aws-sdk-rds 1.106.0 → 1.107.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-rds.rb +1 -1
- data/lib/aws-sdk-rds/client.rb +351 -151
- data/lib/aws-sdk-rds/client_api.rb +59 -5
- data/lib/aws-sdk-rds/db_cluster.rb +30 -30
- data/lib/aws-sdk-rds/db_cluster_snapshot.rb +23 -22
- data/lib/aws-sdk-rds/db_instance.rb +59 -39
- data/lib/aws-sdk-rds/db_snapshot.rb +17 -15
- data/lib/aws-sdk-rds/plugins/cross_region_copying.rb +11 -12
- data/lib/aws-sdk-rds/resource.rb +30 -35
- data/lib/aws-sdk-rds/types.rb +346 -174
- metadata +2 -2
@@ -174,6 +174,9 @@ module Aws::RDS
|
|
174
174
|
|
175
175
|
# If `Encrypted` is true, the AWS KMS key identifier for the encrypted
|
176
176
|
# DB snapshot.
|
177
|
+
#
|
178
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
179
|
+
# name for the AWS KMS customer master key (CMK).
|
177
180
|
# @return [String]
|
178
181
|
def kms_key_id
|
179
182
|
data[:kms_key_id]
|
@@ -426,14 +429,14 @@ module Aws::RDS
|
|
426
429
|
#
|
427
430
|
# Example: `my-db-snapshot`
|
428
431
|
# @option options [String] :kms_key_id
|
429
|
-
# The AWS KMS key
|
430
|
-
#
|
431
|
-
#
|
432
|
+
# The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
|
433
|
+
# key identifier is the key ARN, key ID, alias ARN, or alias name for
|
434
|
+
# the AWS KMS customer master key (CMK).
|
432
435
|
#
|
433
436
|
# If you copy an encrypted DB snapshot from your AWS account, you can
|
434
|
-
# specify a value for this parameter to encrypt the copy with a new
|
435
|
-
#
|
436
|
-
#
|
437
|
+
# specify a value for this parameter to encrypt the copy with a new AWS
|
438
|
+
# KMS CMK. If you don't specify a value for this parameter, then the
|
439
|
+
# copy of the DB snapshot is encrypted with the same AWS KMS key as the
|
437
440
|
# source DB snapshot.
|
438
441
|
#
|
439
442
|
# If you copy an encrypted DB snapshot that is shared from another AWS
|
@@ -443,9 +446,9 @@ module Aws::RDS
|
|
443
446
|
# the copy is encrypted.
|
444
447
|
#
|
445
448
|
# If you copy an encrypted snapshot to a different AWS Region, then you
|
446
|
-
# must specify a KMS key for the destination AWS Region.
|
447
|
-
#
|
448
|
-
# can't use
|
449
|
+
# must specify a AWS KMS key identifier for the destination AWS Region.
|
450
|
+
# AWS KMS CMKs are specific to the AWS Region that they are created in,
|
451
|
+
# and you can't use CMKs from one AWS Region in another AWS Region.
|
449
452
|
# @option options [Array<Types::Tag>] :tags
|
450
453
|
# A list of tags. For more information, see [Tagging Amazon RDS
|
451
454
|
# Resources][1] in the *Amazon RDS User Guide.*
|
@@ -482,11 +485,11 @@ module Aws::RDS
|
|
482
485
|
# the us-west-2 AWS Region. For this example, the `DestinationRegion`
|
483
486
|
# in the presigned URL must be set to the us-east-1 AWS Region.
|
484
487
|
#
|
485
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
486
|
-
# encrypt the copy of the DB snapshot in the
|
487
|
-
# This is the same identifier for both the
|
488
|
-
# that is called in the destination AWS
|
489
|
-
# contained in the presigned URL.
|
488
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master key
|
489
|
+
# (CMK) to use to encrypt the copy of the DB snapshot in the
|
490
|
+
# destination AWS Region. This is the same identifier for both the
|
491
|
+
# `CopyDBSnapshot` action that is called in the destination AWS
|
492
|
+
# Region, and the action contained in the presigned URL.
|
490
493
|
#
|
491
494
|
# * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
|
492
495
|
# encrypted snapshot to be copied. This identifier must be in the
|
@@ -531,7 +534,6 @@ module Aws::RDS
|
|
531
534
|
# CAZ.
|
532
535
|
#
|
533
536
|
# Example: `rds-caz-aiqhTgQv`.
|
534
|
-
# @option options [String] :destination_region
|
535
537
|
# @option options [String] :source_region
|
536
538
|
# The source region of the snapshot. This is only needed when the
|
537
539
|
# shapshot is encrypted and in a different region.
|
@@ -5,28 +5,26 @@ require 'aws-sigv4'
|
|
5
5
|
module Aws
|
6
6
|
module RDS
|
7
7
|
module Plugins
|
8
|
-
|
9
|
-
#
|
10
|
-
# CopyDBSnapshot API.
|
8
|
+
# This plugin populates the `:pre_signed_url` request param for APIs
|
9
|
+
# that support cross region copying.
|
11
10
|
#
|
12
11
|
# This parameter is required by RDS when copying an encrypted snapshot
|
13
12
|
# across regions. This plugin will be skipped if the `:pre_signed_url`
|
14
13
|
# parameter is provided by the user.
|
15
14
|
class CrossRegionCopying < Seahorse::Client::Plugin
|
16
|
-
|
17
15
|
# @api private
|
18
16
|
class Handler < Seahorse::Client::Handler
|
19
|
-
|
20
17
|
def call(context)
|
21
18
|
params = context.params
|
22
|
-
if params.is_a?(Hash) &&
|
19
|
+
if params.is_a?(Hash) &&
|
20
|
+
params[:source_region] && !params[:pre_signed_url]
|
23
21
|
params[:pre_signed_url] = presigned_url(context, params)
|
24
|
-
params[:destination_region] = context.config.region
|
25
22
|
end
|
26
23
|
@handler.call(context)
|
27
24
|
end
|
28
25
|
|
29
26
|
private
|
27
|
+
|
30
28
|
def presigned_url(context, params)
|
31
29
|
# :source_region is not modeled in the api
|
32
30
|
source_region = params.delete(:source_region)
|
@@ -43,12 +41,13 @@ module Aws
|
|
43
41
|
region: source_region,
|
44
42
|
credentials_provider: context.config.credentials
|
45
43
|
)
|
46
|
-
url = Aws::Partitions::EndpointProvider.resolve(
|
47
|
-
|
44
|
+
url = Aws::Partitions::EndpointProvider.resolve(
|
45
|
+
signer.region, 'rds'
|
46
|
+
)
|
47
|
+
url += "?#{param_list}"
|
48
48
|
signer.presign_url(
|
49
49
|
http_method: 'GET',
|
50
50
|
url: url,
|
51
|
-
body: '',
|
52
51
|
expires_in: 3600
|
53
52
|
).to_s
|
54
53
|
end
|
@@ -61,10 +60,10 @@ module Aws
|
|
61
60
|
:copy_db_snapshot,
|
62
61
|
:create_db_instance_read_replica,
|
63
62
|
:copy_db_cluster_snapshot,
|
64
|
-
:create_db_cluster
|
63
|
+
:create_db_cluster,
|
64
|
+
:start_db_instance_automated_backups_replication
|
65
65
|
]
|
66
66
|
)
|
67
|
-
|
68
67
|
end
|
69
68
|
end
|
70
69
|
end
|
data/lib/aws-sdk-rds/resource.rb
CHANGED
@@ -258,30 +258,27 @@ module Aws::RDS
|
|
258
258
|
# @option options [String] :kms_key_id
|
259
259
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
260
260
|
#
|
261
|
-
# The KMS key identifier is the
|
262
|
-
#
|
263
|
-
# account
|
264
|
-
# cluster, then you can use the KMS key alias instead of the ARN for the
|
265
|
-
# KMS encryption key.
|
261
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
262
|
+
# name for the AWS KMS customer master key (CMK). To use a CMK in a
|
263
|
+
# different AWS account, specify the key ARN or alias ARN.
|
266
264
|
#
|
267
|
-
#
|
265
|
+
# When a CMK isn't specified in `KmsKeyId`\:
|
268
266
|
#
|
269
267
|
# * If `ReplicationSourceIdentifier` identifies an encrypted source,
|
270
|
-
# then Amazon RDS will use the
|
271
|
-
#
|
268
|
+
# then Amazon RDS will use the CMK used to encrypt the source.
|
269
|
+
# Otherwise, Amazon RDS will use your default CMK.
|
272
270
|
#
|
273
271
|
# * If the `StorageEncrypted` parameter is enabled and
|
274
272
|
# `ReplicationSourceIdentifier` isn't specified, then Amazon RDS will
|
275
|
-
# use your default
|
273
|
+
# use your default CMK.
|
276
274
|
#
|
277
|
-
#
|
278
|
-
#
|
279
|
-
# Region.
|
275
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
276
|
+
# different default CMK for each AWS Region.
|
280
277
|
#
|
281
278
|
# If you create a read replica of an encrypted DB cluster in another AWS
|
282
|
-
# Region, you must set `KmsKeyId` to a KMS key
|
283
|
-
# destination AWS Region. This
|
284
|
-
# in that AWS Region.
|
279
|
+
# Region, you must set `KmsKeyId` to a AWS KMS key identifier that is
|
280
|
+
# valid in the destination AWS Region. This CMK is used to encrypt the
|
281
|
+
# read replica in that AWS Region.
|
285
282
|
# @option options [String] :pre_signed_url
|
286
283
|
# A URL that contains a Signature Version 4 signed request for the
|
287
284
|
# `CreateDBCluster` action to be called in the source AWS Region where
|
@@ -298,9 +295,9 @@ module Aws::RDS
|
|
298
295
|
#
|
299
296
|
# * `KmsKeyId` - The AWS KMS key identifier for the key to use to
|
300
297
|
# encrypt the copy of the DB cluster in the destination AWS Region.
|
301
|
-
# This should refer to the same KMS
|
302
|
-
# action that is called in the destination AWS
|
303
|
-
# contained in the pre-signed URL.
|
298
|
+
# This should refer to the same AWS KMS CMK for both the
|
299
|
+
# `CreateDBCluster` action that is called in the destination AWS
|
300
|
+
# Region, and the action contained in the pre-signed URL.
|
304
301
|
#
|
305
302
|
# * `DestinationRegion` - The name of the AWS Region that Aurora read
|
306
303
|
# replica will be created in.
|
@@ -460,7 +457,6 @@ module Aws::RDS
|
|
460
457
|
# This parameter only applies to DB clusters that are secondary clusters
|
461
458
|
# in an Aurora global database. By default, Aurora disallows write
|
462
459
|
# operations for secondary clusters.
|
463
|
-
# @option options [String] :destination_region
|
464
460
|
# @option options [String] :source_region
|
465
461
|
# The source region of the snapshot. This is only needed when the
|
466
462
|
# shapshot is encrypted and in a different region.
|
@@ -1230,22 +1226,19 @@ module Aws::RDS
|
|
1230
1226
|
# @option options [String] :kms_key_id
|
1231
1227
|
# The AWS KMS key identifier for an encrypted DB instance.
|
1232
1228
|
#
|
1233
|
-
# The KMS key identifier is the
|
1234
|
-
#
|
1235
|
-
# account
|
1236
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
1237
|
-
# the KM encryption key.
|
1229
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1230
|
+
# name for the AWS KMS customer master key (CMK). To use a CMK in a
|
1231
|
+
# different AWS account, specify the key ARN or alias ARN.
|
1238
1232
|
#
|
1239
1233
|
# **Amazon Aurora**
|
1240
1234
|
#
|
1241
|
-
# Not applicable. The KMS key identifier is managed by the DB
|
1242
|
-
# For more information, see `CreateDBCluster`.
|
1235
|
+
# Not applicable. The AWS KMS key identifier is managed by the DB
|
1236
|
+
# cluster. For more information, see `CreateDBCluster`.
|
1243
1237
|
#
|
1244
1238
|
# If `StorageEncrypted` is enabled, and you do not specify a value for
|
1245
|
-
# the `KmsKeyId` parameter, then Amazon RDS
|
1246
|
-
#
|
1247
|
-
#
|
1248
|
-
# for each AWS Region.
|
1239
|
+
# the `KmsKeyId` parameter, then Amazon RDS uses your default CMK. There
|
1240
|
+
# is a default CMK for your AWS account. Your AWS account has a
|
1241
|
+
# different default CMK for each AWS Region.
|
1249
1242
|
# @option options [String] :domain
|
1250
1243
|
# The Active Directory directory ID to create the DB instance in.
|
1251
1244
|
# Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB
|
@@ -1337,13 +1330,15 @@ module Aws::RDS
|
|
1337
1330
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html
|
1338
1331
|
# @option options [String] :performance_insights_kms_key_id
|
1339
1332
|
# The AWS KMS key identifier for encryption of Performance Insights
|
1340
|
-
# data.
|
1341
|
-
#
|
1333
|
+
# data.
|
1334
|
+
#
|
1335
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1336
|
+
# name for the AWS KMS customer master key (CMK).
|
1342
1337
|
#
|
1343
1338
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`, then
|
1344
|
-
# Amazon RDS uses your default
|
1345
|
-
#
|
1346
|
-
#
|
1339
|
+
# Amazon RDS uses your default CMK. There is a default CMK for your AWS
|
1340
|
+
# account. Your AWS account has a different default CMK for each AWS
|
1341
|
+
# Region.
|
1347
1342
|
# @option options [Integer] :performance_insights_retention_period
|
1348
1343
|
# The amount of time, in days, to retain Performance Insights data.
|
1349
1344
|
# Valid values are 7 or 731 (2 years).
|
data/lib/aws-sdk-rds/types.rb
CHANGED
@@ -157,7 +157,7 @@ module Aws::RDS
|
|
157
157
|
#
|
158
158
|
# @!attribute [rw] role_arn
|
159
159
|
# The Amazon Resource Name (ARN) of the IAM role to associate with the
|
160
|
-
# Aurora DB cluster, for example
|
160
|
+
# Aurora DB cluster, for example,
|
161
161
|
# `arn:aws:iam::123456789012:role/AuroraAccessRole`.
|
162
162
|
# @return [String]
|
163
163
|
#
|
@@ -1050,25 +1050,25 @@ module Aws::RDS
|
|
1050
1050
|
# @return [String]
|
1051
1051
|
#
|
1052
1052
|
# @!attribute [rw] kms_key_id
|
1053
|
-
# The AWS KMS key
|
1054
|
-
#
|
1055
|
-
#
|
1053
|
+
# The AWS KMS key identifier for an encrypted DB cluster snapshot. The
|
1054
|
+
# AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1055
|
+
# name for the AWS KMS customer master key (CMK).
|
1056
1056
|
#
|
1057
1057
|
# If you copy an encrypted DB cluster snapshot from your AWS account,
|
1058
1058
|
# you can specify a value for `KmsKeyId` to encrypt the copy with a
|
1059
|
-
# new KMS
|
1060
|
-
#
|
1061
|
-
#
|
1059
|
+
# new AWS KMS CMK. If you don't specify a value for `KmsKeyId`, then
|
1060
|
+
# the copy of the DB cluster snapshot is encrypted with the same AWS
|
1061
|
+
# KMS key as the source DB cluster snapshot.
|
1062
1062
|
#
|
1063
1063
|
# If you copy an encrypted DB cluster snapshot that is shared from
|
1064
1064
|
# another AWS account, then you must specify a value for `KmsKeyId`.
|
1065
1065
|
#
|
1066
1066
|
# To copy an encrypted DB cluster snapshot to another AWS Region, you
|
1067
|
-
# must set `KmsKeyId` to the KMS key
|
1068
|
-
# copy of the DB cluster snapshot in the destination AWS
|
1069
|
-
#
|
1070
|
-
# in, and you can't use
|
1071
|
-
#
|
1067
|
+
# must set `KmsKeyId` to the AWS KMS key identifier you want to use to
|
1068
|
+
# encrypt the copy of the DB cluster snapshot in the destination AWS
|
1069
|
+
# Region. AWS KMS CMKs are specific to the AWS Region that they are
|
1070
|
+
# created in, and you can't use CMKs from one AWS Region in another
|
1071
|
+
# AWS Region.
|
1072
1072
|
#
|
1073
1073
|
# If you copy an unencrypted DB cluster snapshot and specify a value
|
1074
1074
|
# for the `KmsKeyId` parameter, an error is returned.
|
@@ -1088,11 +1088,12 @@ module Aws::RDS
|
|
1088
1088
|
# be copied. The pre-signed URL request must contain the following
|
1089
1089
|
# parameter values:
|
1090
1090
|
#
|
1091
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
1092
|
-
# encrypt the copy of the DB cluster snapshot in
|
1093
|
-
# Region. This is the same identifier for both
|
1094
|
-
# `CopyDBClusterSnapshot` action that is called in the
|
1095
|
-
# AWS Region, and the action contained in the pre-signed
|
1091
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master
|
1092
|
+
# key (CMK) to use to encrypt the copy of the DB cluster snapshot in
|
1093
|
+
# the destination AWS Region. This is the same identifier for both
|
1094
|
+
# the `CopyDBClusterSnapshot` action that is called in the
|
1095
|
+
# destination AWS Region, and the action contained in the pre-signed
|
1096
|
+
# URL.
|
1096
1097
|
#
|
1097
1098
|
# * `DestinationRegion` - The name of the AWS Region that the DB
|
1098
1099
|
# cluster snapshot is to be created in.
|
@@ -1139,9 +1140,6 @@ module Aws::RDS
|
|
1139
1140
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
|
1140
1141
|
# @return [Array<Types::Tag>]
|
1141
1142
|
#
|
1142
|
-
# @!attribute [rw] destination_region
|
1143
|
-
# @return [String]
|
1144
|
-
#
|
1145
1143
|
# @!attribute [rw] source_region
|
1146
1144
|
# The source region of the snapshot. This is only needed when the
|
1147
1145
|
# shapshot is encrypted and in a different region.
|
@@ -1156,7 +1154,6 @@ module Aws::RDS
|
|
1156
1154
|
:pre_signed_url,
|
1157
1155
|
:copy_tags,
|
1158
1156
|
:tags,
|
1159
|
-
:destination_region,
|
1160
1157
|
:source_region)
|
1161
1158
|
SENSITIVE = []
|
1162
1159
|
include Aws::Structure
|
@@ -1331,15 +1328,15 @@ module Aws::RDS
|
|
1331
1328
|
# @return [String]
|
1332
1329
|
#
|
1333
1330
|
# @!attribute [rw] kms_key_id
|
1334
|
-
# The AWS KMS key
|
1335
|
-
#
|
1336
|
-
#
|
1331
|
+
# The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
|
1332
|
+
# key identifier is the key ARN, key ID, alias ARN, or alias name for
|
1333
|
+
# the AWS KMS customer master key (CMK).
|
1337
1334
|
#
|
1338
1335
|
# If you copy an encrypted DB snapshot from your AWS account, you can
|
1339
1336
|
# specify a value for this parameter to encrypt the copy with a new
|
1340
|
-
# KMS
|
1341
|
-
#
|
1342
|
-
#
|
1337
|
+
# AWS KMS CMK. If you don't specify a value for this parameter, then
|
1338
|
+
# the copy of the DB snapshot is encrypted with the same AWS KMS key
|
1339
|
+
# as the source DB snapshot.
|
1343
1340
|
#
|
1344
1341
|
# If you copy an encrypted DB snapshot that is shared from another AWS
|
1345
1342
|
# account, then you must specify a value for this parameter.
|
@@ -1348,10 +1345,10 @@ module Aws::RDS
|
|
1348
1345
|
# the copy is encrypted.
|
1349
1346
|
#
|
1350
1347
|
# If you copy an encrypted snapshot to a different AWS Region, then
|
1351
|
-
# you must specify a KMS key for the destination AWS
|
1352
|
-
#
|
1353
|
-
# in, and you can't use
|
1354
|
-
#
|
1348
|
+
# you must specify a AWS KMS key identifier for the destination AWS
|
1349
|
+
# Region. AWS KMS CMKs are specific to the AWS Region that they are
|
1350
|
+
# created in, and you can't use CMKs from one AWS Region in another
|
1351
|
+
# AWS Region.
|
1355
1352
|
# @return [String]
|
1356
1353
|
#
|
1357
1354
|
# @!attribute [rw] tags
|
@@ -1396,11 +1393,11 @@ module Aws::RDS
|
|
1396
1393
|
# example, the `DestinationRegion` in the presigned URL must be set
|
1397
1394
|
# to the us-east-1 AWS Region.
|
1398
1395
|
#
|
1399
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
1400
|
-
# encrypt the copy of the DB snapshot in the
|
1401
|
-
# This is the same identifier for both the
|
1402
|
-
# that is called in the destination AWS
|
1403
|
-
# contained in the presigned URL.
|
1396
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master
|
1397
|
+
# key (CMK) to use to encrypt the copy of the DB snapshot in the
|
1398
|
+
# destination AWS Region. This is the same identifier for both the
|
1399
|
+
# `CopyDBSnapshot` action that is called in the destination AWS
|
1400
|
+
# Region, and the action contained in the presigned URL.
|
1404
1401
|
#
|
1405
1402
|
# * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
|
1406
1403
|
# encrypted snapshot to be copied. This identifier must be in the
|
@@ -1451,9 +1448,6 @@ module Aws::RDS
|
|
1451
1448
|
# Example: `rds-caz-aiqhTgQv`.
|
1452
1449
|
# @return [String]
|
1453
1450
|
#
|
1454
|
-
# @!attribute [rw] destination_region
|
1455
|
-
# @return [String]
|
1456
|
-
#
|
1457
1451
|
# @!attribute [rw] source_region
|
1458
1452
|
# The source region of the snapshot. This is only needed when the
|
1459
1453
|
# shapshot is encrypted and in a different region.
|
@@ -1470,7 +1464,6 @@ module Aws::RDS
|
|
1470
1464
|
:pre_signed_url,
|
1471
1465
|
:option_group_name,
|
1472
1466
|
:target_custom_availability_zone,
|
1473
|
-
:destination_region,
|
1474
1467
|
:source_region)
|
1475
1468
|
SENSITIVE = []
|
1476
1469
|
include Aws::Structure
|
@@ -1954,31 +1947,27 @@ module Aws::RDS
|
|
1954
1947
|
# @!attribute [rw] kms_key_id
|
1955
1948
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
1956
1949
|
#
|
1957
|
-
# The KMS key identifier is the
|
1958
|
-
#
|
1959
|
-
#
|
1960
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
1961
|
-
# the KMS encryption key.
|
1950
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
1951
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
1952
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
1962
1953
|
#
|
1963
|
-
#
|
1954
|
+
# When a CMK isn't specified in `KmsKeyId`\:
|
1964
1955
|
#
|
1965
1956
|
# * If `ReplicationSourceIdentifier` identifies an encrypted source,
|
1966
|
-
# then Amazon RDS will use the
|
1967
|
-
#
|
1968
|
-
# key.
|
1957
|
+
# then Amazon RDS will use the CMK used to encrypt the source.
|
1958
|
+
# Otherwise, Amazon RDS will use your default CMK.
|
1969
1959
|
#
|
1970
1960
|
# * If the `StorageEncrypted` parameter is enabled and
|
1971
1961
|
# `ReplicationSourceIdentifier` isn't specified, then Amazon RDS
|
1972
|
-
# will use your default
|
1962
|
+
# will use your default CMK.
|
1973
1963
|
#
|
1974
|
-
#
|
1975
|
-
#
|
1976
|
-
# Region.
|
1964
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
1965
|
+
# different default CMK for each AWS Region.
|
1977
1966
|
#
|
1978
1967
|
# If you create a read replica of an encrypted DB cluster in another
|
1979
|
-
# AWS Region, you must set `KmsKeyId` to a KMS key
|
1980
|
-
# the destination AWS Region. This
|
1981
|
-
# replica in that AWS Region.
|
1968
|
+
# AWS Region, you must set `KmsKeyId` to a AWS KMS key identifier that
|
1969
|
+
# is valid in the destination AWS Region. This CMK is used to encrypt
|
1970
|
+
# the read replica in that AWS Region.
|
1982
1971
|
# @return [String]
|
1983
1972
|
#
|
1984
1973
|
# @!attribute [rw] pre_signed_url
|
@@ -1997,7 +1986,7 @@ module Aws::RDS
|
|
1997
1986
|
#
|
1998
1987
|
# * `KmsKeyId` - The AWS KMS key identifier for the key to use to
|
1999
1988
|
# encrypt the copy of the DB cluster in the destination AWS Region.
|
2000
|
-
# This should refer to the same KMS
|
1989
|
+
# This should refer to the same AWS KMS CMK for both the
|
2001
1990
|
# `CreateDBCluster` action that is called in the destination AWS
|
2002
1991
|
# Region, and the action contained in the pre-signed URL.
|
2003
1992
|
#
|
@@ -2185,9 +2174,6 @@ module Aws::RDS
|
|
2185
2174
|
# disallows write operations for secondary clusters.
|
2186
2175
|
# @return [Boolean]
|
2187
2176
|
#
|
2188
|
-
# @!attribute [rw] destination_region
|
2189
|
-
# @return [String]
|
2190
|
-
#
|
2191
2177
|
# @!attribute [rw] source_region
|
2192
2178
|
# The source region of the snapshot. This is only needed when the
|
2193
2179
|
# shapshot is encrypted and in a different region.
|
@@ -2229,7 +2215,6 @@ module Aws::RDS
|
|
2229
2215
|
:domain,
|
2230
2216
|
:domain_iam_role_name,
|
2231
2217
|
:enable_global_write_forwarding,
|
2232
|
-
:destination_region,
|
2233
2218
|
:source_region)
|
2234
2219
|
SENSITIVE = []
|
2235
2220
|
include Aws::Structure
|
@@ -3168,22 +3153,19 @@ module Aws::RDS
|
|
3168
3153
|
# @!attribute [rw] kms_key_id
|
3169
3154
|
# The AWS KMS key identifier for an encrypted DB instance.
|
3170
3155
|
#
|
3171
|
-
# The KMS key identifier is the
|
3172
|
-
#
|
3173
|
-
#
|
3174
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
3175
|
-
# the KM encryption key.
|
3156
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3157
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
3158
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
3176
3159
|
#
|
3177
3160
|
# **Amazon Aurora**
|
3178
3161
|
#
|
3179
|
-
# Not applicable. The KMS key identifier is managed by the DB
|
3180
|
-
# For more information, see `CreateDBCluster`.
|
3162
|
+
# Not applicable. The AWS KMS key identifier is managed by the DB
|
3163
|
+
# cluster. For more information, see `CreateDBCluster`.
|
3181
3164
|
#
|
3182
3165
|
# If `StorageEncrypted` is enabled, and you do not specify a value for
|
3183
|
-
# the `KmsKeyId` parameter, then Amazon RDS
|
3184
|
-
#
|
3185
|
-
#
|
3186
|
-
# for each AWS Region.
|
3166
|
+
# the `KmsKeyId` parameter, then Amazon RDS uses your default CMK.
|
3167
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
3168
|
+
# different default CMK for each AWS Region.
|
3187
3169
|
# @return [String]
|
3188
3170
|
#
|
3189
3171
|
# @!attribute [rw] domain
|
@@ -3295,13 +3277,15 @@ module Aws::RDS
|
|
3295
3277
|
#
|
3296
3278
|
# @!attribute [rw] performance_insights_kms_key_id
|
3297
3279
|
# The AWS KMS key identifier for encryption of Performance Insights
|
3298
|
-
# data.
|
3299
|
-
#
|
3280
|
+
# data.
|
3281
|
+
#
|
3282
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3283
|
+
# alias name for the AWS KMS customer master key (CMK).
|
3300
3284
|
#
|
3301
3285
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
3302
|
-
# then Amazon RDS uses your default
|
3303
|
-
#
|
3304
|
-
#
|
3286
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
3287
|
+
# your AWS account. Your AWS account has a different default CMK for
|
3288
|
+
# each AWS Region.
|
3305
3289
|
# @return [String]
|
3306
3290
|
#
|
3307
3291
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -3719,19 +3703,20 @@ module Aws::RDS
|
|
3719
3703
|
# @return [String]
|
3720
3704
|
#
|
3721
3705
|
# @!attribute [rw] kms_key_id
|
3722
|
-
# The AWS KMS key
|
3723
|
-
#
|
3724
|
-
#
|
3706
|
+
# The AWS KMS key identifier for an encrypted read replica.
|
3707
|
+
#
|
3708
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3709
|
+
# alias name for the AWS KMS CMK.
|
3725
3710
|
#
|
3726
3711
|
# If you create an encrypted read replica in the same AWS Region as
|
3727
3712
|
# the source DB instance, then you do not have to specify a value for
|
3728
|
-
# this parameter. The read replica is encrypted with the same KMS
|
3729
|
-
# as the source DB instance.
|
3713
|
+
# this parameter. The read replica is encrypted with the same AWS KMS
|
3714
|
+
# CMK as the source DB instance.
|
3730
3715
|
#
|
3731
3716
|
# If you create an encrypted read replica in a different AWS Region,
|
3732
|
-
# then you must specify a KMS key for the destination
|
3733
|
-
#
|
3734
|
-
# in, and you can't use
|
3717
|
+
# then you must specify a AWS KMS key identifier for the destination
|
3718
|
+
# AWS Region. AWS KMS CMKs are specific to the AWS Region that they
|
3719
|
+
# are created in, and you can't use CMKs from one AWS Region in
|
3735
3720
|
# another AWS Region.
|
3736
3721
|
#
|
3737
3722
|
# You can't create an encrypted read replica from an unencrypted DB
|
@@ -3830,13 +3815,15 @@ module Aws::RDS
|
|
3830
3815
|
#
|
3831
3816
|
# @!attribute [rw] performance_insights_kms_key_id
|
3832
3817
|
# The AWS KMS key identifier for encryption of Performance Insights
|
3833
|
-
# data.
|
3834
|
-
#
|
3818
|
+
# data.
|
3819
|
+
#
|
3820
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3821
|
+
# alias name for the AWS KMS customer master key (CMK).
|
3835
3822
|
#
|
3836
3823
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
3837
|
-
# then Amazon RDS uses your default
|
3838
|
-
#
|
3839
|
-
#
|
3824
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
3825
|
+
# your AWS account. Your AWS account has a different default CMK for
|
3826
|
+
# each AWS Region.
|
3840
3827
|
# @return [String]
|
3841
3828
|
#
|
3842
3829
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -3923,9 +3910,6 @@ module Aws::RDS
|
|
3923
3910
|
# storage of the DB instance.
|
3924
3911
|
# @return [Integer]
|
3925
3912
|
#
|
3926
|
-
# @!attribute [rw] destination_region
|
3927
|
-
# @return [String]
|
3928
|
-
#
|
3929
3913
|
# @!attribute [rw] source_region
|
3930
3914
|
# The source region of the snapshot. This is only needed when the
|
3931
3915
|
# shapshot is encrypted and in a different region.
|
@@ -3966,7 +3950,6 @@ module Aws::RDS
|
|
3966
3950
|
:domain_iam_role_name,
|
3967
3951
|
:replica_mode,
|
3968
3952
|
:max_allocated_storage,
|
3969
|
-
:destination_region,
|
3970
3953
|
:source_region)
|
3971
3954
|
SENSITIVE = []
|
3972
3955
|
include Aws::Structure
|
@@ -4914,12 +4897,15 @@ module Aws::RDS
|
|
4914
4897
|
# @!attribute [rw] kms_key_id
|
4915
4898
|
# If `StorageEncrypted` is enabled, the AWS KMS key identifier for the
|
4916
4899
|
# encrypted DB cluster.
|
4900
|
+
#
|
4901
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
4902
|
+
# alias name for the AWS KMS customer master key (CMK).
|
4917
4903
|
# @return [String]
|
4918
4904
|
#
|
4919
4905
|
# @!attribute [rw] db_cluster_resource_id
|
4920
4906
|
# The AWS Region-unique, immutable identifier for the DB cluster. This
|
4921
4907
|
# identifier is found in AWS CloudTrail log entries whenever the AWS
|
4922
|
-
# KMS
|
4908
|
+
# KMS CMK for the DB cluster is accessed.
|
4923
4909
|
# @return [String]
|
4924
4910
|
#
|
4925
4911
|
# @!attribute [rw] db_cluster_arn
|
@@ -5045,6 +5031,9 @@ module Aws::RDS
|
|
5045
5031
|
# @!attribute [rw] activity_stream_kms_key_id
|
5046
5032
|
# The AWS KMS key identifier used for encrypting messages in the
|
5047
5033
|
# database activity stream.
|
5034
|
+
#
|
5035
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
5036
|
+
# alias name for the AWS KMS customer master key (CMK).
|
5048
5037
|
# @return [String]
|
5049
5038
|
#
|
5050
5039
|
# @!attribute [rw] activity_stream_kinesis_stream_name
|
@@ -5738,6 +5727,9 @@ module Aws::RDS
|
|
5738
5727
|
# @!attribute [rw] kms_key_id
|
5739
5728
|
# If `StorageEncrypted` is true, the AWS KMS key identifier for the
|
5740
5729
|
# encrypted DB cluster snapshot.
|
5730
|
+
#
|
5731
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
5732
|
+
# alias name for the AWS KMS customer master key (CMK).
|
5741
5733
|
# @return [String]
|
5742
5734
|
#
|
5743
5735
|
# @!attribute [rw] db_cluster_snapshot_arn
|
@@ -6274,12 +6266,15 @@ module Aws::RDS
|
|
6274
6266
|
# @!attribute [rw] kms_key_id
|
6275
6267
|
# If `StorageEncrypted` is true, the AWS KMS key identifier for the
|
6276
6268
|
# encrypted DB instance.
|
6269
|
+
#
|
6270
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6271
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6277
6272
|
# @return [String]
|
6278
6273
|
#
|
6279
6274
|
# @!attribute [rw] dbi_resource_id
|
6280
6275
|
# The AWS Region-unique, immutable identifier for the DB instance.
|
6281
6276
|
# This identifier is found in AWS CloudTrail log entries whenever the
|
6282
|
-
# AWS KMS key for the DB instance is accessed.
|
6277
|
+
# AWS KMS customer master key (CMK) for the DB instance is accessed.
|
6283
6278
|
# @return [String]
|
6284
6279
|
#
|
6285
6280
|
# @!attribute [rw] ca_certificate_identifier
|
@@ -6361,8 +6356,10 @@ module Aws::RDS
|
|
6361
6356
|
#
|
6362
6357
|
# @!attribute [rw] performance_insights_kms_key_id
|
6363
6358
|
# The AWS KMS key identifier for encryption of Performance Insights
|
6364
|
-
# data.
|
6365
|
-
#
|
6359
|
+
# data.
|
6360
|
+
#
|
6361
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6362
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6366
6363
|
# @return [String]
|
6367
6364
|
#
|
6368
6365
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -6421,6 +6418,11 @@ module Aws::RDS
|
|
6421
6418
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
|
6422
6419
|
# @return [Array<Types::Tag>]
|
6423
6420
|
#
|
6421
|
+
# @!attribute [rw] db_instance_automated_backups_replications
|
6422
|
+
# The list of replicated automated backups associated with the DB
|
6423
|
+
# instance.
|
6424
|
+
# @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
|
6425
|
+
#
|
6424
6426
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstance AWS API Documentation
|
6425
6427
|
#
|
6426
6428
|
class DBInstance < Struct.new(
|
@@ -6484,7 +6486,8 @@ module Aws::RDS
|
|
6484
6486
|
:associated_roles,
|
6485
6487
|
:listener_endpoint,
|
6486
6488
|
:max_allocated_storage,
|
6487
|
-
:tag_list
|
6489
|
+
:tag_list,
|
6490
|
+
:db_instance_automated_backups_replications)
|
6488
6491
|
SENSITIVE = []
|
6489
6492
|
include Aws::Structure
|
6490
6493
|
end
|
@@ -6495,12 +6498,12 @@ module Aws::RDS
|
|
6495
6498
|
#
|
6496
6499
|
class DBInstanceAlreadyExistsFault < Aws::EmptyStructure; end
|
6497
6500
|
|
6498
|
-
# An automated backup of a DB instance. It
|
6499
|
-
#
|
6500
|
-
#
|
6501
|
+
# An automated backup of a DB instance. It consists of system backups,
|
6502
|
+
# transaction logs, and the database instance properties that existed at
|
6503
|
+
# the time you deleted the source instance.
|
6501
6504
|
#
|
6502
6505
|
# @!attribute [rw] db_instance_arn
|
6503
|
-
# The Amazon Resource Name (ARN) for the automated
|
6506
|
+
# The Amazon Resource Name (ARN) for the automated backups.
|
6504
6507
|
# @return [String]
|
6505
6508
|
#
|
6506
6509
|
# @!attribute [rw] dbi_resource_id
|
@@ -6601,9 +6604,10 @@ module Aws::RDS
|
|
6601
6604
|
# @return [String]
|
6602
6605
|
#
|
6603
6606
|
# @!attribute [rw] kms_key_id
|
6604
|
-
# The AWS KMS key ID for an automated backup.
|
6605
|
-
#
|
6606
|
-
#
|
6607
|
+
# The AWS KMS key ID for an automated backup.
|
6608
|
+
#
|
6609
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6610
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6607
6611
|
# @return [String]
|
6608
6612
|
#
|
6609
6613
|
# @!attribute [rw] timezone
|
@@ -6617,6 +6621,19 @@ module Aws::RDS
|
|
6617
6621
|
# to database accounts is enabled, and otherwise false.
|
6618
6622
|
# @return [Boolean]
|
6619
6623
|
#
|
6624
|
+
# @!attribute [rw] backup_retention_period
|
6625
|
+
# The retention period for the automated backups.
|
6626
|
+
# @return [Integer]
|
6627
|
+
#
|
6628
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
6629
|
+
# The Amazon Resource Name (ARN) for the replicated automated backups.
|
6630
|
+
# @return [String]
|
6631
|
+
#
|
6632
|
+
# @!attribute [rw] db_instance_automated_backups_replications
|
6633
|
+
# The list of replications to different AWS Regions associated with
|
6634
|
+
# the automated backup.
|
6635
|
+
# @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
|
6636
|
+
#
|
6620
6637
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackup AWS API Documentation
|
6621
6638
|
#
|
6622
6639
|
class DBInstanceAutomatedBackup < Struct.new(
|
@@ -6642,7 +6659,10 @@ module Aws::RDS
|
|
6642
6659
|
:storage_type,
|
6643
6660
|
:kms_key_id,
|
6644
6661
|
:timezone,
|
6645
|
-
:iam_database_authentication_enabled
|
6662
|
+
:iam_database_authentication_enabled,
|
6663
|
+
:backup_retention_period,
|
6664
|
+
:db_instance_automated_backups_arn,
|
6665
|
+
:db_instance_automated_backups_replications)
|
6646
6666
|
SENSITIVE = []
|
6647
6667
|
include Aws::Structure
|
6648
6668
|
end
|
@@ -6683,6 +6703,22 @@ module Aws::RDS
|
|
6683
6703
|
#
|
6684
6704
|
class DBInstanceAutomatedBackupQuotaExceededFault < Aws::EmptyStructure; end
|
6685
6705
|
|
6706
|
+
# Automated backups of a DB instance replicated to another AWS Region.
|
6707
|
+
# They consist of system backups, transaction logs, and database
|
6708
|
+
# instance properties.
|
6709
|
+
#
|
6710
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
6711
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups.
|
6712
|
+
# @return [String]
|
6713
|
+
#
|
6714
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackupsReplication AWS API Documentation
|
6715
|
+
#
|
6716
|
+
class DBInstanceAutomatedBackupsReplication < Struct.new(
|
6717
|
+
:db_instance_automated_backups_arn)
|
6718
|
+
SENSITIVE = []
|
6719
|
+
include Aws::Structure
|
6720
|
+
end
|
6721
|
+
|
6686
6722
|
# Contains the result of a successful invocation of the
|
6687
6723
|
# `DescribeDBInstances` action.
|
6688
6724
|
#
|
@@ -7450,6 +7486,9 @@ module Aws::RDS
|
|
7450
7486
|
# @!attribute [rw] kms_key_id
|
7451
7487
|
# If `Encrypted` is true, the AWS KMS key identifier for the encrypted
|
7452
7488
|
# DB snapshot.
|
7489
|
+
#
|
7490
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
7491
|
+
# alias name for the AWS KMS customer master key (CMK).
|
7453
7492
|
# @return [String]
|
7454
7493
|
#
|
7455
7494
|
# @!attribute [rw] db_snapshot_arn
|
@@ -7935,7 +7974,8 @@ module Aws::RDS
|
|
7935
7974
|
# data as a hash:
|
7936
7975
|
#
|
7937
7976
|
# {
|
7938
|
-
# dbi_resource_id: "String",
|
7977
|
+
# dbi_resource_id: "String",
|
7978
|
+
# db_instance_automated_backups_arn: "String",
|
7939
7979
|
# }
|
7940
7980
|
#
|
7941
7981
|
# @!attribute [rw] dbi_resource_id
|
@@ -7943,18 +7983,25 @@ module Aws::RDS
|
|
7943
7983
|
# and which is unique to an AWS Region.
|
7944
7984
|
# @return [String]
|
7945
7985
|
#
|
7986
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
7987
|
+
# The Amazon Resource Name (ARN) of the automated backups to delete,
|
7988
|
+
# for example,
|
7989
|
+
# `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
7990
|
+
# @return [String]
|
7991
|
+
#
|
7946
7992
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupMessage AWS API Documentation
|
7947
7993
|
#
|
7948
7994
|
class DeleteDBInstanceAutomatedBackupMessage < Struct.new(
|
7949
|
-
:dbi_resource_id
|
7995
|
+
:dbi_resource_id,
|
7996
|
+
:db_instance_automated_backups_arn)
|
7950
7997
|
SENSITIVE = []
|
7951
7998
|
include Aws::Structure
|
7952
7999
|
end
|
7953
8000
|
|
7954
8001
|
# @!attribute [rw] db_instance_automated_backup
|
7955
|
-
# An automated backup of a DB instance. It
|
7956
|
-
#
|
7957
|
-
#
|
8002
|
+
# An automated backup of a DB instance. It consists of system backups,
|
8003
|
+
# transaction logs, and the database instance properties that existed
|
8004
|
+
# at the time you deleted the source instance.
|
7958
8005
|
# @return [Types::DBInstanceAutomatedBackup]
|
7959
8006
|
#
|
7960
8007
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupResult AWS API Documentation
|
@@ -9172,6 +9219,7 @@ module Aws::RDS
|
|
9172
9219
|
# ],
|
9173
9220
|
# max_records: 1,
|
9174
9221
|
# marker: "String",
|
9222
|
+
# db_instance_automated_backups_arn: "String",
|
9175
9223
|
# }
|
9176
9224
|
#
|
9177
9225
|
# @!attribute [rw] dbi_resource_id
|
@@ -9227,6 +9275,12 @@ module Aws::RDS
|
|
9227
9275
|
# marker, up to `MaxRecords`.
|
9228
9276
|
# @return [String]
|
9229
9277
|
#
|
9278
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
9279
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups,
|
9280
|
+
# for example,
|
9281
|
+
# `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
9282
|
+
# @return [String]
|
9283
|
+
#
|
9230
9284
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBInstanceAutomatedBackupsMessage AWS API Documentation
|
9231
9285
|
#
|
9232
9286
|
class DescribeDBInstanceAutomatedBackupsMessage < Struct.new(
|
@@ -9234,7 +9288,8 @@ module Aws::RDS
|
|
9234
9288
|
:db_instance_identifier,
|
9235
9289
|
:filters,
|
9236
9290
|
:max_records,
|
9237
|
-
:marker
|
9291
|
+
:marker,
|
9292
|
+
:db_instance_automated_backups_arn)
|
9238
9293
|
SENSITIVE = []
|
9239
9294
|
include Aws::Structure
|
9240
9295
|
end
|
@@ -11742,11 +11797,11 @@ module Aws::RDS
|
|
11742
11797
|
# @return [String]
|
11743
11798
|
#
|
11744
11799
|
# @!attribute [rw] kms_key_id
|
11745
|
-
# The
|
11746
|
-
# it's exported to Amazon S3. The
|
11747
|
-
#
|
11748
|
-
#
|
11749
|
-
#
|
11800
|
+
# The key identifier of the AWS KMS customer master key (CMK) that is
|
11801
|
+
# used to encrypt the snapshot when it's exported to Amazon S3. The
|
11802
|
+
# AWS KMS CMK identifier is its key ARN, key ID, alias ARN, or alias
|
11803
|
+
# name. The IAM role used for the snapshot export must have encryption
|
11804
|
+
# and decryption permissions to use this AWS KMS CMK.
|
11750
11805
|
# @return [String]
|
11751
11806
|
#
|
11752
11807
|
# @!attribute [rw] status
|
@@ -11930,7 +11985,8 @@ module Aws::RDS
|
|
11930
11985
|
# @!attribute [rw] global_cluster_resource_id
|
11931
11986
|
# The AWS Region-unique, immutable identifier for the global database
|
11932
11987
|
# cluster. This identifier is found in AWS CloudTrail log entries
|
11933
|
-
# whenever the AWS KMS key for the DB cluster is
|
11988
|
+
# whenever the AWS KMS customer master key (CMK) for the DB cluster is
|
11989
|
+
# accessed.
|
11934
11990
|
# @return [String]
|
11935
11991
|
#
|
11936
11992
|
# @!attribute [rw] global_cluster_arn
|
@@ -13811,13 +13867,15 @@ module Aws::RDS
|
|
13811
13867
|
#
|
13812
13868
|
# @!attribute [rw] performance_insights_kms_key_id
|
13813
13869
|
# The AWS KMS key identifier for encryption of Performance Insights
|
13814
|
-
# data.
|
13815
|
-
#
|
13870
|
+
# data.
|
13871
|
+
#
|
13872
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
13873
|
+
# alias name for the AWS KMS customer master key (CMK).
|
13816
13874
|
#
|
13817
13875
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
13818
|
-
# then Amazon RDS uses your default
|
13819
|
-
#
|
13820
|
-
#
|
13876
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
13877
|
+
# your AWS account. Your AWS account has a different default CMK for
|
13878
|
+
# each AWS Region.
|
13821
13879
|
# @return [String]
|
13822
13880
|
#
|
13823
13881
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -16140,7 +16198,7 @@ module Aws::RDS
|
|
16140
16198
|
#
|
16141
16199
|
# @!attribute [rw] role_arn
|
16142
16200
|
# The Amazon Resource Name (ARN) of the IAM role to disassociate from
|
16143
|
-
# the DB instance, for example
|
16201
|
+
# the DB instance, for example,
|
16144
16202
|
# `arn:aws:iam::123456789012:role/AccessRole`.
|
16145
16203
|
# @return [String]
|
16146
16204
|
#
|
@@ -16857,17 +16915,14 @@ module Aws::RDS
|
|
16857
16915
|
# @!attribute [rw] kms_key_id
|
16858
16916
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
16859
16917
|
#
|
16860
|
-
# The KMS key identifier is the
|
16861
|
-
#
|
16862
|
-
#
|
16863
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
16864
|
-
# the KM encryption key.
|
16918
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
16919
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
16920
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
16865
16921
|
#
|
16866
16922
|
# If the StorageEncrypted parameter is enabled, and you do not specify
|
16867
16923
|
# a value for the `KmsKeyId` parameter, then Amazon RDS will use your
|
16868
|
-
# default
|
16869
|
-
#
|
16870
|
-
# encryption key for each AWS Region.
|
16924
|
+
# default CMK. There is a default CMK for your AWS account. Your AWS
|
16925
|
+
# account has a different default CMK for each AWS Region.
|
16871
16926
|
# @return [String]
|
16872
16927
|
#
|
16873
16928
|
# @!attribute [rw] enable_iam_database_authentication
|
@@ -17185,18 +17240,16 @@ module Aws::RDS
|
|
17185
17240
|
# The AWS KMS key identifier to use when restoring an encrypted DB
|
17186
17241
|
# cluster from a DB snapshot or DB cluster snapshot.
|
17187
17242
|
#
|
17188
|
-
# The KMS key identifier is the
|
17189
|
-
#
|
17190
|
-
#
|
17191
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
17192
|
-
# the KMS encryption key.
|
17243
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
17244
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
17245
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
17193
17246
|
#
|
17194
|
-
#
|
17195
|
-
# following occurs:
|
17247
|
+
# When you don't specify a value for the `KmsKeyId` parameter, then
|
17248
|
+
# the following occurs:
|
17196
17249
|
#
|
17197
17250
|
# * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
|
17198
17251
|
# is encrypted, then the restored DB cluster is encrypted using the
|
17199
|
-
# KMS
|
17252
|
+
# AWS KMS CMK that was used to encrypt the DB snapshot or DB cluster
|
17200
17253
|
# snapshot.
|
17201
17254
|
#
|
17202
17255
|
# * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
|
@@ -17491,23 +17544,21 @@ module Aws::RDS
|
|
17491
17544
|
# The AWS KMS key identifier to use when restoring an encrypted DB
|
17492
17545
|
# cluster from an encrypted DB cluster.
|
17493
17546
|
#
|
17494
|
-
# The KMS key identifier is the
|
17495
|
-
#
|
17496
|
-
#
|
17497
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
17498
|
-
# the KMS encryption key.
|
17547
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
17548
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
17549
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
17499
17550
|
#
|
17500
17551
|
# You can restore to a new DB cluster and encrypt the new DB cluster
|
17501
|
-
# with a KMS
|
17502
|
-
# the source DB cluster. The new DB cluster is encrypted with
|
17503
|
-
#
|
17552
|
+
# with a AWS KMS CMK that is different than the AWS KMS key used to
|
17553
|
+
# encrypt the source DB cluster. The new DB cluster is encrypted with
|
17554
|
+
# the AWS KMS CMK identified by the `KmsKeyId` parameter.
|
17504
17555
|
#
|
17505
17556
|
# If you don't specify a value for the `KmsKeyId` parameter, then the
|
17506
17557
|
# following occurs:
|
17507
17558
|
#
|
17508
17559
|
# * If the DB cluster is encrypted, then the restored DB cluster is
|
17509
|
-
# encrypted using the KMS
|
17510
|
-
# cluster.
|
17560
|
+
# encrypted using the AWS KMS CMK that was used to encrypt the
|
17561
|
+
# source DB cluster.
|
17511
17562
|
#
|
17512
17563
|
# * If the DB cluster isn't encrypted, then the restored DB cluster
|
17513
17564
|
# isn't encrypted.
|
@@ -18366,17 +18417,14 @@ module Aws::RDS
|
|
18366
18417
|
# @!attribute [rw] kms_key_id
|
18367
18418
|
# The AWS KMS key identifier for an encrypted DB instance.
|
18368
18419
|
#
|
18369
|
-
# The KMS key identifier is the
|
18370
|
-
#
|
18371
|
-
#
|
18372
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
18373
|
-
# the KM encryption key.
|
18420
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
18421
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
18422
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
18374
18423
|
#
|
18375
18424
|
# If the `StorageEncrypted` parameter is enabled, and you do not
|
18376
18425
|
# specify a value for the `KmsKeyId` parameter, then Amazon RDS will
|
18377
|
-
# use your default
|
18378
|
-
#
|
18379
|
-
# different default encryption key for each AWS Region.
|
18426
|
+
# use your default CMK. There is a default CMK for your AWS account.
|
18427
|
+
# Your AWS account has a different default CMK for each AWS Region.
|
18380
18428
|
# @return [String]
|
18381
18429
|
#
|
18382
18430
|
# @!attribute [rw] copy_tags_to_snapshot
|
@@ -18468,13 +18516,15 @@ module Aws::RDS
|
|
18468
18516
|
#
|
18469
18517
|
# @!attribute [rw] performance_insights_kms_key_id
|
18470
18518
|
# The AWS KMS key identifier for encryption of Performance Insights
|
18471
|
-
# data.
|
18472
|
-
#
|
18519
|
+
# data.
|
18520
|
+
#
|
18521
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
18522
|
+
# alias name for the AWS KMS customer master key (CMK).
|
18473
18523
|
#
|
18474
18524
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
18475
|
-
# then Amazon RDS uses your default
|
18476
|
-
#
|
18477
|
-
#
|
18525
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
18526
|
+
# your AWS account. Your AWS account has a different default CMK for
|
18527
|
+
# each AWS Region.
|
18478
18528
|
# @return [String]
|
18479
18529
|
#
|
18480
18530
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -18631,6 +18681,7 @@ module Aws::RDS
|
|
18631
18681
|
# deletion_protection: false,
|
18632
18682
|
# source_dbi_resource_id: "String",
|
18633
18683
|
# max_allocated_storage: 1,
|
18684
|
+
# source_db_instance_automated_backups_arn: "String",
|
18634
18685
|
# }
|
18635
18686
|
#
|
18636
18687
|
# @!attribute [rw] source_db_instance_identifier
|
@@ -18959,6 +19010,12 @@ module Aws::RDS
|
|
18959
19010
|
# storage of the DB instance.
|
18960
19011
|
# @return [Integer]
|
18961
19012
|
#
|
19013
|
+
# @!attribute [rw] source_db_instance_automated_backups_arn
|
19014
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups
|
19015
|
+
# from which to restore, for example,
|
19016
|
+
# `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
19017
|
+
# @return [String]
|
19018
|
+
#
|
18962
19019
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTimeMessage AWS API Documentation
|
18963
19020
|
#
|
18964
19021
|
class RestoreDBInstanceToPointInTimeMessage < Struct.new(
|
@@ -18993,7 +19050,8 @@ module Aws::RDS
|
|
18993
19050
|
:db_parameter_group_name,
|
18994
19051
|
:deletion_protection,
|
18995
19052
|
:source_dbi_resource_id,
|
18996
|
-
:max_allocated_storage
|
19053
|
+
:max_allocated_storage,
|
19054
|
+
:source_db_instance_automated_backups_arn)
|
18997
19055
|
SENSITIVE = []
|
18998
19056
|
include Aws::Structure
|
18999
19057
|
end
|
@@ -19306,12 +19364,18 @@ module Aws::RDS
|
|
19306
19364
|
# The status of the source AWS Region.
|
19307
19365
|
# @return [String]
|
19308
19366
|
#
|
19367
|
+
# @!attribute [rw] supports_db_instance_automated_backups_replication
|
19368
|
+
# Whether the source AWS Region supports replicating automated backups
|
19369
|
+
# to the current AWS Region.
|
19370
|
+
# @return [Boolean]
|
19371
|
+
#
|
19309
19372
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/SourceRegion AWS API Documentation
|
19310
19373
|
#
|
19311
19374
|
class SourceRegion < Struct.new(
|
19312
19375
|
:region_name,
|
19313
19376
|
:endpoint,
|
19314
|
-
:status
|
19377
|
+
:status,
|
19378
|
+
:supports_db_instance_automated_backups_replication)
|
19315
19379
|
SENSITIVE = []
|
19316
19380
|
include Aws::Structure
|
19317
19381
|
end
|
@@ -19351,7 +19415,7 @@ module Aws::RDS
|
|
19351
19415
|
# }
|
19352
19416
|
#
|
19353
19417
|
# @!attribute [rw] resource_arn
|
19354
|
-
# The Amazon Resource Name (ARN) of the DB cluster, for example
|
19418
|
+
# The Amazon Resource Name (ARN) of the DB cluster, for example,
|
19355
19419
|
# `arn:aws:rds:us-east-1:12345667890:cluster:das-cluster`.
|
19356
19420
|
# @return [String]
|
19357
19421
|
#
|
@@ -19364,8 +19428,8 @@ module Aws::RDS
|
|
19364
19428
|
#
|
19365
19429
|
# @!attribute [rw] kms_key_id
|
19366
19430
|
# The AWS KMS key identifier for encrypting messages in the database
|
19367
|
-
# activity stream. The key identifier
|
19368
|
-
# ARN, or
|
19431
|
+
# activity stream. The AWS KMS key identifier is the key ARN, key ID,
|
19432
|
+
# alias ARN, or alias name for the AWS KMS customer master key (CMK).
|
19369
19433
|
# @return [String]
|
19370
19434
|
#
|
19371
19435
|
# @!attribute [rw] apply_immediately
|
@@ -19456,6 +19520,75 @@ module Aws::RDS
|
|
19456
19520
|
include Aws::Structure
|
19457
19521
|
end
|
19458
19522
|
|
19523
|
+
# @note When making an API call, you may pass StartDBInstanceAutomatedBackupsReplicationMessage
|
19524
|
+
# data as a hash:
|
19525
|
+
#
|
19526
|
+
# {
|
19527
|
+
# source_db_instance_arn: "String", # required
|
19528
|
+
# backup_retention_period: 1,
|
19529
|
+
# kms_key_id: "String",
|
19530
|
+
# pre_signed_url: "String",
|
19531
|
+
# source_region: "String",
|
19532
|
+
# }
|
19533
|
+
#
|
19534
|
+
# @!attribute [rw] source_db_instance_arn
|
19535
|
+
# The Amazon Resource Name (ARN) of the source DB instance for the
|
19536
|
+
# replicated automated backups, for example,
|
19537
|
+
# `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
|
19538
|
+
# @return [String]
|
19539
|
+
#
|
19540
|
+
# @!attribute [rw] backup_retention_period
|
19541
|
+
# The retention period for the replicated automated backups.
|
19542
|
+
# @return [Integer]
|
19543
|
+
#
|
19544
|
+
# @!attribute [rw] kms_key_id
|
19545
|
+
# The AWS KMS key identifier for encryption of the replicated
|
19546
|
+
# automated backups. The KMS key ID is the Amazon Resource Name (ARN)
|
19547
|
+
# for the KMS encryption key in the destination AWS Region, for
|
19548
|
+
# example,
|
19549
|
+
# `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.
|
19550
|
+
# @return [String]
|
19551
|
+
#
|
19552
|
+
# @!attribute [rw] pre_signed_url
|
19553
|
+
# A URL that contains a Signature Version 4 signed request for the
|
19554
|
+
# StartDBInstanceAutomatedBackupsReplication action to be called in
|
19555
|
+
# the AWS Region of the source DB instance. The presigned URL must be
|
19556
|
+
# a valid request for the StartDBInstanceAutomatedBackupsReplication
|
19557
|
+
# API action that can be executed in the AWS Region that contains the
|
19558
|
+
# source DB instance.
|
19559
|
+
# @return [String]
|
19560
|
+
#
|
19561
|
+
# @!attribute [rw] source_region
|
19562
|
+
# The source region of the snapshot. This is only needed when the
|
19563
|
+
# shapshot is encrypted and in a different region.
|
19564
|
+
# @return [String]
|
19565
|
+
#
|
19566
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
|
19567
|
+
#
|
19568
|
+
class StartDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
|
19569
|
+
:source_db_instance_arn,
|
19570
|
+
:backup_retention_period,
|
19571
|
+
:kms_key_id,
|
19572
|
+
:pre_signed_url,
|
19573
|
+
:source_region)
|
19574
|
+
SENSITIVE = []
|
19575
|
+
include Aws::Structure
|
19576
|
+
end
|
19577
|
+
|
19578
|
+
# @!attribute [rw] db_instance_automated_backup
|
19579
|
+
# An automated backup of a DB instance. It consists of system backups,
|
19580
|
+
# transaction logs, and the database instance properties that existed
|
19581
|
+
# at the time you deleted the source instance.
|
19582
|
+
# @return [Types::DBInstanceAutomatedBackup]
|
19583
|
+
#
|
19584
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
|
19585
|
+
#
|
19586
|
+
class StartDBInstanceAutomatedBackupsReplicationResult < Struct.new(
|
19587
|
+
:db_instance_automated_backup)
|
19588
|
+
SENSITIVE = []
|
19589
|
+
include Aws::Structure
|
19590
|
+
end
|
19591
|
+
|
19459
19592
|
# @note When making an API call, you may pass StartDBInstanceMessage
|
19460
19593
|
# data as a hash:
|
19461
19594
|
#
|
@@ -19524,11 +19657,12 @@ module Aws::RDS
|
|
19524
19657
|
# @return [String]
|
19525
19658
|
#
|
19526
19659
|
# @!attribute [rw] kms_key_id
|
19527
|
-
# The ID of the AWS KMS key to use to encrypt
|
19528
|
-
# Amazon S3. The KMS key
|
19529
|
-
# key
|
19530
|
-
# caller of this operation must be
|
19531
|
-
# operations. These can be set in
|
19660
|
+
# The ID of the AWS KMS customer master key (CMK) to use to encrypt
|
19661
|
+
# the snapshot exported to Amazon S3. The AWS KMS key identifier is
|
19662
|
+
# the key ARN, key ID, alias ARN, or alias name for the AWS KMS
|
19663
|
+
# customer master key (CMK). The caller of this operation must be
|
19664
|
+
# authorized to execute the following operations. These can be set in
|
19665
|
+
# the AWS KMS key policy:
|
19532
19666
|
#
|
19533
19667
|
# * GrantOperation.Encrypt
|
19534
19668
|
#
|
@@ -19620,6 +19754,9 @@ module Aws::RDS
|
|
19620
19754
|
# @!attribute [rw] kms_key_id
|
19621
19755
|
# The AWS KMS key identifier used for encrypting messages in the
|
19622
19756
|
# database activity stream.
|
19757
|
+
#
|
19758
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
19759
|
+
# alias name for the AWS KMS customer master key (CMK).
|
19623
19760
|
# @return [String]
|
19624
19761
|
#
|
19625
19762
|
# @!attribute [rw] kinesis_stream_name
|
@@ -19676,6 +19813,41 @@ module Aws::RDS
|
|
19676
19813
|
include Aws::Structure
|
19677
19814
|
end
|
19678
19815
|
|
19816
|
+
# @note When making an API call, you may pass StopDBInstanceAutomatedBackupsReplicationMessage
|
19817
|
+
# data as a hash:
|
19818
|
+
#
|
19819
|
+
# {
|
19820
|
+
# source_db_instance_arn: "String", # required
|
19821
|
+
# }
|
19822
|
+
#
|
19823
|
+
# @!attribute [rw] source_db_instance_arn
|
19824
|
+
# The Amazon Resource Name (ARN) of the source DB instance for which
|
19825
|
+
# to stop replicating automated backups, for example,
|
19826
|
+
# `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
|
19827
|
+
# @return [String]
|
19828
|
+
#
|
19829
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
|
19830
|
+
#
|
19831
|
+
class StopDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
|
19832
|
+
:source_db_instance_arn)
|
19833
|
+
SENSITIVE = []
|
19834
|
+
include Aws::Structure
|
19835
|
+
end
|
19836
|
+
|
19837
|
+
# @!attribute [rw] db_instance_automated_backup
|
19838
|
+
# An automated backup of a DB instance. It consists of system backups,
|
19839
|
+
# transaction logs, and the database instance properties that existed
|
19840
|
+
# at the time you deleted the source instance.
|
19841
|
+
# @return [Types::DBInstanceAutomatedBackup]
|
19842
|
+
#
|
19843
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
|
19844
|
+
#
|
19845
|
+
class StopDBInstanceAutomatedBackupsReplicationResult < Struct.new(
|
19846
|
+
:db_instance_automated_backup)
|
19847
|
+
SENSITIVE = []
|
19848
|
+
include Aws::Structure
|
19849
|
+
end
|
19850
|
+
|
19679
19851
|
# @note When making an API call, you may pass StopDBInstanceMessage
|
19680
19852
|
# data as a hash:
|
19681
19853
|
#
|