aws-sdk-rds 1.106.0 → 1.107.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-rds.rb +1 -1
- data/lib/aws-sdk-rds/client.rb +351 -151
- data/lib/aws-sdk-rds/client_api.rb +59 -5
- data/lib/aws-sdk-rds/db_cluster.rb +30 -30
- data/lib/aws-sdk-rds/db_cluster_snapshot.rb +23 -22
- data/lib/aws-sdk-rds/db_instance.rb +59 -39
- data/lib/aws-sdk-rds/db_snapshot.rb +17 -15
- data/lib/aws-sdk-rds/plugins/cross_region_copying.rb +11 -12
- data/lib/aws-sdk-rds/resource.rb +30 -35
- data/lib/aws-sdk-rds/types.rb +346 -174
- metadata +2 -2
@@ -174,6 +174,9 @@ module Aws::RDS
|
|
174
174
|
|
175
175
|
# If `Encrypted` is true, the AWS KMS key identifier for the encrypted
|
176
176
|
# DB snapshot.
|
177
|
+
#
|
178
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
179
|
+
# name for the AWS KMS customer master key (CMK).
|
177
180
|
# @return [String]
|
178
181
|
def kms_key_id
|
179
182
|
data[:kms_key_id]
|
@@ -426,14 +429,14 @@ module Aws::RDS
|
|
426
429
|
#
|
427
430
|
# Example: `my-db-snapshot`
|
428
431
|
# @option options [String] :kms_key_id
|
429
|
-
# The AWS KMS key
|
430
|
-
#
|
431
|
-
#
|
432
|
+
# The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
|
433
|
+
# key identifier is the key ARN, key ID, alias ARN, or alias name for
|
434
|
+
# the AWS KMS customer master key (CMK).
|
432
435
|
#
|
433
436
|
# If you copy an encrypted DB snapshot from your AWS account, you can
|
434
|
-
# specify a value for this parameter to encrypt the copy with a new
|
435
|
-
#
|
436
|
-
#
|
437
|
+
# specify a value for this parameter to encrypt the copy with a new AWS
|
438
|
+
# KMS CMK. If you don't specify a value for this parameter, then the
|
439
|
+
# copy of the DB snapshot is encrypted with the same AWS KMS key as the
|
437
440
|
# source DB snapshot.
|
438
441
|
#
|
439
442
|
# If you copy an encrypted DB snapshot that is shared from another AWS
|
@@ -443,9 +446,9 @@ module Aws::RDS
|
|
443
446
|
# the copy is encrypted.
|
444
447
|
#
|
445
448
|
# If you copy an encrypted snapshot to a different AWS Region, then you
|
446
|
-
# must specify a KMS key for the destination AWS Region.
|
447
|
-
#
|
448
|
-
# can't use
|
449
|
+
# must specify a AWS KMS key identifier for the destination AWS Region.
|
450
|
+
# AWS KMS CMKs are specific to the AWS Region that they are created in,
|
451
|
+
# and you can't use CMKs from one AWS Region in another AWS Region.
|
449
452
|
# @option options [Array<Types::Tag>] :tags
|
450
453
|
# A list of tags. For more information, see [Tagging Amazon RDS
|
451
454
|
# Resources][1] in the *Amazon RDS User Guide.*
|
@@ -482,11 +485,11 @@ module Aws::RDS
|
|
482
485
|
# the us-west-2 AWS Region. For this example, the `DestinationRegion`
|
483
486
|
# in the presigned URL must be set to the us-east-1 AWS Region.
|
484
487
|
#
|
485
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
486
|
-
# encrypt the copy of the DB snapshot in the
|
487
|
-
# This is the same identifier for both the
|
488
|
-
# that is called in the destination AWS
|
489
|
-
# contained in the presigned URL.
|
488
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master key
|
489
|
+
# (CMK) to use to encrypt the copy of the DB snapshot in the
|
490
|
+
# destination AWS Region. This is the same identifier for both the
|
491
|
+
# `CopyDBSnapshot` action that is called in the destination AWS
|
492
|
+
# Region, and the action contained in the presigned URL.
|
490
493
|
#
|
491
494
|
# * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
|
492
495
|
# encrypted snapshot to be copied. This identifier must be in the
|
@@ -531,7 +534,6 @@ module Aws::RDS
|
|
531
534
|
# CAZ.
|
532
535
|
#
|
533
536
|
# Example: `rds-caz-aiqhTgQv`.
|
534
|
-
# @option options [String] :destination_region
|
535
537
|
# @option options [String] :source_region
|
536
538
|
# The source region of the snapshot. This is only needed when the
|
537
539
|
# shapshot is encrypted and in a different region.
|
@@ -5,28 +5,26 @@ require 'aws-sigv4'
|
|
5
5
|
module Aws
|
6
6
|
module RDS
|
7
7
|
module Plugins
|
8
|
-
|
9
|
-
#
|
10
|
-
# CopyDBSnapshot API.
|
8
|
+
# This plugin populates the `:pre_signed_url` request param for APIs
|
9
|
+
# that support cross region copying.
|
11
10
|
#
|
12
11
|
# This parameter is required by RDS when copying an encrypted snapshot
|
13
12
|
# across regions. This plugin will be skipped if the `:pre_signed_url`
|
14
13
|
# parameter is provided by the user.
|
15
14
|
class CrossRegionCopying < Seahorse::Client::Plugin
|
16
|
-
|
17
15
|
# @api private
|
18
16
|
class Handler < Seahorse::Client::Handler
|
19
|
-
|
20
17
|
def call(context)
|
21
18
|
params = context.params
|
22
|
-
if params.is_a?(Hash) &&
|
19
|
+
if params.is_a?(Hash) &&
|
20
|
+
params[:source_region] && !params[:pre_signed_url]
|
23
21
|
params[:pre_signed_url] = presigned_url(context, params)
|
24
|
-
params[:destination_region] = context.config.region
|
25
22
|
end
|
26
23
|
@handler.call(context)
|
27
24
|
end
|
28
25
|
|
29
26
|
private
|
27
|
+
|
30
28
|
def presigned_url(context, params)
|
31
29
|
# :source_region is not modeled in the api
|
32
30
|
source_region = params.delete(:source_region)
|
@@ -43,12 +41,13 @@ module Aws
|
|
43
41
|
region: source_region,
|
44
42
|
credentials_provider: context.config.credentials
|
45
43
|
)
|
46
|
-
url = Aws::Partitions::EndpointProvider.resolve(
|
47
|
-
|
44
|
+
url = Aws::Partitions::EndpointProvider.resolve(
|
45
|
+
signer.region, 'rds'
|
46
|
+
)
|
47
|
+
url += "?#{param_list}"
|
48
48
|
signer.presign_url(
|
49
49
|
http_method: 'GET',
|
50
50
|
url: url,
|
51
|
-
body: '',
|
52
51
|
expires_in: 3600
|
53
52
|
).to_s
|
54
53
|
end
|
@@ -61,10 +60,10 @@ module Aws
|
|
61
60
|
:copy_db_snapshot,
|
62
61
|
:create_db_instance_read_replica,
|
63
62
|
:copy_db_cluster_snapshot,
|
64
|
-
:create_db_cluster
|
63
|
+
:create_db_cluster,
|
64
|
+
:start_db_instance_automated_backups_replication
|
65
65
|
]
|
66
66
|
)
|
67
|
-
|
68
67
|
end
|
69
68
|
end
|
70
69
|
end
|
data/lib/aws-sdk-rds/resource.rb
CHANGED
@@ -258,30 +258,27 @@ module Aws::RDS
|
|
258
258
|
# @option options [String] :kms_key_id
|
259
259
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
260
260
|
#
|
261
|
-
# The KMS key identifier is the
|
262
|
-
#
|
263
|
-
# account
|
264
|
-
# cluster, then you can use the KMS key alias instead of the ARN for the
|
265
|
-
# KMS encryption key.
|
261
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
262
|
+
# name for the AWS KMS customer master key (CMK). To use a CMK in a
|
263
|
+
# different AWS account, specify the key ARN or alias ARN.
|
266
264
|
#
|
267
|
-
#
|
265
|
+
# When a CMK isn't specified in `KmsKeyId`\:
|
268
266
|
#
|
269
267
|
# * If `ReplicationSourceIdentifier` identifies an encrypted source,
|
270
|
-
# then Amazon RDS will use the
|
271
|
-
#
|
268
|
+
# then Amazon RDS will use the CMK used to encrypt the source.
|
269
|
+
# Otherwise, Amazon RDS will use your default CMK.
|
272
270
|
#
|
273
271
|
# * If the `StorageEncrypted` parameter is enabled and
|
274
272
|
# `ReplicationSourceIdentifier` isn't specified, then Amazon RDS will
|
275
|
-
# use your default
|
273
|
+
# use your default CMK.
|
276
274
|
#
|
277
|
-
#
|
278
|
-
#
|
279
|
-
# Region.
|
275
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
276
|
+
# different default CMK for each AWS Region.
|
280
277
|
#
|
281
278
|
# If you create a read replica of an encrypted DB cluster in another AWS
|
282
|
-
# Region, you must set `KmsKeyId` to a KMS key
|
283
|
-
# destination AWS Region. This
|
284
|
-
# in that AWS Region.
|
279
|
+
# Region, you must set `KmsKeyId` to a AWS KMS key identifier that is
|
280
|
+
# valid in the destination AWS Region. This CMK is used to encrypt the
|
281
|
+
# read replica in that AWS Region.
|
285
282
|
# @option options [String] :pre_signed_url
|
286
283
|
# A URL that contains a Signature Version 4 signed request for the
|
287
284
|
# `CreateDBCluster` action to be called in the source AWS Region where
|
@@ -298,9 +295,9 @@ module Aws::RDS
|
|
298
295
|
#
|
299
296
|
# * `KmsKeyId` - The AWS KMS key identifier for the key to use to
|
300
297
|
# encrypt the copy of the DB cluster in the destination AWS Region.
|
301
|
-
# This should refer to the same KMS
|
302
|
-
# action that is called in the destination AWS
|
303
|
-
# contained in the pre-signed URL.
|
298
|
+
# This should refer to the same AWS KMS CMK for both the
|
299
|
+
# `CreateDBCluster` action that is called in the destination AWS
|
300
|
+
# Region, and the action contained in the pre-signed URL.
|
304
301
|
#
|
305
302
|
# * `DestinationRegion` - The name of the AWS Region that Aurora read
|
306
303
|
# replica will be created in.
|
@@ -460,7 +457,6 @@ module Aws::RDS
|
|
460
457
|
# This parameter only applies to DB clusters that are secondary clusters
|
461
458
|
# in an Aurora global database. By default, Aurora disallows write
|
462
459
|
# operations for secondary clusters.
|
463
|
-
# @option options [String] :destination_region
|
464
460
|
# @option options [String] :source_region
|
465
461
|
# The source region of the snapshot. This is only needed when the
|
466
462
|
# shapshot is encrypted and in a different region.
|
@@ -1230,22 +1226,19 @@ module Aws::RDS
|
|
1230
1226
|
# @option options [String] :kms_key_id
|
1231
1227
|
# The AWS KMS key identifier for an encrypted DB instance.
|
1232
1228
|
#
|
1233
|
-
# The KMS key identifier is the
|
1234
|
-
#
|
1235
|
-
# account
|
1236
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
1237
|
-
# the KM encryption key.
|
1229
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1230
|
+
# name for the AWS KMS customer master key (CMK). To use a CMK in a
|
1231
|
+
# different AWS account, specify the key ARN or alias ARN.
|
1238
1232
|
#
|
1239
1233
|
# **Amazon Aurora**
|
1240
1234
|
#
|
1241
|
-
# Not applicable. The KMS key identifier is managed by the DB
|
1242
|
-
# For more information, see `CreateDBCluster`.
|
1235
|
+
# Not applicable. The AWS KMS key identifier is managed by the DB
|
1236
|
+
# cluster. For more information, see `CreateDBCluster`.
|
1243
1237
|
#
|
1244
1238
|
# If `StorageEncrypted` is enabled, and you do not specify a value for
|
1245
|
-
# the `KmsKeyId` parameter, then Amazon RDS
|
1246
|
-
#
|
1247
|
-
#
|
1248
|
-
# for each AWS Region.
|
1239
|
+
# the `KmsKeyId` parameter, then Amazon RDS uses your default CMK. There
|
1240
|
+
# is a default CMK for your AWS account. Your AWS account has a
|
1241
|
+
# different default CMK for each AWS Region.
|
1249
1242
|
# @option options [String] :domain
|
1250
1243
|
# The Active Directory directory ID to create the DB instance in.
|
1251
1244
|
# Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB
|
@@ -1337,13 +1330,15 @@ module Aws::RDS
|
|
1337
1330
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html
|
1338
1331
|
# @option options [String] :performance_insights_kms_key_id
|
1339
1332
|
# The AWS KMS key identifier for encryption of Performance Insights
|
1340
|
-
# data.
|
1341
|
-
#
|
1333
|
+
# data.
|
1334
|
+
#
|
1335
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1336
|
+
# name for the AWS KMS customer master key (CMK).
|
1342
1337
|
#
|
1343
1338
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`, then
|
1344
|
-
# Amazon RDS uses your default
|
1345
|
-
#
|
1346
|
-
#
|
1339
|
+
# Amazon RDS uses your default CMK. There is a default CMK for your AWS
|
1340
|
+
# account. Your AWS account has a different default CMK for each AWS
|
1341
|
+
# Region.
|
1347
1342
|
# @option options [Integer] :performance_insights_retention_period
|
1348
1343
|
# The amount of time, in days, to retain Performance Insights data.
|
1349
1344
|
# Valid values are 7 or 731 (2 years).
|
data/lib/aws-sdk-rds/types.rb
CHANGED
@@ -157,7 +157,7 @@ module Aws::RDS
|
|
157
157
|
#
|
158
158
|
# @!attribute [rw] role_arn
|
159
159
|
# The Amazon Resource Name (ARN) of the IAM role to associate with the
|
160
|
-
# Aurora DB cluster, for example
|
160
|
+
# Aurora DB cluster, for example,
|
161
161
|
# `arn:aws:iam::123456789012:role/AuroraAccessRole`.
|
162
162
|
# @return [String]
|
163
163
|
#
|
@@ -1050,25 +1050,25 @@ module Aws::RDS
|
|
1050
1050
|
# @return [String]
|
1051
1051
|
#
|
1052
1052
|
# @!attribute [rw] kms_key_id
|
1053
|
-
# The AWS KMS key
|
1054
|
-
#
|
1055
|
-
#
|
1053
|
+
# The AWS KMS key identifier for an encrypted DB cluster snapshot. The
|
1054
|
+
# AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1055
|
+
# name for the AWS KMS customer master key (CMK).
|
1056
1056
|
#
|
1057
1057
|
# If you copy an encrypted DB cluster snapshot from your AWS account,
|
1058
1058
|
# you can specify a value for `KmsKeyId` to encrypt the copy with a
|
1059
|
-
# new KMS
|
1060
|
-
#
|
1061
|
-
#
|
1059
|
+
# new AWS KMS CMK. If you don't specify a value for `KmsKeyId`, then
|
1060
|
+
# the copy of the DB cluster snapshot is encrypted with the same AWS
|
1061
|
+
# KMS key as the source DB cluster snapshot.
|
1062
1062
|
#
|
1063
1063
|
# If you copy an encrypted DB cluster snapshot that is shared from
|
1064
1064
|
# another AWS account, then you must specify a value for `KmsKeyId`.
|
1065
1065
|
#
|
1066
1066
|
# To copy an encrypted DB cluster snapshot to another AWS Region, you
|
1067
|
-
# must set `KmsKeyId` to the KMS key
|
1068
|
-
# copy of the DB cluster snapshot in the destination AWS
|
1069
|
-
#
|
1070
|
-
# in, and you can't use
|
1071
|
-
#
|
1067
|
+
# must set `KmsKeyId` to the AWS KMS key identifier you want to use to
|
1068
|
+
# encrypt the copy of the DB cluster snapshot in the destination AWS
|
1069
|
+
# Region. AWS KMS CMKs are specific to the AWS Region that they are
|
1070
|
+
# created in, and you can't use CMKs from one AWS Region in another
|
1071
|
+
# AWS Region.
|
1072
1072
|
#
|
1073
1073
|
# If you copy an unencrypted DB cluster snapshot and specify a value
|
1074
1074
|
# for the `KmsKeyId` parameter, an error is returned.
|
@@ -1088,11 +1088,12 @@ module Aws::RDS
|
|
1088
1088
|
# be copied. The pre-signed URL request must contain the following
|
1089
1089
|
# parameter values:
|
1090
1090
|
#
|
1091
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
1092
|
-
# encrypt the copy of the DB cluster snapshot in
|
1093
|
-
# Region. This is the same identifier for both
|
1094
|
-
# `CopyDBClusterSnapshot` action that is called in the
|
1095
|
-
# AWS Region, and the action contained in the pre-signed
|
1091
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master
|
1092
|
+
# key (CMK) to use to encrypt the copy of the DB cluster snapshot in
|
1093
|
+
# the destination AWS Region. This is the same identifier for both
|
1094
|
+
# the `CopyDBClusterSnapshot` action that is called in the
|
1095
|
+
# destination AWS Region, and the action contained in the pre-signed
|
1096
|
+
# URL.
|
1096
1097
|
#
|
1097
1098
|
# * `DestinationRegion` - The name of the AWS Region that the DB
|
1098
1099
|
# cluster snapshot is to be created in.
|
@@ -1139,9 +1140,6 @@ module Aws::RDS
|
|
1139
1140
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
|
1140
1141
|
# @return [Array<Types::Tag>]
|
1141
1142
|
#
|
1142
|
-
# @!attribute [rw] destination_region
|
1143
|
-
# @return [String]
|
1144
|
-
#
|
1145
1143
|
# @!attribute [rw] source_region
|
1146
1144
|
# The source region of the snapshot. This is only needed when the
|
1147
1145
|
# shapshot is encrypted and in a different region.
|
@@ -1156,7 +1154,6 @@ module Aws::RDS
|
|
1156
1154
|
:pre_signed_url,
|
1157
1155
|
:copy_tags,
|
1158
1156
|
:tags,
|
1159
|
-
:destination_region,
|
1160
1157
|
:source_region)
|
1161
1158
|
SENSITIVE = []
|
1162
1159
|
include Aws::Structure
|
@@ -1331,15 +1328,15 @@ module Aws::RDS
|
|
1331
1328
|
# @return [String]
|
1332
1329
|
#
|
1333
1330
|
# @!attribute [rw] kms_key_id
|
1334
|
-
# The AWS KMS key
|
1335
|
-
#
|
1336
|
-
#
|
1331
|
+
# The AWS KMS key identifier for an encrypted DB snapshot. The AWS KMS
|
1332
|
+
# key identifier is the key ARN, key ID, alias ARN, or alias name for
|
1333
|
+
# the AWS KMS customer master key (CMK).
|
1337
1334
|
#
|
1338
1335
|
# If you copy an encrypted DB snapshot from your AWS account, you can
|
1339
1336
|
# specify a value for this parameter to encrypt the copy with a new
|
1340
|
-
# KMS
|
1341
|
-
#
|
1342
|
-
#
|
1337
|
+
# AWS KMS CMK. If you don't specify a value for this parameter, then
|
1338
|
+
# the copy of the DB snapshot is encrypted with the same AWS KMS key
|
1339
|
+
# as the source DB snapshot.
|
1343
1340
|
#
|
1344
1341
|
# If you copy an encrypted DB snapshot that is shared from another AWS
|
1345
1342
|
# account, then you must specify a value for this parameter.
|
@@ -1348,10 +1345,10 @@ module Aws::RDS
|
|
1348
1345
|
# the copy is encrypted.
|
1349
1346
|
#
|
1350
1347
|
# If you copy an encrypted snapshot to a different AWS Region, then
|
1351
|
-
# you must specify a KMS key for the destination AWS
|
1352
|
-
#
|
1353
|
-
# in, and you can't use
|
1354
|
-
#
|
1348
|
+
# you must specify a AWS KMS key identifier for the destination AWS
|
1349
|
+
# Region. AWS KMS CMKs are specific to the AWS Region that they are
|
1350
|
+
# created in, and you can't use CMKs from one AWS Region in another
|
1351
|
+
# AWS Region.
|
1355
1352
|
# @return [String]
|
1356
1353
|
#
|
1357
1354
|
# @!attribute [rw] tags
|
@@ -1396,11 +1393,11 @@ module Aws::RDS
|
|
1396
1393
|
# example, the `DestinationRegion` in the presigned URL must be set
|
1397
1394
|
# to the us-east-1 AWS Region.
|
1398
1395
|
#
|
1399
|
-
# * `KmsKeyId` - The AWS KMS key identifier for the
|
1400
|
-
# encrypt the copy of the DB snapshot in the
|
1401
|
-
# This is the same identifier for both the
|
1402
|
-
# that is called in the destination AWS
|
1403
|
-
# contained in the presigned URL.
|
1396
|
+
# * `KmsKeyId` - The AWS KMS key identifier for the customer master
|
1397
|
+
# key (CMK) to use to encrypt the copy of the DB snapshot in the
|
1398
|
+
# destination AWS Region. This is the same identifier for both the
|
1399
|
+
# `CopyDBSnapshot` action that is called in the destination AWS
|
1400
|
+
# Region, and the action contained in the presigned URL.
|
1404
1401
|
#
|
1405
1402
|
# * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the
|
1406
1403
|
# encrypted snapshot to be copied. This identifier must be in the
|
@@ -1451,9 +1448,6 @@ module Aws::RDS
|
|
1451
1448
|
# Example: `rds-caz-aiqhTgQv`.
|
1452
1449
|
# @return [String]
|
1453
1450
|
#
|
1454
|
-
# @!attribute [rw] destination_region
|
1455
|
-
# @return [String]
|
1456
|
-
#
|
1457
1451
|
# @!attribute [rw] source_region
|
1458
1452
|
# The source region of the snapshot. This is only needed when the
|
1459
1453
|
# shapshot is encrypted and in a different region.
|
@@ -1470,7 +1464,6 @@ module Aws::RDS
|
|
1470
1464
|
:pre_signed_url,
|
1471
1465
|
:option_group_name,
|
1472
1466
|
:target_custom_availability_zone,
|
1473
|
-
:destination_region,
|
1474
1467
|
:source_region)
|
1475
1468
|
SENSITIVE = []
|
1476
1469
|
include Aws::Structure
|
@@ -1954,31 +1947,27 @@ module Aws::RDS
|
|
1954
1947
|
# @!attribute [rw] kms_key_id
|
1955
1948
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
1956
1949
|
#
|
1957
|
-
# The KMS key identifier is the
|
1958
|
-
#
|
1959
|
-
#
|
1960
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
1961
|
-
# the KMS encryption key.
|
1950
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
1951
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
1952
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
1962
1953
|
#
|
1963
|
-
#
|
1954
|
+
# When a CMK isn't specified in `KmsKeyId`\:
|
1964
1955
|
#
|
1965
1956
|
# * If `ReplicationSourceIdentifier` identifies an encrypted source,
|
1966
|
-
# then Amazon RDS will use the
|
1967
|
-
#
|
1968
|
-
# key.
|
1957
|
+
# then Amazon RDS will use the CMK used to encrypt the source.
|
1958
|
+
# Otherwise, Amazon RDS will use your default CMK.
|
1969
1959
|
#
|
1970
1960
|
# * If the `StorageEncrypted` parameter is enabled and
|
1971
1961
|
# `ReplicationSourceIdentifier` isn't specified, then Amazon RDS
|
1972
|
-
# will use your default
|
1962
|
+
# will use your default CMK.
|
1973
1963
|
#
|
1974
|
-
#
|
1975
|
-
#
|
1976
|
-
# Region.
|
1964
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
1965
|
+
# different default CMK for each AWS Region.
|
1977
1966
|
#
|
1978
1967
|
# If you create a read replica of an encrypted DB cluster in another
|
1979
|
-
# AWS Region, you must set `KmsKeyId` to a KMS key
|
1980
|
-
# the destination AWS Region. This
|
1981
|
-
# replica in that AWS Region.
|
1968
|
+
# AWS Region, you must set `KmsKeyId` to a AWS KMS key identifier that
|
1969
|
+
# is valid in the destination AWS Region. This CMK is used to encrypt
|
1970
|
+
# the read replica in that AWS Region.
|
1982
1971
|
# @return [String]
|
1983
1972
|
#
|
1984
1973
|
# @!attribute [rw] pre_signed_url
|
@@ -1997,7 +1986,7 @@ module Aws::RDS
|
|
1997
1986
|
#
|
1998
1987
|
# * `KmsKeyId` - The AWS KMS key identifier for the key to use to
|
1999
1988
|
# encrypt the copy of the DB cluster in the destination AWS Region.
|
2000
|
-
# This should refer to the same KMS
|
1989
|
+
# This should refer to the same AWS KMS CMK for both the
|
2001
1990
|
# `CreateDBCluster` action that is called in the destination AWS
|
2002
1991
|
# Region, and the action contained in the pre-signed URL.
|
2003
1992
|
#
|
@@ -2185,9 +2174,6 @@ module Aws::RDS
|
|
2185
2174
|
# disallows write operations for secondary clusters.
|
2186
2175
|
# @return [Boolean]
|
2187
2176
|
#
|
2188
|
-
# @!attribute [rw] destination_region
|
2189
|
-
# @return [String]
|
2190
|
-
#
|
2191
2177
|
# @!attribute [rw] source_region
|
2192
2178
|
# The source region of the snapshot. This is only needed when the
|
2193
2179
|
# shapshot is encrypted and in a different region.
|
@@ -2229,7 +2215,6 @@ module Aws::RDS
|
|
2229
2215
|
:domain,
|
2230
2216
|
:domain_iam_role_name,
|
2231
2217
|
:enable_global_write_forwarding,
|
2232
|
-
:destination_region,
|
2233
2218
|
:source_region)
|
2234
2219
|
SENSITIVE = []
|
2235
2220
|
include Aws::Structure
|
@@ -3168,22 +3153,19 @@ module Aws::RDS
|
|
3168
3153
|
# @!attribute [rw] kms_key_id
|
3169
3154
|
# The AWS KMS key identifier for an encrypted DB instance.
|
3170
3155
|
#
|
3171
|
-
# The KMS key identifier is the
|
3172
|
-
#
|
3173
|
-
#
|
3174
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
3175
|
-
# the KM encryption key.
|
3156
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3157
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
3158
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
3176
3159
|
#
|
3177
3160
|
# **Amazon Aurora**
|
3178
3161
|
#
|
3179
|
-
# Not applicable. The KMS key identifier is managed by the DB
|
3180
|
-
# For more information, see `CreateDBCluster`.
|
3162
|
+
# Not applicable. The AWS KMS key identifier is managed by the DB
|
3163
|
+
# cluster. For more information, see `CreateDBCluster`.
|
3181
3164
|
#
|
3182
3165
|
# If `StorageEncrypted` is enabled, and you do not specify a value for
|
3183
|
-
# the `KmsKeyId` parameter, then Amazon RDS
|
3184
|
-
#
|
3185
|
-
#
|
3186
|
-
# for each AWS Region.
|
3166
|
+
# the `KmsKeyId` parameter, then Amazon RDS uses your default CMK.
|
3167
|
+
# There is a default CMK for your AWS account. Your AWS account has a
|
3168
|
+
# different default CMK for each AWS Region.
|
3187
3169
|
# @return [String]
|
3188
3170
|
#
|
3189
3171
|
# @!attribute [rw] domain
|
@@ -3295,13 +3277,15 @@ module Aws::RDS
|
|
3295
3277
|
#
|
3296
3278
|
# @!attribute [rw] performance_insights_kms_key_id
|
3297
3279
|
# The AWS KMS key identifier for encryption of Performance Insights
|
3298
|
-
# data.
|
3299
|
-
#
|
3280
|
+
# data.
|
3281
|
+
#
|
3282
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3283
|
+
# alias name for the AWS KMS customer master key (CMK).
|
3300
3284
|
#
|
3301
3285
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
3302
|
-
# then Amazon RDS uses your default
|
3303
|
-
#
|
3304
|
-
#
|
3286
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
3287
|
+
# your AWS account. Your AWS account has a different default CMK for
|
3288
|
+
# each AWS Region.
|
3305
3289
|
# @return [String]
|
3306
3290
|
#
|
3307
3291
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -3719,19 +3703,20 @@ module Aws::RDS
|
|
3719
3703
|
# @return [String]
|
3720
3704
|
#
|
3721
3705
|
# @!attribute [rw] kms_key_id
|
3722
|
-
# The AWS KMS key
|
3723
|
-
#
|
3724
|
-
#
|
3706
|
+
# The AWS KMS key identifier for an encrypted read replica.
|
3707
|
+
#
|
3708
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3709
|
+
# alias name for the AWS KMS CMK.
|
3725
3710
|
#
|
3726
3711
|
# If you create an encrypted read replica in the same AWS Region as
|
3727
3712
|
# the source DB instance, then you do not have to specify a value for
|
3728
|
-
# this parameter. The read replica is encrypted with the same KMS
|
3729
|
-
# as the source DB instance.
|
3713
|
+
# this parameter. The read replica is encrypted with the same AWS KMS
|
3714
|
+
# CMK as the source DB instance.
|
3730
3715
|
#
|
3731
3716
|
# If you create an encrypted read replica in a different AWS Region,
|
3732
|
-
# then you must specify a KMS key for the destination
|
3733
|
-
#
|
3734
|
-
# in, and you can't use
|
3717
|
+
# then you must specify a AWS KMS key identifier for the destination
|
3718
|
+
# AWS Region. AWS KMS CMKs are specific to the AWS Region that they
|
3719
|
+
# are created in, and you can't use CMKs from one AWS Region in
|
3735
3720
|
# another AWS Region.
|
3736
3721
|
#
|
3737
3722
|
# You can't create an encrypted read replica from an unencrypted DB
|
@@ -3830,13 +3815,15 @@ module Aws::RDS
|
|
3830
3815
|
#
|
3831
3816
|
# @!attribute [rw] performance_insights_kms_key_id
|
3832
3817
|
# The AWS KMS key identifier for encryption of Performance Insights
|
3833
|
-
# data.
|
3834
|
-
#
|
3818
|
+
# data.
|
3819
|
+
#
|
3820
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
3821
|
+
# alias name for the AWS KMS customer master key (CMK).
|
3835
3822
|
#
|
3836
3823
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
3837
|
-
# then Amazon RDS uses your default
|
3838
|
-
#
|
3839
|
-
#
|
3824
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
3825
|
+
# your AWS account. Your AWS account has a different default CMK for
|
3826
|
+
# each AWS Region.
|
3840
3827
|
# @return [String]
|
3841
3828
|
#
|
3842
3829
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -3923,9 +3910,6 @@ module Aws::RDS
|
|
3923
3910
|
# storage of the DB instance.
|
3924
3911
|
# @return [Integer]
|
3925
3912
|
#
|
3926
|
-
# @!attribute [rw] destination_region
|
3927
|
-
# @return [String]
|
3928
|
-
#
|
3929
3913
|
# @!attribute [rw] source_region
|
3930
3914
|
# The source region of the snapshot. This is only needed when the
|
3931
3915
|
# shapshot is encrypted and in a different region.
|
@@ -3966,7 +3950,6 @@ module Aws::RDS
|
|
3966
3950
|
:domain_iam_role_name,
|
3967
3951
|
:replica_mode,
|
3968
3952
|
:max_allocated_storage,
|
3969
|
-
:destination_region,
|
3970
3953
|
:source_region)
|
3971
3954
|
SENSITIVE = []
|
3972
3955
|
include Aws::Structure
|
@@ -4914,12 +4897,15 @@ module Aws::RDS
|
|
4914
4897
|
# @!attribute [rw] kms_key_id
|
4915
4898
|
# If `StorageEncrypted` is enabled, the AWS KMS key identifier for the
|
4916
4899
|
# encrypted DB cluster.
|
4900
|
+
#
|
4901
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
4902
|
+
# alias name for the AWS KMS customer master key (CMK).
|
4917
4903
|
# @return [String]
|
4918
4904
|
#
|
4919
4905
|
# @!attribute [rw] db_cluster_resource_id
|
4920
4906
|
# The AWS Region-unique, immutable identifier for the DB cluster. This
|
4921
4907
|
# identifier is found in AWS CloudTrail log entries whenever the AWS
|
4922
|
-
# KMS
|
4908
|
+
# KMS CMK for the DB cluster is accessed.
|
4923
4909
|
# @return [String]
|
4924
4910
|
#
|
4925
4911
|
# @!attribute [rw] db_cluster_arn
|
@@ -5045,6 +5031,9 @@ module Aws::RDS
|
|
5045
5031
|
# @!attribute [rw] activity_stream_kms_key_id
|
5046
5032
|
# The AWS KMS key identifier used for encrypting messages in the
|
5047
5033
|
# database activity stream.
|
5034
|
+
#
|
5035
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
5036
|
+
# alias name for the AWS KMS customer master key (CMK).
|
5048
5037
|
# @return [String]
|
5049
5038
|
#
|
5050
5039
|
# @!attribute [rw] activity_stream_kinesis_stream_name
|
@@ -5738,6 +5727,9 @@ module Aws::RDS
|
|
5738
5727
|
# @!attribute [rw] kms_key_id
|
5739
5728
|
# If `StorageEncrypted` is true, the AWS KMS key identifier for the
|
5740
5729
|
# encrypted DB cluster snapshot.
|
5730
|
+
#
|
5731
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
5732
|
+
# alias name for the AWS KMS customer master key (CMK).
|
5741
5733
|
# @return [String]
|
5742
5734
|
#
|
5743
5735
|
# @!attribute [rw] db_cluster_snapshot_arn
|
@@ -6274,12 +6266,15 @@ module Aws::RDS
|
|
6274
6266
|
# @!attribute [rw] kms_key_id
|
6275
6267
|
# If `StorageEncrypted` is true, the AWS KMS key identifier for the
|
6276
6268
|
# encrypted DB instance.
|
6269
|
+
#
|
6270
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6271
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6277
6272
|
# @return [String]
|
6278
6273
|
#
|
6279
6274
|
# @!attribute [rw] dbi_resource_id
|
6280
6275
|
# The AWS Region-unique, immutable identifier for the DB instance.
|
6281
6276
|
# This identifier is found in AWS CloudTrail log entries whenever the
|
6282
|
-
# AWS KMS key for the DB instance is accessed.
|
6277
|
+
# AWS KMS customer master key (CMK) for the DB instance is accessed.
|
6283
6278
|
# @return [String]
|
6284
6279
|
#
|
6285
6280
|
# @!attribute [rw] ca_certificate_identifier
|
@@ -6361,8 +6356,10 @@ module Aws::RDS
|
|
6361
6356
|
#
|
6362
6357
|
# @!attribute [rw] performance_insights_kms_key_id
|
6363
6358
|
# The AWS KMS key identifier for encryption of Performance Insights
|
6364
|
-
# data.
|
6365
|
-
#
|
6359
|
+
# data.
|
6360
|
+
#
|
6361
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6362
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6366
6363
|
# @return [String]
|
6367
6364
|
#
|
6368
6365
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -6421,6 +6418,11 @@ module Aws::RDS
|
|
6421
6418
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
|
6422
6419
|
# @return [Array<Types::Tag>]
|
6423
6420
|
#
|
6421
|
+
# @!attribute [rw] db_instance_automated_backups_replications
|
6422
|
+
# The list of replicated automated backups associated with the DB
|
6423
|
+
# instance.
|
6424
|
+
# @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
|
6425
|
+
#
|
6424
6426
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstance AWS API Documentation
|
6425
6427
|
#
|
6426
6428
|
class DBInstance < Struct.new(
|
@@ -6484,7 +6486,8 @@ module Aws::RDS
|
|
6484
6486
|
:associated_roles,
|
6485
6487
|
:listener_endpoint,
|
6486
6488
|
:max_allocated_storage,
|
6487
|
-
:tag_list
|
6489
|
+
:tag_list,
|
6490
|
+
:db_instance_automated_backups_replications)
|
6488
6491
|
SENSITIVE = []
|
6489
6492
|
include Aws::Structure
|
6490
6493
|
end
|
@@ -6495,12 +6498,12 @@ module Aws::RDS
|
|
6495
6498
|
#
|
6496
6499
|
class DBInstanceAlreadyExistsFault < Aws::EmptyStructure; end
|
6497
6500
|
|
6498
|
-
# An automated backup of a DB instance. It
|
6499
|
-
#
|
6500
|
-
#
|
6501
|
+
# An automated backup of a DB instance. It consists of system backups,
|
6502
|
+
# transaction logs, and the database instance properties that existed at
|
6503
|
+
# the time you deleted the source instance.
|
6501
6504
|
#
|
6502
6505
|
# @!attribute [rw] db_instance_arn
|
6503
|
-
# The Amazon Resource Name (ARN) for the automated
|
6506
|
+
# The Amazon Resource Name (ARN) for the automated backups.
|
6504
6507
|
# @return [String]
|
6505
6508
|
#
|
6506
6509
|
# @!attribute [rw] dbi_resource_id
|
@@ -6601,9 +6604,10 @@ module Aws::RDS
|
|
6601
6604
|
# @return [String]
|
6602
6605
|
#
|
6603
6606
|
# @!attribute [rw] kms_key_id
|
6604
|
-
# The AWS KMS key ID for an automated backup.
|
6605
|
-
#
|
6606
|
-
#
|
6607
|
+
# The AWS KMS key ID for an automated backup.
|
6608
|
+
#
|
6609
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
6610
|
+
# alias name for the AWS KMS customer master key (CMK).
|
6607
6611
|
# @return [String]
|
6608
6612
|
#
|
6609
6613
|
# @!attribute [rw] timezone
|
@@ -6617,6 +6621,19 @@ module Aws::RDS
|
|
6617
6621
|
# to database accounts is enabled, and otherwise false.
|
6618
6622
|
# @return [Boolean]
|
6619
6623
|
#
|
6624
|
+
# @!attribute [rw] backup_retention_period
|
6625
|
+
# The retention period for the automated backups.
|
6626
|
+
# @return [Integer]
|
6627
|
+
#
|
6628
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
6629
|
+
# The Amazon Resource Name (ARN) for the replicated automated backups.
|
6630
|
+
# @return [String]
|
6631
|
+
#
|
6632
|
+
# @!attribute [rw] db_instance_automated_backups_replications
|
6633
|
+
# The list of replications to different AWS Regions associated with
|
6634
|
+
# the automated backup.
|
6635
|
+
# @return [Array<Types::DBInstanceAutomatedBackupsReplication>]
|
6636
|
+
#
|
6620
6637
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackup AWS API Documentation
|
6621
6638
|
#
|
6622
6639
|
class DBInstanceAutomatedBackup < Struct.new(
|
@@ -6642,7 +6659,10 @@ module Aws::RDS
|
|
6642
6659
|
:storage_type,
|
6643
6660
|
:kms_key_id,
|
6644
6661
|
:timezone,
|
6645
|
-
:iam_database_authentication_enabled
|
6662
|
+
:iam_database_authentication_enabled,
|
6663
|
+
:backup_retention_period,
|
6664
|
+
:db_instance_automated_backups_arn,
|
6665
|
+
:db_instance_automated_backups_replications)
|
6646
6666
|
SENSITIVE = []
|
6647
6667
|
include Aws::Structure
|
6648
6668
|
end
|
@@ -6683,6 +6703,22 @@ module Aws::RDS
|
|
6683
6703
|
#
|
6684
6704
|
class DBInstanceAutomatedBackupQuotaExceededFault < Aws::EmptyStructure; end
|
6685
6705
|
|
6706
|
+
# Automated backups of a DB instance replicated to another AWS Region.
|
6707
|
+
# They consist of system backups, transaction logs, and database
|
6708
|
+
# instance properties.
|
6709
|
+
#
|
6710
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
6711
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups.
|
6712
|
+
# @return [String]
|
6713
|
+
#
|
6714
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceAutomatedBackupsReplication AWS API Documentation
|
6715
|
+
#
|
6716
|
+
class DBInstanceAutomatedBackupsReplication < Struct.new(
|
6717
|
+
:db_instance_automated_backups_arn)
|
6718
|
+
SENSITIVE = []
|
6719
|
+
include Aws::Structure
|
6720
|
+
end
|
6721
|
+
|
6686
6722
|
# Contains the result of a successful invocation of the
|
6687
6723
|
# `DescribeDBInstances` action.
|
6688
6724
|
#
|
@@ -7450,6 +7486,9 @@ module Aws::RDS
|
|
7450
7486
|
# @!attribute [rw] kms_key_id
|
7451
7487
|
# If `Encrypted` is true, the AWS KMS key identifier for the encrypted
|
7452
7488
|
# DB snapshot.
|
7489
|
+
#
|
7490
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
7491
|
+
# alias name for the AWS KMS customer master key (CMK).
|
7453
7492
|
# @return [String]
|
7454
7493
|
#
|
7455
7494
|
# @!attribute [rw] db_snapshot_arn
|
@@ -7935,7 +7974,8 @@ module Aws::RDS
|
|
7935
7974
|
# data as a hash:
|
7936
7975
|
#
|
7937
7976
|
# {
|
7938
|
-
# dbi_resource_id: "String",
|
7977
|
+
# dbi_resource_id: "String",
|
7978
|
+
# db_instance_automated_backups_arn: "String",
|
7939
7979
|
# }
|
7940
7980
|
#
|
7941
7981
|
# @!attribute [rw] dbi_resource_id
|
@@ -7943,18 +7983,25 @@ module Aws::RDS
|
|
7943
7983
|
# and which is unique to an AWS Region.
|
7944
7984
|
# @return [String]
|
7945
7985
|
#
|
7986
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
7987
|
+
# The Amazon Resource Name (ARN) of the automated backups to delete,
|
7988
|
+
# for example,
|
7989
|
+
# `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
7990
|
+
# @return [String]
|
7991
|
+
#
|
7946
7992
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupMessage AWS API Documentation
|
7947
7993
|
#
|
7948
7994
|
class DeleteDBInstanceAutomatedBackupMessage < Struct.new(
|
7949
|
-
:dbi_resource_id
|
7995
|
+
:dbi_resource_id,
|
7996
|
+
:db_instance_automated_backups_arn)
|
7950
7997
|
SENSITIVE = []
|
7951
7998
|
include Aws::Structure
|
7952
7999
|
end
|
7953
8000
|
|
7954
8001
|
# @!attribute [rw] db_instance_automated_backup
|
7955
|
-
# An automated backup of a DB instance. It
|
7956
|
-
#
|
7957
|
-
#
|
8002
|
+
# An automated backup of a DB instance. It consists of system backups,
|
8003
|
+
# transaction logs, and the database instance properties that existed
|
8004
|
+
# at the time you deleted the source instance.
|
7958
8005
|
# @return [Types::DBInstanceAutomatedBackup]
|
7959
8006
|
#
|
7960
8007
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstanceAutomatedBackupResult AWS API Documentation
|
@@ -9172,6 +9219,7 @@ module Aws::RDS
|
|
9172
9219
|
# ],
|
9173
9220
|
# max_records: 1,
|
9174
9221
|
# marker: "String",
|
9222
|
+
# db_instance_automated_backups_arn: "String",
|
9175
9223
|
# }
|
9176
9224
|
#
|
9177
9225
|
# @!attribute [rw] dbi_resource_id
|
@@ -9227,6 +9275,12 @@ module Aws::RDS
|
|
9227
9275
|
# marker, up to `MaxRecords`.
|
9228
9276
|
# @return [String]
|
9229
9277
|
#
|
9278
|
+
# @!attribute [rw] db_instance_automated_backups_arn
|
9279
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups,
|
9280
|
+
# for example,
|
9281
|
+
# `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
9282
|
+
# @return [String]
|
9283
|
+
#
|
9230
9284
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBInstanceAutomatedBackupsMessage AWS API Documentation
|
9231
9285
|
#
|
9232
9286
|
class DescribeDBInstanceAutomatedBackupsMessage < Struct.new(
|
@@ -9234,7 +9288,8 @@ module Aws::RDS
|
|
9234
9288
|
:db_instance_identifier,
|
9235
9289
|
:filters,
|
9236
9290
|
:max_records,
|
9237
|
-
:marker
|
9291
|
+
:marker,
|
9292
|
+
:db_instance_automated_backups_arn)
|
9238
9293
|
SENSITIVE = []
|
9239
9294
|
include Aws::Structure
|
9240
9295
|
end
|
@@ -11742,11 +11797,11 @@ module Aws::RDS
|
|
11742
11797
|
# @return [String]
|
11743
11798
|
#
|
11744
11799
|
# @!attribute [rw] kms_key_id
|
11745
|
-
# The
|
11746
|
-
# it's exported to Amazon S3. The
|
11747
|
-
#
|
11748
|
-
#
|
11749
|
-
#
|
11800
|
+
# The key identifier of the AWS KMS customer master key (CMK) that is
|
11801
|
+
# used to encrypt the snapshot when it's exported to Amazon S3. The
|
11802
|
+
# AWS KMS CMK identifier is its key ARN, key ID, alias ARN, or alias
|
11803
|
+
# name. The IAM role used for the snapshot export must have encryption
|
11804
|
+
# and decryption permissions to use this AWS KMS CMK.
|
11750
11805
|
# @return [String]
|
11751
11806
|
#
|
11752
11807
|
# @!attribute [rw] status
|
@@ -11930,7 +11985,8 @@ module Aws::RDS
|
|
11930
11985
|
# @!attribute [rw] global_cluster_resource_id
|
11931
11986
|
# The AWS Region-unique, immutable identifier for the global database
|
11932
11987
|
# cluster. This identifier is found in AWS CloudTrail log entries
|
11933
|
-
# whenever the AWS KMS key for the DB cluster is
|
11988
|
+
# whenever the AWS KMS customer master key (CMK) for the DB cluster is
|
11989
|
+
# accessed.
|
11934
11990
|
# @return [String]
|
11935
11991
|
#
|
11936
11992
|
# @!attribute [rw] global_cluster_arn
|
@@ -13811,13 +13867,15 @@ module Aws::RDS
|
|
13811
13867
|
#
|
13812
13868
|
# @!attribute [rw] performance_insights_kms_key_id
|
13813
13869
|
# The AWS KMS key identifier for encryption of Performance Insights
|
13814
|
-
# data.
|
13815
|
-
#
|
13870
|
+
# data.
|
13871
|
+
#
|
13872
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
13873
|
+
# alias name for the AWS KMS customer master key (CMK).
|
13816
13874
|
#
|
13817
13875
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
13818
|
-
# then Amazon RDS uses your default
|
13819
|
-
#
|
13820
|
-
#
|
13876
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
13877
|
+
# your AWS account. Your AWS account has a different default CMK for
|
13878
|
+
# each AWS Region.
|
13821
13879
|
# @return [String]
|
13822
13880
|
#
|
13823
13881
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -16140,7 +16198,7 @@ module Aws::RDS
|
|
16140
16198
|
#
|
16141
16199
|
# @!attribute [rw] role_arn
|
16142
16200
|
# The Amazon Resource Name (ARN) of the IAM role to disassociate from
|
16143
|
-
# the DB instance, for example
|
16201
|
+
# the DB instance, for example,
|
16144
16202
|
# `arn:aws:iam::123456789012:role/AccessRole`.
|
16145
16203
|
# @return [String]
|
16146
16204
|
#
|
@@ -16857,17 +16915,14 @@ module Aws::RDS
|
|
16857
16915
|
# @!attribute [rw] kms_key_id
|
16858
16916
|
# The AWS KMS key identifier for an encrypted DB cluster.
|
16859
16917
|
#
|
16860
|
-
# The KMS key identifier is the
|
16861
|
-
#
|
16862
|
-
#
|
16863
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
16864
|
-
# the KM encryption key.
|
16918
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
16919
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
16920
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
16865
16921
|
#
|
16866
16922
|
# If the StorageEncrypted parameter is enabled, and you do not specify
|
16867
16923
|
# a value for the `KmsKeyId` parameter, then Amazon RDS will use your
|
16868
|
-
# default
|
16869
|
-
#
|
16870
|
-
# encryption key for each AWS Region.
|
16924
|
+
# default CMK. There is a default CMK for your AWS account. Your AWS
|
16925
|
+
# account has a different default CMK for each AWS Region.
|
16871
16926
|
# @return [String]
|
16872
16927
|
#
|
16873
16928
|
# @!attribute [rw] enable_iam_database_authentication
|
@@ -17185,18 +17240,16 @@ module Aws::RDS
|
|
17185
17240
|
# The AWS KMS key identifier to use when restoring an encrypted DB
|
17186
17241
|
# cluster from a DB snapshot or DB cluster snapshot.
|
17187
17242
|
#
|
17188
|
-
# The KMS key identifier is the
|
17189
|
-
#
|
17190
|
-
#
|
17191
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
17192
|
-
# the KMS encryption key.
|
17243
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
17244
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
17245
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
17193
17246
|
#
|
17194
|
-
#
|
17195
|
-
# following occurs:
|
17247
|
+
# When you don't specify a value for the `KmsKeyId` parameter, then
|
17248
|
+
# the following occurs:
|
17196
17249
|
#
|
17197
17250
|
# * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
|
17198
17251
|
# is encrypted, then the restored DB cluster is encrypted using the
|
17199
|
-
# KMS
|
17252
|
+
# AWS KMS CMK that was used to encrypt the DB snapshot or DB cluster
|
17200
17253
|
# snapshot.
|
17201
17254
|
#
|
17202
17255
|
# * If the DB snapshot or DB cluster snapshot in `SnapshotIdentifier`
|
@@ -17491,23 +17544,21 @@ module Aws::RDS
|
|
17491
17544
|
# The AWS KMS key identifier to use when restoring an encrypted DB
|
17492
17545
|
# cluster from an encrypted DB cluster.
|
17493
17546
|
#
|
17494
|
-
# The KMS key identifier is the
|
17495
|
-
#
|
17496
|
-
#
|
17497
|
-
# cluster, then you can use the KMS key alias instead of the ARN for
|
17498
|
-
# the KMS encryption key.
|
17547
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
17548
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
17549
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
17499
17550
|
#
|
17500
17551
|
# You can restore to a new DB cluster and encrypt the new DB cluster
|
17501
|
-
# with a KMS
|
17502
|
-
# the source DB cluster. The new DB cluster is encrypted with
|
17503
|
-
#
|
17552
|
+
# with a AWS KMS CMK that is different than the AWS KMS key used to
|
17553
|
+
# encrypt the source DB cluster. The new DB cluster is encrypted with
|
17554
|
+
# the AWS KMS CMK identified by the `KmsKeyId` parameter.
|
17504
17555
|
#
|
17505
17556
|
# If you don't specify a value for the `KmsKeyId` parameter, then the
|
17506
17557
|
# following occurs:
|
17507
17558
|
#
|
17508
17559
|
# * If the DB cluster is encrypted, then the restored DB cluster is
|
17509
|
-
# encrypted using the KMS
|
17510
|
-
# cluster.
|
17560
|
+
# encrypted using the AWS KMS CMK that was used to encrypt the
|
17561
|
+
# source DB cluster.
|
17511
17562
|
#
|
17512
17563
|
# * If the DB cluster isn't encrypted, then the restored DB cluster
|
17513
17564
|
# isn't encrypted.
|
@@ -18366,17 +18417,14 @@ module Aws::RDS
|
|
18366
18417
|
# @!attribute [rw] kms_key_id
|
18367
18418
|
# The AWS KMS key identifier for an encrypted DB instance.
|
18368
18419
|
#
|
18369
|
-
# The KMS key identifier is the
|
18370
|
-
#
|
18371
|
-
#
|
18372
|
-
# instance, then you can use the KMS key alias instead of the ARN for
|
18373
|
-
# the KM encryption key.
|
18420
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
18421
|
+
# alias name for the AWS KMS customer master key (CMK). To use a CMK
|
18422
|
+
# in a different AWS account, specify the key ARN or alias ARN.
|
18374
18423
|
#
|
18375
18424
|
# If the `StorageEncrypted` parameter is enabled, and you do not
|
18376
18425
|
# specify a value for the `KmsKeyId` parameter, then Amazon RDS will
|
18377
|
-
# use your default
|
18378
|
-
#
|
18379
|
-
# different default encryption key for each AWS Region.
|
18426
|
+
# use your default CMK. There is a default CMK for your AWS account.
|
18427
|
+
# Your AWS account has a different default CMK for each AWS Region.
|
18380
18428
|
# @return [String]
|
18381
18429
|
#
|
18382
18430
|
# @!attribute [rw] copy_tags_to_snapshot
|
@@ -18468,13 +18516,15 @@ module Aws::RDS
|
|
18468
18516
|
#
|
18469
18517
|
# @!attribute [rw] performance_insights_kms_key_id
|
18470
18518
|
# The AWS KMS key identifier for encryption of Performance Insights
|
18471
|
-
# data.
|
18472
|
-
#
|
18519
|
+
# data.
|
18520
|
+
#
|
18521
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
18522
|
+
# alias name for the AWS KMS customer master key (CMK).
|
18473
18523
|
#
|
18474
18524
|
# If you do not specify a value for `PerformanceInsightsKMSKeyId`,
|
18475
|
-
# then Amazon RDS uses your default
|
18476
|
-
#
|
18477
|
-
#
|
18525
|
+
# then Amazon RDS uses your default CMK. There is a default CMK for
|
18526
|
+
# your AWS account. Your AWS account has a different default CMK for
|
18527
|
+
# each AWS Region.
|
18478
18528
|
# @return [String]
|
18479
18529
|
#
|
18480
18530
|
# @!attribute [rw] performance_insights_retention_period
|
@@ -18631,6 +18681,7 @@ module Aws::RDS
|
|
18631
18681
|
# deletion_protection: false,
|
18632
18682
|
# source_dbi_resource_id: "String",
|
18633
18683
|
# max_allocated_storage: 1,
|
18684
|
+
# source_db_instance_automated_backups_arn: "String",
|
18634
18685
|
# }
|
18635
18686
|
#
|
18636
18687
|
# @!attribute [rw] source_db_instance_identifier
|
@@ -18959,6 +19010,12 @@ module Aws::RDS
|
|
18959
19010
|
# storage of the DB instance.
|
18960
19011
|
# @return [Integer]
|
18961
19012
|
#
|
19013
|
+
# @!attribute [rw] source_db_instance_automated_backups_arn
|
19014
|
+
# The Amazon Resource Name (ARN) of the replicated automated backups
|
19015
|
+
# from which to restore, for example,
|
19016
|
+
# `arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE`.
|
19017
|
+
# @return [String]
|
19018
|
+
#
|
18962
19019
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTimeMessage AWS API Documentation
|
18963
19020
|
#
|
18964
19021
|
class RestoreDBInstanceToPointInTimeMessage < Struct.new(
|
@@ -18993,7 +19050,8 @@ module Aws::RDS
|
|
18993
19050
|
:db_parameter_group_name,
|
18994
19051
|
:deletion_protection,
|
18995
19052
|
:source_dbi_resource_id,
|
18996
|
-
:max_allocated_storage
|
19053
|
+
:max_allocated_storage,
|
19054
|
+
:source_db_instance_automated_backups_arn)
|
18997
19055
|
SENSITIVE = []
|
18998
19056
|
include Aws::Structure
|
18999
19057
|
end
|
@@ -19306,12 +19364,18 @@ module Aws::RDS
|
|
19306
19364
|
# The status of the source AWS Region.
|
19307
19365
|
# @return [String]
|
19308
19366
|
#
|
19367
|
+
# @!attribute [rw] supports_db_instance_automated_backups_replication
|
19368
|
+
# Whether the source AWS Region supports replicating automated backups
|
19369
|
+
# to the current AWS Region.
|
19370
|
+
# @return [Boolean]
|
19371
|
+
#
|
19309
19372
|
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/SourceRegion AWS API Documentation
|
19310
19373
|
#
|
19311
19374
|
class SourceRegion < Struct.new(
|
19312
19375
|
:region_name,
|
19313
19376
|
:endpoint,
|
19314
|
-
:status
|
19377
|
+
:status,
|
19378
|
+
:supports_db_instance_automated_backups_replication)
|
19315
19379
|
SENSITIVE = []
|
19316
19380
|
include Aws::Structure
|
19317
19381
|
end
|
@@ -19351,7 +19415,7 @@ module Aws::RDS
|
|
19351
19415
|
# }
|
19352
19416
|
#
|
19353
19417
|
# @!attribute [rw] resource_arn
|
19354
|
-
# The Amazon Resource Name (ARN) of the DB cluster, for example
|
19418
|
+
# The Amazon Resource Name (ARN) of the DB cluster, for example,
|
19355
19419
|
# `arn:aws:rds:us-east-1:12345667890:cluster:das-cluster`.
|
19356
19420
|
# @return [String]
|
19357
19421
|
#
|
@@ -19364,8 +19428,8 @@ module Aws::RDS
|
|
19364
19428
|
#
|
19365
19429
|
# @!attribute [rw] kms_key_id
|
19366
19430
|
# The AWS KMS key identifier for encrypting messages in the database
|
19367
|
-
# activity stream. The key identifier
|
19368
|
-
# ARN, or
|
19431
|
+
# activity stream. The AWS KMS key identifier is the key ARN, key ID,
|
19432
|
+
# alias ARN, or alias name for the AWS KMS customer master key (CMK).
|
19369
19433
|
# @return [String]
|
19370
19434
|
#
|
19371
19435
|
# @!attribute [rw] apply_immediately
|
@@ -19456,6 +19520,75 @@ module Aws::RDS
|
|
19456
19520
|
include Aws::Structure
|
19457
19521
|
end
|
19458
19522
|
|
19523
|
+
# @note When making an API call, you may pass StartDBInstanceAutomatedBackupsReplicationMessage
|
19524
|
+
# data as a hash:
|
19525
|
+
#
|
19526
|
+
# {
|
19527
|
+
# source_db_instance_arn: "String", # required
|
19528
|
+
# backup_retention_period: 1,
|
19529
|
+
# kms_key_id: "String",
|
19530
|
+
# pre_signed_url: "String",
|
19531
|
+
# source_region: "String",
|
19532
|
+
# }
|
19533
|
+
#
|
19534
|
+
# @!attribute [rw] source_db_instance_arn
|
19535
|
+
# The Amazon Resource Name (ARN) of the source DB instance for the
|
19536
|
+
# replicated automated backups, for example,
|
19537
|
+
# `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
|
19538
|
+
# @return [String]
|
19539
|
+
#
|
19540
|
+
# @!attribute [rw] backup_retention_period
|
19541
|
+
# The retention period for the replicated automated backups.
|
19542
|
+
# @return [Integer]
|
19543
|
+
#
|
19544
|
+
# @!attribute [rw] kms_key_id
|
19545
|
+
# The AWS KMS key identifier for encryption of the replicated
|
19546
|
+
# automated backups. The KMS key ID is the Amazon Resource Name (ARN)
|
19547
|
+
# for the KMS encryption key in the destination AWS Region, for
|
19548
|
+
# example,
|
19549
|
+
# `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`.
|
19550
|
+
# @return [String]
|
19551
|
+
#
|
19552
|
+
# @!attribute [rw] pre_signed_url
|
19553
|
+
# A URL that contains a Signature Version 4 signed request for the
|
19554
|
+
# StartDBInstanceAutomatedBackupsReplication action to be called in
|
19555
|
+
# the AWS Region of the source DB instance. The presigned URL must be
|
19556
|
+
# a valid request for the StartDBInstanceAutomatedBackupsReplication
|
19557
|
+
# API action that can be executed in the AWS Region that contains the
|
19558
|
+
# source DB instance.
|
19559
|
+
# @return [String]
|
19560
|
+
#
|
19561
|
+
# @!attribute [rw] source_region
|
19562
|
+
# The source region of the snapshot. This is only needed when the
|
19563
|
+
# shapshot is encrypted and in a different region.
|
19564
|
+
# @return [String]
|
19565
|
+
#
|
19566
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
|
19567
|
+
#
|
19568
|
+
class StartDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
|
19569
|
+
:source_db_instance_arn,
|
19570
|
+
:backup_retention_period,
|
19571
|
+
:kms_key_id,
|
19572
|
+
:pre_signed_url,
|
19573
|
+
:source_region)
|
19574
|
+
SENSITIVE = []
|
19575
|
+
include Aws::Structure
|
19576
|
+
end
|
19577
|
+
|
19578
|
+
# @!attribute [rw] db_instance_automated_backup
|
19579
|
+
# An automated backup of a DB instance. It consists of system backups,
|
19580
|
+
# transaction logs, and the database instance properties that existed
|
19581
|
+
# at the time you deleted the source instance.
|
19582
|
+
# @return [Types::DBInstanceAutomatedBackup]
|
19583
|
+
#
|
19584
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
|
19585
|
+
#
|
19586
|
+
class StartDBInstanceAutomatedBackupsReplicationResult < Struct.new(
|
19587
|
+
:db_instance_automated_backup)
|
19588
|
+
SENSITIVE = []
|
19589
|
+
include Aws::Structure
|
19590
|
+
end
|
19591
|
+
|
19459
19592
|
# @note When making an API call, you may pass StartDBInstanceMessage
|
19460
19593
|
# data as a hash:
|
19461
19594
|
#
|
@@ -19524,11 +19657,12 @@ module Aws::RDS
|
|
19524
19657
|
# @return [String]
|
19525
19658
|
#
|
19526
19659
|
# @!attribute [rw] kms_key_id
|
19527
|
-
# The ID of the AWS KMS key to use to encrypt
|
19528
|
-
# Amazon S3. The KMS key
|
19529
|
-
# key
|
19530
|
-
# caller of this operation must be
|
19531
|
-
# operations. These can be set in
|
19660
|
+
# The ID of the AWS KMS customer master key (CMK) to use to encrypt
|
19661
|
+
# the snapshot exported to Amazon S3. The AWS KMS key identifier is
|
19662
|
+
# the key ARN, key ID, alias ARN, or alias name for the AWS KMS
|
19663
|
+
# customer master key (CMK). The caller of this operation must be
|
19664
|
+
# authorized to execute the following operations. These can be set in
|
19665
|
+
# the AWS KMS key policy:
|
19532
19666
|
#
|
19533
19667
|
# * GrantOperation.Encrypt
|
19534
19668
|
#
|
@@ -19620,6 +19754,9 @@ module Aws::RDS
|
|
19620
19754
|
# @!attribute [rw] kms_key_id
|
19621
19755
|
# The AWS KMS key identifier used for encrypting messages in the
|
19622
19756
|
# database activity stream.
|
19757
|
+
#
|
19758
|
+
# The AWS KMS key identifier is the key ARN, key ID, alias ARN, or
|
19759
|
+
# alias name for the AWS KMS customer master key (CMK).
|
19623
19760
|
# @return [String]
|
19624
19761
|
#
|
19625
19762
|
# @!attribute [rw] kinesis_stream_name
|
@@ -19676,6 +19813,41 @@ module Aws::RDS
|
|
19676
19813
|
include Aws::Structure
|
19677
19814
|
end
|
19678
19815
|
|
19816
|
+
# @note When making an API call, you may pass StopDBInstanceAutomatedBackupsReplicationMessage
|
19817
|
+
# data as a hash:
|
19818
|
+
#
|
19819
|
+
# {
|
19820
|
+
# source_db_instance_arn: "String", # required
|
19821
|
+
# }
|
19822
|
+
#
|
19823
|
+
# @!attribute [rw] source_db_instance_arn
|
19824
|
+
# The Amazon Resource Name (ARN) of the source DB instance for which
|
19825
|
+
# to stop replicating automated backups, for example,
|
19826
|
+
# `arn:aws:rds:us-west-2:123456789012:db:mydatabase`.
|
19827
|
+
# @return [String]
|
19828
|
+
#
|
19829
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationMessage AWS API Documentation
|
19830
|
+
#
|
19831
|
+
class StopDBInstanceAutomatedBackupsReplicationMessage < Struct.new(
|
19832
|
+
:source_db_instance_arn)
|
19833
|
+
SENSITIVE = []
|
19834
|
+
include Aws::Structure
|
19835
|
+
end
|
19836
|
+
|
19837
|
+
# @!attribute [rw] db_instance_automated_backup
|
19838
|
+
# An automated backup of a DB instance. It consists of system backups,
|
19839
|
+
# transaction logs, and the database instance properties that existed
|
19840
|
+
# at the time you deleted the source instance.
|
19841
|
+
# @return [Types::DBInstanceAutomatedBackup]
|
19842
|
+
#
|
19843
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstanceAutomatedBackupsReplicationResult AWS API Documentation
|
19844
|
+
#
|
19845
|
+
class StopDBInstanceAutomatedBackupsReplicationResult < Struct.new(
|
19846
|
+
:db_instance_automated_backup)
|
19847
|
+
SENSITIVE = []
|
19848
|
+
include Aws::Structure
|
19849
|
+
end
|
19850
|
+
|
19679
19851
|
# @note When making an API call, you may pass StopDBInstanceMessage
|
19680
19852
|
# data as a hash:
|
19681
19853
|
#
|