aws-sdk-rds 1.0.0.rc3 → 1.0.0.rc4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ba9b212afe9bc99c38b593a4037b7e8abf2b2bea
-  data.tar.gz: 8f0c17c8ee81c4a6e064435b5351859719541860
+  metadata.gz: 8fa058ed6d35513239353f7431f3505d62ac0892
+  data.tar.gz: 4a6d76a2b05d912d7c3e3f60b7a5caea7217b4b3
 SHA512:
-  metadata.gz: 3c3151b54013b5782c55391f09a43c3a0d8d35a967b53252e021b30a2d15ed1cd7bfa63384ddd6513e7629213307fabc72ccac3734dcbc55a3cd5af5c252ad31
-  data.tar.gz: a4d60d4251ae250a9b59ebd187e70a445356ffae086c82e613b7705d90816d9c7c037ea21b9ad39d7708a8895b281ec4e60b29917165431c2c3818d74452cf88
+  metadata.gz: ede3a68f3ded8a357e427fe1edbd5dd78856c0a9c73c8652b8295a21c7bb3d7a0a85f60869ac4c958ccb64b6f32bc663bf7ad5fbc265ee102ffb7066cbd3a5ba
+  data.tar.gz: cfa58cc1eb78df27a43b4a37d03794e09dab3db7dfb104562755996edb7c2bf05a08f5049f8933eaad1b19ec617b825a8a9c05ce439de6eeb69bd8b63ca70910

data/lib/aws-sdk-rds.rb

@@ -68,6 +68,6 @@ require_relative 'aws-sdk-rds/customizations'
 # @service
 module Aws::RDS
 
-  GEM_VERSION = '1.0.0.rc3'
+  GEM_VERSION = '1.0.0.rc4'
 
 end

data/lib/aws-sdk-rds/client.rb

@@ -515,12 +515,82 @@ module Aws::RDS
       req.send_request(options)
     end
 
-    # Creates a snapshot of a DB cluster. For more information on Amazon
-    # Aurora, see [Aurora on Amazon RDS][1] in the *Amazon RDS User Guide.*
+    # Copies a snapshot of a DB cluster.
     #
+    # To copy a DB cluster snapshot from a shared manual DB cluster
+    # snapshot, `SourceDBClusterSnapshotIdentifier` must be the Amazon
+    # Resource Name (ARN) of the shared DB cluster snapshot.
     #
+    # You can copy an encrypted DB cluster snapshot from another AWS region.
+    # In that case, the region where you call the `CopyDBClusterSnapshot`
+    # action is the destination region for the encrypted DB cluster snapshot
+    # to be copied to. To copy an encrypted DB cluster snapshot from another
+    # region, you must provide the following values:
     #
-    # [1]: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html
+    # * `KmsKeyId` - The AWS Key Management System (KMS) key identifier for
+    #   the key to use to encrypt the copy of the DB cluster snapshot in the
+    #   destination region.
+    #
+    # * `PreSignedUrl` - A URL that contains a Signature Version 4 signed
+    #   request for the `CopyDBClusterSnapshot` action to be called in the
+    #   source region where the DB cluster snapshot will be copied from. The
+    #   pre-signed URL must be a valid request for the
+    #   `CopyDBClusterSnapshot` API action that can be executed in the
+    #   source region that contains the encrypted DB cluster snapshot to be
+    #   copied.
+    #
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster snapshot in the destination region.
+    #     This is the same identifier for both the `CopyDBClusterSnapshot`
+    #     action that is called in the destination region, and the action
+    #     contained in the pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that the DB cluster
+    #     snapshot will be created in.
+    #
+    #   * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot
+    #     identifier for the encrypted DB cluster snapshot to be copied.
+    #     This identifier must be in the Amazon Resource Name (ARN) format
+    #     for the source region. For example, if you are copying an
+    #     encrypted DB cluster snapshot from the us-west-2 region, then your
+    #     `SourceDBClusterSnapshotIdentifier` looks like the following
+    #     example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster-snapshot:aurora-cluster1-snapshot-20161115`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature
+    #   Version 4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    # * `TargetDBClusterSnapshotIdentifier` - The identifier for the new
+    #   copy of the DB cluster snapshot in the destination region.
+    #
+    # * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot
+    #   identifier for the encrypted DB cluster snapshot to be copied. This
+    #   identifier must be in the ARN format for the source region and is
+    #   the same value as the `SourceDBClusterSnapshotIdentifier` in the
+    #   pre-signed URL.
+    #
+    # To cancel the copy operation once it is in progress, delete the target
+    # DB cluster snapshot identified by `TargetDBClusterSnapshotIdentifier`
+    # while that DB cluster snapshot is in "copying" status.
+    #
+    # For more information on copying encrypted DB cluster snapshots from
+    # one region to another, see [ Copying a DB Cluster Snapshot in the Same
+    # Account, Either in the Same Region or Across Regions][3] in the Amazon
+    # RDS User Guide.
+    #
+    # For more information on Amazon Aurora, see [Aurora on Amazon RDS][4]
+    # in the *Amazon RDS User Guide.*
+    #
+    #
+    #
+    # [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    # [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    # [3]: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CopySnapshot.html#USER_CopyDBClusterSnapshot.CrossRegion
+    # [4]: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html
     #
     # @option params [required, String] :source_db_cluster_snapshot_identifier
     #   The identifier of the DB cluster snapshot to copy. This parameter is
@@ -550,9 +620,79 @@ module Aws::RDS
     #
     #   Example: `my-cluster-snapshot2`
     #
+    # @option params [String] :kms_key_id
+    #   The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key
+    #   ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
+    #   key alias for the KMS encryption key.
+    #
+    #   If you copy an unencrypted DB cluster snapshot and specify a value for
+    #   the `KmsKeyId` parameter, Amazon RDS encrypts the target DB cluster
+    #   snapshot using the specified KMS encryption key.
+    #
+    #   If you copy an encrypted DB cluster snapshot from your AWS account,
+    #   you can specify a value for `KmsKeyId` to encrypt the copy with a new
+    #   KMS encryption key. If you don't specify a value for `KmsKeyId`, then
+    #   the copy of the DB cluster snapshot is encrypted with the same KMS key
+    #   as the source DB cluster snapshot.
+    #
+    #   If you copy an encrypted DB cluster snapshot that is shared from
+    #   another AWS account, then you must specify a value for `KmsKeyId`.
+    #
+    #   To copy an encrypted DB cluster snapshot to another region, you must
+    #   set `KmsKeyId` to the KMS key ID you want to use to encrypt the copy
+    #   of the DB cluster snapshot in the destination region. KMS encryption
+    #   keys are specific to the region that they are created in, and you
+    #   cannot use encryption keys from one region in another region.
+    #
+    # @option params [String] :pre_signed_url
+    #   The URL that contains a Signature Version 4 signed request for the
+    #   `CopyDBClusterSnapshot` API action in the AWS region that contains the
+    #   source DB cluster snapshot to copy. The `PreSignedUrl` parameter must
+    #   be used when copying an encrypted DB cluster snapshot from another AWS
+    #   region.
+    #
+    #   The pre-signed URL must be a valid request for the
+    #   `CopyDBSClusterSnapshot` API action that can be executed in the source
+    #   region that contains the encrypted DB cluster snapshot to be copied.
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster snapshot in the destination region. This
+    #     is the same identifier for both the `CopyDBClusterSnapshot` action
+    #     that is called in the destination region, and the action contained
+    #     in the pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that the DB cluster
+    #     snapshot will be created in.
+    #
+    #   * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot
+    #     identifier for the encrypted DB cluster snapshot to be copied. This
+    #     identifier must be in the Amazon Resource Name (ARN) format for the
+    #     source region. For example, if you are copying an encrypted DB
+    #     cluster snapshot from the us-west-2 region, then your
+    #     `SourceDBClusterSnapshotIdentifier` looks like the following
+    #     example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster-snapshot:aurora-cluster1-snapshot-20161115`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature Version
+    #   4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #
+    # @option params [Boolean] :copy_tags
+    #
     # @option params [Array<Types::Tag>] :tags
     #   A list of tags.
     #
+    # @option params [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #
     # @return [Types::CopyDBClusterSnapshotResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CopyDBClusterSnapshotResult#db_cluster_snapshot #db_cluster_snapshot} => Types::DBClusterSnapshot
@@ -562,12 +702,16 @@ module Aws::RDS
     #   resp = client.copy_db_cluster_snapshot({
     #     source_db_cluster_snapshot_identifier: "String", # required
     #     target_db_cluster_snapshot_identifier: "String", # required
+    #     kms_key_id: "String",
+    #     pre_signed_url: "String",
+    #     copy_tags: false,
     #     tags: [
     #       {
     #         key: "String",
     #         value: "String",
     #       },
     #     ],
+    #     source_region: "String",
     #   })
     #
     # @example Response structure
@@ -872,7 +1016,9 @@ module Aws::RDS
     #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
     #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
     #
-    # @option params [String] :destination_region
+    # @option params [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     #
     # @return [Types::CopyDBSnapshotResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -892,7 +1038,7 @@ module Aws::RDS
     #     ],
     #     copy_tags: false,
     #     pre_signed_url: "String",
-    #     destination_region: "String",
+    #     source_region: "String",
     #   })
     #
     # @example Response structure
@@ -1040,7 +1186,9 @@ module Aws::RDS
     #
     # You can use the `ReplicationSourceIdentifier` parameter to create the
     # DB cluster as a Read Replica of another DB cluster or Amazon RDS MySQL
-    # DB instance.
+    # DB instance. For cross-region replication where the DB cluster
+    # identified by `ReplicationSourceIdentifier` is encrypted, you must
+    # also specify the `PreSignedUrl` parameter.
     #
     # For more information on Amazon Aurora, see [Aurora on Amazon RDS][1]
     # in the *Amazon RDS User Guide.*
@@ -1219,7 +1367,7 @@ module Aws::RDS
     #   encryption key. If you are creating a DB cluster with the same AWS
     #   account that owns the KMS encryption key used to encrypt the new DB
     #   cluster, then you can use the KMS key alias instead of the ARN for the
-    #   KM encryption key.
+    #   KMS encryption key.
     #
     #   If the `StorageEncrypted` parameter is true, and you do not specify a
     #   value for the `KmsKeyId` parameter, then Amazon RDS will use your
@@ -1227,6 +1375,55 @@ module Aws::RDS
     #   your AWS account. Your AWS account has a different default encryption
     #   key for each AWS region.
     #
+    #   If you create a Read Replica of an encrypted DB cluster in another
+    #   region, you must set `KmsKeyId` to a KMS key ID that is valid in the
+    #   destination region. This key is used to encrypt the Read Replica in
+    #   that region.
+    #
+    # @option params [String] :pre_signed_url
+    #   A URL that contains a Signature Version 4 signed request for the
+    #   `CreateDBCluster` action to be called in the source region where the
+    #   DB cluster will be replicated from. You only need to specify
+    #   `PreSignedUrl` when you are performing cross-region replication from
+    #   an encrypted DB cluster.
+    #
+    #   The pre-signed URL must be a valid request for the `CreateDBCluster`
+    #   API action that can be executed in the source region that contains the
+    #   encrypted DB cluster to be copied.
+    #
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster in the destination region. This should
+    #     refer to the same KMS key for both the `CreateDBCluster` action that
+    #     is called in the destination region, and the action contained in the
+    #     pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that Aurora Read
+    #     Replica will be created in.
+    #
+    #   * `ReplicationSourceIdentifier` - The DB cluster identifier for the
+    #     encrypted DB cluster to be copied. This identifier must be in the
+    #     Amazon Resource Name (ARN) format for the source region. For
+    #     example, if you are copying an encrypted DB cluster from the
+    #     us-west-2 region, then your `ReplicationSourceIdentifier` would look
+    #     like Example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature Version
+    #   4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #
+    # @option params [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #
     # @return [Types::CreateDBClusterResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDBClusterResult#db_cluster #db_cluster} => Types::DBCluster
@@ -1259,6 +1456,8 @@ module Aws::RDS
     #     ],
     #     storage_encrypted: false,
     #     kms_key_id: "String",
+    #     pre_signed_url: "String",
+    #     source_region: "String",
     #   })
     #
     # @example Response structure
@@ -2826,6 +3025,10 @@ module Aws::RDS
     #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
     #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
     #
+    # @option params [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #
     # @return [Types::CreateDBInstanceReadReplicaResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDBInstanceReadReplicaResult#db_instance #db_instance} => Types::DBInstance
@@ -2855,6 +3058,7 @@ module Aws::RDS
     #     monitoring_role_arn: "String",
     #     kms_key_id: "String",
     #     pre_signed_url: "String",
+    #     source_region: "String",
     #   })
     #
     # @example Response structure
@@ -10567,7 +10771,7 @@ module Aws::RDS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-rds'
-      context[:gem_version] = '1.0.0.rc3'
+      context[:gem_version] = '1.0.0.rc4'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-rds/client_api.rb

@@ -463,7 +463,12 @@ module Aws::RDS
 
     CopyDBClusterSnapshotMessage.add_member(:source_db_cluster_snapshot_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "SourceDBClusterSnapshotIdentifier"))
     CopyDBClusterSnapshotMessage.add_member(:target_db_cluster_snapshot_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TargetDBClusterSnapshotIdentifier"))
+    CopyDBClusterSnapshotMessage.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "KmsKeyId"))
+    CopyDBClusterSnapshotMessage.add_member(:pre_signed_url, Shapes::ShapeRef.new(shape: String, location_name: "PreSignedUrl"))
+    CopyDBClusterSnapshotMessage.add_member(:copy_tags, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "CopyTags"))
     CopyDBClusterSnapshotMessage.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
+    CopyDBClusterSnapshotMessage.add_member(:destination_region, Shapes::ShapeRef.new(shape: String, location_name: "DestinationRegion", metadata: {"documented"=>false}))
+    CopyDBClusterSnapshotMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
     CopyDBClusterSnapshotMessage.struct_class = Types::CopyDBClusterSnapshotMessage
 
     CopyDBClusterSnapshotResult.add_member(:db_cluster_snapshot, Shapes::ShapeRef.new(shape: DBClusterSnapshot, location_name: "DBClusterSnapshot"))
@@ -484,7 +489,8 @@ module Aws::RDS
     CopyDBSnapshotMessage.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     CopyDBSnapshotMessage.add_member(:copy_tags, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "CopyTags"))
     CopyDBSnapshotMessage.add_member(:pre_signed_url, Shapes::ShapeRef.new(shape: String, location_name: "PreSignedUrl"))
-    CopyDBSnapshotMessage.add_member(:destination_region, Shapes::ShapeRef.new(shape: String, location_name: "DestinationRegion"))
+    CopyDBSnapshotMessage.add_member(:destination_region, Shapes::ShapeRef.new(shape: String, location_name: "DestinationRegion", metadata: {"documented"=>false}))
+    CopyDBSnapshotMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
     CopyDBSnapshotMessage.struct_class = Types::CopyDBSnapshotMessage
 
     CopyDBSnapshotResult.add_member(:db_snapshot, Shapes::ShapeRef.new(shape: DBSnapshot, location_name: "DBSnapshot"))
@@ -519,6 +525,9 @@ module Aws::RDS
     CreateDBClusterMessage.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     CreateDBClusterMessage.add_member(:storage_encrypted, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "StorageEncrypted"))
     CreateDBClusterMessage.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "KmsKeyId"))
+    CreateDBClusterMessage.add_member(:pre_signed_url, Shapes::ShapeRef.new(shape: String, location_name: "PreSignedUrl"))
+    CreateDBClusterMessage.add_member(:destination_region, Shapes::ShapeRef.new(shape: String, location_name: "DestinationRegion", metadata: {"documented"=>false}))
+    CreateDBClusterMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
     CreateDBClusterMessage.struct_class = Types::CreateDBClusterMessage
 
     CreateDBClusterParameterGroupMessage.add_member(:db_cluster_parameter_group_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DBClusterParameterGroupName"))
@@ -598,6 +607,8 @@ module Aws::RDS
     CreateDBInstanceReadReplicaMessage.add_member(:monitoring_role_arn, Shapes::ShapeRef.new(shape: String, location_name: "MonitoringRoleArn"))
     CreateDBInstanceReadReplicaMessage.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "KmsKeyId"))
     CreateDBInstanceReadReplicaMessage.add_member(:pre_signed_url, Shapes::ShapeRef.new(shape: String, location_name: "PreSignedUrl"))
+    CreateDBInstanceReadReplicaMessage.add_member(:destination_region, Shapes::ShapeRef.new(shape: String, location_name: "DestinationRegion", metadata: {"documented"=>false}))
+    CreateDBInstanceReadReplicaMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
     CreateDBInstanceReadReplicaMessage.struct_class = Types::CreateDBInstanceReadReplicaMessage
 
     CreateDBInstanceReadReplicaResult.add_member(:db_instance, Shapes::ShapeRef.new(shape: DBInstance, location_name: "DBInstance"))

data/lib/aws-sdk-rds/db_cluster.rb

@@ -324,6 +324,8 @@ module Aws::RDS
     #     ],
     #     storage_encrypted: false,
     #     kms_key_id: "String",
+    #     pre_signed_url: "String",
+    #     source_region: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [Array<String>] :availability_zones
@@ -464,13 +466,61 @@ module Aws::RDS
     #   encryption key. If you are creating a DB cluster with the same AWS
     #   account that owns the KMS encryption key used to encrypt the new DB
     #   cluster, then you can use the KMS key alias instead of the ARN for the
-    #   KM encryption key.
+    #   KMS encryption key.
     #
     #   If the `StorageEncrypted` parameter is true, and you do not specify a
     #   value for the `KmsKeyId` parameter, then Amazon RDS will use your
     #   default encryption key. AWS KMS creates the default encryption key for
     #   your AWS account. Your AWS account has a different default encryption
     #   key for each AWS region.
+    #
+    #   If you create a Read Replica of an encrypted DB cluster in another
+    #   region, you must set `KmsKeyId` to a KMS key ID that is valid in the
+    #   destination region. This key is used to encrypt the Read Replica in
+    #   that region.
+    # @option options [String] :pre_signed_url
+    #   A URL that contains a Signature Version 4 signed request for the
+    #   `CreateDBCluster` action to be called in the source region where the
+    #   DB cluster will be replicated from. You only need to specify
+    #   `PreSignedUrl` when you are performing cross-region replication from
+    #   an encrypted DB cluster.
+    #
+    #   The pre-signed URL must be a valid request for the `CreateDBCluster`
+    #   API action that can be executed in the source region that contains the
+    #   encrypted DB cluster to be copied.
+    #
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster in the destination region. This should
+    #     refer to the same KMS key for both the `CreateDBCluster` action that
+    #     is called in the destination region, and the action contained in the
+    #     pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that Aurora Read
+    #     Replica will be created in.
+    #
+    #   * `ReplicationSourceIdentifier` - The DB cluster identifier for the
+    #     encrypted DB cluster to be copied. This identifier must be in the
+    #     Amazon Resource Name (ARN) format for the source region. For
+    #     example, if you are copying an encrypted DB cluster from the
+    #     us-west-2 region, then your `ReplicationSourceIdentifier` would look
+    #     like Example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature Version
+    #   4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    # @option options [String] :destination_region
+    # @option options [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     # @return [DBCluster]
     def create(options = {})
       options = options.merge(db_cluster_identifier: @id)

data/lib/aws-sdk-rds/db_cluster_snapshot.rb

@@ -212,12 +212,16 @@ module Aws::RDS
     #
     #   dbclustersnapshot = db_cluster_snapshot.copy({
     #     target_db_cluster_snapshot_identifier: "String", # required
+    #     kms_key_id: "String",
+    #     pre_signed_url: "String",
+    #     copy_tags: false,
     #     tags: [
     #       {
     #         key: "String",
     #         value: "String",
     #       },
     #     ],
+    #     source_region: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :target_db_cluster_snapshot_identifier
@@ -233,8 +237,75 @@ module Aws::RDS
     #   * Cannot end with a hyphen or contain two consecutive hyphens.
     #
     #   Example: `my-cluster-snapshot2`
+    # @option options [String] :kms_key_id
+    #   The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key
+    #   ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
+    #   key alias for the KMS encryption key.
+    #
+    #   If you copy an unencrypted DB cluster snapshot and specify a value for
+    #   the `KmsKeyId` parameter, Amazon RDS encrypts the target DB cluster
+    #   snapshot using the specified KMS encryption key.
+    #
+    #   If you copy an encrypted DB cluster snapshot from your AWS account,
+    #   you can specify a value for `KmsKeyId` to encrypt the copy with a new
+    #   KMS encryption key. If you don't specify a value for `KmsKeyId`, then
+    #   the copy of the DB cluster snapshot is encrypted with the same KMS key
+    #   as the source DB cluster snapshot.
+    #
+    #   If you copy an encrypted DB cluster snapshot that is shared from
+    #   another AWS account, then you must specify a value for `KmsKeyId`.
+    #
+    #   To copy an encrypted DB cluster snapshot to another region, you must
+    #   set `KmsKeyId` to the KMS key ID you want to use to encrypt the copy
+    #   of the DB cluster snapshot in the destination region. KMS encryption
+    #   keys are specific to the region that they are created in, and you
+    #   cannot use encryption keys from one region in another region.
+    # @option options [String] :pre_signed_url
+    #   The URL that contains a Signature Version 4 signed request for the
+    #   `CopyDBClusterSnapshot` API action in the AWS region that contains the
+    #   source DB cluster snapshot to copy. The `PreSignedUrl` parameter must
+    #   be used when copying an encrypted DB cluster snapshot from another AWS
+    #   region.
+    #
+    #   The pre-signed URL must be a valid request for the
+    #   `CopyDBSClusterSnapshot` API action that can be executed in the source
+    #   region that contains the encrypted DB cluster snapshot to be copied.
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster snapshot in the destination region. This
+    #     is the same identifier for both the `CopyDBClusterSnapshot` action
+    #     that is called in the destination region, and the action contained
+    #     in the pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that the DB cluster
+    #     snapshot will be created in.
+    #
+    #   * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot
+    #     identifier for the encrypted DB cluster snapshot to be copied. This
+    #     identifier must be in the Amazon Resource Name (ARN) format for the
+    #     source region. For example, if you are copying an encrypted DB
+    #     cluster snapshot from the us-west-2 region, then your
+    #     `SourceDBClusterSnapshotIdentifier` looks like the following
+    #     example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster-snapshot:aurora-cluster1-snapshot-20161115`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature Version
+    #   4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    # @option options [Boolean] :copy_tags
     # @option options [Array<Types::Tag>] :tags
     #   A list of tags.
+    # @option options [String] :destination_region
+    # @option options [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     # @return [DBClusterSnapshot]
     def copy(options = {})
       options = options.merge(source_db_cluster_snapshot_identifier: @snapshot_id)

data/lib/aws-sdk-rds/db_instance.rb

@@ -1314,6 +1314,7 @@ module Aws::RDS
     #     monitoring_role_arn: "String",
     #     kms_key_id: "String",
     #     pre_signed_url: "String",
+    #     source_region: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :db_instance_identifier
@@ -1507,6 +1508,10 @@ module Aws::RDS
     #
     #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
     #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    # @option options [String] :destination_region
+    # @option options [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     # @return [DBInstance]
     def create_read_replica(options = {})
       options = options.merge(source_db_instance_identifier: @id)

data/lib/aws-sdk-rds/db_snapshot.rb

@@ -267,7 +267,7 @@ module Aws::RDS
     #     ],
     #     copy_tags: false,
     #     pre_signed_url: "String",
-    #     destination_region: "String",
+    #     source_region: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :target_db_snapshot_identifier
@@ -360,6 +360,9 @@ module Aws::RDS
     #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
     #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
     # @option options [String] :destination_region
+    # @option options [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     # @return [DBSnapshot]
     def copy(options = {})
       options = options.merge(source_db_snapshot_identifier: @snapshot_id)

data/lib/aws-sdk-rds/plugins/cross_region_copying.rb

@@ -55,7 +55,12 @@ module Aws
         handler(
           Handler,
           step: :initialize,
-          operations: [:copy_db_snapshot]
+          operations: [
+            :copy_db_snapshot,
+            :create_db_instance_read_replica,
+            :copy_db_cluster_snapshot,
+            :create_db_cluster
+          ]
         )
 
       end

data/lib/aws-sdk-rds/resource.rb

@@ -49,6 +49,8 @@ module Aws::RDS
     #     ],
     #     storage_encrypted: false,
     #     kms_key_id: "String",
+    #     pre_signed_url: "String",
+    #     source_region: "String",
     #   })
     # @param [Hash] options ({})
     # @option options [Array<String>] :availability_zones
@@ -202,13 +204,61 @@ module Aws::RDS
     #   encryption key. If you are creating a DB cluster with the same AWS
     #   account that owns the KMS encryption key used to encrypt the new DB
     #   cluster, then you can use the KMS key alias instead of the ARN for the
-    #   KM encryption key.
+    #   KMS encryption key.
     #
     #   If the `StorageEncrypted` parameter is true, and you do not specify a
     #   value for the `KmsKeyId` parameter, then Amazon RDS will use your
     #   default encryption key. AWS KMS creates the default encryption key for
     #   your AWS account. Your AWS account has a different default encryption
     #   key for each AWS region.
+    #
+    #   If you create a Read Replica of an encrypted DB cluster in another
+    #   region, you must set `KmsKeyId` to a KMS key ID that is valid in the
+    #   destination region. This key is used to encrypt the Read Replica in
+    #   that region.
+    # @option options [String] :pre_signed_url
+    #   A URL that contains a Signature Version 4 signed request for the
+    #   `CreateDBCluster` action to be called in the source region where the
+    #   DB cluster will be replicated from. You only need to specify
+    #   `PreSignedUrl` when you are performing cross-region replication from
+    #   an encrypted DB cluster.
+    #
+    #   The pre-signed URL must be a valid request for the `CreateDBCluster`
+    #   API action that can be executed in the source region that contains the
+    #   encrypted DB cluster to be copied.
+    #
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster in the destination region. This should
+    #     refer to the same KMS key for both the `CreateDBCluster` action that
+    #     is called in the destination region, and the action contained in the
+    #     pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that Aurora Read
+    #     Replica will be created in.
+    #
+    #   * `ReplicationSourceIdentifier` - The DB cluster identifier for the
+    #     encrypted DB cluster to be copied. This identifier must be in the
+    #     Amazon Resource Name (ARN) format for the source region. For
+    #     example, if you are copying an encrypted DB cluster from the
+    #     us-west-2 region, then your `ReplicationSourceIdentifier` would look
+    #     like Example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature Version
+    #   4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    # @option options [String] :destination_region
+    # @option options [String] :source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     # @return [DBCluster]
     def create_db_cluster(options = {})
       resp = @client.create_db_cluster(options)

data/lib/aws-sdk-rds/types.rb

@@ -489,12 +489,16 @@ module Aws::RDS
     #       {
     #         source_db_cluster_snapshot_identifier: "String", # required
     #         target_db_cluster_snapshot_identifier: "String", # required
+    #         kms_key_id: "String",
+    #         pre_signed_url: "String",
+    #         copy_tags: false,
     #         tags: [
     #           {
     #             key: "String",
     #             value: "String",
     #           },
     #         ],
+    #         source_region: "String",
     #       }
     #
     # @!attribute [rw] source_db_cluster_snapshot_identifier
@@ -527,16 +531,98 @@ module Aws::RDS
     #   Example: `my-cluster-snapshot2`
     #   @return [String]
     #
+    # @!attribute [rw] kms_key_id
+    #   The AWS KMS key ID for an encrypted DB cluster snapshot. The KMS key
+    #   ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
+    #   key alias for the KMS encryption key.
+    #
+    #   If you copy an unencrypted DB cluster snapshot and specify a value
+    #   for the `KmsKeyId` parameter, Amazon RDS encrypts the target DB
+    #   cluster snapshot using the specified KMS encryption key.
+    #
+    #   If you copy an encrypted DB cluster snapshot from your AWS account,
+    #   you can specify a value for `KmsKeyId` to encrypt the copy with a
+    #   new KMS encryption key. If you don't specify a value for
+    #   `KmsKeyId`, then the copy of the DB cluster snapshot is encrypted
+    #   with the same KMS key as the source DB cluster snapshot.
+    #
+    #   If you copy an encrypted DB cluster snapshot that is shared from
+    #   another AWS account, then you must specify a value for `KmsKeyId`.
+    #
+    #   To copy an encrypted DB cluster snapshot to another region, you must
+    #   set `KmsKeyId` to the KMS key ID you want to use to encrypt the copy
+    #   of the DB cluster snapshot in the destination region. KMS encryption
+    #   keys are specific to the region that they are created in, and you
+    #   cannot use encryption keys from one region in another region.
+    #   @return [String]
+    #
+    # @!attribute [rw] pre_signed_url
+    #   The URL that contains a Signature Version 4 signed request for the
+    #   `CopyDBClusterSnapshot` API action in the AWS region that contains
+    #   the source DB cluster snapshot to copy. The `PreSignedUrl` parameter
+    #   must be used when copying an encrypted DB cluster snapshot from
+    #   another AWS region.
+    #
+    #   The pre-signed URL must be a valid request for the
+    #   `CopyDBSClusterSnapshot` API action that can be executed in the
+    #   source region that contains the encrypted DB cluster snapshot to be
+    #   copied. The pre-signed URL request must contain the following
+    #   parameter values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster snapshot in the destination region.
+    #     This is the same identifier for both the `CopyDBClusterSnapshot`
+    #     action that is called in the destination region, and the action
+    #     contained in the pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that the DB cluster
+    #     snapshot will be created in.
+    #
+    #   * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot
+    #     identifier for the encrypted DB cluster snapshot to be copied.
+    #     This identifier must be in the Amazon Resource Name (ARN) format
+    #     for the source region. For example, if you are copying an
+    #     encrypted DB cluster snapshot from the us-west-2 region, then your
+    #     `SourceDBClusterSnapshotIdentifier` looks like the following
+    #     example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster-snapshot:aurora-cluster1-snapshot-20161115`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature
+    #   Version 4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #   @return [String]
+    #
+    # @!attribute [rw] copy_tags
+    #   @return [Boolean]
+    #
     # @!attribute [rw] tags
     #   A list of tags.
     #   @return [Array<Types::Tag>]
     #
+    # @!attribute [rw] destination_region
+    #   @return [String]
+    #
+    # @!attribute [rw] source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CopyDBClusterSnapshotMessage AWS API Documentation
     #
     class CopyDBClusterSnapshotMessage < Struct.new(
       :source_db_cluster_snapshot_identifier,
       :target_db_cluster_snapshot_identifier,
-      :tags)
+      :kms_key_id,
+      :pre_signed_url,
+      :copy_tags,
+      :tags,
+      :destination_region,
+      :source_region)
       include Aws::Structure
     end
 
@@ -656,7 +742,7 @@ module Aws::RDS
     #         ],
     #         copy_tags: false,
     #         pre_signed_url: "String",
-    #         destination_region: "String",
+    #         source_region: "String",
     #       }
     #
     # @!attribute [rw] source_db_snapshot_identifier
@@ -792,6 +878,11 @@ module Aws::RDS
     # @!attribute [rw] destination_region
     #   @return [String]
     #
+    # @!attribute [rw] source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CopyDBSnapshotMessage AWS API Documentation
     #
     class CopyDBSnapshotMessage < Struct.new(
@@ -801,7 +892,8 @@ module Aws::RDS
       :tags,
       :copy_tags,
       :pre_signed_url,
-      :destination_region)
+      :destination_region,
+      :source_region)
       include Aws::Structure
     end
 
@@ -934,6 +1026,8 @@ module Aws::RDS
     #         ],
     #         storage_encrypted: false,
     #         kms_key_id: "String",
+    #         pre_signed_url: "String",
+    #         source_region: "String",
     #       }
     #
     # @!attribute [rw] availability_zones
@@ -1126,13 +1220,67 @@ module Aws::RDS
     #   encryption key. If you are creating a DB cluster with the same AWS
     #   account that owns the KMS encryption key used to encrypt the new DB
     #   cluster, then you can use the KMS key alias instead of the ARN for
-    #   the KM encryption key.
+    #   the KMS encryption key.
     #
     #   If the `StorageEncrypted` parameter is true, and you do not specify
     #   a value for the `KmsKeyId` parameter, then Amazon RDS will use your
     #   default encryption key. AWS KMS creates the default encryption key
     #   for your AWS account. Your AWS account has a different default
     #   encryption key for each AWS region.
+    #
+    #   If you create a Read Replica of an encrypted DB cluster in another
+    #   region, you must set `KmsKeyId` to a KMS key ID that is valid in the
+    #   destination region. This key is used to encrypt the Read Replica in
+    #   that region.
+    #   @return [String]
+    #
+    # @!attribute [rw] pre_signed_url
+    #   A URL that contains a Signature Version 4 signed request for the
+    #   `CreateDBCluster` action to be called in the source region where the
+    #   DB cluster will be replicated from. You only need to specify
+    #   `PreSignedUrl` when you are performing cross-region replication from
+    #   an encrypted DB cluster.
+    #
+    #   The pre-signed URL must be a valid request for the `CreateDBCluster`
+    #   API action that can be executed in the source region that contains
+    #   the encrypted DB cluster to be copied.
+    #
+    #   The pre-signed URL request must contain the following parameter
+    #   values:
+    #
+    #   * `KmsKeyId` - The KMS key identifier for the key to use to encrypt
+    #     the copy of the DB cluster in the destination region. This should
+    #     refer to the same KMS key for both the `CreateDBCluster` action
+    #     that is called in the destination region, and the action contained
+    #     in the pre-signed URL.
+    #
+    #   * `DestinationRegion` - The name of the region that Aurora Read
+    #     Replica will be created in.
+    #
+    #   * `ReplicationSourceIdentifier` - The DB cluster identifier for the
+    #     encrypted DB cluster to be copied. This identifier must be in the
+    #     Amazon Resource Name (ARN) format for the source region. For
+    #     example, if you are copying an encrypted DB cluster from the
+    #     us-west-2 region, then your `ReplicationSourceIdentifier` would
+    #     look like Example:
+    #     `arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1`.
+    #
+    #   To learn how to generate a Signature Version 4 signed request, see [
+    #   Authenticating Requests: Using Query Parameters (AWS Signature
+    #   Version 4)][1] and [ Signature Version 4 Signing Process][2].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+    #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_region
+    #   @return [String]
+    #
+    # @!attribute [rw] source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBClusterMessage AWS API Documentation
@@ -1157,7 +1305,10 @@ module Aws::RDS
       :replication_source_identifier,
       :tags,
       :storage_encrypted,
-      :kms_key_id)
+      :kms_key_id,
+      :pre_signed_url,
+      :destination_region,
+      :source_region)
       include Aws::Structure
     end
 
@@ -2356,6 +2507,7 @@ module Aws::RDS
     #         monitoring_role_arn: "String",
     #         kms_key_id: "String",
     #         pre_signed_url: "String",
+    #         source_region: "String",
     #       }
     #
     # @!attribute [rw] db_instance_identifier
@@ -2615,6 +2767,14 @@ module Aws::RDS
     #   [2]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
     #   @return [String]
     #
+    # @!attribute [rw] destination_region
+    #   @return [String]
+    #
+    # @!attribute [rw] source_region
+    #   The source region of the snapshot. This is only needed when the
+    #   shapshot is encrypted and in a different region.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/CreateDBInstanceReadReplicaMessage AWS API Documentation
     #
     class CreateDBInstanceReadReplicaMessage < Struct.new(
@@ -2634,7 +2794,9 @@ module Aws::RDS
       :monitoring_interval,
       :monitoring_role_arn,
       :kms_key_id,
-      :pre_signed_url)
+      :pre_signed_url,
+      :destination_region,
+      :source_region)
       include Aws::Structure
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-rds
 version: !ruby/object:Gem::Version
-  version: 1.0.0.rc3
+  version: 1.0.0.rc4
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-07 00:00:00.000000000 Z
+date: 2017-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core