aws-sdk-rds 1.168.0 → 1.170.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e032a077907a1b84f7bbfd6a89aedac33bbe1d4279cb65ed0b9b39602e92e4ac
-  data.tar.gz: 8157c7bee18a42901725506f08d431b0569dfa0b2e05387aed7c2cf036360efe
+  metadata.gz: c67d8a9130841984eb9714ed02779f5af3d1d0e92ef96d154da42a9f5134b32c
+  data.tar.gz: '083b17338f9ce0f6ea7baaca455afe89631988a91367fbd30841ba613e27f5e9'
 SHA512:
-  metadata.gz: f7ccbba1a5e326cf6412f08e4999b0fec2faa7717aee7be186eb1b262a01d78ebdec3e693a69ef83f592fabac38b0b31c876a091a6c9ca5f18b75cabe1f19240
-  data.tar.gz: 4b09fbcb8926f9b47267d5ff365c2af4234c866b3a4cb56f229a037efeb5c1524358b892ce3e6c7abc00cc63968b43c4926b011a93f7538969e49f99cf457e54
+  metadata.gz: '049c14c09fc5c8f0bc81b36a79ad9ede011f55313c5c4032771938b73257cc3e3fa04afc7a690c945795fc5b20e049e4c03dae8139e58a3e7d9ee5f0c63fa404'
+  data.tar.gz: ee1edcc8bd7d12fff6fd5d47ee4d437202cc74d8fdcdb3e2f016a7d92a8f57579fc464a51ed232d0a1362b7557793d1ea7628ba54eebda400e0013e1f4df4796

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.170.0 (2023-01-10)
+------------------
+
+* Feature - This release adds support for configuring allocated storage on the CreateDBInstanceReadReplica, RestoreDBInstanceFromDBSnapshot, and RestoreDBInstanceToPointInTime APIs.
+
+1.169.0 (2023-01-05)
+------------------
+
+* Feature - This release adds support for specifying which certificate authority (CA) to use for a DB instance's server certificate during DB instance creation, as well as other CA enhancements.
+
 1.168.0 (2022-12-28)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.168.0
+1.170.0

data/lib/aws-sdk-rds/client.rb

@@ -2042,6 +2042,8 @@ module Aws::RDS
     #   * {Types::DBEngineVersion#tag_list #tag_list} => Array<Types::Tag>
     #   * {Types::DBEngineVersion#supports_babelfish #supports_babelfish} => Boolean
     #   * {Types::DBEngineVersion#custom_db_engine_version_manifest #custom_db_engine_version_manifest} => String
+    #   * {Types::DBEngineVersion#supports_certificate_rotation_without_restart #supports_certificate_rotation_without_restart} => Boolean
+    #   * {Types::DBEngineVersion#supported_ca_certificate_identifiers #supported_ca_certificate_identifiers} => Array<String>
     #
     # @example Request syntax with placeholder values
     #
@@ -2115,6 +2117,9 @@ module Aws::RDS
     #   resp.tag_list[0].value #=> String
     #   resp.supports_babelfish #=> Boolean
     #   resp.custom_db_engine_version_manifest #=> String
+    #   resp.supports_certificate_rotation_without_restart #=> Boolean
+    #   resp.supported_ca_certificate_identifiers #=> Array
+    #   resp.supported_ca_certificate_identifiers[0] #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateCustomDBEngineVersion AWS API Documentation
     #
@@ -4729,6 +4734,22 @@ module Aws::RDS
     #   Amazon Web Services account has a different default KMS key for each
     #   Amazon Web Services Region.
     #
+    # @option params [String] :ca_certificate_identifier
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
+    #
+    #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to a
+    #   DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    #   encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #
     # @return [Types::CreateDBInstanceResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDBInstanceResult#db_instance #db_instance} => Types::DBInstance
@@ -4820,6 +4841,7 @@ module Aws::RDS
     #     storage_throughput: 1,
     #     manage_master_user_password: false,
     #     master_user_secret_kms_key_id: "String",
+    #     ca_certificate_identifier: "String",
     #   })
     #
     # @example Response structure
@@ -4970,6 +4992,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBInstance AWS API Documentation
     #
@@ -5560,6 +5584,17 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html
     #   [2]: https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing
     #
+    # @option params [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the
+    #   read replica. Follow the allocation rules specified in
+    #   `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your read replica so that the
+    #   create operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
+    #
     # @option params [String] :source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -5644,6 +5679,7 @@ module Aws::RDS
     #     network_type: "String",
     #     storage_throughput: 1,
     #     enable_customer_owned_ip: false,
+    #     allocated_storage: 1,
     #     source_region: "String",
     #   })
     #
@@ -5795,6 +5831,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBInstanceReadReplica AWS API Documentation
     #
@@ -7013,6 +7051,8 @@ module Aws::RDS
     #   * {Types::DBEngineVersion#tag_list #tag_list} => Array&lt;Types::Tag&gt;
     #   * {Types::DBEngineVersion#supports_babelfish #supports_babelfish} => Boolean
     #   * {Types::DBEngineVersion#custom_db_engine_version_manifest #custom_db_engine_version_manifest} => String
+    #   * {Types::DBEngineVersion#supports_certificate_rotation_without_restart #supports_certificate_rotation_without_restart} => Boolean
+    #   * {Types::DBEngineVersion#supported_ca_certificate_identifiers #supported_ca_certificate_identifiers} => Array&lt;String&gt;
     #
     # @example Request syntax with placeholder values
     #
@@ -7074,6 +7114,9 @@ module Aws::RDS
     #   resp.tag_list[0].value #=> String
     #   resp.supports_babelfish #=> Boolean
     #   resp.custom_db_engine_version_manifest #=> String
+    #   resp.supports_certificate_rotation_without_restart #=> Boolean
+    #   resp.supported_ca_certificate_identifiers #=> Array
+    #   resp.supported_ca_certificate_identifiers[0] #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteCustomDBEngineVersion AWS API Documentation
     #
@@ -7755,6 +7798,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DeleteDBInstance AWS API Documentation
     #
@@ -8496,6 +8541,16 @@ module Aws::RDS
     # Lists the set of CA certificates provided by Amazon RDS for this
     # Amazon Web Services account.
     #
+    # For more information, see [Using SSL/TLS to encrypt a connection to a
+    # DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    # encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #
     # @option params [String] :certificate_identifier
     #   The user-supplied certificate identifier. If this parameter is
     #   specified, information for only the identified certificate is
@@ -9745,6 +9800,9 @@ module Aws::RDS
     #   resp.db_engine_versions[0].tag_list[0].value #=> String
     #   resp.db_engine_versions[0].supports_babelfish #=> Boolean
     #   resp.db_engine_versions[0].custom_db_engine_version_manifest #=> String
+    #   resp.db_engine_versions[0].supports_certificate_rotation_without_restart #=> Boolean
+    #   resp.db_engine_versions[0].supported_ca_certificate_identifiers #=> Array
+    #   resp.db_engine_versions[0].supported_ca_certificate_identifiers[0] #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBEngineVersions AWS API Documentation
     #
@@ -10130,6 +10188,8 @@ module Aws::RDS
     #   resp.db_instances[0].master_user_secret.secret_arn #=> String
     #   resp.db_instances[0].master_user_secret.secret_status #=> String
     #   resp.db_instances[0].master_user_secret.kms_key_id #=> String
+    #   resp.db_instances[0].certificate_details.ca_identifier #=> String
+    #   resp.db_instances[0].certificate_details.valid_till #=> Time
     #
     #
     # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
@@ -13831,6 +13891,8 @@ module Aws::RDS
     #   * {Types::DBEngineVersion#tag_list #tag_list} => Array&lt;Types::Tag&gt;
     #   * {Types::DBEngineVersion#supports_babelfish #supports_babelfish} => Boolean
     #   * {Types::DBEngineVersion#custom_db_engine_version_manifest #custom_db_engine_version_manifest} => String
+    #   * {Types::DBEngineVersion#supports_certificate_rotation_without_restart #supports_certificate_rotation_without_restart} => Boolean
+    #   * {Types::DBEngineVersion#supported_ca_certificate_identifiers #supported_ca_certificate_identifiers} => Array&lt;String&gt;
     #
     # @example Request syntax with placeholder values
     #
@@ -13894,6 +13956,9 @@ module Aws::RDS
     #   resp.tag_list[0].value #=> String
     #   resp.supports_babelfish #=> Boolean
     #   resp.custom_db_engine_version_manifest #=> String
+    #   resp.supports_certificate_rotation_without_restart #=> Boolean
+    #   resp.supported_ca_certificate_identifiers #=> Array
+    #   resp.supported_ca_certificate_identifiers[0] #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyCustomDBEngineVersion AWS API Documentation
     #
@@ -13943,7 +14008,7 @@ module Aws::RDS
     #
     #   Example: `my-cluster2`
     #
-    #   Valid for: Aurora DB clusters only
+    #   Valid for: Aurora DB clusters and Multi-AZ DB clusters
     #
     # @option params [Boolean] :apply_immediately
     #   A value that indicates whether the modifications in this request and
@@ -15498,10 +15563,21 @@ module Aws::RDS
     #   This setting doesn't apply to RDS Custom.
     #
     # @option params [String] :ca_certificate_identifier
-    #   Specifies the certificate to associate with the DB instance.
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
     #
     #   This setting doesn't apply to RDS Custom.
     #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to a
+    #   DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    #   encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #
     # @option params [String] :domain
     #   The Active Directory directory ID to move the DB instance to. Specify
     #   `none` to remove the instance from its current domain. You must create
@@ -16208,6 +16284,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyDBInstance AWS API Documentation
     #
@@ -17451,6 +17529,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/PromoteReadReplica AWS API Documentation
     #
@@ -18070,6 +18150,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RebootDBInstance AWS API Documentation
     #
@@ -20869,6 +20951,16 @@ module Aws::RDS
     #
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html
     #
+    # @option params [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the DB
+    #   instance. Follow the allocation rules specified in CreateDBInstance.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that the
+    #   restore operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
+    #
     # @return [Types::RestoreDBInstanceFromDBSnapshotResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RestoreDBInstanceFromDBSnapshotResult#db_instance #db_instance} => Types::DBInstance
@@ -21015,6 +21107,7 @@ module Aws::RDS
     #     network_type: "String",
     #     storage_throughput: 1,
     #     db_cluster_snapshot_identifier: "String",
+    #     allocated_storage: 1,
     #   })
     #
     # @example Response structure
@@ -21165,6 +21258,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceFromDBSnapshot AWS API Documentation
     #
@@ -21207,7 +21302,7 @@ module Aws::RDS
     #   Example: `mydbinstance`
     #
     # @option params [Integer] :allocated_storage
-    #   The amount of storage (in gigabytes) to allocate initially for the DB
+    #   The amount of storage (in gibibytes) to allocate initially for the DB
     #   instance. Follow the allocation rules specified in `CreateDBInstance`.
     #
     #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that the
@@ -21889,6 +21984,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceFromS3 AWS API Documentation
     #
@@ -22339,6 +22436,16 @@ module Aws::RDS
     #
     #   This setting doesn't apply to RDS Custom or Amazon Aurora.
     #
+    # @option params [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the DB
+    #   instance. Follow the allocation rules specified in `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that the
+    #   restore operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
+    #
     # @return [Types::RestoreDBInstanceToPointInTimeResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RestoreDBInstanceToPointInTimeResult#db_instance #db_instance} => Types::DBInstance
@@ -22490,6 +22597,7 @@ module Aws::RDS
     #     backup_target: "String",
     #     network_type: "String",
     #     storage_throughput: 1,
+    #     allocated_storage: 1,
     #   })
     #
     # @example Response structure
@@ -22640,6 +22748,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTime AWS API Documentation
     #
@@ -22755,12 +22865,15 @@ module Aws::RDS
     end
 
     # Starts a database activity stream to monitor activity on the database.
-    # For more information, see [Database Activity Streams][1] in the
-    # *Amazon Aurora User Guide*.
+    # For more information, see [ Monitoring Amazon Aurora with Database
+    # Activity Streams][1] in the *Amazon Aurora User Guide* or [ Monitoring
+    # Amazon RDS with Database Activity Streams][2] in the *Amazon RDS User
+    # Guide*.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/DBActivityStreams.html
     #
     # @option params [required, String] :resource_arn
     #   The Amazon Resource Name (ARN) of the DB cluster, for example,
@@ -23153,6 +23266,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StartDBInstance AWS API Documentation
     #
@@ -23305,27 +23420,27 @@ module Aws::RDS
     #   The ID of the Amazon Web Services KMS key to use to encrypt the
     #   snapshot exported to Amazon S3. The Amazon Web Services KMS key
     #   identifier is the key ARN, key ID, alias ARN, or alias name for the
-    #   KMS key. The caller of this operation must be authorized to execute
-    #   the following operations. These can be set in the Amazon Web Services
-    #   KMS key policy:
+    #   KMS key. The caller of this operation must be authorized to run the
+    #   following operations. These can be set in the Amazon Web Services KMS
+    #   key policy:
     #
-    #   * GrantOperation.Encrypt
+    #   * kms:Encrypt
     #
-    #   * GrantOperation.Decrypt
+    #   * kms:Decrypt
     #
-    #   * GrantOperation.GenerateDataKey
+    #   * kms:GenerateDataKey
     #
-    #   * GrantOperation.GenerateDataKeyWithoutPlaintext
+    #   * kms:GenerateDataKeyWithoutPlaintext
     #
-    #   * GrantOperation.ReEncryptFrom
+    #   * kms:ReEncryptFrom
     #
-    #   * GrantOperation.ReEncryptTo
+    #   * kms:ReEncryptTo
     #
-    #   * GrantOperation.CreateGrant
+    #   * kms:CreateGrant
     #
-    #   * GrantOperation.DescribeKey
+    #   * kms:DescribeKey
     #
-    #   * GrantOperation.RetireGrant
+    #   * kms:RetireGrant
     #
     # @option params [String] :s3_prefix
     #   The Amazon S3 bucket prefix to use as the file name and path of the
@@ -23414,12 +23529,15 @@ module Aws::RDS
     # Services console, the `start-activity-stream` CLI command, or the
     # `StartActivityStream` action.
     #
-    # For more information, see [Database Activity Streams][1] in the
-    # *Amazon Aurora User Guide*.
+    # For more information, see [ Monitoring Amazon Aurora with Database
+    # Activity Streams][1] in the *Amazon Aurora User Guide* or [ Monitoring
+    # Amazon RDS with Database Activity Streams][2] in the *Amazon RDS User
+    # Guide*.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/DBActivityStreams.html
     #
     # @option params [required, String] :resource_arn
     #   The Amazon Resource Name (ARN) of the DB cluster for the database
@@ -23795,6 +23913,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/StopDBInstance AWS API Documentation
     #
@@ -24120,6 +24240,8 @@ module Aws::RDS
     #   resp.db_instance.master_user_secret.secret_arn #=> String
     #   resp.db_instance.master_user_secret.secret_status #=> String
     #   resp.db_instance.master_user_secret.kms_key_id #=> String
+    #   resp.db_instance.certificate_details.ca_identifier #=> String
+    #   resp.db_instance.certificate_details.valid_till #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/SwitchoverReadReplica AWS API Documentation
     #
@@ -24143,7 +24265,7 @@ module Aws::RDS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-rds'
-      context[:gem_version] = '1.168.0'
+      context[:gem_version] = '1.170.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-rds/client_api.rb

@@ -60,8 +60,10 @@ module Aws::RDS
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     BooleanOptional = Shapes::BooleanShape.new(name: 'BooleanOptional')
     BucketName = Shapes::StringShape.new(name: 'BucketName')
+    CACertificateIdentifiersList = Shapes::ListShape.new(name: 'CACertificateIdentifiersList')
     CancelExportTaskMessage = Shapes::StructureShape.new(name: 'CancelExportTaskMessage')
     Certificate = Shapes::StructureShape.new(name: 'Certificate')
+    CertificateDetails = Shapes::StructureShape.new(name: 'CertificateDetails')
     CertificateList = Shapes::ListShape.new(name: 'CertificateList')
     CertificateMessage = Shapes::StructureShape.new(name: 'CertificateMessage')
     CertificateNotFoundFault = Shapes::StructureShape.new(name: 'CertificateNotFoundFault')
@@ -751,6 +753,8 @@ module Aws::RDS
 
     BlueGreenDeploymentTaskList.member = Shapes::ShapeRef.new(shape: BlueGreenDeploymentTask)
 
+    CACertificateIdentifiersList.member = Shapes::ShapeRef.new(shape: String)
+
     CancelExportTaskMessage.add_member(:export_task_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "ExportTaskIdentifier"))
     CancelExportTaskMessage.struct_class = Types::CancelExportTaskMessage
 
@@ -764,6 +768,10 @@ module Aws::RDS
     Certificate.add_member(:customer_override_valid_till, Shapes::ShapeRef.new(shape: TStamp, location_name: "CustomerOverrideValidTill"))
     Certificate.struct_class = Types::Certificate
 
+    CertificateDetails.add_member(:ca_identifier, Shapes::ShapeRef.new(shape: String, location_name: "CAIdentifier"))
+    CertificateDetails.add_member(:valid_till, Shapes::ShapeRef.new(shape: TStamp, location_name: "ValidTill"))
+    CertificateDetails.struct_class = Types::CertificateDetails
+
     CertificateList.member = Shapes::ShapeRef.new(shape: Certificate, location_name: "Certificate")
 
     CertificateMessage.add_member(:certificates, Shapes::ShapeRef.new(shape: CertificateList, location_name: "Certificates"))
@@ -1014,6 +1022,7 @@ module Aws::RDS
     CreateDBInstanceMessage.add_member(:storage_throughput, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "StorageThroughput"))
     CreateDBInstanceMessage.add_member(:manage_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "ManageMasterUserPassword"))
     CreateDBInstanceMessage.add_member(:master_user_secret_kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "MasterUserSecretKmsKeyId"))
+    CreateDBInstanceMessage.add_member(:ca_certificate_identifier, Shapes::ShapeRef.new(shape: String, location_name: "CACertificateIdentifier"))
     CreateDBInstanceMessage.struct_class = Types::CreateDBInstanceMessage
 
     CreateDBInstanceReadReplicaMessage.add_member(:db_instance_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DBInstanceIdentifier"))
@@ -1052,6 +1061,7 @@ module Aws::RDS
     CreateDBInstanceReadReplicaMessage.add_member(:network_type, Shapes::ShapeRef.new(shape: String, location_name: "NetworkType"))
     CreateDBInstanceReadReplicaMessage.add_member(:storage_throughput, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "StorageThroughput"))
     CreateDBInstanceReadReplicaMessage.add_member(:enable_customer_owned_ip, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "EnableCustomerOwnedIp"))
+    CreateDBInstanceReadReplicaMessage.add_member(:allocated_storage, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "AllocatedStorage"))
     CreateDBInstanceReadReplicaMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
     CreateDBInstanceReadReplicaMessage.struct_class = Types::CreateDBInstanceReadReplicaMessage
 
@@ -1421,6 +1431,8 @@ module Aws::RDS
     DBEngineVersion.add_member(:tag_list, Shapes::ShapeRef.new(shape: TagList, location_name: "TagList"))
     DBEngineVersion.add_member(:supports_babelfish, Shapes::ShapeRef.new(shape: Boolean, location_name: "SupportsBabelfish"))
     DBEngineVersion.add_member(:custom_db_engine_version_manifest, Shapes::ShapeRef.new(shape: CustomDBEngineVersionManifest, location_name: "CustomDBEngineVersionManifest"))
+    DBEngineVersion.add_member(:supports_certificate_rotation_without_restart, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "SupportsCertificateRotationWithoutRestart"))
+    DBEngineVersion.add_member(:supported_ca_certificate_identifiers, Shapes::ShapeRef.new(shape: CACertificateIdentifiersList, location_name: "SupportedCACertificateIdentifiers"))
     DBEngineVersion.struct_class = Types::DBEngineVersion
 
     DBEngineVersionList.member = Shapes::ShapeRef.new(shape: DBEngineVersion, location_name: "DBEngineVersion")
@@ -1508,6 +1520,7 @@ module Aws::RDS
     DBInstance.add_member(:storage_throughput, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "StorageThroughput"))
     DBInstance.add_member(:db_system_id, Shapes::ShapeRef.new(shape: String, location_name: "DBSystemId"))
     DBInstance.add_member(:master_user_secret, Shapes::ShapeRef.new(shape: MasterUserSecret, location_name: "MasterUserSecret"))
+    DBInstance.add_member(:certificate_details, Shapes::ShapeRef.new(shape: CertificateDetails, location_name: "CertificateDetails"))
     DBInstance.struct_class = Types::DBInstance
 
     DBInstanceAlreadyExistsFault.struct_class = Types::DBInstanceAlreadyExistsFault
@@ -3270,6 +3283,7 @@ module Aws::RDS
     RestoreDBInstanceFromDBSnapshotMessage.add_member(:network_type, Shapes::ShapeRef.new(shape: String, location_name: "NetworkType"))
     RestoreDBInstanceFromDBSnapshotMessage.add_member(:storage_throughput, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "StorageThroughput"))
     RestoreDBInstanceFromDBSnapshotMessage.add_member(:db_cluster_snapshot_identifier, Shapes::ShapeRef.new(shape: String, location_name: "DBClusterSnapshotIdentifier"))
+    RestoreDBInstanceFromDBSnapshotMessage.add_member(:allocated_storage, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "AllocatedStorage"))
     RestoreDBInstanceFromDBSnapshotMessage.struct_class = Types::RestoreDBInstanceFromDBSnapshotMessage
 
     RestoreDBInstanceFromDBSnapshotResult.add_member(:db_instance, Shapes::ShapeRef.new(shape: DBInstance, location_name: "DBInstance"))
@@ -3366,6 +3380,7 @@ module Aws::RDS
     RestoreDBInstanceToPointInTimeMessage.add_member(:backup_target, Shapes::ShapeRef.new(shape: String, location_name: "BackupTarget"))
     RestoreDBInstanceToPointInTimeMessage.add_member(:network_type, Shapes::ShapeRef.new(shape: String, location_name: "NetworkType"))
     RestoreDBInstanceToPointInTimeMessage.add_member(:storage_throughput, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "StorageThroughput"))
+    RestoreDBInstanceToPointInTimeMessage.add_member(:allocated_storage, Shapes::ShapeRef.new(shape: IntegerOptional, location_name: "AllocatedStorage"))
     RestoreDBInstanceToPointInTimeMessage.struct_class = Types::RestoreDBInstanceToPointInTimeMessage
 
     RestoreDBInstanceToPointInTimeResult.add_member(:db_instance, Shapes::ShapeRef.new(shape: DBInstance, location_name: "DBInstance"))
@@ -3928,6 +3943,7 @@ module Aws::RDS
         o.errors << Shapes::ShapeRef.new(shape: DomainNotFoundFault)
         o.errors << Shapes::ShapeRef.new(shape: BackupPolicyNotFoundFault)
         o.errors << Shapes::ShapeRef.new(shape: NetworkTypeNotSupported)
+        o.errors << Shapes::ShapeRef.new(shape: CertificateNotFoundFault)
       end)
 
       api.add_operation(:create_db_instance_read_replica, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-rds/db_cluster.rb

@@ -1822,7 +1822,7 @@ module Aws::RDS
     #
     #   Example: `my-cluster2`
     #
-    #   Valid for: Aurora DB clusters only
+    #   Valid for: Aurora DB clusters and Multi-AZ DB clusters
     # @option options [Boolean] :apply_immediately
     #   A value that indicates whether the modifications in this request and
     #   any pending modifications are asynchronously applied as soon as

data/lib/aws-sdk-rds/db_engine_version.rb

@@ -254,6 +254,29 @@ module Aws::RDS
       data[:custom_db_engine_version_manifest]
     end
 
+    # A value that indicates whether the engine version supports rotating
+    # the server certificate without rebooting the DB instance.
+    # @return [Boolean]
+    def supports_certificate_rotation_without_restart
+      data[:supports_certificate_rotation_without_restart]
+    end
+
+    # A list of the supported CA certificate identifiers.
+    #
+    # For more information, see [Using SSL/TLS to encrypt a connection to a
+    # DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    # encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    # @return [Array<String>]
+    def supported_ca_certificate_identifiers
+      data[:supported_ca_certificate_identifiers]
+    end
+
     # @!endgroup
 
     # @return [Client]

data/lib/aws-sdk-rds/db_instance.rb

@@ -375,6 +375,16 @@ module Aws::RDS
     end
 
     # The identifier of the CA certificate for this DB instance.
+    #
+    # For more information, see [Using SSL/TLS to encrypt a connection to a
+    # DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    # encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     # @return [String]
     def ca_certificate_identifier
       data[:ca_certificate_identifier]
@@ -755,6 +765,12 @@ module Aws::RDS
       data[:master_user_secret]
     end
 
+    # The details of the DB instance's server certificate.
+    # @return [Types::CertificateDetails]
+    def certificate_details
+      data[:certificate_details]
+    end
+
     # @!endgroup
 
     # @return [Client]
@@ -955,6 +971,7 @@ module Aws::RDS
     #     storage_throughput: 1,
     #     manage_master_user_password: false,
     #     master_user_secret_kms_key_id: "String",
+    #     ca_certificate_identifier: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :db_name
@@ -2039,6 +2056,21 @@ module Aws::RDS
     #   There is a default KMS key for your Amazon Web Services account. Your
     #   Amazon Web Services account has a different default KMS key for each
     #   Amazon Web Services Region.
+    # @option options [String] :ca_certificate_identifier
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
+    #
+    #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to a
+    #   DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    #   encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     # @return [DBInstance]
     def create(options = {})
       options = options.merge(db_instance_identifier: @id)
@@ -2098,6 +2130,7 @@ module Aws::RDS
     #     network_type: "String",
     #     storage_throughput: 1,
     #     enable_customer_owned_ip: false,
+    #     allocated_storage: 1,
     #     source_region: "String",
     #   })
     # @param [Hash] options ({})
@@ -2584,6 +2617,16 @@ module Aws::RDS
     #
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html
     #   [2]: https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing
+    # @option options [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the
+    #   read replica. Follow the allocation rules specified in
+    #   `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your read replica so that the
+    #   create operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
     # @option options [String] :source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -3187,9 +3230,20 @@ module Aws::RDS
     #
     #   This setting doesn't apply to RDS Custom.
     # @option options [String] :ca_certificate_identifier
-    #   Specifies the certificate to associate with the DB instance.
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
     #
     #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to a
+    #   DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    #   encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     # @option options [String] :domain
     #   The Active Directory directory ID to move the DB instance to. Specify
     #   `none` to remove the instance from its current domain. You must create
@@ -3766,6 +3820,7 @@ module Aws::RDS
     #     backup_target: "String",
     #     network_type: "String",
     #     storage_throughput: 1,
+    #     allocated_storage: 1,
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :target_db_instance_identifier
@@ -4143,6 +4198,15 @@ module Aws::RDS
     #   Specifies the storage throughput value for the DB instance.
     #
     #   This setting doesn't apply to RDS Custom or Amazon Aurora.
+    # @option options [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the DB
+    #   instance. Follow the allocation rules specified in `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that the
+    #   restore operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
     # @return [DBInstance]
     def restore(options = {})
       options = options.merge(source_db_instance_identifier: @id)

data/lib/aws-sdk-rds/db_snapshot.rb

@@ -667,6 +667,7 @@ module Aws::RDS
     #     network_type: "String",
     #     storage_throughput: 1,
     #     db_cluster_snapshot_identifier: "String",
+    #     allocated_storage: 1,
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :db_instance_identifier
@@ -1055,6 +1056,15 @@ module Aws::RDS
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html
+    # @option options [Integer] :allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the DB
+    #   instance. Follow the allocation rules specified in CreateDBInstance.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that the
+    #   restore operation can succeed. You can also allocate additional memory
+    #   for future growth.
+    #
+    #    </note>
     # @return [DBInstance]
     def restore(options = {})
       options = options.merge(db_snapshot_identifier: @snapshot_id)

data/lib/aws-sdk-rds/resource.rb

@@ -1050,6 +1050,7 @@ module Aws::RDS
     #     storage_throughput: 1,
     #     manage_master_user_password: false,
     #     master_user_secret_kms_key_id: "String",
+    #     ca_certificate_identifier: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :db_name
@@ -2147,6 +2148,21 @@ module Aws::RDS
     #   There is a default KMS key for your Amazon Web Services account. Your
     #   Amazon Web Services account has a different default KMS key for each
     #   Amazon Web Services Region.
+    # @option options [String] :ca_certificate_identifier
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
+    #
+    #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to a
+    #   DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    #   encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     # @return [DBInstance]
     def create_db_instance(options = {})
       resp = @client.create_db_instance(options)

data/lib/aws-sdk-rds/types.rb

@@ -704,6 +704,16 @@ module Aws::RDS
 
     # A CA certificate for an Amazon Web Services account.
     #
+    # For more information, see [Using SSL/TLS to encrypt a connection to a
+    # DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    # encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #
     # @!attribute [rw] certificate_identifier
     #   The unique key that identifies a certificate.
     #   @return [String]
@@ -752,6 +762,36 @@ module Aws::RDS
       include Aws::Structure
     end
 
+    # Returns the details of the DB instance’s server certificate.
+    #
+    # For more information, see [Using SSL/TLS to encrypt a connection to a
+    # DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS to
+    # encrypt a connection to a DB cluster][2] in the *Amazon Aurora User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #
+    # @!attribute [rw] ca_identifier
+    #   The CA identifier of the CA certificate used for the DB instance's
+    #   server certificate.
+    #   @return [String]
+    #
+    # @!attribute [rw] valid_till
+    #   The expiration date of the DB instance’s server certificate.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CertificateDetails AWS API Documentation
+    #
+    class CertificateDetails < Struct.new(
+      :ca_identifier,
+      :valid_till)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Data returned by the **DescribeCertificates** action.
     #
     # @!attribute [rw] certificates
@@ -4235,6 +4275,23 @@ module Aws::RDS
     #   each Amazon Web Services Region.
     #   @return [String]
     #
+    # @!attribute [rw] ca_certificate_identifier
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
+    #
+    #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBInstanceMessage AWS API Documentation
     #
     class CreateDBInstanceMessage < Struct.new(
@@ -4291,7 +4348,8 @@ module Aws::RDS
       :network_type,
       :storage_throughput,
       :manage_master_user_password,
-      :master_user_secret_kms_key_id)
+      :master_user_secret_kms_key_id,
+      :ca_certificate_identifier)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4901,6 +4959,18 @@ module Aws::RDS
     #   [2]: https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing
     #   @return [Boolean]
     #
+    # @!attribute [rw] allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the
+    #   read replica. Follow the allocation rules specified in
+    #   `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your read replica so that the
+    #   create operation can succeed. You can also allocate additional
+    #   memory for future growth.
+    #
+    #    </note>
+    #   @return [Integer]
+    #
     # @!attribute [rw] source_region
     #   The source region of the snapshot. This is only needed when the
     #   shapshot is encrypted and in a different region.
@@ -4945,6 +5015,7 @@ module Aws::RDS
       :network_type,
       :storage_throughput,
       :enable_customer_owned_ip,
+      :allocated_storage,
       :source_region)
       SENSITIVE = []
       include Aws::Structure
@@ -7254,6 +7325,25 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.preparing.html#custom-cev.preparing.manifest.fields
     #   @return [String]
     #
+    # @!attribute [rw] supports_certificate_rotation_without_restart
+    #   A value that indicates whether the engine version supports rotating
+    #   the server certificate without rebooting the DB instance.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] supported_ca_certificate_identifiers
+    #   A list of the supported CA certificate identifiers.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBEngineVersion AWS API Documentation
     #
     class DBEngineVersion < Struct.new(
@@ -7285,7 +7375,9 @@ module Aws::RDS
       :create_time,
       :tag_list,
       :supports_babelfish,
-      :custom_db_engine_version_manifest)
+      :custom_db_engine_version_manifest,
+      :supports_certificate_rotation_without_restart,
+      :supported_ca_certificate_identifiers)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7588,6 +7680,16 @@ module Aws::RDS
     #
     # @!attribute [rw] ca_certificate_identifier
     #   The identifier of the CA certificate for this DB instance.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     #   @return [String]
     #
     # @!attribute [rw] domain_memberships
@@ -7894,6 +7996,10 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html
     #   @return [Types::MasterUserSecret]
     #
+    # @!attribute [rw] certificate_details
+    #   The details of the DB instance's server certificate.
+    #   @return [Types::CertificateDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstance AWS API Documentation
     #
     class DBInstance < Struct.new(
@@ -7975,7 +8081,8 @@ module Aws::RDS
       :activity_stream_policy_status,
       :storage_throughput,
       :db_system_id,
-      :master_user_secret)
+      :master_user_secret,
+      :certificate_details)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -14071,6 +14178,16 @@ module Aws::RDS
 
     # @!attribute [rw] certificate
     #   A CA certificate for an Amazon Web Services account.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     #   @return [Types::Certificate]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ModifyCertificatesResult AWS API Documentation
@@ -14242,7 +14359,7 @@ module Aws::RDS
     #
     #   Example: `my-cluster2`
     #
-    #   Valid for: Aurora DB clusters only
+    #   Valid for: Aurora DB clusters and Multi-AZ DB clusters
     #   @return [String]
     #
     # @!attribute [rw] apply_immediately
@@ -15547,9 +15664,20 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] ca_certificate_identifier
-    #   Specifies the certificate to associate with the DB instance.
+    #   Specifies the CA certificate identifier to use for the DB instance’s
+    #   server certificate.
     #
     #   This setting doesn't apply to RDS Custom.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     #   @return [String]
     #
     # @!attribute [rw] domain
@@ -17731,6 +17859,16 @@ module Aws::RDS
     #
     # @!attribute [rw] ca_certificate_identifier
     #   The identifier of the CA certificate for the DB instance.
+    #
+    #   For more information, see [Using SSL/TLS to encrypt a connection to
+    #   a DB instance][1] in the *Amazon RDS User Guide* and [ Using SSL/TLS
+    #   to encrypt a connection to a DB cluster][2] in the *Amazon Aurora
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
+    #   [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
     #   @return [String]
     #
     # @!attribute [rw] db_subnet_group_name
@@ -20729,6 +20867,18 @@ module Aws::RDS
     #   [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html
     #   @return [String]
     #
+    # @!attribute [rw] allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the
+    #   DB instance. Follow the allocation rules specified in
+    #   CreateDBInstance.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that
+    #   the restore operation can succeed. You can also allocate additional
+    #   memory for future growth.
+    #
+    #    </note>
+    #   @return [Integer]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceFromDBSnapshotMessage AWS API Documentation
     #
     class RestoreDBInstanceFromDBSnapshotMessage < Struct.new(
@@ -20765,7 +20915,8 @@ module Aws::RDS
       :backup_target,
       :network_type,
       :storage_throughput,
-      :db_cluster_snapshot_identifier)
+      :db_cluster_snapshot_identifier,
+      :allocated_storage)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -20811,7 +20962,7 @@ module Aws::RDS
     #   @return [String]
     #
     # @!attribute [rw] allocated_storage
-    #   The amount of storage (in gigabytes) to allocate initially for the
+    #   The amount of storage (in gibibytes) to allocate initially for the
     #   DB instance. Follow the allocation rules specified in
     #   `CreateDBInstance`.
     #
@@ -21869,6 +22020,18 @@ module Aws::RDS
     #   This setting doesn't apply to RDS Custom or Amazon Aurora.
     #   @return [Integer]
     #
+    # @!attribute [rw] allocated_storage
+    #   The amount of storage (in gibibytes) to allocate initially for the
+    #   DB instance. Follow the allocation rules specified in
+    #   `CreateDBInstance`.
+    #
+    #   <note markdown="1"> Be sure to allocate enough memory for your new DB instance so that
+    #   the restore operation can succeed. You can also allocate additional
+    #   memory for future growth.
+    #
+    #    </note>
+    #   @return [Integer]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/RestoreDBInstanceToPointInTimeMessage AWS API Documentation
     #
     class RestoreDBInstanceToPointInTimeMessage < Struct.new(
@@ -21909,7 +22072,8 @@ module Aws::RDS
       :custom_iam_instance_profile,
       :backup_target,
       :network_type,
-      :storage_throughput)
+      :storage_throughput,
+      :allocated_storage)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -22623,27 +22787,27 @@ module Aws::RDS
     #   The ID of the Amazon Web Services KMS key to use to encrypt the
     #   snapshot exported to Amazon S3. The Amazon Web Services KMS key
     #   identifier is the key ARN, key ID, alias ARN, or alias name for the
-    #   KMS key. The caller of this operation must be authorized to execute
-    #   the following operations. These can be set in the Amazon Web
-    #   Services KMS key policy:
+    #   KMS key. The caller of this operation must be authorized to run the
+    #   following operations. These can be set in the Amazon Web Services
+    #   KMS key policy:
     #
-    #   * GrantOperation.Encrypt
+    #   * kms:Encrypt
     #
-    #   * GrantOperation.Decrypt
+    #   * kms:Decrypt
     #
-    #   * GrantOperation.GenerateDataKey
+    #   * kms:GenerateDataKey
     #
-    #   * GrantOperation.GenerateDataKeyWithoutPlaintext
+    #   * kms:GenerateDataKeyWithoutPlaintext
     #
-    #   * GrantOperation.ReEncryptFrom
+    #   * kms:ReEncryptFrom
     #
-    #   * GrantOperation.ReEncryptTo
+    #   * kms:ReEncryptTo
     #
-    #   * GrantOperation.CreateGrant
+    #   * kms:CreateGrant
     #
-    #   * GrantOperation.DescribeKey
+    #   * kms:DescribeKey
     #
-    #   * GrantOperation.RetireGrant
+    #   * kms:RetireGrant
     #   @return [String]
     #
     # @!attribute [rw] s3_prefix

data/lib/aws-sdk-rds.rb

@@ -78,6 +78,6 @@ require_relative 'aws-sdk-rds/customizations'
 # @!group service
 module Aws::RDS
 
-  GEM_VERSION = '1.168.0'
+  GEM_VERSION = '1.170.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-rds
 version: !ruby/object:Gem::Version
-  version: 1.168.0
+  version: 1.170.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-28 00:00:00.000000000 Z
+date: 2023-01-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sigv4