aws-sdk-rds 1.103.0 → 1.108.0

data/lib/aws-sdk-rds/plugins/cross_region_copying.rb

@@ -5,28 +5,26 @@ require 'aws-sigv4'
 module Aws
   module RDS
     module Plugins
-
-      # This plugin populates the `:pre_signed_url` request param for the
-      # CopyDBSnapshot API.
+      # This plugin populates the `:pre_signed_url` request param for APIs
+      # that support cross region copying.
       #
       # This parameter is required by RDS when copying an encrypted snapshot
       # across regions. This plugin will be skipped if the `:pre_signed_url`
       # parameter is provided by the user.
       class CrossRegionCopying < Seahorse::Client::Plugin
-
         # @api private
         class Handler < Seahorse::Client::Handler
-
           def call(context)
             params = context.params
-            if params.is_a?(Hash) && params[:source_region] && !params[:pre_signed_url]
+            if params.is_a?(Hash) &&
+               params[:source_region] && !params[:pre_signed_url]
               params[:pre_signed_url] = presigned_url(context, params)
-              params[:destination_region] = context.config.region
             end
             @handler.call(context)
           end
 
           private
+
           def presigned_url(context, params)
             # :source_region is not modeled in the api
             source_region = params.delete(:source_region)
@@ -43,12 +41,13 @@ module Aws
               region: source_region,
               credentials_provider: context.config.credentials
             )
-            url = Aws::Partitions::EndpointProvider.resolve(signer.region, 'rds')
-            url += "?#{param_list.to_s}"
+            url = Aws::Partitions::EndpointProvider.resolve(
+              signer.region, 'rds'
+            )
+            url += "?#{param_list}"
             signer.presign_url(
               http_method: 'GET',
               url: url,
-              body: '',
               expires_in: 3600
             ).to_s
           end
@@ -61,10 +60,10 @@ module Aws
             :copy_db_snapshot,
             :create_db_instance_read_replica,
             :copy_db_cluster_snapshot,
-            :create_db_cluster
+            :create_db_cluster,
+            :start_db_instance_automated_backups_replication
           ]
         )
-
       end
     end
   end

data/lib/aws-sdk-rds/resource.rb

@@ -258,30 +258,27 @@ module Aws::RDS
     # @option options [String] :kms_key_id
     #   The AWS KMS key identifier for an encrypted DB cluster.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB cluster with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   cluster, then you can use the KMS key alias instead of the ARN for the
-    #   KMS encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
+    #   name for the AWS KMS customer master key (CMK). To use a CMK in a
+    #   different AWS account, specify the key ARN or alias ARN.
     #
-    #   If an encryption key isn't specified in `KmsKeyId`\:
+    #   When a CMK isn't specified in `KmsKeyId`\:
     #
     #   * If `ReplicationSourceIdentifier` identifies an encrypted source,
-    #     then Amazon RDS will use the encryption key used to encrypt the
-    #     source. Otherwise, Amazon RDS will use your default encryption key.
+    #     then Amazon RDS will use the CMK used to encrypt the source.
+    #     Otherwise, Amazon RDS will use your default CMK.
     #
     #   * If the `StorageEncrypted` parameter is enabled and
     #     `ReplicationSourceIdentifier` isn't specified, then Amazon RDS will
-    #     use your default encryption key.
+    #     use your default CMK.
     #
-    #   AWS KMS creates the default encryption key for your AWS account. Your
-    #   AWS account has a different default encryption key for each AWS
-    #   Region.
+    #   There is a default CMK for your AWS account. Your AWS account has a
+    #   different default CMK for each AWS Region.
     #
     #   If you create a read replica of an encrypted DB cluster in another AWS
-    #   Region, you must set `KmsKeyId` to a KMS key ID that is valid in the
-    #   destination AWS Region. This key is used to encrypt the read replica
-    #   in that AWS Region.
+    #   Region, you must set `KmsKeyId` to a AWS KMS key identifier that is
+    #   valid in the destination AWS Region. This CMK is used to encrypt the
+    #   read replica in that AWS Region.
     # @option options [String] :pre_signed_url
     #   A URL that contains a Signature Version 4 signed request for the
     #   `CreateDBCluster` action to be called in the source AWS Region where
@@ -298,9 +295,9 @@ module Aws::RDS
     #
     #   * `KmsKeyId` - The AWS KMS key identifier for the key to use to
     #     encrypt the copy of the DB cluster in the destination AWS Region.
-    #     This should refer to the same KMS key for both the `CreateDBCluster`
-    #     action that is called in the destination AWS Region, and the action
-    #     contained in the pre-signed URL.
+    #     This should refer to the same AWS KMS CMK for both the
+    #     `CreateDBCluster` action that is called in the destination AWS
+    #     Region, and the action contained in the pre-signed URL.
     #
     #   * `DestinationRegion` - The name of the AWS Region that Aurora read
     #     replica will be created in.
@@ -374,14 +371,23 @@ module Aws::RDS
     #
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch
     # @option options [String] :engine_mode
-    #   The DB engine mode of the DB cluster, either `provisioned`,
+    #   The DB engine mode of the DB cluster, either `provisioned`
     #   `serverless`, `parallelquery`, `global`, or `multimaster`.
     #
-    #   <note markdown="1"> `global` engine mode only applies for global database clusters created
-    #   with Aurora MySQL version 5.6.10a. For higher Aurora MySQL versions,
-    #   the clusters in a global database use `provisioned` engine mode.
+    #   The `parallelquery` engine mode isn't required for Aurora MySQL
+    #   version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x
+    #   versions.
     #
-    #    </note>
+    #   The `global` engine mode isn't required for Aurora MySQL version 1.22
+    #   and higher 1.x versions, and `global` engine mode isn't required for
+    #   any 2.x versions.
+    #
+    #   The `multimaster` engine mode only applies for DB clusters created
+    #   with Aurora MySQL version 5.6.10a.
+    #
+    #   For Aurora PostgreSQL, the `global` engine mode isn't required, and
+    #   both the `parallelquery` and the `multimaster` engine modes currently
+    #   aren't supported.
     #
     #   Limitations and requirements apply to some DB engine modes. For more
     #   information, see the following sections in the *Amazon Aurora User
@@ -391,7 +397,7 @@ module Aws::RDS
     #
     #   * [ Limitations of Parallel Query][2]
     #
-    #   * [ Requirements for Aurora Global Databases][3]
+    #   * [ Limitations of Aurora Global Databases][3]
     #
     #   * [ Limitations of Multi-Master Clusters][4]
     #
@@ -451,7 +457,6 @@ module Aws::RDS
     #   This parameter only applies to DB clusters that are secondary clusters
     #   in an Aurora global database. By default, Aurora disallows write
     #   operations for secondary clusters.
-    # @option options [String] :destination_region
     # @option options [String] :source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -618,8 +623,8 @@ module Aws::RDS
     #   **PostgreSQL**
     #
     #   The name of the database to create when the DB instance is created. If
-    #   this parameter isn't specified, the default "postgres" database is
-    #   created in the DB instance.
+    #   this parameter isn't specified, no database is created in the DB
+    #   instance.
     #
     #   Constraints:
     #
@@ -1221,22 +1226,19 @@ module Aws::RDS
     # @option options [String] :kms_key_id
     #   The AWS KMS key identifier for an encrypted DB instance.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB instance with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   instance, then you can use the KMS key alias instead of the ARN for
-    #   the KM encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
+    #   name for the AWS KMS customer master key (CMK). To use a CMK in a
+    #   different AWS account, specify the key ARN or alias ARN.
     #
     #   **Amazon Aurora**
     #
-    #   Not applicable. The KMS key identifier is managed by the DB cluster.
-    #   For more information, see `CreateDBCluster`.
+    #   Not applicable. The AWS KMS key identifier is managed by the DB
+    #   cluster. For more information, see `CreateDBCluster`.
     #
     #   If `StorageEncrypted` is enabled, and you do not specify a value for
-    #   the `KmsKeyId` parameter, then Amazon RDS will use your default
-    #   encryption key. AWS KMS creates the default encryption key for your
-    #   AWS account. Your AWS account has a different default encryption key
-    #   for each AWS Region.
+    #   the `KmsKeyId` parameter, then Amazon RDS uses your default CMK. There
+    #   is a default CMK for your AWS account. Your AWS account has a
+    #   different default CMK for each AWS Region.
     # @option options [String] :domain
     #   The Active Directory directory ID to create the DB instance in.
     #   Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB
@@ -1307,29 +1309,8 @@ module Aws::RDS
     #   Access Management (IAM) accounts to database accounts. By default,
     #   mapping is disabled.
     #
-    #   You can enable IAM database authentication for the following database
-    #   engines:
-    #
-    #   **Amazon Aurora**
-    #
-    #   Not applicable. Mapping AWS IAM accounts to database accounts is
-    #   managed by the DB cluster.
-    #
-    #   **MySQL**
-    #
-    #   * For MySQL 5.6, minor version 5.6.34 or higher
-    #
-    #   * For MySQL 5.7, minor version 5.7.16 or higher
-    #
-    #   * For MySQL 8.0, minor version 8.0.16 or higher
-    #
-    #   **PostgreSQL**
-    #
-    #   * For PostgreSQL 9.5, minor version 9.5.15 or higher
-    #
-    #   * For PostgreSQL 9.6, minor version 9.6.11 or higher
-    #
-    #   * PostgreSQL 10.6, 10.7, and 10.9
+    #   This setting doesn't apply to Amazon Aurora. Mapping AWS IAM accounts
+    #   to database accounts is managed by the DB cluster.
     #
     #   For more information, see [ IAM Database Authentication for MySQL and
     #   PostgreSQL][1] in the *Amazon RDS User Guide.*
@@ -1349,13 +1330,15 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html
     # @option options [String] :performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
+    #   name for the AWS KMS customer master key (CMK).
     #
     #   If you do not specify a value for `PerformanceInsightsKMSKeyId`, then
-    #   Amazon RDS uses your default encryption key. AWS KMS creates the
-    #   default encryption key for your AWS account. Your AWS account has a
-    #   different default encryption key for each AWS Region.
+    #   Amazon RDS uses your default CMK. There is a default CMK for your AWS
+    #   account. Your AWS account has a different default CMK for each AWS
+    #   Region.
     # @option options [Integer] :performance_insights_retention_period
     #   The amount of time, in days, to retain Performance Insights data.
     #   Valid values are 7 or 731 (2 years).

data/lib/aws-sdk-rds/types.rb

@@ -157,7 +157,7 @@ module Aws::RDS
     #
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the IAM role to associate with the
-    #   Aurora DB cluster, for example
+    #   Aurora DB cluster, for example,
     #   `arn:aws:iam::123456789012:role/AuroraAccessRole`.
     #   @return [String]
     #
@@ -755,6 +755,45 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # This data type is used as a response element in the `ModifyDBCluster`
+    # operation and contains changes that will be applied during the next
+    # maintenance window.
+    #
+    # @!attribute [rw] pending_cloudwatch_logs_exports
+    #   A list of the log types whose configuration is still pending. In
+    #   other words, these log types are in the process of being activated
+    #   or deactivated.
+    #   @return [Types::PendingCloudwatchLogsExports]
+    #
+    # @!attribute [rw] db_cluster_identifier
+    #   The DBClusterIdentifier for the DB cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] master_user_password
+    #   The master credentials for the DB cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] iam_database_authentication_enabled
+    #   Whether mapping of AWS Identity and Access Management (IAM) accounts
+    #   to database accounts is enabled.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] engine_version
+    #   The database engine version.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ClusterPendingModifiedValues AWS API Documentation
+    #
+    class ClusterPendingModifiedValues < Struct.new(
+      :pending_cloudwatch_logs_exports,
+      :db_cluster_identifier,
+      :master_user_password,
+      :iam_database_authentication_enabled,
+      :engine_version)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies the settings that control the size and behavior of the
     # connection pool associated with a `DBProxyTargetGroup`.
     #
@@ -1050,25 +1089,25 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key
-    #   ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
-    #   key alias for the KMS encryption key.
+    #   The AWS KMS key identifier for an encrypted DB cluster snapshot. The
+    #   AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
+    #   name for the AWS KMS customer master key (CMK).
     #
     #   If you copy an encrypted DB cluster snapshot from your AWS account,
     #   you can specify a value for `KmsKeyId` to encrypt the copy with a
-    #   new KMS encryption key. If you don't specify a value for
-    #   `KmsKeyId`, then the copy of the DB cluster snapshot is encrypted
-    #   with the same KMS key as the source DB cluster snapshot.
+    #   new AWS KMS CMK. If you don't specify a value for `KmsKeyId`, then
+    #   the copy of the DB cluster snapshot is encrypted with the same AWS
+    #   KMS key as the source DB cluster snapshot.
     #
     #   If you copy an encrypted DB cluster snapshot that is shared from
     #   another AWS account, then you must specify a value for `KmsKeyId`.
     #
     #   To copy an encrypted DB cluster snapshot to another AWS Region, you
-    #   must set `KmsKeyId` to the KMS key ID you want to use to encrypt the
-    #   copy of the DB cluster snapshot in the destination AWS Region. KMS
-    #   encryption keys are specific to the AWS Region that they are created
-    #   in, and you can't use encryption keys from one AWS Region in
-    #   another AWS Region.
+    #   must set `KmsKeyId` to the AWS KMS key identifier you want to use to
+    #   encrypt the copy of the DB cluster snapshot in the destination AWS
+    #   Region. AWS KMS CMKs are specific to the AWS Region that they are
+    #   created in, and you can't use CMKs from one AWS Region in another
+    #   AWS Region.
     #
     #   If you copy an unencrypted DB cluster snapshot and specify a value
     #   for the `KmsKeyId` parameter, an error is returned.
@@ -1088,11 +1127,12 @@ module Aws::RDS
     #   be copied. The pre-signed URL request must contain the following
     #   parameter values:
     #
-    #   * `KmsKeyId` - The AWS KMS key identifier for the key to use to
-    #     encrypt the copy of the DB cluster snapshot in the destination AWS
-    #     Region. This is the same identifier for both the
-    #     `CopyDBClusterSnapshot` action that is called in the destination
-    #     AWS Region, and the action contained in the pre-signed URL.
+    #   * `KmsKeyId` - The AWS KMS key identifier for the customer master
+    #     key (CMK) to use to encrypt the copy of the DB cluster snapshot in
+    #     the destination AWS Region. This is the same identifier for both
+    #     the `CopyDBClusterSnapshot` action that is called in the
+    #     destination AWS Region, and the action contained in the pre-signed
+    #     URL.
     #
     #   * `DestinationRegion` - The name of the AWS Region that the DB
     #     cluster snapshot is to be created in.
@@ -1139,9 +1179,6 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
     #   @return [Array<Types::Tag>]
     #
-    # @!attribute [rw] destination_region
-    #   @return [String]
-    #
     # @!attribute [rw] source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -1156,7 +1193,6 @@ module Aws::RDS
       :pre_signed_url,
       :copy_tags,
       :tags,
-      :destination_region,
       :source_region)
       SENSITIVE = []
       include Aws::Structure
@@ -1280,6 +1316,7 @@ module Aws::RDS
     #         copy_tags: false,
     #         pre_signed_url: "String",
     #         option_group_name: "String",
+    #         target_custom_availability_zone: "String",
     #         source_region: "String",
     #       }
     #
@@ -1330,15 +1367,15 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The AWS KMS key ID for an encrypted DB snapshot. The KMS key ID is
-    #   the Amazon Resource Name (ARN), KMS key identifier, or the KMS key
-    #   alias for the KMS encryption key.
+    #   The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
+    #   key identifier is the key ARN, key ID, alias ARN, or alias name for
+    #   the AWS KMS customer master key (CMK).
     #
     #   If you copy an encrypted DB snapshot from your AWS account, you can
     #   specify a value for this parameter to encrypt the copy with a new
-    #   KMS encryption key. If you don't specify a value for this
-    #   parameter, then the copy of the DB snapshot is encrypted with the
-    #   same KMS key as the source DB snapshot.
+    #   AWS KMS CMK. If you don't specify a value for this parameter, then
+    #   the copy of the DB snapshot is encrypted with the same AWS KMS key
+    #   as the source DB snapshot.
     #
     #   If you copy an encrypted DB snapshot that is shared from another AWS
     #   account, then you must specify a value for this parameter.
@@ -1347,10 +1384,10 @@ module Aws::RDS
     #   the copy is encrypted.
     #
     #   If you copy an encrypted snapshot to a different AWS Region, then
-    #   you must specify a KMS key for the destination AWS Region. KMS
-    #   encryption keys are specific to the AWS Region that they are created
-    #   in, and you can't use encryption keys from one AWS Region in
-    #   another AWS Region.
+    #   you must specify a AWS KMS key identifier for the destination AWS
+    #   Region. AWS KMS CMKs are specific to the AWS Region that they are
+    #   created in, and you can't use CMKs from one AWS Region in another
+    #   AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -1395,11 +1432,11 @@ module Aws::RDS
     #     example, the `DestinationRegion` in the presigned URL must be set
     #     to the us-east-1 AWS Region.
     #
-    #   * `KmsKeyId` - The AWS KMS key identifier for the key to use to
-    #     encrypt the copy of the DB snapshot in the destination AWS Region.
-    #     This is the same identifier for both the `CopyDBSnapshot` action
-    #     that is called in the destination AWS Region, and the action
-    #     contained in the presigned URL.
+    #   * `KmsKeyId` - The AWS KMS key identifier for the customer master
+    #     key (CMK) to use to encrypt the copy of the DB snapshot in the
+    #     destination AWS Region. This is the same identifier for both the
+    #     `CopyDBSnapshot` action that is called in the destination AWS
+    #     Region, and the action contained in the presigned URL.
     #
     #   * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
     #     encrypted snapshot to be copied. This identifier must be in the
@@ -1443,7 +1480,11 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CopySnapshot.html#USER_CopySnapshot.Options
     #   @return [String]
     #
-    # @!attribute [rw] destination_region
+    # @!attribute [rw] target_custom_availability_zone
+    #   The external custom Availability Zone (CAZ) identifier for the
+    #   target CAZ.
+    #
+    #   Example: `rds-caz-aiqhTgQv`.
     #   @return [String]
     #
     # @!attribute [rw] source_region
@@ -1461,7 +1502,7 @@ module Aws::RDS
       :copy_tags,
       :pre_signed_url,
       :option_group_name,
-      :destination_region,
+      :target_custom_availability_zone,
       :source_region)
       SENSITIVE = []
       include Aws::Structure
@@ -1945,31 +1986,27 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier for an encrypted DB cluster.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB cluster with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   cluster, then you can use the KMS key alias instead of the ARN for
-    #   the KMS encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
-    #   If an encryption key isn't specified in `KmsKeyId`\:
+    #   When a CMK isn't specified in `KmsKeyId`\:
     #
     #   * If `ReplicationSourceIdentifier` identifies an encrypted source,
-    #     then Amazon RDS will use the encryption key used to encrypt the
-    #     source. Otherwise, Amazon RDS will use your default encryption
-    #     key.
+    #     then Amazon RDS will use the CMK used to encrypt the source.
+    #     Otherwise, Amazon RDS will use your default CMK.
     #
     #   * If the `StorageEncrypted` parameter is enabled and
     #     `ReplicationSourceIdentifier` isn't specified, then Amazon RDS
-    #     will use your default encryption key.
+    #     will use your default CMK.
     #
-    #   AWS KMS creates the default encryption key for your AWS account.
-    #   Your AWS account has a different default encryption key for each AWS
-    #   Region.
+    #   There is a default CMK for your AWS account. Your AWS account has a
+    #   different default CMK for each AWS Region.
     #
     #   If you create a read replica of an encrypted DB cluster in another
-    #   AWS Region, you must set `KmsKeyId` to a KMS key ID that is valid in
-    #   the destination AWS Region. This key is used to encrypt the read
-    #   replica in that AWS Region.
+    #   AWS Region, you must set `KmsKeyId` to a AWS KMS key identifier that
+    #   is valid in the destination AWS Region. This CMK is used to encrypt
+    #   the read replica in that AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] pre_signed_url
@@ -1988,7 +2025,7 @@ module Aws::RDS
     #
     #   * `KmsKeyId` - The AWS KMS key identifier for the key to use to
     #     encrypt the copy of the DB cluster in the destination AWS Region.
-    #     This should refer to the same KMS key for both the
+    #     This should refer to the same AWS KMS CMK for both the
     #     `CreateDBCluster` action that is called in the destination AWS
     #     Region, and the action contained in the pre-signed URL.
     #
@@ -2072,15 +2109,23 @@ module Aws::RDS
     #   @return [Array<String>]
     #
     # @!attribute [rw] engine_mode
-    #   The DB engine mode of the DB cluster, either `provisioned`,
+    #   The DB engine mode of the DB cluster, either `provisioned`
     #   `serverless`, `parallelquery`, `global`, or `multimaster`.
     #
-    #   <note markdown="1"> `global` engine mode only applies for global database clusters
-    #   created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
-    #   versions, the clusters in a global database use `provisioned` engine
-    #   mode.
+    #   The `parallelquery` engine mode isn't required for Aurora MySQL
+    #   version 1.23 and higher 1.x versions, and version 2.09 and higher
+    #   2.x versions.
     #
-    #    </note>
+    #   The `global` engine mode isn't required for Aurora MySQL version
+    #   1.22 and higher 1.x versions, and `global` engine mode isn't
+    #   required for any 2.x versions.
+    #
+    #   The `multimaster` engine mode only applies for DB clusters created
+    #   with Aurora MySQL version 5.6.10a.
+    #
+    #   For Aurora PostgreSQL, the `global` engine mode isn't required, and
+    #   both the `parallelquery` and the `multimaster` engine modes
+    #   currently aren't supported.
     #
     #   Limitations and requirements apply to some DB engine modes. For more
     #   information, see the following sections in the *Amazon Aurora User
@@ -2090,7 +2135,7 @@ module Aws::RDS
     #
     #   * [ Limitations of Parallel Query][2]
     #
-    #   * [ Requirements for Aurora Global Databases][3]
+    #   * [ Limitations of Aurora Global Databases][3]
     #
     #   * [ Limitations of Multi-Master Clusters][4]
     #
@@ -2168,9 +2213,6 @@ module Aws::RDS
     #   disallows write operations for secondary clusters.
     #   @return [Boolean]
     #
-    # @!attribute [rw] destination_region
-    #   @return [String]
-    #
     # @!attribute [rw] source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -2212,7 +2254,6 @@ module Aws::RDS
       :domain,
       :domain_iam_role_name,
       :enable_global_write_forwarding,
-      :destination_region,
       :source_region)
       SENSITIVE = []
       include Aws::Structure
@@ -2483,8 +2524,8 @@ module Aws::RDS
     #   **PostgreSQL**
     #
     #   The name of the database to create when the DB instance is created.
-    #   If this parameter isn't specified, the default "postgres"
-    #   database is created in the DB instance.
+    #   If this parameter isn't specified, no database is created in the DB
+    #   instance.
     #
     #   Constraints:
     #
@@ -3151,22 +3192,19 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier for an encrypted DB instance.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB instance with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   instance, then you can use the KMS key alias instead of the ARN for
-    #   the KM encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
     #   **Amazon Aurora**
     #
-    #   Not applicable. The KMS key identifier is managed by the DB cluster.
-    #   For more information, see `CreateDBCluster`.
+    #   Not applicable. The AWS KMS key identifier is managed by the DB
+    #   cluster. For more information, see `CreateDBCluster`.
     #
     #   If `StorageEncrypted` is enabled, and you do not specify a value for
-    #   the `KmsKeyId` parameter, then Amazon RDS will use your default
-    #   encryption key. AWS KMS creates the default encryption key for your
-    #   AWS account. Your AWS account has a different default encryption key
-    #   for each AWS Region.
+    #   the `KmsKeyId` parameter, then Amazon RDS uses your default CMK.
+    #   There is a default CMK for your AWS account. Your AWS account has a
+    #   different default CMK for each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] domain
@@ -3253,29 +3291,8 @@ module Aws::RDS
     #   Access Management (IAM) accounts to database accounts. By default,
     #   mapping is disabled.
     #
-    #   You can enable IAM database authentication for the following
-    #   database engines:
-    #
-    #   **Amazon Aurora**
-    #
-    #   Not applicable. Mapping AWS IAM accounts to database accounts is
-    #   managed by the DB cluster.
-    #
-    #   **MySQL**
-    #
-    #   * For MySQL 5.6, minor version 5.6.34 or higher
-    #
-    #   * For MySQL 5.7, minor version 5.7.16 or higher
-    #
-    #   * For MySQL 8.0, minor version 8.0.16 or higher
-    #
-    #   **PostgreSQL**
-    #
-    #   * For PostgreSQL 9.5, minor version 9.5.15 or higher
-    #
-    #   * For PostgreSQL 9.6, minor version 9.6.11 or higher
-    #
-    #   * PostgreSQL 10.6, 10.7, and 10.9
+    #   This setting doesn't apply to Amazon Aurora. Mapping AWS IAM
+    #   accounts to database accounts is managed by the DB cluster.
     #
     #   For more information, see [ IAM Database Authentication for MySQL
     #   and PostgreSQL][1] in the *Amazon RDS User Guide.*
@@ -3299,13 +3316,15 @@ module Aws::RDS
     #
     # @!attribute [rw] performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #
     #   If you do not specify a value for `PerformanceInsightsKMSKeyId`,
-    #   then Amazon RDS uses your default encryption key. AWS KMS creates
-    #   the default encryption key for your AWS account. Your AWS account
-    #   has a different default encryption key for each AWS Region.
+    #   then Amazon RDS uses your default CMK. There is a default CMK for
+    #   your AWS account. Your AWS account has a different default CMK for
+    #   each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] performance_insights_retention_period
@@ -3477,6 +3496,7 @@ module Aws::RDS
     #         domain: "String",
     #         domain_iam_role_name: "String",
     #         replica_mode: "open-read-only", # accepts open-read-only, mounted
+    #         max_allocated_storage: 1,
     #         source_region: "String",
     #       }
     #
@@ -3722,19 +3742,20 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The AWS KMS key ID for an encrypted read replica. The KMS key ID is
-    #   the Amazon Resource Name (ARN), KMS key identifier, or the KMS key
-    #   alias for the KMS encryption key.
+    #   The AWS KMS key identifier for an encrypted read replica.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS CMK.
     #
     #   If you create an encrypted read replica in the same AWS Region as
-    #   the source DB instance, then you do not have to specify a value for
-    #   this parameter. The read replica is encrypted with the same KMS key
-    #   as the source DB instance.
+    #   the source DB instance, then do not specify a value for this
+    #   parameter. A read replica in the same Region is always encrypted
+    #   with the same AWS KMS CMK as the source DB instance.
     #
     #   If you create an encrypted read replica in a different AWS Region,
-    #   then you must specify a KMS key for the destination AWS Region. KMS
-    #   encryption keys are specific to the AWS Region that they are created
-    #   in, and you can't use encryption keys from one AWS Region in
+    #   then you must specify a AWS KMS key identifier for the destination
+    #   AWS Region. AWS KMS CMKs are specific to the AWS Region that they
+    #   are created in, and you can't use CMKs from one AWS Region in
     #   another AWS Region.
     #
     #   You can't create an encrypted read replica from an unencrypted DB
@@ -3808,8 +3829,7 @@ module Aws::RDS
     # @!attribute [rw] enable_iam_database_authentication
     #   A value that indicates whether to enable mapping of AWS Identity and
     #   Access Management (IAM) accounts to database accounts. By default,
-    #   mapping is disabled. For information about the supported DB engines,
-    #   see CreateDBInstance.
+    #   mapping is disabled.
     #
     #   For more information about IAM database authentication, see [ IAM
     #   Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -3834,13 +3854,15 @@ module Aws::RDS
     #
     # @!attribute [rw] performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #
     #   If you do not specify a value for `PerformanceInsightsKMSKeyId`,
-    #   then Amazon RDS uses your default encryption key. AWS KMS creates
-    #   the default encryption key for your AWS account. Your AWS account
-    #   has a different default encryption key for each AWS Region.
+    #   then Amazon RDS uses your default CMK. There is a default CMK for
+    #   your AWS account. Your AWS account has a different default CMK for
+    #   each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] performance_insights_retention_period
@@ -3922,8 +3944,10 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html
     #   @return [String]
     #
-    # @!attribute [rw] destination_region
-    #   @return [String]
+    # @!attribute [rw] max_allocated_storage
+    #   The upper limit to which Amazon RDS can automatically scale the
+    #   storage of the DB instance.
+    #   @return [Integer]
     #
     # @!attribute [rw] source_region
     #   The source region of the snapshot. This is only needed when the
@@ -3964,7 +3988,7 @@ module Aws::RDS
       :domain,
       :domain_iam_role_name,
       :replica_mode,
-      :destination_region,
+      :max_allocated_storage,
       :source_region)
       SENSITIVE = []
       include Aws::Structure
@@ -4912,12 +4936,15 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   If `StorageEncrypted` is enabled, the AWS KMS key identifier for the
     #   encrypted DB cluster.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] db_cluster_resource_id
     #   The AWS Region-unique, immutable identifier for the DB cluster. This
     #   identifier is found in AWS CloudTrail log entries whenever the AWS
-    #   KMS key for the DB cluster is accessed.
+    #   KMS CMK for the DB cluster is accessed.
     #   @return [String]
     #
     # @!attribute [rw] db_cluster_arn
@@ -4988,14 +5015,11 @@ module Aws::RDS
     #   The DB engine mode of the DB cluster, either `provisioned`,
     #   `serverless`, `parallelquery`, `global`, or `multimaster`.
     #
-    #   <note markdown="1"> `global` engine mode only applies for global database clusters
-    #   created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
-    #   versions, the clusters in a global database use `provisioned` engine
-    #   mode. To check if a DB cluster is part of a global database, use
-    #   `DescribeGlobalClusters` instead of checking the `EngineMode` return
-    #   value from `DescribeDBClusters`.
+    #   For more information, see [ CreateDBCluster][1].
     #
-    #    </note>
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
     #   @return [String]
     #
     # @!attribute [rw] scaling_configuration_info
@@ -5046,6 +5070,9 @@ module Aws::RDS
     # @!attribute [rw] activity_stream_kms_key_id
     #   The AWS KMS key identifier used for encrypting messages in the
     #   database activity stream.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] activity_stream_kinesis_stream_name
@@ -5068,6 +5095,15 @@ module Aws::RDS
     #   DB cluster.
     #   @return [Array<Types::DomainMembership>]
     #
+    # @!attribute [rw] tag_list
+    #   A list of tags. For more information, see [Tagging Amazon RDS
+    #   Resources][1] in the *Amazon RDS User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
+    #   @return [Array<Types::Tag>]
+    #
     # @!attribute [rw] global_write_forwarding_status
     #   Specifies whether a secondary cluster in an Aurora global database
     #   has write forwarding enabled, not enabled, or is in the process of
@@ -5083,6 +5119,12 @@ module Aws::RDS
     #   cluster.
     #   @return [Boolean]
     #
+    # @!attribute [rw] pending_modified_values
+    #   Specifies that changes to the DB cluster are pending. This element
+    #   is only included when changes are pending. Specific changes are
+    #   identified by subelements.
+    #   @return [Types::ClusterPendingModifiedValues]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBCluster AWS API Documentation
     #
     class DBCluster < Struct.new(
@@ -5138,8 +5180,10 @@ module Aws::RDS
       :copy_tags_to_snapshot,
       :cross_account_clone,
       :domain_memberships,
+      :tag_list,
       :global_write_forwarding_status,
-      :global_write_forwarding_requested)
+      :global_write_forwarding_requested,
+      :pending_modified_values)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5729,6 +5773,9 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   If `StorageEncrypted` is true, the AWS KMS key identifier for the
     #   encrypted DB cluster snapshot.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] db_cluster_snapshot_arn
@@ -5746,6 +5793,15 @@ module Aws::RDS
     #   to database accounts is enabled, and otherwise false.
     #   @return [Boolean]
     #
+    # @!attribute [rw] tag_list
+    #   A list of tags. For more information, see [Tagging Amazon RDS
+    #   Resources][1] in the *Amazon RDS User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBClusterSnapshot AWS API Documentation
     #
     class DBClusterSnapshot < Struct.new(
@@ -5768,7 +5824,8 @@ module Aws::RDS
       :kms_key_id,
       :db_cluster_snapshot_arn,
       :source_db_cluster_snapshot_arn,
-      :iam_database_authentication_enabled)
+      :iam_database_authentication_enabled,
+      :tag_list)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5937,13 +5994,6 @@ module Aws::RDS
     #
     # @!attribute [rw] supported_engine_modes
     #   A list of the supported DB engine modes.
-    #
-    #   <note markdown="1"> `global` engine mode only applies for global database clusters
-    #   created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
-    #   versions, the clusters in a global database use `provisioned` engine
-    #   mode.
-    #
-    #    </note>
     #   @return [Array<String>]
     #
     # @!attribute [rw] supported_feature_names
@@ -6262,12 +6312,15 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   If `StorageEncrypted` is true, the AWS KMS key identifier for the
     #   encrypted DB instance.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] dbi_resource_id
     #   The AWS Region-unique, immutable identifier for the DB instance.
     #   This identifier is found in AWS CloudTrail log entries whenever the
-    #   AWS KMS key for the DB instance is accessed.
+    #   AWS KMS customer master key (CMK) for the DB instance is accessed.
     #   @return [String]
     #
     # @!attribute [rw] ca_certificate_identifier
@@ -6349,8 +6402,10 @@ module Aws::RDS
     #
     # @!attribute [rw] performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] performance_insights_retention_period
@@ -6400,6 +6455,20 @@ module Aws::RDS
     #   storage of the DB instance.
     #   @return [Integer]
     #
+    # @!attribute [rw] tag_list
+    #   A list of tags. For more information, see [Tagging Amazon RDS
+    #   Resources][1] in the *Amazon RDS User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
+    #   @return [Array<Types::Tag>]
+    #
+    # @!attribute [rw] db_instance_automated_backups_replications
+    #   The list of replicated automated backups associated with the DB
+    #   instance.
+    #   @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstance AWS API Documentation
     #
     class DBInstance < Struct.new(
@@ -6462,7 +6531,9 @@ module Aws::RDS
       :deletion_protection,
       :associated_roles,
       :listener_endpoint,
-      :max_allocated_storage)
+      :max_allocated_storage,
+      :tag_list,
+      :db_instance_automated_backups_replications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6473,12 +6544,12 @@ module Aws::RDS
     #
     class DBInstanceAlreadyExistsFault < Aws::EmptyStructure; end
 
-    # An automated backup of a DB instance. It it consists of system
-    # backups, transaction logs, and the database instance properties that
-    # existed at the time you deleted the source instance.
+    # An automated backup of a DB instance. It consists of system backups,
+    # transaction logs, and the database instance properties that existed at
+    # the time you deleted the source instance.
     #
     # @!attribute [rw] db_instance_arn
-    #   The Amazon Resource Name (ARN) for the automated backup.
+    #   The Amazon Resource Name (ARN) for the automated backups.
     #   @return [String]
     #
     # @!attribute [rw] dbi_resource_id
@@ -6579,9 +6650,10 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The AWS KMS key ID for an automated backup. The KMS key ID is the
-    #   Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias
-    #   for the KMS encryption key.
+    #   The AWS KMS key ID for an automated backup.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] timezone
@@ -6595,6 +6667,19 @@ module Aws::RDS
     #   to database accounts is enabled, and otherwise false.
     #   @return [Boolean]
     #
+    # @!attribute [rw] backup_retention_period
+    #   The retention period for the automated backups.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] db_instance_automated_backups_arn
+    #   The Amazon Resource Name (ARN) for the replicated automated backups.
+    #   @return [String]
+    #
+    # @!attribute [rw] db_instance_automated_backups_replications
+    #   The list of replications to different AWS Regions associated with
+    #   the automated backup.
+    #   @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackup AWS API Documentation
     #
     class DBInstanceAutomatedBackup < Struct.new(
@@ -6620,7 +6705,10 @@ module Aws::RDS
       :storage_type,
       :kms_key_id,
       :timezone,
-      :iam_database_authentication_enabled)
+      :iam_database_authentication_enabled,
+      :backup_retention_period,
+      :db_instance_automated_backups_arn,
+      :db_instance_automated_backups_replications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6661,6 +6749,22 @@ module Aws::RDS
     #
     class DBInstanceAutomatedBackupQuotaExceededFault < Aws::EmptyStructure; end
 
+    # Automated backups of a DB instance replicated to another AWS Region.
+    # They consist of system backups, transaction logs, and database
+    # instance properties.
+    #
+    # @!attribute [rw] db_instance_automated_backups_arn
+    #   The Amazon Resource Name (ARN) of the replicated automated backups.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackupsReplication AWS API Documentation
+    #
+    class DBInstanceAutomatedBackupsReplication < Struct.new(
+      :db_instance_automated_backups_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains the result of a successful invocation of the
     # `DescribeDBInstances` action.
     #
@@ -7048,7 +7152,7 @@ module Aws::RDS
     class DBProxyAlreadyExistsFault < Aws::EmptyStructure; end
 
     # The specified proxy name doesn't correspond to a proxy owned by your
-    # AWS accoutn in the specified AWS Region.
+    # AWS account in the specified AWS Region.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBProxyNotFoundFault AWS API Documentation
     #
@@ -7338,7 +7442,7 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] snapshot_create_time
-    #   Specifies when the snapshot was taken in Coodinated Universal Time
+    #   Specifies when the snapshot was taken in Coordinated Universal Time
     #   (UTC).
     #   @return [Time]
     #
@@ -7428,6 +7532,9 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   If `Encrypted` is true, the AWS KMS key identifier for the encrypted
     #   DB snapshot.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] db_snapshot_arn
@@ -7457,6 +7564,15 @@ module Aws::RDS
     #   and which is unique to an AWS Region.
     #   @return [String]
     #
+    # @!attribute [rw] tag_list
+    #   A list of tags. For more information, see [Tagging Amazon RDS
+    #   Resources][1] in the *Amazon RDS User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBSnapshot AWS API Documentation
     #
     class DBSnapshot < Struct.new(
@@ -7487,7 +7603,8 @@ module Aws::RDS
       :timezone,
       :iam_database_authentication_enabled,
       :processor_features,
-      :dbi_resource_id)
+      :dbi_resource_id,
+      :tag_list)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7903,7 +8020,8 @@ module Aws::RDS
     #   data as a hash:
     #
     #       {
-    #         dbi_resource_id: "String", # required
+    #         dbi_resource_id: "String",
+    #         db_instance_automated_backups_arn: "String",
     #       }
     #
     # @!attribute [rw] dbi_resource_id
@@ -7911,18 +8029,25 @@ module Aws::RDS
     #   and which is unique to an AWS Region.
     #   @return [String]
     #
+    # @!attribute [rw] db_instance_automated_backups_arn
+    #   The Amazon Resource Name (ARN) of the automated backups to delete,
+    #   for example,
+    #   `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupMessage AWS API Documentation
     #
     class DeleteDBInstanceAutomatedBackupMessage < Struct.new(
-      :dbi_resource_id)
+      :dbi_resource_id,
+      :db_instance_automated_backups_arn)
       SENSITIVE = []
       include Aws::Structure
     end
 
     # @!attribute [rw] db_instance_automated_backup
-    #   An automated backup of a DB instance. It it consists of system
-    #   backups, transaction logs, and the database instance properties that
-    #   existed at the time you deleted the source instance.
+    #   An automated backup of a DB instance. It consists of system backups,
+    #   transaction logs, and the database instance properties that existed
+    #   at the time you deleted the source instance.
     #   @return [Types::DBInstanceAutomatedBackup]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupResult AWS API Documentation
@@ -9140,6 +9265,7 @@ module Aws::RDS
     #         ],
     #         max_records: 1,
     #         marker: "String",
+    #         db_instance_automated_backups_arn: "String",
     #       }
     #
     # @!attribute [rw] dbi_resource_id
@@ -9195,6 +9321,12 @@ module Aws::RDS
     #   marker, up to `MaxRecords`.
     #   @return [String]
     #
+    # @!attribute [rw] db_instance_automated_backups_arn
+    #   The Amazon Resource Name (ARN) of the replicated automated backups,
+    #   for example,
+    #   `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBInstanceAutomatedBackupsMessage AWS API Documentation
     #
     class DescribeDBInstanceAutomatedBackupsMessage < Struct.new(
@@ -9202,7 +9334,8 @@ module Aws::RDS
       :db_instance_identifier,
       :filters,
       :max_records,
-      :marker)
+      :marker,
+      :db_instance_automated_backups_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -11710,11 +11843,11 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The ID of the AWS KMS key that is used to encrypt the snapshot when
-    #   it's exported to Amazon S3. The KMS key ID is the Amazon Resource
-    #   Name (ARN), the KMS key identifier, or the KMS key alias for the KMS
-    #   encryption key. The IAM role used for the snapshot export must have
-    #   encryption and decryption permissions to use this KMS key.
+    #   The key identifier of the AWS KMS customer master key (CMK) that is
+    #   used to encrypt the snapshot when it's exported to Amazon S3. The
+    #   AWS KMS CMK identifier is its key ARN, key ID, alias ARN, or alias
+    #   name. The IAM role used for the snapshot export must have encryption
+    #   and decryption permissions to use this AWS KMS CMK.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -11898,7 +12031,8 @@ module Aws::RDS
     # @!attribute [rw] global_cluster_resource_id
     #   The AWS Region-unique, immutable identifier for the global database
     #   cluster. This identifier is found in AWS CloudTrail log entries
-    #   whenever the AWS KMS key for the DB cluster is accessed.
+    #   whenever the AWS KMS customer master key (CMK) for the DB cluster is
+    #   accessed.
     #   @return [String]
     #
     # @!attribute [rw] global_cluster_arn
@@ -11951,6 +12085,10 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # The `GlobalClusterIdentifier` already exists. Choose a new global
+    # database identifier (unique name) to create a new global database
+    # cluster.
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterAlreadyExistsFault AWS API Documentation
     #
     class GlobalClusterAlreadyExistsFault < Aws::EmptyStructure; end
@@ -11990,10 +12128,16 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # The `GlobalClusterIdentifier` doesn't refer to an existing global
+    # database cluster.
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterNotFoundFault AWS API Documentation
     #
     class GlobalClusterNotFoundFault < Aws::EmptyStructure; end
 
+    # The number of global database clusters for this account is already at
+    # the maximum allowed.
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/GlobalClusterQuotaExceededFault AWS API Documentation
     #
     class GlobalClusterQuotaExceededFault < Aws::EmptyStructure; end
@@ -12381,6 +12525,9 @@ module Aws::RDS
     #
     class InvalidExportTaskStateFault < Aws::EmptyStructure; end
 
+    # The global cluster is in an invalid state and can't perform the
+    # requested operation.
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/InvalidGlobalClusterStateFault AWS API Documentation
     #
     class InvalidGlobalClusterStateFault < Aws::EmptyStructure; end
@@ -13452,7 +13599,7 @@ module Aws::RDS
     #   The version number of the database engine to upgrade to. Changing
     #   this parameter results in an outage and the change is applied during
     #   the next maintenance window unless the `ApplyImmediately` parameter
-    #   is eanbled for this request.
+    #   is enabled for this request.
     #
     #   For major version upgrades, if a nondefault DB parameter group is
     #   currently in use, a new DB parameter group in the DB parameter group
@@ -13751,8 +13898,10 @@ module Aws::RDS
     # @!attribute [rw] enable_iam_database_authentication
     #   A value that indicates whether to enable mapping of AWS Identity and
     #   Access Management (IAM) accounts to database accounts. By default,
-    #   mapping is disabled. For information about the supported DB engines,
-    #   see CreateDBInstance.
+    #   mapping is disabled.
+    #
+    #   This setting doesn't apply to Amazon Aurora. Mapping AWS IAM
+    #   accounts to database accounts is managed by the DB cluster.
     #
     #   For more information about IAM database authentication, see [ IAM
     #   Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -13777,13 +13926,15 @@ module Aws::RDS
     #
     # @!attribute [rw] performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #
     #   If you do not specify a value for `PerformanceInsightsKMSKeyId`,
-    #   then Amazon RDS uses your default encryption key. AWS KMS creates
-    #   the default encryption key for your AWS account. Your AWS account
-    #   has a different default encryption key for each AWS Region.
+    #   then Amazon RDS uses your default CMK. There is a default CMK for
+    #   your AWS account. Your AWS account has a different default CMK for
+    #   each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] performance_insights_retention_period
@@ -15188,13 +15339,6 @@ module Aws::RDS
     #
     # @!attribute [rw] supported_engine_modes
     #   A list of the supported DB engine modes.
-    #
-    #   <note markdown="1"> `global` engine mode only applies for global database clusters
-    #   created with Aurora MySQL version 5.6.10a. For higher Aurora MySQL
-    #   versions, the clusters in a global database use `provisioned` engine
-    #   mode.
-    #
-    #    </note>
     #   @return [Array<String>]
     #
     # @!attribute [rw] supports_storage_autoscaling
@@ -15490,39 +15634,38 @@ module Aws::RDS
     end
 
     # This data type is used as a response element in the `ModifyDBInstance`
-    # action.
+    # action and contains changes that will be applied during the next
+    # maintenance window.
     #
     # @!attribute [rw] db_instance_class
-    #   Contains the new `DBInstanceClass` for the DB instance that will be
-    #   applied or is currently being applied.
+    #   The name of the compute and memory capacity class for the DB
+    #   instance.
     #   @return [String]
     #
     # @!attribute [rw] allocated_storage
-    #   Contains the new `AllocatedStorage` size for the DB instance that
-    #   will be applied or is currently being applied.
+    #   The allocated storage size for the DB instance specified in
+    #   gibibytes .
     #   @return [Integer]
     #
     # @!attribute [rw] master_user_password
-    #   Contains the pending or currently-in-progress change of the master
-    #   credentials for the DB instance.
+    #   The master credentials for the DB instance.
     #   @return [String]
     #
     # @!attribute [rw] port
-    #   Specifies the pending port for the DB instance.
+    #   The port for the DB instance.
     #   @return [Integer]
     #
     # @!attribute [rw] backup_retention_period
-    #   Specifies the pending number of days for which automated backups are
-    #   retained.
+    #   The number of days for which automated backups are retained.
     #   @return [Integer]
     #
     # @!attribute [rw] multi_az
-    #   Indicates that the Single-AZ DB instance is to change to a Multi-AZ
+    #   Indicates that the Single-AZ DB instance will change to a Multi-AZ
     #   deployment.
     #   @return [Boolean]
     #
     # @!attribute [rw] engine_version
-    #   Indicates the database engine version.
+    #   The database engine version.
     #   @return [String]
     #
     # @!attribute [rw] license_model
@@ -15533,25 +15676,23 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] iops
-    #   Specifies the new Provisioned IOPS value for the DB instance that
-    #   will be applied or is currently being applied.
+    #   The Provisioned IOPS value for the DB instance.
     #   @return [Integer]
     #
     # @!attribute [rw] db_instance_identifier
-    #   Contains the new `DBInstanceIdentifier` for the DB instance that
-    #   will be applied or is currently being applied.
+    #   The database identifier for the DB instance.
     #   @return [String]
     #
     # @!attribute [rw] storage_type
-    #   Specifies the storage type to be associated with the DB instance.
+    #   The storage type of the DB instance.
     #   @return [String]
     #
     # @!attribute [rw] ca_certificate_identifier
-    #   Specifies the identifier of the CA certificate for the DB instance.
+    #   The identifier of the CA certificate for the DB instance.
     #   @return [String]
     #
     # @!attribute [rw] db_subnet_group_name
-    #   The new DB subnet group for the DB instance.
+    #   The DB subnet group for the DB instance.
     #   @return [String]
     #
     # @!attribute [rw] pending_cloudwatch_logs_exports
@@ -15565,6 +15706,11 @@ module Aws::RDS
     #   DB instance class of the DB instance.
     #   @return [Array<Types::ProcessorFeature>]
     #
+    # @!attribute [rw] iam_database_authentication_enabled
+    #   Whether mapping of AWS Identity and Access Management (IAM) accounts
+    #   to database accounts is enabled.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/PendingModifiedValues AWS API Documentation
     #
     class PendingModifiedValues < Struct.new(
@@ -15582,7 +15728,8 @@ module Aws::RDS
       :ca_certificate_identifier,
       :db_subnet_group_name,
       :pending_cloudwatch_logs_exports,
-      :processor_features)
+      :processor_features,
+      :iam_database_authentication_enabled)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -16113,7 +16260,7 @@ module Aws::RDS
     #
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the IAM role to disassociate from
-    #   the DB instance, for example
+    #   the DB instance, for example,
     #   `arn:aws:iam::123456789012:role/AccessRole`.
     #   @return [String]
     #
@@ -16830,17 +16977,14 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier for an encrypted DB cluster.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB cluster with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   cluster, then you can use the KMS key alias instead of the ARN for
-    #   the KM encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
     #   If the StorageEncrypted parameter is enabled, and you do not specify
     #   a value for the `KmsKeyId` parameter, then Amazon RDS will use your
-    #   default encryption key. AWS KMS creates the default encryption key
-    #   for your AWS account. Your AWS account has a different default
-    #   encryption key for each AWS Region.
+    #   default CMK. There is a default CMK for your AWS account. Your AWS
+    #   account has a different default CMK for each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] enable_iam_database_authentication
@@ -17158,18 +17302,16 @@ module Aws::RDS
     #   The AWS KMS key identifier to use when restoring an encrypted DB
     #   cluster from a DB snapshot or DB cluster snapshot.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are restoring a DB cluster with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   cluster, then you can use the KMS key alias instead of the ARN for
-    #   the KMS encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
-    #   If you don't specify a value for the `KmsKeyId` parameter, then the
-    #   following occurs:
+    #   When you don't specify a value for the `KmsKeyId` parameter, then
+    #   the following occurs:
     #
     #   * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
     #     is encrypted, then the restored DB cluster is encrypted using the
-    #     KMS key that was used to encrypt the DB snapshot or DB cluster
+    #     AWS KMS CMK that was used to encrypt the DB snapshot or DB cluster
     #     snapshot.
     #
     #   * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
@@ -17221,6 +17363,12 @@ module Aws::RDS
     # @!attribute [rw] engine_mode
     #   The DB engine mode of the DB cluster, either `provisioned`,
     #   `serverless`, `parallelquery`, `global`, or `multimaster`.
+    #
+    #   For more information, see [ CreateDBCluster][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html
     #   @return [String]
     #
     # @!attribute [rw] scaling_configuration
@@ -17458,23 +17606,21 @@ module Aws::RDS
     #   The AWS KMS key identifier to use when restoring an encrypted DB
     #   cluster from an encrypted DB cluster.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are restoring a DB cluster with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   cluster, then you can use the KMS key alias instead of the ARN for
-    #   the KMS encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
     #   You can restore to a new DB cluster and encrypt the new DB cluster
-    #   with a KMS key that is different than the KMS key used to encrypt
-    #   the source DB cluster. The new DB cluster is encrypted with the KMS
-    #   key identified by the `KmsKeyId` parameter.
+    #   with a AWS KMS CMK that is different than the AWS KMS key used to
+    #   encrypt the source DB cluster. The new DB cluster is encrypted with
+    #   the AWS KMS CMK identified by the `KmsKeyId` parameter.
     #
     #   If you don't specify a value for the `KmsKeyId` parameter, then the
     #   following occurs:
     #
     #   * If the DB cluster is encrypted, then the restored DB cluster is
-    #     encrypted using the KMS key that was used to encrypt the source DB
-    #     cluster.
+    #     encrypted using the AWS KMS CMK that was used to encrypt the
+    #     source DB cluster.
     #
     #   * If the DB cluster isn't encrypted, then the restored DB cluster
     #     isn't encrypted.
@@ -17904,8 +18050,7 @@ module Aws::RDS
     # @!attribute [rw] enable_iam_database_authentication
     #   A value that indicates whether to enable mapping of AWS Identity and
     #   Access Management (IAM) accounts to database accounts. By default,
-    #   mapping is disabled. For information about the supported DB engines,
-    #   see CreateDBInstance.
+    #   mapping is disabled.
     #
     #   For more information about IAM database authentication, see [ IAM
     #   Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18334,17 +18479,14 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier for an encrypted DB instance.
     #
-    #   The KMS key identifier is the Amazon Resource Name (ARN) for the KMS
-    #   encryption key. If you are creating a DB instance with the same AWS
-    #   account that owns the KMS encryption key used to encrypt the new DB
-    #   instance, then you can use the KMS key alias instead of the ARN for
-    #   the KM encryption key.
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK). To use a CMK
+    #   in a different AWS account, specify the key ARN or alias ARN.
     #
     #   If the `StorageEncrypted` parameter is enabled, and you do not
     #   specify a value for the `KmsKeyId` parameter, then Amazon RDS will
-    #   use your default encryption key. AWS KMS creates the default
-    #   encryption key for your AWS account. Your AWS account has a
-    #   different default encryption key for each AWS Region.
+    #   use your default CMK. There is a default CMK for your AWS account.
+    #   Your AWS account has a different default CMK for each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] copy_tags_to_snapshot
@@ -18383,8 +18525,7 @@ module Aws::RDS
     # @!attribute [rw] enable_iam_database_authentication
     #   A value that indicates whether to enable mapping of AWS Identity and
     #   Access Management (IAM) accounts to database accounts. By default,
-    #   mapping is disabled. For information about the supported DB engines,
-    #   see CreateDBInstance.
+    #   mapping is disabled.
     #
     #   For more information about IAM database authentication, see [ IAM
     #   Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18437,13 +18578,15 @@ module Aws::RDS
     #
     # @!attribute [rw] performance_insights_kms_key_id
     #   The AWS KMS key identifier for encryption of Performance Insights
-    #   data. The KMS key ID is the Amazon Resource Name (ARN), the KMS key
-    #   identifier, or the KMS key alias for the KMS encryption key.
+    #   data.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #
     #   If you do not specify a value for `PerformanceInsightsKMSKeyId`,
-    #   then Amazon RDS uses your default encryption key. AWS KMS creates
-    #   the default encryption key for your AWS account. Your AWS account
-    #   has a different default encryption key for each AWS Region.
+    #   then Amazon RDS uses your default CMK. There is a default CMK for
+    #   your AWS account. Your AWS account has a different default CMK for
+    #   each AWS Region.
     #   @return [String]
     #
     # @!attribute [rw] performance_insights_retention_period
@@ -18600,6 +18743,7 @@ module Aws::RDS
     #         deletion_protection: false,
     #         source_dbi_resource_id: "String",
     #         max_allocated_storage: 1,
+    #         source_db_instance_automated_backups_arn: "String",
     #       }
     #
     # @!attribute [rw] source_db_instance_identifier
@@ -18858,8 +19002,7 @@ module Aws::RDS
     # @!attribute [rw] enable_iam_database_authentication
     #   A value that indicates whether to enable mapping of AWS Identity and
     #   Access Management (IAM) accounts to database accounts. By default,
-    #   mapping is disabled. For information about the supported DB engines,
-    #   see CreateDBInstance.
+    #   mapping is disabled.
     #
     #   For more information about IAM database authentication, see [ IAM
     #   Database Authentication for MySQL and PostgreSQL][1] in the *Amazon
@@ -18929,6 +19072,12 @@ module Aws::RDS
     #   storage of the DB instance.
     #   @return [Integer]
     #
+    # @!attribute [rw] source_db_instance_automated_backups_arn
+    #   The Amazon Resource Name (ARN) of the replicated automated backups
+    #   from which to restore, for example,
+    #   `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTimeMessage AWS API Documentation
     #
     class RestoreDBInstanceToPointInTimeMessage < Struct.new(
@@ -18963,7 +19112,8 @@ module Aws::RDS
       :db_parameter_group_name,
       :deletion_protection,
       :source_dbi_resource_id,
-      :max_allocated_storage)
+      :max_allocated_storage,
+      :source_db_instance_automated_backups_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -19276,12 +19426,18 @@ module Aws::RDS
     #   The status of the source AWS Region.
     #   @return [String]
     #
+    # @!attribute [rw] supports_db_instance_automated_backups_replication
+    #   Whether the source AWS Region supports replicating automated backups
+    #   to the current AWS Region.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/SourceRegion AWS API Documentation
     #
     class SourceRegion < Struct.new(
       :region_name,
       :endpoint,
-      :status)
+      :status,
+      :supports_db_instance_automated_backups_replication)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -19321,7 +19477,7 @@ module Aws::RDS
     #       }
     #
     # @!attribute [rw] resource_arn
-    #   The Amazon Resource Name (ARN) of the DB cluster, for example
+    #   The Amazon Resource Name (ARN) of the DB cluster, for example,
     #   `arn:aws:rds:us-east-1:12345667890:cluster:das-cluster`.
     #   @return [String]
     #
@@ -19334,8 +19490,8 @@ module Aws::RDS
     #
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier for encrypting messages in the database
-    #   activity stream. The key identifier can be either a key ID, a key
-    #   ARN, or a key alias.
+    #   activity stream. The AWS KMS key identifier is the key ARN, key ID,
+    #   alias ARN, or alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] apply_immediately
@@ -19426,6 +19582,75 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass StartDBInstanceAutomatedBackupsReplicationMessage
+    #   data as a hash:
+    #
+    #       {
+    #         source_db_instance_arn: "String", # required
+    #         backup_retention_period: 1,
+    #         kms_key_id: "String",
+    #         pre_signed_url: "String",
+    #         source_region: "String",
+    #       }
+    #
+    # @!attribute [rw] source_db_instance_arn
+    #   The Amazon Resource Name (ARN) of the source DB instance for the
+    #   replicated automated backups, for example,
+    #   `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
+    #   @return [String]
+    #
+    # @!attribute [rw] backup_retention_period
+    #   The retention period for the replicated automated backups.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] kms_key_id
+    #   The AWS KMS key identifier for encryption of the replicated
+    #   automated backups. The KMS key ID is the Amazon Resource Name (ARN)
+    #   for the KMS encryption key in the destination AWS Region, for
+    #   example,
+    #   `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.
+    #   @return [String]
+    #
+    # @!attribute [rw] pre_signed_url
+    #   A URL that contains a Signature Version 4 signed request for the
+    #   StartDBInstanceAutomatedBackupsReplication action to be called in
+    #   the AWS Region of the source DB instance. The presigned URL must be
+    #   a valid request for the StartDBInstanceAutomatedBackupsReplication
+    #   API action that can be executed in the AWS Region that contains the
+    #   source DB instance.
+    #   @return [String]
+    #
+    # @!attribute [rw] source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
+    #
+    class StartDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
+      :source_db_instance_arn,
+      :backup_retention_period,
+      :kms_key_id,
+      :pre_signed_url,
+      :source_region)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] db_instance_automated_backup
+    #   An automated backup of a DB instance. It consists of system backups,
+    #   transaction logs, and the database instance properties that existed
+    #   at the time you deleted the source instance.
+    #   @return [Types::DBInstanceAutomatedBackup]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
+    #
+    class StartDBInstanceAutomatedBackupsReplicationResult < Struct.new(
+      :db_instance_automated_backup)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass StartDBInstanceMessage
     #   data as a hash:
     #
@@ -19494,11 +19719,12 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] kms_key_id
-    #   The ID of the AWS KMS key to use to encrypt the snapshot exported to
-    #   Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), the KMS
-    #   key identifier, or the KMS key alias for the KMS encryption key. The
-    #   caller of this operation must be authorized to execute the following
-    #   operations. These can be set in the KMS key policy:
+    #   The ID of the AWS KMS customer master key (CMK) to use to encrypt
+    #   the snapshot exported to Amazon S3. The AWS KMS key identifier is
+    #   the key ARN, key ID, alias ARN, or alias name for the AWS KMS
+    #   customer master key (CMK). The caller of this operation must be
+    #   authorized to execute the following operations. These can be set in
+    #   the AWS KMS key policy:
     #
     #   * GrantOperation.Encrypt
     #
@@ -19590,6 +19816,9 @@ module Aws::RDS
     # @!attribute [rw] kms_key_id
     #   The AWS KMS key identifier used for encrypting messages in the
     #   database activity stream.
+    #
+    #   The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
+    #   alias name for the AWS KMS customer master key (CMK).
     #   @return [String]
     #
     # @!attribute [rw] kinesis_stream_name
@@ -19646,6 +19875,41 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass StopDBInstanceAutomatedBackupsReplicationMessage
+    #   data as a hash:
+    #
+    #       {
+    #         source_db_instance_arn: "String", # required
+    #       }
+    #
+    # @!attribute [rw] source_db_instance_arn
+    #   The Amazon Resource Name (ARN) of the source DB instance for which
+    #   to stop replicating automated backups, for example,
+    #   `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
+    #
+    class StopDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
+      :source_db_instance_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] db_instance_automated_backup
+    #   An automated backup of a DB instance. It consists of system backups,
+    #   transaction logs, and the database instance properties that existed
+    #   at the time you deleted the source instance.
+    #   @return [Types::DBInstanceAutomatedBackup]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
+    #
+    class StopDBInstanceAutomatedBackupsReplicationResult < Struct.new(
+      :db_instance_automated_backup)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass StopDBInstanceMessage
     #   data as a hash:
     #