aws-sdk-rds 1.103.0 → 1.108.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -5,28 +5,26 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module RDS
7
7
  module Plugins
8
-
9
- # This plugin populates the `:pre_signed_url` request param for the
10
- # CopyDBSnapshot API.
8
+ # This plugin populates the `:pre_signed_url` request param for APIs
9
+ # that support cross region copying.
11
10
  #
12
11
  # This parameter is required by RDS when copying an encrypted snapshot
13
12
  # across regions. This plugin will be skipped if the `:pre_signed_url`
14
13
  # parameter is provided by the user.
15
14
  class CrossRegionCopying < Seahorse::Client::Plugin
16
-
17
15
  # @api private
18
16
  class Handler < Seahorse::Client::Handler
19
-
20
17
  def call(context)
21
18
  params = context.params
22
- if params.is_a?(Hash) && params[:source_region] && !params[:pre_signed_url]
19
+ if params.is_a?(Hash) &&
20
+ params[:source_region] && !params[:pre_signed_url]
23
21
  params[:pre_signed_url] = presigned_url(context, params)
24
- params[:destination_region] = context.config.region
25
22
  end
26
23
  @handler.call(context)
27
24
  end
28
25
 
29
26
  private
27
+
30
28
  def presigned_url(context, params)
31
29
  # :source_region is not modeled in the api
32
30
  source_region = params.delete(:source_region)
@@ -43,12 +41,13 @@ module Aws
43
41
  region: source_region,
44
42
  credentials_provider: context.config.credentials
45
43
  )
46
- url = Aws::Partitions::EndpointProvider.resolve(signer.region, 'rds')
47
- url += "?#{param_list.to_s}"
44
+ url = Aws::Partitions::EndpointProvider.resolve(
45
+ signer.region, 'rds'
46
+ )
47
+ url += "?#{param_list}"
48
48
  signer.presign_url(
49
49
  http_method: 'GET',
50
50
  url: url,
51
- body: '',
52
51
  expires_in: 3600
53
52
  ).to_s
54
53
  end
@@ -61,10 +60,10 @@ module Aws
61
60
  :copy_db_snapshot,
62
61
  :create_db_instance_read_replica,
63
62
  :copy_db_cluster_snapshot,
64
- :create_db_cluster
63
+ :create_db_cluster,
64
+ :start_db_instance_automated_backups_replication
65
65
  ]
66
66
  )
67
-
68
67
  end
69
68
  end
70
69
  end
@@ -258,30 +258,27 @@ module Aws::RDS
258
258
  # @option options [String] :kms_key_id
259
259
  # The AWS KMS key identifier for an encrypted DB cluster.
260
260
  #
261
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
262
- # encryption key. If you are creating a DB cluster with the same AWS
263
- # account that owns the KMS encryption key used to encrypt the new DB
264
- # cluster, then you can use the KMS key alias instead of the ARN for the
265
- # KMS encryption key.
261
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
262
+ # name for the AWS KMS customer master key (CMK). To use a CMK in a
263
+ # different AWS account, specify the key ARN or alias ARN.
266
264
  #
267
- # If an encryption key isn't specified in `KmsKeyId`\:
265
+ # When a CMK isn't specified in `KmsKeyId`\:
268
266
  #
269
267
  # * If `ReplicationSourceIdentifier` identifies an encrypted source,
270
- # then Amazon RDS will use the encryption key used to encrypt the
271
- # source. Otherwise, Amazon RDS will use your default encryption key.
268
+ # then Amazon RDS will use the CMK used to encrypt the source.
269
+ # Otherwise, Amazon RDS will use your default CMK.
272
270
  #
273
271
  # * If the `StorageEncrypted` parameter is enabled and
274
272
  # `ReplicationSourceIdentifier` isn't specified, then Amazon RDS will
275
- # use your default encryption key.
273
+ # use your default CMK.
276
274
  #
277
- # AWS KMS creates the default encryption key for your AWS account. Your
278
- # AWS account has a different default encryption key for each AWS
279
- # Region.
275
+ # There is a default CMK for your AWS account. Your AWS account has a
276
+ # different default CMK for each AWS Region.
280
277
  #
281
278
  # If you create a read replica of an encrypted DB cluster in another AWS
282
- # Region, you must set `KmsKeyId` to a KMS key ID that is valid in the
283
- # destination AWS Region. This key is used to encrypt the read replica
284
- # in that AWS Region.
279
+ # Region, you must set `KmsKeyId` to a AWS KMS key identifier that is
280
+ # valid in the destination AWS Region. This CMK is used to encrypt the
281
+ # read replica in that AWS Region.
285
282
  # @option options [String] :pre_signed_url
286
283
  # A URL that contains a Signature Version 4 signed request for the
287
284
  # `CreateDBCluster` action to be called in the source AWS Region where
@@ -298,9 +295,9 @@ module Aws::RDS
298
295
  #
299
296
  # * `KmsKeyId` - The AWS KMS key identifier for the key to use to
300
297
  # encrypt the copy of the DB cluster in the destination AWS Region.
301
- # This should refer to the same KMS key for both the `CreateDBCluster`
302
- # action that is called in the destination AWS Region, and the action
303
- # contained in the pre-signed URL.
298
+ # This should refer to the same AWS KMS CMK for both the
299
+ # `CreateDBCluster` action that is called in the destination AWS
300
+ # Region, and the action contained in the pre-signed URL.
304
301
  #
305
302
  # * `DestinationRegion` - The name of the AWS Region that Aurora read
306
303
  # replica will be created in.
@@ -374,14 +371,23 @@ module Aws::RDS
374
371
  #
375
372
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch
376
373
  # @option options [String] :engine_mode
377
- # The DB engine mode of the DB cluster, either `provisioned`,
374
+ # The DB engine mode of the DB cluster, either `provisioned`
378
375
  # `serverless`, `parallelquery`, `global`, or `multimaster`.
379
376
  #
380
- # <note markdown="1"> `global` engine mode only applies for global database clusters created
381
- # with Aurora MySQL version 5.6.10a. For higher Aurora MySQL versions,
382
- # the clusters in a global database use `provisioned` engine mode.
377
+ # The `parallelquery` engine mode isn't required for Aurora MySQL
378
+ # version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x
379
+ # versions.
383
380
  #
384
- # </note>
381
+ # The `global` engine mode isn't required for Aurora MySQL version 1.22
382
+ # and higher 1.x versions, and `global` engine mode isn't required for
383
+ # any 2.x versions.
384
+ #
385
+ # The `multimaster` engine mode only applies for DB clusters created
386
+ # with Aurora MySQL version 5.6.10a.
387
+ #
388
+ # For Aurora PostgreSQL, the `global` engine mode isn't required, and
389
+ # both the `parallelquery` and the `multimaster` engine modes currently
390
+ # aren't supported.
385
391
  #
386
392
  # Limitations and requirements apply to some DB engine modes. For more
387
393
  # information, see the following sections in the *Amazon Aurora User
@@ -391,7 +397,7 @@ module Aws::RDS
391
397
  #
392
398
  # * [ Limitations of Parallel Query][2]
393
399
  #
394
- # * [ Requirements for Aurora Global Databases][3]
400
+ # * [ Limitations of Aurora Global Databases][3]
395
401
  #
396
402
  # * [ Limitations of Multi-Master Clusters][4]
397
403
  #
@@ -451,7 +457,6 @@ module Aws::RDS
451
457
  # This parameter only applies to DB clusters that are secondary clusters
452
458
  # in an Aurora global database. By default, Aurora disallows write
453
459
  # operations for secondary clusters.
454
- # @option options [String] :destination_region
455
460
  # @option options [String] :source_region
456
461
  # The source region of the snapshot. This is only needed when the
457
462
  # shapshot is encrypted and in a different region.
@@ -618,8 +623,8 @@ module Aws::RDS
618
623
  # **PostgreSQL**
619
624
  #
620
625
  # The name of the database to create when the DB instance is created. If
621
- # this parameter isn't specified, the default "postgres" database is
622
- # created in the DB instance.
626
+ # this parameter isn't specified, no database is created in the DB
627
+ # instance.
623
628
  #
624
629
  # Constraints:
625
630
  #
@@ -1221,22 +1226,19 @@ module Aws::RDS
1221
1226
  # @option options [String] :kms_key_id
1222
1227
  # The AWS KMS key identifier for an encrypted DB instance.
1223
1228
  #
1224
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
1225
- # encryption key. If you are creating a DB instance with the same AWS
1226
- # account that owns the KMS encryption key used to encrypt the new DB
1227
- # instance, then you can use the KMS key alias instead of the ARN for
1228
- # the KM encryption key.
1229
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
1230
+ # name for the AWS KMS customer master key (CMK). To use a CMK in a
1231
+ # different AWS account, specify the key ARN or alias ARN.
1229
1232
  #
1230
1233
  # **Amazon Aurora**
1231
1234
  #
1232
- # Not applicable. The KMS key identifier is managed by the DB cluster.
1233
- # For more information, see `CreateDBCluster`.
1235
+ # Not applicable. The AWS KMS key identifier is managed by the DB
1236
+ # cluster. For more information, see `CreateDBCluster`.
1234
1237
  #
1235
1238
  # If `StorageEncrypted` is enabled, and you do not specify a value for
1236
- # the `KmsKeyId` parameter, then Amazon RDS will use your default
1237
- # encryption key. AWS KMS creates the default encryption key for your
1238
- # AWS account. Your AWS account has a different default encryption key
1239
- # for each AWS Region.
1239
+ # the `KmsKeyId` parameter, then Amazon RDS uses your default CMK. There
1240
+ # is a default CMK for your AWS account. Your AWS account has a
1241
+ # different default CMK for each AWS Region.
1240
1242
  # @option options [String] :domain
1241
1243
  # The Active Directory directory ID to create the DB instance in.
1242
1244
  # Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB
@@ -1307,29 +1309,8 @@ module Aws::RDS
1307
1309
  # Access Management (IAM) accounts to database accounts. By default,
1308
1310
  # mapping is disabled.
1309
1311
  #
1310
- # You can enable IAM database authentication for the following database
1311
- # engines:
1312
- #
1313
- # **Amazon Aurora**
1314
- #
1315
- # Not applicable. Mapping AWS IAM accounts to database accounts is
1316
- # managed by the DB cluster.
1317
- #
1318
- # **MySQL**
1319
- #
1320
- # * For MySQL 5.6, minor version 5.6.34 or higher
1321
- #
1322
- # * For MySQL 5.7, minor version 5.7.16 or higher
1323
- #
1324
- # * For MySQL 8.0, minor version 8.0.16 or higher
1325
- #
1326
- # **PostgreSQL**
1327
- #
1328
- # * For PostgreSQL 9.5, minor version 9.5.15 or higher
1329
- #
1330
- # * For PostgreSQL 9.6, minor version 9.6.11 or higher
1331
- #
1332
- # * PostgreSQL 10.6, 10.7, and 10.9
1312
+ # This setting doesn't apply to Amazon Aurora. Mapping AWS IAM accounts
1313
+ # to database accounts is managed by the DB cluster.
1333
1314
  #
1334
1315
  # For more information, see [ IAM Database Authentication for MySQL and
1335
1316
  # PostgreSQL][1] in the *Amazon RDS User Guide.*
@@ -1349,13 +1330,15 @@ module Aws::RDS
1349
1330
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html
1350
1331
  # @option options [String] :performance_insights_kms_key_id
1351
1332
  # The AWS KMS key identifier for encryption of Performance Insights
1352
- # data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
1353
- # identifier, or the KMS key alias for the KMS encryption key.
1333
+ # data.
1334
+ #
1335
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
1336
+ # name for the AWS KMS customer master key (CMK).
1354
1337
  #
1355
1338
  # If you do not specify a value for `PerformanceInsightsKMSKeyId`, then
1356
- # Amazon RDS uses your default encryption key. AWS KMS creates the
1357
- # default encryption key for your AWS account. Your AWS account has a
1358
- # different default encryption key for each AWS Region.
1339
+ # Amazon RDS uses your default CMK. There is a default CMK for your AWS
1340
+ # account. Your AWS account has a different default CMK for each AWS
1341
+ # Region.
1359
1342
  # @option options [Integer] :performance_insights_retention_period
1360
1343
  # The amount of time, in days, to retain Performance Insights data.
1361
1344
  # Valid values are 7 or 731 (2 years).
@@ -157,7 +157,7 @@ module Aws::RDS
157
157
  #
158
158
  # @!attribute [rw] role_arn
159
159
  # The Amazon Resource Name (ARN) of the IAM role to associate with the
160
- # Aurora DB cluster, for example
160
+ # Aurora DB cluster, for example,
161
161
  # `arn:aws:iam::123456789012:role/AuroraAccessRole`.
162
162
  # @return [String]
163
163
  #
@@ -755,6 +755,45 @@ module Aws::RDS
755
755
  include Aws::Structure
756
756
  end
757
757
 
758
+ # This data type is used as a response element in the `ModifyDBCluster`
759
+ # operation and contains changes that will be applied during the next
760
+ # maintenance window.
761
+ #
762
+ # @!attribute [rw] pending_cloudwatch_logs_exports
763
+ # A list of the log types whose configuration is still pending. In
764
+ # other words, these log types are in the process of being activated
765
+ # or deactivated.
766
+ # @return [Types::PendingCloudwatchLogsExports]
767
+ #
768
+ # @!attribute [rw] db_cluster_identifier
769
+ # The DBClusterIdentifier for the DB cluster.
770
+ # @return [String]
771
+ #
772
+ # @!attribute [rw] master_user_password
773
+ # The master credentials for the DB cluster.
774
+ # @return [String]
775
+ #
776
+ # @!attribute [rw] iam_database_authentication_enabled
777
+ # Whether mapping of AWS Identity and Access Management (IAM) accounts
778
+ # to database accounts is enabled.
779
+ # @return [Boolean]
780
+ #
781
+ # @!attribute [rw] engine_version
782
+ # The database engine version.
783
+ # @return [String]
784
+ #
785
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ClusterPendingModifiedValues AWS API Documentation
786
+ #
787
+ class ClusterPendingModifiedValues < Struct.new(
788
+ :pending_cloudwatch_logs_exports,
789
+ :db_cluster_identifier,
790
+ :master_user_password,
791
+ :iam_database_authentication_enabled,
792
+ :engine_version)
793
+ SENSITIVE = []
794
+ include Aws::Structure
795
+ end
796
+
758
797
  # Specifies the settings that control the size and behavior of the
759
798
  # connection pool associated with a `DBProxyTargetGroup`.
760
799
  #
@@ -1050,25 +1089,25 @@ module Aws::RDS
1050
1089
  # @return [String]
1051
1090
  #
1052
1091
  # @!attribute [rw] kms_key_id
1053
- # The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key
1054
- # ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
1055
- # key alias for the KMS encryption key.
1092
+ # The AWS KMS key identifier for an encrypted DB cluster snapshot. The
1093
+ # AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
1094
+ # name for the AWS KMS customer master key (CMK).
1056
1095
  #
1057
1096
  # If you copy an encrypted DB cluster snapshot from your AWS account,
1058
1097
  # you can specify a value for `KmsKeyId` to encrypt the copy with a
1059
- # new KMS encryption key. If you don't specify a value for
1060
- # `KmsKeyId`, then the copy of the DB cluster snapshot is encrypted
1061
- # with the same KMS key as the source DB cluster snapshot.
1098
+ # new AWS KMS CMK. If you don't specify a value for `KmsKeyId`, then
1099
+ # the copy of the DB cluster snapshot is encrypted with the same AWS
1100
+ # KMS key as the source DB cluster snapshot.
1062
1101
  #
1063
1102
  # If you copy an encrypted DB cluster snapshot that is shared from
1064
1103
  # another AWS account, then you must specify a value for `KmsKeyId`.
1065
1104
  #
1066
1105
  # To copy an encrypted DB cluster snapshot to another AWS Region, you
1067
- # must set `KmsKeyId` to the KMS key ID you want to use to encrypt the
1068
- # copy of the DB cluster snapshot in the destination AWS Region. KMS
1069
- # encryption keys are specific to the AWS Region that they are created
1070
- # in, and you can't use encryption keys from one AWS Region in
1071
- # another AWS Region.
1106
+ # must set `KmsKeyId` to the AWS KMS key identifier you want to use to
1107
+ # encrypt the copy of the DB cluster snapshot in the destination AWS
1108
+ # Region. AWS KMS CMKs are specific to the AWS Region that they are
1109
+ # created in, and you can't use CMKs from one AWS Region in another
1110
+ # AWS Region.
1072
1111
  #
1073
1112
  # If you copy an unencrypted DB cluster snapshot and specify a value
1074
1113
  # for the `KmsKeyId` parameter, an error is returned.
@@ -1088,11 +1127,12 @@ module Aws::RDS
1088
1127
  # be copied. The pre-signed URL request must contain the following
1089
1128
  # parameter values:
1090
1129
  #
1091
- # * `KmsKeyId` - The AWS KMS key identifier for the key to use to
1092
- # encrypt the copy of the DB cluster snapshot in the destination AWS
1093
- # Region. This is the same identifier for both the
1094
- # `CopyDBClusterSnapshot` action that is called in the destination
1095
- # AWS Region, and the action contained in the pre-signed URL.
1130
+ # * `KmsKeyId` - The AWS KMS key identifier for the customer master
1131
+ # key (CMK) to use to encrypt the copy of the DB cluster snapshot in
1132
+ # the destination AWS Region. This is the same identifier for both
1133
+ # the `CopyDBClusterSnapshot` action that is called in the
1134
+ # destination AWS Region, and the action contained in the pre-signed
1135
+ # URL.
1096
1136
  #
1097
1137
  # * `DestinationRegion` - The name of the AWS Region that the DB
1098
1138
  # cluster snapshot is to be created in.
@@ -1139,9 +1179,6 @@ module Aws::RDS
1139
1179
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
1140
1180
  # @return [Array<Types::Tag>]
1141
1181
  #
1142
- # @!attribute [rw] destination_region
1143
- # @return [String]
1144
- #
1145
1182
  # @!attribute [rw] source_region
1146
1183
  # The source region of the snapshot. This is only needed when the
1147
1184
  # shapshot is encrypted and in a different region.
@@ -1156,7 +1193,6 @@ module Aws::RDS
1156
1193
  :pre_signed_url,
1157
1194
  :copy_tags,
1158
1195
  :tags,
1159
- :destination_region,
1160
1196
  :source_region)
1161
1197
  SENSITIVE = []
1162
1198
  include Aws::Structure
@@ -1280,6 +1316,7 @@ module Aws::RDS
1280
1316
  # copy_tags: false,
1281
1317
  # pre_signed_url: "String",
1282
1318
  # option_group_name: "String",
1319
+ # target_custom_availability_zone: "String",
1283
1320
  # source_region: "String",
1284
1321
  # }
1285
1322
  #
@@ -1330,15 +1367,15 @@ module Aws::RDS
1330
1367
  # @return [String]
1331
1368
  #
1332
1369
  # @!attribute [rw] kms_key_id
1333
- # The AWS KMS key ID for an encrypted DB snapshot. The KMS key ID is
1334
- # the Amazon Resource Name (ARN), KMS key identifier, or the KMS key
1335
- # alias for the KMS encryption key.
1370
+ # The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
1371
+ # key identifier is the key ARN, key ID, alias ARN, or alias name for
1372
+ # the AWS KMS customer master key (CMK).
1336
1373
  #
1337
1374
  # If you copy an encrypted DB snapshot from your AWS account, you can
1338
1375
  # specify a value for this parameter to encrypt the copy with a new
1339
- # KMS encryption key. If you don't specify a value for this
1340
- # parameter, then the copy of the DB snapshot is encrypted with the
1341
- # same KMS key as the source DB snapshot.
1376
+ # AWS KMS CMK. If you don't specify a value for this parameter, then
1377
+ # the copy of the DB snapshot is encrypted with the same AWS KMS key
1378
+ # as the source DB snapshot.
1342
1379
  #
1343
1380
  # If you copy an encrypted DB snapshot that is shared from another AWS
1344
1381
  # account, then you must specify a value for this parameter.
@@ -1347,10 +1384,10 @@ module Aws::RDS
1347
1384
  # the copy is encrypted.
1348
1385
  #
1349
1386
  # If you copy an encrypted snapshot to a different AWS Region, then
1350
- # you must specify a KMS key for the destination AWS Region. KMS
1351
- # encryption keys are specific to the AWS Region that they are created
1352
- # in, and you can't use encryption keys from one AWS Region in
1353
- # another AWS Region.
1387
+ # you must specify a AWS KMS key identifier for the destination AWS
1388
+ # Region. AWS KMS CMKs are specific to the AWS Region that they are
1389
+ # created in, and you can't use CMKs from one AWS Region in another
1390
+ # AWS Region.
1354
1391
  # @return [String]
1355
1392
  #
1356
1393
  # @!attribute [rw] tags
@@ -1395,11 +1432,11 @@ module Aws::RDS
1395
1432
  # example, the `DestinationRegion` in the presigned URL must be set
1396
1433
  # to the us-east-1 AWS Region.
1397
1434
  #
1398
- # * `KmsKeyId` - The AWS KMS key identifier for the key to use to
1399
- # encrypt the copy of the DB snapshot in the destination AWS Region.
1400
- # This is the same identifier for both the `CopyDBSnapshot` action
1401
- # that is called in the destination AWS Region, and the action
1402
- # contained in the presigned URL.
1435
+ # * `KmsKeyId` - The AWS KMS key identifier for the customer master
1436
+ # key (CMK) to use to encrypt the copy of the DB snapshot in the
1437
+ # destination AWS Region. This is the same identifier for both the
1438
+ # `CopyDBSnapshot` action that is called in the destination AWS
1439
+ # Region, and the action contained in the presigned URL.
1403
1440
  #
1404
1441
  # * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
1405
1442
  # encrypted snapshot to be copied. This identifier must be in the
@@ -1443,7 +1480,11 @@ module Aws::RDS
1443
1480
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CopySnapshot.html#USER_CopySnapshot.Options
1444
1481
  # @return [String]
1445
1482
  #
1446
- # @!attribute [rw] destination_region
1483
+ # @!attribute [rw] target_custom_availability_zone
1484
+ # The external custom Availability Zone (CAZ) identifier for the
1485
+ # target CAZ.
1486
+ #
1487
+ # Example: `rds-caz-aiqhTgQv`.
1447
1488
  # @return [String]
1448
1489
  #
1449
1490
  # @!attribute [rw] source_region
@@ -1461,7 +1502,7 @@ module Aws::RDS
1461
1502
  :copy_tags,
1462
1503
  :pre_signed_url,
1463
1504
  :option_group_name,
1464
- :destination_region,
1505
+ :target_custom_availability_zone,
1465
1506
  :source_region)
1466
1507
  SENSITIVE = []
1467
1508
  include Aws::Structure
@@ -1945,31 +1986,27 @@ module Aws::RDS
1945
1986
  # @!attribute [rw] kms_key_id
1946
1987
  # The AWS KMS key identifier for an encrypted DB cluster.
1947
1988
  #
1948
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
1949
- # encryption key. If you are creating a DB cluster with the same AWS
1950
- # account that owns the KMS encryption key used to encrypt the new DB
1951
- # cluster, then you can use the KMS key alias instead of the ARN for
1952
- # the KMS encryption key.
1989
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
1990
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
1991
+ # in a different AWS account, specify the key ARN or alias ARN.
1953
1992
  #
1954
- # If an encryption key isn't specified in `KmsKeyId`\:
1993
+ # When a CMK isn't specified in `KmsKeyId`\:
1955
1994
  #
1956
1995
  # * If `ReplicationSourceIdentifier` identifies an encrypted source,
1957
- # then Amazon RDS will use the encryption key used to encrypt the
1958
- # source. Otherwise, Amazon RDS will use your default encryption
1959
- # key.
1996
+ # then Amazon RDS will use the CMK used to encrypt the source.
1997
+ # Otherwise, Amazon RDS will use your default CMK.
1960
1998
  #
1961
1999
  # * If the `StorageEncrypted` parameter is enabled and
1962
2000
  # `ReplicationSourceIdentifier` isn't specified, then Amazon RDS
1963
- # will use your default encryption key.
2001
+ # will use your default CMK.
1964
2002
  #
1965
- # AWS KMS creates the default encryption key for your AWS account.
1966
- # Your AWS account has a different default encryption key for each AWS
1967
- # Region.
2003
+ # There is a default CMK for your AWS account. Your AWS account has a
2004
+ # different default CMK for each AWS Region.
1968
2005
  #
1969
2006
  # If you create a read replica of an encrypted DB cluster in another
1970
- # AWS Region, you must set `KmsKeyId` to a KMS key ID that is valid in
1971
- # the destination AWS Region. This key is used to encrypt the read
1972
- # replica in that AWS Region.
2007
+ # AWS Region, you must set `KmsKeyId` to a AWS KMS key identifier that
2008
+ # is valid in the destination AWS Region. This CMK is used to encrypt
2009
+ # the read replica in that AWS Region.
1973
2010
  # @return [String]
1974
2011
  #
1975
2012
  # @!attribute [rw] pre_signed_url
@@ -1988,7 +2025,7 @@ module Aws::RDS
1988
2025
  #
1989
2026
  # * `KmsKeyId` - The AWS KMS key identifier for the key to use to
1990
2027
  # encrypt the copy of the DB cluster in the destination AWS Region.
1991
- # This should refer to the same KMS key for both the
2028
+ # This should refer to the same AWS KMS CMK for both the
1992
2029
  # `CreateDBCluster` action that is called in the destination AWS
1993
2030
  # Region, and the action contained in the pre-signed URL.
1994
2031
  #
@@ -2072,15 +2109,23 @@ module Aws::RDS
2072
2109
  # @return [Array<String>]
2073
2110
  #
2074
2111
  # @!attribute [rw] engine_mode
2075
- # The DB engine mode of the DB cluster, either `provisioned`,
2112
+ # The DB engine mode of the DB cluster, either `provisioned`
2076
2113
  # `serverless`, `parallelquery`, `global`, or `multimaster`.
2077
2114
  #
2078
- # <note markdown="1"> `global` engine mode only applies for global database clusters
2079
- # created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
2080
- # versions, the clusters in a global database use `provisioned` engine
2081
- # mode.
2115
+ # The `parallelquery` engine mode isn't required for Aurora MySQL
2116
+ # version 1.23 and higher 1.x versions, and version 2.09 and higher
2117
+ # 2.x versions.
2082
2118
  #
2083
- # </note>
2119
+ # The `global` engine mode isn't required for Aurora MySQL version
2120
+ # 1.22 and higher 1.x versions, and `global` engine mode isn't
2121
+ # required for any 2.x versions.
2122
+ #
2123
+ # The `multimaster` engine mode only applies for DB clusters created
2124
+ # with Aurora MySQL version 5.6.10a.
2125
+ #
2126
+ # For Aurora PostgreSQL, the `global` engine mode isn't required, and
2127
+ # both the `parallelquery` and the `multimaster` engine modes
2128
+ # currently aren't supported.
2084
2129
  #
2085
2130
  # Limitations and requirements apply to some DB engine modes. For more
2086
2131
  # information, see the following sections in the *Amazon Aurora User
@@ -2090,7 +2135,7 @@ module Aws::RDS
2090
2135
  #
2091
2136
  # * [ Limitations of Parallel Query][2]
2092
2137
  #
2093
- # * [ Requirements for Aurora Global Databases][3]
2138
+ # * [ Limitations of Aurora Global Databases][3]
2094
2139
  #
2095
2140
  # * [ Limitations of Multi-Master Clusters][4]
2096
2141
  #
@@ -2168,9 +2213,6 @@ module Aws::RDS
2168
2213
  # disallows write operations for secondary clusters.
2169
2214
  # @return [Boolean]
2170
2215
  #
2171
- # @!attribute [rw] destination_region
2172
- # @return [String]
2173
- #
2174
2216
  # @!attribute [rw] source_region
2175
2217
  # The source region of the snapshot. This is only needed when the
2176
2218
  # shapshot is encrypted and in a different region.
@@ -2212,7 +2254,6 @@ module Aws::RDS
2212
2254
  :domain,
2213
2255
  :domain_iam_role_name,
2214
2256
  :enable_global_write_forwarding,
2215
- :destination_region,
2216
2257
  :source_region)
2217
2258
  SENSITIVE = []
2218
2259
  include Aws::Structure
@@ -2483,8 +2524,8 @@ module Aws::RDS
2483
2524
  # **PostgreSQL**
2484
2525
  #
2485
2526
  # The name of the database to create when the DB instance is created.
2486
- # If this parameter isn't specified, the default "postgres"
2487
- # database is created in the DB instance.
2527
+ # If this parameter isn't specified, no database is created in the DB
2528
+ # instance.
2488
2529
  #
2489
2530
  # Constraints:
2490
2531
  #
@@ -3151,22 +3192,19 @@ module Aws::RDS
3151
3192
  # @!attribute [rw] kms_key_id
3152
3193
  # The AWS KMS key identifier for an encrypted DB instance.
3153
3194
  #
3154
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
3155
- # encryption key. If you are creating a DB instance with the same AWS
3156
- # account that owns the KMS encryption key used to encrypt the new DB
3157
- # instance, then you can use the KMS key alias instead of the ARN for
3158
- # the KM encryption key.
3195
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
3196
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
3197
+ # in a different AWS account, specify the key ARN or alias ARN.
3159
3198
  #
3160
3199
  # **Amazon Aurora**
3161
3200
  #
3162
- # Not applicable. The KMS key identifier is managed by the DB cluster.
3163
- # For more information, see `CreateDBCluster`.
3201
+ # Not applicable. The AWS KMS key identifier is managed by the DB
3202
+ # cluster. For more information, see `CreateDBCluster`.
3164
3203
  #
3165
3204
  # If `StorageEncrypted` is enabled, and you do not specify a value for
3166
- # the `KmsKeyId` parameter, then Amazon RDS will use your default
3167
- # encryption key. AWS KMS creates the default encryption key for your
3168
- # AWS account. Your AWS account has a different default encryption key
3169
- # for each AWS Region.
3205
+ # the `KmsKeyId` parameter, then Amazon RDS uses your default CMK.
3206
+ # There is a default CMK for your AWS account. Your AWS account has a
3207
+ # different default CMK for each AWS Region.
3170
3208
  # @return [String]
3171
3209
  #
3172
3210
  # @!attribute [rw] domain
@@ -3253,29 +3291,8 @@ module Aws::RDS
3253
3291
  # Access Management (IAM) accounts to database accounts. By default,
3254
3292
  # mapping is disabled.
3255
3293
  #
3256
- # You can enable IAM database authentication for the following
3257
- # database engines:
3258
- #
3259
- # **Amazon Aurora**
3260
- #
3261
- # Not applicable. Mapping AWS IAM accounts to database accounts is
3262
- # managed by the DB cluster.
3263
- #
3264
- # **MySQL**
3265
- #
3266
- # * For MySQL 5.6, minor version 5.6.34 or higher
3267
- #
3268
- # * For MySQL 5.7, minor version 5.7.16 or higher
3269
- #
3270
- # * For MySQL 8.0, minor version 8.0.16 or higher
3271
- #
3272
- # **PostgreSQL**
3273
- #
3274
- # * For PostgreSQL 9.5, minor version 9.5.15 or higher
3275
- #
3276
- # * For PostgreSQL 9.6, minor version 9.6.11 or higher
3277
- #
3278
- # * PostgreSQL 10.6, 10.7, and 10.9
3294
+ # This setting doesn't apply to Amazon Aurora. Mapping AWS IAM
3295
+ # accounts to database accounts is managed by the DB cluster.
3279
3296
  #
3280
3297
  # For more information, see [ IAM Database Authentication for MySQL
3281
3298
  # and PostgreSQL][1] in the *Amazon RDS User Guide.*
@@ -3299,13 +3316,15 @@ module Aws::RDS
3299
3316
  #
3300
3317
  # @!attribute [rw] performance_insights_kms_key_id
3301
3318
  # The AWS KMS key identifier for encryption of Performance Insights
3302
- # data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
3303
- # identifier, or the KMS key alias for the KMS encryption key.
3319
+ # data.
3320
+ #
3321
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
3322
+ # alias name for the AWS KMS customer master key (CMK).
3304
3323
  #
3305
3324
  # If you do not specify a value for `PerformanceInsightsKMSKeyId`,
3306
- # then Amazon RDS uses your default encryption key. AWS KMS creates
3307
- # the default encryption key for your AWS account. Your AWS account
3308
- # has a different default encryption key for each AWS Region.
3325
+ # then Amazon RDS uses your default CMK. There is a default CMK for
3326
+ # your AWS account. Your AWS account has a different default CMK for
3327
+ # each AWS Region.
3309
3328
  # @return [String]
3310
3329
  #
3311
3330
  # @!attribute [rw] performance_insights_retention_period
@@ -3477,6 +3496,7 @@ module Aws::RDS
3477
3496
  # domain: "String",
3478
3497
  # domain_iam_role_name: "String",
3479
3498
  # replica_mode: "open-read-only", # accepts open-read-only, mounted
3499
+ # max_allocated_storage: 1,
3480
3500
  # source_region: "String",
3481
3501
  # }
3482
3502
  #
@@ -3722,19 +3742,20 @@ module Aws::RDS
3722
3742
  # @return [String]
3723
3743
  #
3724
3744
  # @!attribute [rw] kms_key_id
3725
- # The AWS KMS key ID for an encrypted read replica. The KMS key ID is
3726
- # the Amazon Resource Name (ARN), KMS key identifier, or the KMS key
3727
- # alias for the KMS encryption key.
3745
+ # The AWS KMS key identifier for an encrypted read replica.
3746
+ #
3747
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
3748
+ # alias name for the AWS KMS CMK.
3728
3749
  #
3729
3750
  # If you create an encrypted read replica in the same AWS Region as
3730
- # the source DB instance, then you do not have to specify a value for
3731
- # this parameter. The read replica is encrypted with the same KMS key
3732
- # as the source DB instance.
3751
+ # the source DB instance, then do not specify a value for this
3752
+ # parameter. A read replica in the same Region is always encrypted
3753
+ # with the same AWS KMS CMK as the source DB instance.
3733
3754
  #
3734
3755
  # If you create an encrypted read replica in a different AWS Region,
3735
- # then you must specify a KMS key for the destination AWS Region. KMS
3736
- # encryption keys are specific to the AWS Region that they are created
3737
- # in, and you can't use encryption keys from one AWS Region in
3756
+ # then you must specify a AWS KMS key identifier for the destination
3757
+ # AWS Region. AWS KMS CMKs are specific to the AWS Region that they
3758
+ # are created in, and you can't use CMKs from one AWS Region in
3738
3759
  # another AWS Region.
3739
3760
  #
3740
3761
  # You can't create an encrypted read replica from an unencrypted DB
@@ -3808,8 +3829,7 @@ module Aws::RDS
3808
3829
  # @!attribute [rw] enable_iam_database_authentication
3809
3830
  # A value that indicates whether to enable mapping of AWS Identity and
3810
3831
  # Access Management (IAM) accounts to database accounts. By default,
3811
- # mapping is disabled. For information about the supported DB engines,
3812
- # see CreateDBInstance.
3832
+ # mapping is disabled.
3813
3833
  #
3814
3834
  # For more information about IAM database authentication, see [ IAM
3815
3835
  # Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -3834,13 +3854,15 @@ module Aws::RDS
3834
3854
  #
3835
3855
  # @!attribute [rw] performance_insights_kms_key_id
3836
3856
  # The AWS KMS key identifier for encryption of Performance Insights
3837
- # data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
3838
- # identifier, or the KMS key alias for the KMS encryption key.
3857
+ # data.
3858
+ #
3859
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
3860
+ # alias name for the AWS KMS customer master key (CMK).
3839
3861
  #
3840
3862
  # If you do not specify a value for `PerformanceInsightsKMSKeyId`,
3841
- # then Amazon RDS uses your default encryption key. AWS KMS creates
3842
- # the default encryption key for your AWS account. Your AWS account
3843
- # has a different default encryption key for each AWS Region.
3863
+ # then Amazon RDS uses your default CMK. There is a default CMK for
3864
+ # your AWS account. Your AWS account has a different default CMK for
3865
+ # each AWS Region.
3844
3866
  # @return [String]
3845
3867
  #
3846
3868
  # @!attribute [rw] performance_insights_retention_period
@@ -3922,8 +3944,10 @@ module Aws::RDS
3922
3944
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html
3923
3945
  # @return [String]
3924
3946
  #
3925
- # @!attribute [rw] destination_region
3926
- # @return [String]
3947
+ # @!attribute [rw] max_allocated_storage
3948
+ # The upper limit to which Amazon RDS can automatically scale the
3949
+ # storage of the DB instance.
3950
+ # @return [Integer]
3927
3951
  #
3928
3952
  # @!attribute [rw] source_region
3929
3953
  # The source region of the snapshot. This is only needed when the
@@ -3964,7 +3988,7 @@ module Aws::RDS
3964
3988
  :domain,
3965
3989
  :domain_iam_role_name,
3966
3990
  :replica_mode,
3967
- :destination_region,
3991
+ :max_allocated_storage,
3968
3992
  :source_region)
3969
3993
  SENSITIVE = []
3970
3994
  include Aws::Structure
@@ -4912,12 +4936,15 @@ module Aws::RDS
4912
4936
  # @!attribute [rw] kms_key_id
4913
4937
  # If `StorageEncrypted` is enabled, the AWS KMS key identifier for the
4914
4938
  # encrypted DB cluster.
4939
+ #
4940
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
4941
+ # alias name for the AWS KMS customer master key (CMK).
4915
4942
  # @return [String]
4916
4943
  #
4917
4944
  # @!attribute [rw] db_cluster_resource_id
4918
4945
  # The AWS Region-unique, immutable identifier for the DB cluster. This
4919
4946
  # identifier is found in AWS CloudTrail log entries whenever the AWS
4920
- # KMS key for the DB cluster is accessed.
4947
+ # KMS CMK for the DB cluster is accessed.
4921
4948
  # @return [String]
4922
4949
  #
4923
4950
  # @!attribute [rw] db_cluster_arn
@@ -4988,14 +5015,11 @@ module Aws::RDS
4988
5015
  # The DB engine mode of the DB cluster, either `provisioned`,
4989
5016
  # `serverless`, `parallelquery`, `global`, or `multimaster`.
4990
5017
  #
4991
- # <note markdown="1"> `global` engine mode only applies for global database clusters
4992
- # created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
4993
- # versions, the clusters in a global database use `provisioned` engine
4994
- # mode. To check if a DB cluster is part of a global database, use
4995
- # `DescribeGlobalClusters` instead of checking the `EngineMode` return
4996
- # value from `DescribeDBClusters`.
5018
+ # For more information, see [ CreateDBCluster][1].
4997
5019
  #
4998
- # </note>
5020
+ #
5021
+ #
5022
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
4999
5023
  # @return [String]
5000
5024
  #
5001
5025
  # @!attribute [rw] scaling_configuration_info
@@ -5046,6 +5070,9 @@ module Aws::RDS
5046
5070
  # @!attribute [rw] activity_stream_kms_key_id
5047
5071
  # The AWS KMS key identifier used for encrypting messages in the
5048
5072
  # database activity stream.
5073
+ #
5074
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
5075
+ # alias name for the AWS KMS customer master key (CMK).
5049
5076
  # @return [String]
5050
5077
  #
5051
5078
  # @!attribute [rw] activity_stream_kinesis_stream_name
@@ -5068,6 +5095,15 @@ module Aws::RDS
5068
5095
  # DB cluster.
5069
5096
  # @return [Array<Types::DomainMembership>]
5070
5097
  #
5098
+ # @!attribute [rw] tag_list
5099
+ # A list of tags. For more information, see [Tagging Amazon RDS
5100
+ # Resources][1] in the *Amazon RDS User Guide.*
5101
+ #
5102
+ #
5103
+ #
5104
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
5105
+ # @return [Array<Types::Tag>]
5106
+ #
5071
5107
  # @!attribute [rw] global_write_forwarding_status
5072
5108
  # Specifies whether a secondary cluster in an Aurora global database
5073
5109
  # has write forwarding enabled, not enabled, or is in the process of
@@ -5083,6 +5119,12 @@ module Aws::RDS
5083
5119
  # cluster.
5084
5120
  # @return [Boolean]
5085
5121
  #
5122
+ # @!attribute [rw] pending_modified_values
5123
+ # Specifies that changes to the DB cluster are pending. This element
5124
+ # is only included when changes are pending. Specific changes are
5125
+ # identified by subelements.
5126
+ # @return [Types::ClusterPendingModifiedValues]
5127
+ #
5086
5128
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBCluster AWS API Documentation
5087
5129
  #
5088
5130
  class DBCluster < Struct.new(
@@ -5138,8 +5180,10 @@ module Aws::RDS
5138
5180
  :copy_tags_to_snapshot,
5139
5181
  :cross_account_clone,
5140
5182
  :domain_memberships,
5183
+ :tag_list,
5141
5184
  :global_write_forwarding_status,
5142
- :global_write_forwarding_requested)
5185
+ :global_write_forwarding_requested,
5186
+ :pending_modified_values)
5143
5187
  SENSITIVE = []
5144
5188
  include Aws::Structure
5145
5189
  end
@@ -5729,6 +5773,9 @@ module Aws::RDS
5729
5773
  # @!attribute [rw] kms_key_id
5730
5774
  # If `StorageEncrypted` is true, the AWS KMS key identifier for the
5731
5775
  # encrypted DB cluster snapshot.
5776
+ #
5777
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
5778
+ # alias name for the AWS KMS customer master key (CMK).
5732
5779
  # @return [String]
5733
5780
  #
5734
5781
  # @!attribute [rw] db_cluster_snapshot_arn
@@ -5746,6 +5793,15 @@ module Aws::RDS
5746
5793
  # to database accounts is enabled, and otherwise false.
5747
5794
  # @return [Boolean]
5748
5795
  #
5796
+ # @!attribute [rw] tag_list
5797
+ # A list of tags. For more information, see [Tagging Amazon RDS
5798
+ # Resources][1] in the *Amazon RDS User Guide.*
5799
+ #
5800
+ #
5801
+ #
5802
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
5803
+ # @return [Array<Types::Tag>]
5804
+ #
5749
5805
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBClusterSnapshot AWS API Documentation
5750
5806
  #
5751
5807
  class DBClusterSnapshot < Struct.new(
@@ -5768,7 +5824,8 @@ module Aws::RDS
5768
5824
  :kms_key_id,
5769
5825
  :db_cluster_snapshot_arn,
5770
5826
  :source_db_cluster_snapshot_arn,
5771
- :iam_database_authentication_enabled)
5827
+ :iam_database_authentication_enabled,
5828
+ :tag_list)
5772
5829
  SENSITIVE = []
5773
5830
  include Aws::Structure
5774
5831
  end
@@ -5937,13 +5994,6 @@ module Aws::RDS
5937
5994
  #
5938
5995
  # @!attribute [rw] supported_engine_modes
5939
5996
  # A list of the supported DB engine modes.
5940
- #
5941
- # <note markdown="1"> `global` engine mode only applies for global database clusters
5942
- # created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
5943
- # versions, the clusters in a global database use `provisioned` engine
5944
- # mode.
5945
- #
5946
- # </note>
5947
5997
  # @return [Array<String>]
5948
5998
  #
5949
5999
  # @!attribute [rw] supported_feature_names
@@ -6262,12 +6312,15 @@ module Aws::RDS
6262
6312
  # @!attribute [rw] kms_key_id
6263
6313
  # If `StorageEncrypted` is true, the AWS KMS key identifier for the
6264
6314
  # encrypted DB instance.
6315
+ #
6316
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
6317
+ # alias name for the AWS KMS customer master key (CMK).
6265
6318
  # @return [String]
6266
6319
  #
6267
6320
  # @!attribute [rw] dbi_resource_id
6268
6321
  # The AWS Region-unique, immutable identifier for the DB instance.
6269
6322
  # This identifier is found in AWS CloudTrail log entries whenever the
6270
- # AWS KMS key for the DB instance is accessed.
6323
+ # AWS KMS customer master key (CMK) for the DB instance is accessed.
6271
6324
  # @return [String]
6272
6325
  #
6273
6326
  # @!attribute [rw] ca_certificate_identifier
@@ -6349,8 +6402,10 @@ module Aws::RDS
6349
6402
  #
6350
6403
  # @!attribute [rw] performance_insights_kms_key_id
6351
6404
  # The AWS KMS key identifier for encryption of Performance Insights
6352
- # data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
6353
- # identifier, or the KMS key alias for the KMS encryption key.
6405
+ # data.
6406
+ #
6407
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
6408
+ # alias name for the AWS KMS customer master key (CMK).
6354
6409
  # @return [String]
6355
6410
  #
6356
6411
  # @!attribute [rw] performance_insights_retention_period
@@ -6400,6 +6455,20 @@ module Aws::RDS
6400
6455
  # storage of the DB instance.
6401
6456
  # @return [Integer]
6402
6457
  #
6458
+ # @!attribute [rw] tag_list
6459
+ # A list of tags. For more information, see [Tagging Amazon RDS
6460
+ # Resources][1] in the *Amazon RDS User Guide.*
6461
+ #
6462
+ #
6463
+ #
6464
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
6465
+ # @return [Array<Types::Tag>]
6466
+ #
6467
+ # @!attribute [rw] db_instance_automated_backups_replications
6468
+ # The list of replicated automated backups associated with the DB
6469
+ # instance.
6470
+ # @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
6471
+ #
6403
6472
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstance AWS API Documentation
6404
6473
  #
6405
6474
  class DBInstance < Struct.new(
@@ -6462,7 +6531,9 @@ module Aws::RDS
6462
6531
  :deletion_protection,
6463
6532
  :associated_roles,
6464
6533
  :listener_endpoint,
6465
- :max_allocated_storage)
6534
+ :max_allocated_storage,
6535
+ :tag_list,
6536
+ :db_instance_automated_backups_replications)
6466
6537
  SENSITIVE = []
6467
6538
  include Aws::Structure
6468
6539
  end
@@ -6473,12 +6544,12 @@ module Aws::RDS
6473
6544
  #
6474
6545
  class DBInstanceAlreadyExistsFault < Aws::EmptyStructure; end
6475
6546
 
6476
- # An automated backup of a DB instance. It it consists of system
6477
- # backups, transaction logs, and the database instance properties that
6478
- # existed at the time you deleted the source instance.
6547
+ # An automated backup of a DB instance. It consists of system backups,
6548
+ # transaction logs, and the database instance properties that existed at
6549
+ # the time you deleted the source instance.
6479
6550
  #
6480
6551
  # @!attribute [rw] db_instance_arn
6481
- # The Amazon Resource Name (ARN) for the automated backup.
6552
+ # The Amazon Resource Name (ARN) for the automated backups.
6482
6553
  # @return [String]
6483
6554
  #
6484
6555
  # @!attribute [rw] dbi_resource_id
@@ -6579,9 +6650,10 @@ module Aws::RDS
6579
6650
  # @return [String]
6580
6651
  #
6581
6652
  # @!attribute [rw] kms_key_id
6582
- # The AWS KMS key ID for an automated backup. The KMS key ID is the
6583
- # Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias
6584
- # for the KMS encryption key.
6653
+ # The AWS KMS key ID for an automated backup.
6654
+ #
6655
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
6656
+ # alias name for the AWS KMS customer master key (CMK).
6585
6657
  # @return [String]
6586
6658
  #
6587
6659
  # @!attribute [rw] timezone
@@ -6595,6 +6667,19 @@ module Aws::RDS
6595
6667
  # to database accounts is enabled, and otherwise false.
6596
6668
  # @return [Boolean]
6597
6669
  #
6670
+ # @!attribute [rw] backup_retention_period
6671
+ # The retention period for the automated backups.
6672
+ # @return [Integer]
6673
+ #
6674
+ # @!attribute [rw] db_instance_automated_backups_arn
6675
+ # The Amazon Resource Name (ARN) for the replicated automated backups.
6676
+ # @return [String]
6677
+ #
6678
+ # @!attribute [rw] db_instance_automated_backups_replications
6679
+ # The list of replications to different AWS Regions associated with
6680
+ # the automated backup.
6681
+ # @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
6682
+ #
6598
6683
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackup AWS API Documentation
6599
6684
  #
6600
6685
  class DBInstanceAutomatedBackup < Struct.new(
@@ -6620,7 +6705,10 @@ module Aws::RDS
6620
6705
  :storage_type,
6621
6706
  :kms_key_id,
6622
6707
  :timezone,
6623
- :iam_database_authentication_enabled)
6708
+ :iam_database_authentication_enabled,
6709
+ :backup_retention_period,
6710
+ :db_instance_automated_backups_arn,
6711
+ :db_instance_automated_backups_replications)
6624
6712
  SENSITIVE = []
6625
6713
  include Aws::Structure
6626
6714
  end
@@ -6661,6 +6749,22 @@ module Aws::RDS
6661
6749
  #
6662
6750
  class DBInstanceAutomatedBackupQuotaExceededFault < Aws::EmptyStructure; end
6663
6751
 
6752
+ # Automated backups of a DB instance replicated to another AWS Region.
6753
+ # They consist of system backups, transaction logs, and database
6754
+ # instance properties.
6755
+ #
6756
+ # @!attribute [rw] db_instance_automated_backups_arn
6757
+ # The Amazon Resource Name (ARN) of the replicated automated backups.
6758
+ # @return [String]
6759
+ #
6760
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackupsReplication AWS API Documentation
6761
+ #
6762
+ class DBInstanceAutomatedBackupsReplication < Struct.new(
6763
+ :db_instance_automated_backups_arn)
6764
+ SENSITIVE = []
6765
+ include Aws::Structure
6766
+ end
6767
+
6664
6768
  # Contains the result of a successful invocation of the
6665
6769
  # `DescribeDBInstances` action.
6666
6770
  #
@@ -7048,7 +7152,7 @@ module Aws::RDS
7048
7152
  class DBProxyAlreadyExistsFault < Aws::EmptyStructure; end
7049
7153
 
7050
7154
  # The specified proxy name doesn't correspond to a proxy owned by your
7051
- # AWS accoutn in the specified AWS Region.
7155
+ # AWS account in the specified AWS Region.
7052
7156
  #
7053
7157
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBProxyNotFoundFault AWS API Documentation
7054
7158
  #
@@ -7338,7 +7442,7 @@ module Aws::RDS
7338
7442
  # @return [String]
7339
7443
  #
7340
7444
  # @!attribute [rw] snapshot_create_time
7341
- # Specifies when the snapshot was taken in Coodinated Universal Time
7445
+ # Specifies when the snapshot was taken in Coordinated Universal Time
7342
7446
  # (UTC).
7343
7447
  # @return [Time]
7344
7448
  #
@@ -7428,6 +7532,9 @@ module Aws::RDS
7428
7532
  # @!attribute [rw] kms_key_id
7429
7533
  # If `Encrypted` is true, the AWS KMS key identifier for the encrypted
7430
7534
  # DB snapshot.
7535
+ #
7536
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
7537
+ # alias name for the AWS KMS customer master key (CMK).
7431
7538
  # @return [String]
7432
7539
  #
7433
7540
  # @!attribute [rw] db_snapshot_arn
@@ -7457,6 +7564,15 @@ module Aws::RDS
7457
7564
  # and which is unique to an AWS Region.
7458
7565
  # @return [String]
7459
7566
  #
7567
+ # @!attribute [rw] tag_list
7568
+ # A list of tags. For more information, see [Tagging Amazon RDS
7569
+ # Resources][1] in the *Amazon RDS User Guide.*
7570
+ #
7571
+ #
7572
+ #
7573
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
7574
+ # @return [Array<Types::Tag>]
7575
+ #
7460
7576
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBSnapshot AWS API Documentation
7461
7577
  #
7462
7578
  class DBSnapshot < Struct.new(
@@ -7487,7 +7603,8 @@ module Aws::RDS
7487
7603
  :timezone,
7488
7604
  :iam_database_authentication_enabled,
7489
7605
  :processor_features,
7490
- :dbi_resource_id)
7606
+ :dbi_resource_id,
7607
+ :tag_list)
7491
7608
  SENSITIVE = []
7492
7609
  include Aws::Structure
7493
7610
  end
@@ -7903,7 +8020,8 @@ module Aws::RDS
7903
8020
  # data as a hash:
7904
8021
  #
7905
8022
  # {
7906
- # dbi_resource_id: "String", # required
8023
+ # dbi_resource_id: "String",
8024
+ # db_instance_automated_backups_arn: "String",
7907
8025
  # }
7908
8026
  #
7909
8027
  # @!attribute [rw] dbi_resource_id
@@ -7911,18 +8029,25 @@ module Aws::RDS
7911
8029
  # and which is unique to an AWS Region.
7912
8030
  # @return [String]
7913
8031
  #
8032
+ # @!attribute [rw] db_instance_automated_backups_arn
8033
+ # The Amazon Resource Name (ARN) of the automated backups to delete,
8034
+ # for example,
8035
+ # `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
8036
+ # @return [String]
8037
+ #
7914
8038
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupMessage AWS API Documentation
7915
8039
  #
7916
8040
  class DeleteDBInstanceAutomatedBackupMessage < Struct.new(
7917
- :dbi_resource_id)
8041
+ :dbi_resource_id,
8042
+ :db_instance_automated_backups_arn)
7918
8043
  SENSITIVE = []
7919
8044
  include Aws::Structure
7920
8045
  end
7921
8046
 
7922
8047
  # @!attribute [rw] db_instance_automated_backup
7923
- # An automated backup of a DB instance. It it consists of system
7924
- # backups, transaction logs, and the database instance properties that
7925
- # existed at the time you deleted the source instance.
8048
+ # An automated backup of a DB instance. It consists of system backups,
8049
+ # transaction logs, and the database instance properties that existed
8050
+ # at the time you deleted the source instance.
7926
8051
  # @return [Types::DBInstanceAutomatedBackup]
7927
8052
  #
7928
8053
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupResult AWS API Documentation
@@ -9140,6 +9265,7 @@ module Aws::RDS
9140
9265
  # ],
9141
9266
  # max_records: 1,
9142
9267
  # marker: "String",
9268
+ # db_instance_automated_backups_arn: "String",
9143
9269
  # }
9144
9270
  #
9145
9271
  # @!attribute [rw] dbi_resource_id
@@ -9195,6 +9321,12 @@ module Aws::RDS
9195
9321
  # marker, up to `MaxRecords`.
9196
9322
  # @return [String]
9197
9323
  #
9324
+ # @!attribute [rw] db_instance_automated_backups_arn
9325
+ # The Amazon Resource Name (ARN) of the replicated automated backups,
9326
+ # for example,
9327
+ # `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
9328
+ # @return [String]
9329
+ #
9198
9330
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBInstanceAutomatedBackupsMessage AWS API Documentation
9199
9331
  #
9200
9332
  class DescribeDBInstanceAutomatedBackupsMessage < Struct.new(
@@ -9202,7 +9334,8 @@ module Aws::RDS
9202
9334
  :db_instance_identifier,
9203
9335
  :filters,
9204
9336
  :max_records,
9205
- :marker)
9337
+ :marker,
9338
+ :db_instance_automated_backups_arn)
9206
9339
  SENSITIVE = []
9207
9340
  include Aws::Structure
9208
9341
  end
@@ -11710,11 +11843,11 @@ module Aws::RDS
11710
11843
  # @return [String]
11711
11844
  #
11712
11845
  # @!attribute [rw] kms_key_id
11713
- # The ID of the AWS KMS key that is used to encrypt the snapshot when
11714
- # it's exported to Amazon S3. The KMS key ID is the Amazon Resource
11715
- # Name (ARN), the KMS key identifier, or the KMS key alias for the KMS
11716
- # encryption key. The IAM role used for the snapshot export must have
11717
- # encryption and decryption permissions to use this KMS key.
11846
+ # The key identifier of the AWS KMS customer master key (CMK) that is
11847
+ # used to encrypt the snapshot when it's exported to Amazon S3. The
11848
+ # AWS KMS CMK identifier is its key ARN, key ID, alias ARN, or alias
11849
+ # name. The IAM role used for the snapshot export must have encryption
11850
+ # and decryption permissions to use this AWS KMS CMK.
11718
11851
  # @return [String]
11719
11852
  #
11720
11853
  # @!attribute [rw] status
@@ -11898,7 +12031,8 @@ module Aws::RDS
11898
12031
  # @!attribute [rw] global_cluster_resource_id
11899
12032
  # The AWS Region-unique, immutable identifier for the global database
11900
12033
  # cluster. This identifier is found in AWS CloudTrail log entries
11901
- # whenever the AWS KMS key for the DB cluster is accessed.
12034
+ # whenever the AWS KMS customer master key (CMK) for the DB cluster is
12035
+ # accessed.
11902
12036
  # @return [String]
11903
12037
  #
11904
12038
  # @!attribute [rw] global_cluster_arn
@@ -11951,6 +12085,10 @@ module Aws::RDS
11951
12085
  include Aws::Structure
11952
12086
  end
11953
12087
 
12088
+ # The `GlobalClusterIdentifier` already exists. Choose a new global
12089
+ # database identifier (unique name) to create a new global database
12090
+ # cluster.
12091
+ #
11954
12092
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterAlreadyExistsFault AWS API Documentation
11955
12093
  #
11956
12094
  class GlobalClusterAlreadyExistsFault < Aws::EmptyStructure; end
@@ -11990,10 +12128,16 @@ module Aws::RDS
11990
12128
  include Aws::Structure
11991
12129
  end
11992
12130
 
12131
+ # The `GlobalClusterIdentifier` doesn't refer to an existing global
12132
+ # database cluster.
12133
+ #
11993
12134
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterNotFoundFault AWS API Documentation
11994
12135
  #
11995
12136
  class GlobalClusterNotFoundFault < Aws::EmptyStructure; end
11996
12137
 
12138
+ # The number of global database clusters for this account is already at
12139
+ # the maximum allowed.
12140
+ #
11997
12141
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterQuotaExceededFault AWS API Documentation
11998
12142
  #
11999
12143
  class GlobalClusterQuotaExceededFault < Aws::EmptyStructure; end
@@ -12381,6 +12525,9 @@ module Aws::RDS
12381
12525
  #
12382
12526
  class InvalidExportTaskStateFault < Aws::EmptyStructure; end
12383
12527
 
12528
+ # The global cluster is in an invalid state and can't perform the
12529
+ # requested operation.
12530
+ #
12384
12531
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/InvalidGlobalClusterStateFault AWS API Documentation
12385
12532
  #
12386
12533
  class InvalidGlobalClusterStateFault < Aws::EmptyStructure; end
@@ -13452,7 +13599,7 @@ module Aws::RDS
13452
13599
  # The version number of the database engine to upgrade to. Changing
13453
13600
  # this parameter results in an outage and the change is applied during
13454
13601
  # the next maintenance window unless the `ApplyImmediately` parameter
13455
- # is eanbled for this request.
13602
+ # is enabled for this request.
13456
13603
  #
13457
13604
  # For major version upgrades, if a nondefault DB parameter group is
13458
13605
  # currently in use, a new DB parameter group in the DB parameter group
@@ -13751,8 +13898,10 @@ module Aws::RDS
13751
13898
  # @!attribute [rw] enable_iam_database_authentication
13752
13899
  # A value that indicates whether to enable mapping of AWS Identity and
13753
13900
  # Access Management (IAM) accounts to database accounts. By default,
13754
- # mapping is disabled. For information about the supported DB engines,
13755
- # see CreateDBInstance.
13901
+ # mapping is disabled.
13902
+ #
13903
+ # This setting doesn't apply to Amazon Aurora. Mapping AWS IAM
13904
+ # accounts to database accounts is managed by the DB cluster.
13756
13905
  #
13757
13906
  # For more information about IAM database authentication, see [ IAM
13758
13907
  # Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -13777,13 +13926,15 @@ module Aws::RDS
13777
13926
  #
13778
13927
  # @!attribute [rw] performance_insights_kms_key_id
13779
13928
  # The AWS KMS key identifier for encryption of Performance Insights
13780
- # data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
13781
- # identifier, or the KMS key alias for the KMS encryption key.
13929
+ # data.
13930
+ #
13931
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
13932
+ # alias name for the AWS KMS customer master key (CMK).
13782
13933
  #
13783
13934
  # If you do not specify a value for `PerformanceInsightsKMSKeyId`,
13784
- # then Amazon RDS uses your default encryption key. AWS KMS creates
13785
- # the default encryption key for your AWS account. Your AWS account
13786
- # has a different default encryption key for each AWS Region.
13935
+ # then Amazon RDS uses your default CMK. There is a default CMK for
13936
+ # your AWS account. Your AWS account has a different default CMK for
13937
+ # each AWS Region.
13787
13938
  # @return [String]
13788
13939
  #
13789
13940
  # @!attribute [rw] performance_insights_retention_period
@@ -15188,13 +15339,6 @@ module Aws::RDS
15188
15339
  #
15189
15340
  # @!attribute [rw] supported_engine_modes
15190
15341
  # A list of the supported DB engine modes.
15191
- #
15192
- # <note markdown="1"> `global` engine mode only applies for global database clusters
15193
- # created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
15194
- # versions, the clusters in a global database use `provisioned` engine
15195
- # mode.
15196
- #
15197
- # </note>
15198
15342
  # @return [Array<String>]
15199
15343
  #
15200
15344
  # @!attribute [rw] supports_storage_autoscaling
@@ -15490,39 +15634,38 @@ module Aws::RDS
15490
15634
  end
15491
15635
 
15492
15636
  # This data type is used as a response element in the `ModifyDBInstance`
15493
- # action.
15637
+ # action and contains changes that will be applied during the next
15638
+ # maintenance window.
15494
15639
  #
15495
15640
  # @!attribute [rw] db_instance_class
15496
- # Contains the new `DBInstanceClass` for the DB instance that will be
15497
- # applied or is currently being applied.
15641
+ # The name of the compute and memory capacity class for the DB
15642
+ # instance.
15498
15643
  # @return [String]
15499
15644
  #
15500
15645
  # @!attribute [rw] allocated_storage
15501
- # Contains the new `AllocatedStorage` size for the DB instance that
15502
- # will be applied or is currently being applied.
15646
+ # The allocated storage size for the DB instance specified in
15647
+ # gibibytes .
15503
15648
  # @return [Integer]
15504
15649
  #
15505
15650
  # @!attribute [rw] master_user_password
15506
- # Contains the pending or currently-in-progress change of the master
15507
- # credentials for the DB instance.
15651
+ # The master credentials for the DB instance.
15508
15652
  # @return [String]
15509
15653
  #
15510
15654
  # @!attribute [rw] port
15511
- # Specifies the pending port for the DB instance.
15655
+ # The port for the DB instance.
15512
15656
  # @return [Integer]
15513
15657
  #
15514
15658
  # @!attribute [rw] backup_retention_period
15515
- # Specifies the pending number of days for which automated backups are
15516
- # retained.
15659
+ # The number of days for which automated backups are retained.
15517
15660
  # @return [Integer]
15518
15661
  #
15519
15662
  # @!attribute [rw] multi_az
15520
- # Indicates that the Single-AZ DB instance is to change to a Multi-AZ
15663
+ # Indicates that the Single-AZ DB instance will change to a Multi-AZ
15521
15664
  # deployment.
15522
15665
  # @return [Boolean]
15523
15666
  #
15524
15667
  # @!attribute [rw] engine_version
15525
- # Indicates the database engine version.
15668
+ # The database engine version.
15526
15669
  # @return [String]
15527
15670
  #
15528
15671
  # @!attribute [rw] license_model
@@ -15533,25 +15676,23 @@ module Aws::RDS
15533
15676
  # @return [String]
15534
15677
  #
15535
15678
  # @!attribute [rw] iops
15536
- # Specifies the new Provisioned IOPS value for the DB instance that
15537
- # will be applied or is currently being applied.
15679
+ # The Provisioned IOPS value for the DB instance.
15538
15680
  # @return [Integer]
15539
15681
  #
15540
15682
  # @!attribute [rw] db_instance_identifier
15541
- # Contains the new `DBInstanceIdentifier` for the DB instance that
15542
- # will be applied or is currently being applied.
15683
+ # The database identifier for the DB instance.
15543
15684
  # @return [String]
15544
15685
  #
15545
15686
  # @!attribute [rw] storage_type
15546
- # Specifies the storage type to be associated with the DB instance.
15687
+ # The storage type of the DB instance.
15547
15688
  # @return [String]
15548
15689
  #
15549
15690
  # @!attribute [rw] ca_certificate_identifier
15550
- # Specifies the identifier of the CA certificate for the DB instance.
15691
+ # The identifier of the CA certificate for the DB instance.
15551
15692
  # @return [String]
15552
15693
  #
15553
15694
  # @!attribute [rw] db_subnet_group_name
15554
- # The new DB subnet group for the DB instance.
15695
+ # The DB subnet group for the DB instance.
15555
15696
  # @return [String]
15556
15697
  #
15557
15698
  # @!attribute [rw] pending_cloudwatch_logs_exports
@@ -15565,6 +15706,11 @@ module Aws::RDS
15565
15706
  # DB instance class of the DB instance.
15566
15707
  # @return [Array<Types::ProcessorFeature>]
15567
15708
  #
15709
+ # @!attribute [rw] iam_database_authentication_enabled
15710
+ # Whether mapping of AWS Identity and Access Management (IAM) accounts
15711
+ # to database accounts is enabled.
15712
+ # @return [Boolean]
15713
+ #
15568
15714
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/PendingModifiedValues AWS API Documentation
15569
15715
  #
15570
15716
  class PendingModifiedValues < Struct.new(
@@ -15582,7 +15728,8 @@ module Aws::RDS
15582
15728
  :ca_certificate_identifier,
15583
15729
  :db_subnet_group_name,
15584
15730
  :pending_cloudwatch_logs_exports,
15585
- :processor_features)
15731
+ :processor_features,
15732
+ :iam_database_authentication_enabled)
15586
15733
  SENSITIVE = []
15587
15734
  include Aws::Structure
15588
15735
  end
@@ -16113,7 +16260,7 @@ module Aws::RDS
16113
16260
  #
16114
16261
  # @!attribute [rw] role_arn
16115
16262
  # The Amazon Resource Name (ARN) of the IAM role to disassociate from
16116
- # the DB instance, for example
16263
+ # the DB instance, for example,
16117
16264
  # `arn:aws:iam::123456789012:role/AccessRole`.
16118
16265
  # @return [String]
16119
16266
  #
@@ -16830,17 +16977,14 @@ module Aws::RDS
16830
16977
  # @!attribute [rw] kms_key_id
16831
16978
  # The AWS KMS key identifier for an encrypted DB cluster.
16832
16979
  #
16833
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
16834
- # encryption key. If you are creating a DB cluster with the same AWS
16835
- # account that owns the KMS encryption key used to encrypt the new DB
16836
- # cluster, then you can use the KMS key alias instead of the ARN for
16837
- # the KM encryption key.
16980
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
16981
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
16982
+ # in a different AWS account, specify the key ARN or alias ARN.
16838
16983
  #
16839
16984
  # If the StorageEncrypted parameter is enabled, and you do not specify
16840
16985
  # a value for the `KmsKeyId` parameter, then Amazon RDS will use your
16841
- # default encryption key. AWS KMS creates the default encryption key
16842
- # for your AWS account. Your AWS account has a different default
16843
- # encryption key for each AWS Region.
16986
+ # default CMK. There is a default CMK for your AWS account. Your AWS
16987
+ # account has a different default CMK for each AWS Region.
16844
16988
  # @return [String]
16845
16989
  #
16846
16990
  # @!attribute [rw] enable_iam_database_authentication
@@ -17158,18 +17302,16 @@ module Aws::RDS
17158
17302
  # The AWS KMS key identifier to use when restoring an encrypted DB
17159
17303
  # cluster from a DB snapshot or DB cluster snapshot.
17160
17304
  #
17161
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
17162
- # encryption key. If you are restoring a DB cluster with the same AWS
17163
- # account that owns the KMS encryption key used to encrypt the new DB
17164
- # cluster, then you can use the KMS key alias instead of the ARN for
17165
- # the KMS encryption key.
17305
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
17306
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
17307
+ # in a different AWS account, specify the key ARN or alias ARN.
17166
17308
  #
17167
- # If you don't specify a value for the `KmsKeyId` parameter, then the
17168
- # following occurs:
17309
+ # When you don't specify a value for the `KmsKeyId` parameter, then
17310
+ # the following occurs:
17169
17311
  #
17170
17312
  # * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
17171
17313
  # is encrypted, then the restored DB cluster is encrypted using the
17172
- # KMS key that was used to encrypt the DB snapshot or DB cluster
17314
+ # AWS KMS CMK that was used to encrypt the DB snapshot or DB cluster
17173
17315
  # snapshot.
17174
17316
  #
17175
17317
  # * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
@@ -17221,6 +17363,12 @@ module Aws::RDS
17221
17363
  # @!attribute [rw] engine_mode
17222
17364
  # The DB engine mode of the DB cluster, either `provisioned`,
17223
17365
  # `serverless`, `parallelquery`, `global`, or `multimaster`.
17366
+ #
17367
+ # For more information, see [ CreateDBCluster][1].
17368
+ #
17369
+ #
17370
+ #
17371
+ # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
17224
17372
  # @return [String]
17225
17373
  #
17226
17374
  # @!attribute [rw] scaling_configuration
@@ -17458,23 +17606,21 @@ module Aws::RDS
17458
17606
  # The AWS KMS key identifier to use when restoring an encrypted DB
17459
17607
  # cluster from an encrypted DB cluster.
17460
17608
  #
17461
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
17462
- # encryption key. If you are restoring a DB cluster with the same AWS
17463
- # account that owns the KMS encryption key used to encrypt the new DB
17464
- # cluster, then you can use the KMS key alias instead of the ARN for
17465
- # the KMS encryption key.
17609
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
17610
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
17611
+ # in a different AWS account, specify the key ARN or alias ARN.
17466
17612
  #
17467
17613
  # You can restore to a new DB cluster and encrypt the new DB cluster
17468
- # with a KMS key that is different than the KMS key used to encrypt
17469
- # the source DB cluster. The new DB cluster is encrypted with the KMS
17470
- # key identified by the `KmsKeyId` parameter.
17614
+ # with a AWS KMS CMK that is different than the AWS KMS key used to
17615
+ # encrypt the source DB cluster. The new DB cluster is encrypted with
17616
+ # the AWS KMS CMK identified by the `KmsKeyId` parameter.
17471
17617
  #
17472
17618
  # If you don't specify a value for the `KmsKeyId` parameter, then the
17473
17619
  # following occurs:
17474
17620
  #
17475
17621
  # * If the DB cluster is encrypted, then the restored DB cluster is
17476
- # encrypted using the KMS key that was used to encrypt the source DB
17477
- # cluster.
17622
+ # encrypted using the AWS KMS CMK that was used to encrypt the
17623
+ # source DB cluster.
17478
17624
  #
17479
17625
  # * If the DB cluster isn't encrypted, then the restored DB cluster
17480
17626
  # isn't encrypted.
@@ -17904,8 +18050,7 @@ module Aws::RDS
17904
18050
  # @!attribute [rw] enable_iam_database_authentication
17905
18051
  # A value that indicates whether to enable mapping of AWS Identity and
17906
18052
  # Access Management (IAM) accounts to database accounts. By default,
17907
- # mapping is disabled. For information about the supported DB engines,
17908
- # see CreateDBInstance.
18053
+ # mapping is disabled.
17909
18054
  #
17910
18055
  # For more information about IAM database authentication, see [ IAM
17911
18056
  # Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18334,17 +18479,14 @@ module Aws::RDS
18334
18479
  # @!attribute [rw] kms_key_id
18335
18480
  # The AWS KMS key identifier for an encrypted DB instance.
18336
18481
  #
18337
- # The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
18338
- # encryption key. If you are creating a DB instance with the same AWS
18339
- # account that owns the KMS encryption key used to encrypt the new DB
18340
- # instance, then you can use the KMS key alias instead of the ARN for
18341
- # the KM encryption key.
18482
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
18483
+ # alias name for the AWS KMS customer master key (CMK). To use a CMK
18484
+ # in a different AWS account, specify the key ARN or alias ARN.
18342
18485
  #
18343
18486
  # If the `StorageEncrypted` parameter is enabled, and you do not
18344
18487
  # specify a value for the `KmsKeyId` parameter, then Amazon RDS will
18345
- # use your default encryption key. AWS KMS creates the default
18346
- # encryption key for your AWS account. Your AWS account has a
18347
- # different default encryption key for each AWS Region.
18488
+ # use your default CMK. There is a default CMK for your AWS account.
18489
+ # Your AWS account has a different default CMK for each AWS Region.
18348
18490
  # @return [String]
18349
18491
  #
18350
18492
  # @!attribute [rw] copy_tags_to_snapshot
@@ -18383,8 +18525,7 @@ module Aws::RDS
18383
18525
  # @!attribute [rw] enable_iam_database_authentication
18384
18526
  # A value that indicates whether to enable mapping of AWS Identity and
18385
18527
  # Access Management (IAM) accounts to database accounts. By default,
18386
- # mapping is disabled. For information about the supported DB engines,
18387
- # see CreateDBInstance.
18528
+ # mapping is disabled.
18388
18529
  #
18389
18530
  # For more information about IAM database authentication, see [ IAM
18390
18531
  # Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18437,13 +18578,15 @@ module Aws::RDS
18437
18578
  #
18438
18579
  # @!attribute [rw] performance_insights_kms_key_id
18439
18580
  # The AWS KMS key identifier for encryption of Performance Insights
18440
- # data. The KMS key ID is the Amazon Resource Name (ARN), the KMS key
18441
- # identifier, or the KMS key alias for the KMS encryption key.
18581
+ # data.
18582
+ #
18583
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
18584
+ # alias name for the AWS KMS customer master key (CMK).
18442
18585
  #
18443
18586
  # If you do not specify a value for `PerformanceInsightsKMSKeyId`,
18444
- # then Amazon RDS uses your default encryption key. AWS KMS creates
18445
- # the default encryption key for your AWS account. Your AWS account
18446
- # has a different default encryption key for each AWS Region.
18587
+ # then Amazon RDS uses your default CMK. There is a default CMK for
18588
+ # your AWS account. Your AWS account has a different default CMK for
18589
+ # each AWS Region.
18447
18590
  # @return [String]
18448
18591
  #
18449
18592
  # @!attribute [rw] performance_insights_retention_period
@@ -18600,6 +18743,7 @@ module Aws::RDS
18600
18743
  # deletion_protection: false,
18601
18744
  # source_dbi_resource_id: "String",
18602
18745
  # max_allocated_storage: 1,
18746
+ # source_db_instance_automated_backups_arn: "String",
18603
18747
  # }
18604
18748
  #
18605
18749
  # @!attribute [rw] source_db_instance_identifier
@@ -18858,8 +19002,7 @@ module Aws::RDS
18858
19002
  # @!attribute [rw] enable_iam_database_authentication
18859
19003
  # A value that indicates whether to enable mapping of AWS Identity and
18860
19004
  # Access Management (IAM) accounts to database accounts. By default,
18861
- # mapping is disabled. For information about the supported DB engines,
18862
- # see CreateDBInstance.
19005
+ # mapping is disabled.
18863
19006
  #
18864
19007
  # For more information about IAM database authentication, see [ IAM
18865
19008
  # Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18929,6 +19072,12 @@ module Aws::RDS
18929
19072
  # storage of the DB instance.
18930
19073
  # @return [Integer]
18931
19074
  #
19075
+ # @!attribute [rw] source_db_instance_automated_backups_arn
19076
+ # The Amazon Resource Name (ARN) of the replicated automated backups
19077
+ # from which to restore, for example,
19078
+ # `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
19079
+ # @return [String]
19080
+ #
18932
19081
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTimeMessage AWS API Documentation
18933
19082
  #
18934
19083
  class RestoreDBInstanceToPointInTimeMessage < Struct.new(
@@ -18963,7 +19112,8 @@ module Aws::RDS
18963
19112
  :db_parameter_group_name,
18964
19113
  :deletion_protection,
18965
19114
  :source_dbi_resource_id,
18966
- :max_allocated_storage)
19115
+ :max_allocated_storage,
19116
+ :source_db_instance_automated_backups_arn)
18967
19117
  SENSITIVE = []
18968
19118
  include Aws::Structure
18969
19119
  end
@@ -19276,12 +19426,18 @@ module Aws::RDS
19276
19426
  # The status of the source AWS Region.
19277
19427
  # @return [String]
19278
19428
  #
19429
+ # @!attribute [rw] supports_db_instance_automated_backups_replication
19430
+ # Whether the source AWS Region supports replicating automated backups
19431
+ # to the current AWS Region.
19432
+ # @return [Boolean]
19433
+ #
19279
19434
  # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/SourceRegion AWS API Documentation
19280
19435
  #
19281
19436
  class SourceRegion < Struct.new(
19282
19437
  :region_name,
19283
19438
  :endpoint,
19284
- :status)
19439
+ :status,
19440
+ :supports_db_instance_automated_backups_replication)
19285
19441
  SENSITIVE = []
19286
19442
  include Aws::Structure
19287
19443
  end
@@ -19321,7 +19477,7 @@ module Aws::RDS
19321
19477
  # }
19322
19478
  #
19323
19479
  # @!attribute [rw] resource_arn
19324
- # The Amazon Resource Name (ARN) of the DB cluster, for example
19480
+ # The Amazon Resource Name (ARN) of the DB cluster, for example,
19325
19481
  # `arn:aws:rds:us-east-1:12345667890:cluster:das-cluster`.
19326
19482
  # @return [String]
19327
19483
  #
@@ -19334,8 +19490,8 @@ module Aws::RDS
19334
19490
  #
19335
19491
  # @!attribute [rw] kms_key_id
19336
19492
  # The AWS KMS key identifier for encrypting messages in the database
19337
- # activity stream. The key identifier can be either a key ID, a key
19338
- # ARN, or a key alias.
19493
+ # activity stream. The AWS KMS key identifier is the key ARN, key ID,
19494
+ # alias ARN, or alias name for the AWS KMS customer master key (CMK).
19339
19495
  # @return [String]
19340
19496
  #
19341
19497
  # @!attribute [rw] apply_immediately
@@ -19426,6 +19582,75 @@ module Aws::RDS
19426
19582
  include Aws::Structure
19427
19583
  end
19428
19584
 
19585
+ # @note When making an API call, you may pass StartDBInstanceAutomatedBackupsReplicationMessage
19586
+ # data as a hash:
19587
+ #
19588
+ # {
19589
+ # source_db_instance_arn: "String", # required
19590
+ # backup_retention_period: 1,
19591
+ # kms_key_id: "String",
19592
+ # pre_signed_url: "String",
19593
+ # source_region: "String",
19594
+ # }
19595
+ #
19596
+ # @!attribute [rw] source_db_instance_arn
19597
+ # The Amazon Resource Name (ARN) of the source DB instance for the
19598
+ # replicated automated backups, for example,
19599
+ # `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
19600
+ # @return [String]
19601
+ #
19602
+ # @!attribute [rw] backup_retention_period
19603
+ # The retention period for the replicated automated backups.
19604
+ # @return [Integer]
19605
+ #
19606
+ # @!attribute [rw] kms_key_id
19607
+ # The AWS KMS key identifier for encryption of the replicated
19608
+ # automated backups. The KMS key ID is the Amazon Resource Name (ARN)
19609
+ # for the KMS encryption key in the destination AWS Region, for
19610
+ # example,
19611
+ # `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.
19612
+ # @return [String]
19613
+ #
19614
+ # @!attribute [rw] pre_signed_url
19615
+ # A URL that contains a Signature Version 4 signed request for the
19616
+ # StartDBInstanceAutomatedBackupsReplication action to be called in
19617
+ # the AWS Region of the source DB instance. The presigned URL must be
19618
+ # a valid request for the StartDBInstanceAutomatedBackupsReplication
19619
+ # API action that can be executed in the AWS Region that contains the
19620
+ # source DB instance.
19621
+ # @return [String]
19622
+ #
19623
+ # @!attribute [rw] source_region
19624
+ # The source region of the snapshot. This is only needed when the
19625
+ # shapshot is encrypted and in a different region.
19626
+ # @return [String]
19627
+ #
19628
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
19629
+ #
19630
+ class StartDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
19631
+ :source_db_instance_arn,
19632
+ :backup_retention_period,
19633
+ :kms_key_id,
19634
+ :pre_signed_url,
19635
+ :source_region)
19636
+ SENSITIVE = []
19637
+ include Aws::Structure
19638
+ end
19639
+
19640
+ # @!attribute [rw] db_instance_automated_backup
19641
+ # An automated backup of a DB instance. It consists of system backups,
19642
+ # transaction logs, and the database instance properties that existed
19643
+ # at the time you deleted the source instance.
19644
+ # @return [Types::DBInstanceAutomatedBackup]
19645
+ #
19646
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
19647
+ #
19648
+ class StartDBInstanceAutomatedBackupsReplicationResult < Struct.new(
19649
+ :db_instance_automated_backup)
19650
+ SENSITIVE = []
19651
+ include Aws::Structure
19652
+ end
19653
+
19429
19654
  # @note When making an API call, you may pass StartDBInstanceMessage
19430
19655
  # data as a hash:
19431
19656
  #
@@ -19494,11 +19719,12 @@ module Aws::RDS
19494
19719
  # @return [String]
19495
19720
  #
19496
19721
  # @!attribute [rw] kms_key_id
19497
- # The ID of the AWS KMS key to use to encrypt the snapshot exported to
19498
- # Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), the KMS
19499
- # key identifier, or the KMS key alias for the KMS encryption key. The
19500
- # caller of this operation must be authorized to execute the following
19501
- # operations. These can be set in the KMS key policy:
19722
+ # The ID of the AWS KMS customer master key (CMK) to use to encrypt
19723
+ # the snapshot exported to Amazon S3. The AWS KMS key identifier is
19724
+ # the key ARN, key ID, alias ARN, or alias name for the AWS KMS
19725
+ # customer master key (CMK). The caller of this operation must be
19726
+ # authorized to execute the following operations. These can be set in
19727
+ # the AWS KMS key policy:
19502
19728
  #
19503
19729
  # * GrantOperation.Encrypt
19504
19730
  #
@@ -19590,6 +19816,9 @@ module Aws::RDS
19590
19816
  # @!attribute [rw] kms_key_id
19591
19817
  # The AWS KMS key identifier used for encrypting messages in the
19592
19818
  # database activity stream.
19819
+ #
19820
+ # The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
19821
+ # alias name for the AWS KMS customer master key (CMK).
19593
19822
  # @return [String]
19594
19823
  #
19595
19824
  # @!attribute [rw] kinesis_stream_name
@@ -19646,6 +19875,41 @@ module Aws::RDS
19646
19875
  include Aws::Structure
19647
19876
  end
19648
19877
 
19878
+ # @note When making an API call, you may pass StopDBInstanceAutomatedBackupsReplicationMessage
19879
+ # data as a hash:
19880
+ #
19881
+ # {
19882
+ # source_db_instance_arn: "String", # required
19883
+ # }
19884
+ #
19885
+ # @!attribute [rw] source_db_instance_arn
19886
+ # The Amazon Resource Name (ARN) of the source DB instance for which
19887
+ # to stop replicating automated backups, for example,
19888
+ # `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
19889
+ # @return [String]
19890
+ #
19891
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
19892
+ #
19893
+ class StopDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
19894
+ :source_db_instance_arn)
19895
+ SENSITIVE = []
19896
+ include Aws::Structure
19897
+ end
19898
+
19899
+ # @!attribute [rw] db_instance_automated_backup
19900
+ # An automated backup of a DB instance. It consists of system backups,
19901
+ # transaction logs, and the database instance properties that existed
19902
+ # at the time you deleted the source instance.
19903
+ # @return [Types::DBInstanceAutomatedBackup]
19904
+ #
19905
+ # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
19906
+ #
19907
+ class StopDBInstanceAutomatedBackupsReplicationResult < Struct.new(
19908
+ :db_instance_automated_backup)
19909
+ SENSITIVE = []
19910
+ include Aws::Structure
19911
+ end
19912
+
19649
19913
  # @note When making an API call, you may pass StopDBInstanceMessage
19650
19914
  # data as a hash:
19651
19915
  #