
Allow or disallow automatic minor engine version upgrades during the maintenance window. Defaults to true (allow). |
| availability-zone |
The availability zone to launch this DB instance in. The default picks a random availability zone in the currently configured region. Leave this value unset if multi-az is set to true. |
| backup-retention-period |
The number of days to retain backups. Must be a value from 0 to 35 where 0 to disables automated backups. Not applicable for Aurora. Valid values are between 0 to 35. |
| character-set-name |
Sets the character set name for this DB instance on supported engines. |
| copy-tags-to-snapshot |
Copy the DB instance tags to snapshots. Default is false. |
| db-cluster |
The existing DB cluster this DB instance belongs to. Only applies to Aurora engine. |
| db-instance-class |
The DB instance type. See DB Instance Class. (Required) |
| identifier |
The unique name of the DB instance. (Required) |
| db-name |
The database name (or Oracle System ID for Oracle) when creating the DB instance. Not applicable for SQL Server. See CreateDBInstance. |
| db-parameter-group |
The DB parameter group to use for this instance. The default DB Parameter Group is used if this is not set. |
| db-security-groups list |
A list of security groups to use with this DB instance. This is for EC2 Classic, for VPCs use vpc-security-group-ids. |
| db-subnet-group |
A DB subnet group to use for this DB instance. |
| delete-automated-backups |
Delete automated backups after the DB instance is deleted. Default to false (keep automated backups). |
| deletion-protection |
Enable deletion protection on the DB instance. This prevents the database from accidentally being deleted. The default is false. |
| domain |
The Active Directory Domain to create the instance in, only applicable to SQL Server engine. |
| domain-iam-role-name |
The name of the IAM role to be used when making API calls to the Directory Service, only applicable to SQL Server engine. |
| enable-cloudwatch-logs-exports list |
The list of log types to export to CloudWatch Logs. See Publishing Database Logs to Amazon CloudWatch Logs. |
| enable-iam-database-authentication |
Enable mapping IAM accounts to database accounts, default to false (disable). Not applicable to Aurora. |
| enable-performance-insights |
Enable Performance Insights for the DB instance. The default to false. |
| engine |
The name of the database engine to use for this DB Instance. Valid values are aurora-mysql, aurora-postgresql, custom-oracle-ee, custom-oracle-ee-cdb, custom-sqlserver-ee, custom-sqlserver-se, custom-sqlserver-web, db2-ae, db2-se, mariadb, mysql, oracle-ee, oracle-ee-cdb, oracle-se2, oracle-se2-cdb, postgres, sqlserver-ee, sqlserver-se, sqlserver-ex or sqlserver-web. |
| engine-version |
The version number of the database engine to use. |
| final-db-snapshot-identifier |
The name of the final snap shot when deleting this DB instance. |
| iops |
The amount of Provisioned IOPS to be allocated. Required if storage-type is io1. Minimum allowed value is 1000. |
| kms-key |
The AWS KMS key to encrypt the DB instance. |
| license-model |
License model for this DB instance. Valid values are license-included, bring-your-own-license or general-public-license. |
| master-user-password |
The password for the master user. |
| master-username |
The name for the master user. |
| monitoring-interval |
Enhanced Monitoring metrics collecting interval in seconds. The default is 0 (disable collection). Valid values are 0.0, 1.0, 5.0, 10.0, 15.0, 30.0 or ``60.0`. |
| monitoring-role-arn |
The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. |
| multi-az |
Launch this DB instance in multiple availability zones. If true, availability-zone must not be set. |
| option-group |
The option group to associate with. |
| performance-insights-kms-key |
The AWS KMS key for encryption of Performance Insights data. Not applicable if enable-performance-insights is false. |
| performance-insights-retention-period |
How many days to retain Performance Insights data. Valid values are 7.0 or ``731.0`. |
| port |
The port number on which the database accepts connections. |
| preferred-backup-window |
The preferred backup window when automated backups are enabled. Must be provided in UTC using the format hh24:mi-hh24:mi (i.e. 01:00-02:00). |
| preferred-maintenance-window |
The preferred system maintenance window. Must be provided in UTC using the format ddd:hh24:mi-ddd:hh24:mi` (i.e. Mon:01:00-Mon:02:00). |
| promotion-tier |
The order of the Aurora Replica is promoted to the primary instance after the existing primary instance fails. Valid values are between 0 to 15. |
| publicly-accessible |
The public accessibility of the DB instance. If true, this DB instance will have a public DNS name and public IP. |
| skip-final-snapshot |
Skip the final DB snapshot when this DB instance is deleted. Default is false. |
| storage-encrypted |
Enable DB instance encryption. Default to false. |
| storage-type |
The storage type for the DB instance. Valid values are standard, gp2, gp3 or io1. |
| tde-credential-arn |
The ARN from the key store for Transparent data encryption. |
| tde-credential-password |
The password for the given ARN from the key store. |
| timezone |
The time zone of the DB instance. The time zone parameter is currently supported only by Microsoft SQL Server. |
| vpc-security-groups list |
A list of Amazon VPC security groups to associate with. |
| backup-target |
The location for storing automated backups and manual snapshots. Valid values are outposts or region. |
| dedicated-log-volume |
When set to true the DB instance has a dedicated log volume (DLV) enabled. |
| domain-auth-secret-arn |
The ARN for the Secrets Manager secret with the credentials for the user joining the domain. |