aws-cdk-lib 2.137.0__py3-none-any.whl → 2.139.0__py3-none-any.whl

aws_cdk/aws_rds/__init__.py

@@ -2411,6 +2411,12 @@ class AuroraMysqlEngineVersion(
         '''Version "5.7.mysql_aurora.2.11.4".'''
         return typing.cast("AuroraMysqlEngineVersion", jsii.sget(cls, "VER_2_11_4"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="VER_2_11_5")
+    def VER_2_11_5(cls) -> "AuroraMysqlEngineVersion":
+        '''Version "5.7.mysql_aurora.2.11.5".'''
+        return typing.cast("AuroraMysqlEngineVersion", jsii.sget(cls, "VER_2_11_5"))
+
     @jsii.python.classproperty
     @jsii.member(jsii_name="VER_2_12_0")
     def VER_2_12_0(cls) -> "AuroraMysqlEngineVersion":
@@ -2573,22 +2579,67 @@ class AuroraPostgresClusterEngineProps:
 
         Example::
 
-            # vpc: ec2.Vpc
+            # Build a data source for AppSync to access the database.
+            # api: appsync.GraphqlApi
+            # Create username and password secret for DB Cluster
+            secret = rds.DatabaseSecret(self, "AuroraSecret",
+                username="clusteradmin"
+            )
             
-            cluster = rds.DatabaseCluster(self, "Database",
-                engine=rds.DatabaseClusterEngine.aurora_postgres(version=rds.AuroraPostgresEngineVersion.VER_15_2),
-                credentials=rds.Credentials.from_username("adminuser", password=SecretValue.unsafe_plain_text("7959866cacc02c2d243ecfe177464fe6")),
-                writer=rds.ClusterInstance.provisioned("writer",
-                    publicly_accessible=False
-                ),
-                readers=[
-                    rds.ClusterInstance.provisioned("reader")
-                ],
-                storage_type=rds.DBClusterStorageType.AURORA_IOPT1,
-                vpc_subnets=ec2.SubnetSelection(
-                    subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS
-                ),
-                vpc=vpc
+            # The VPC to place the cluster in
+            vpc = ec2.Vpc(self, "AuroraVpc")
+            
+            # Create the serverless cluster, provide all values needed to customise the database.
+            cluster = rds.DatabaseCluster(self, "AuroraClusterV2",
+                engine=rds.DatabaseClusterEngine.aurora_postgres(version=rds.AuroraPostgresEngineVersion.VER_15_5),
+                credentials={"username": "clusteradmin"},
+                cluster_identifier="db-endpoint-test",
+                writer=rds.ClusterInstance.serverless_v2("writer"),
+                serverless_v2_min_capacity=2,
+                serverless_v2_max_capacity=10,
+                vpc=vpc,
+                default_database_name="demos",
+                enable_data_api=True
+            )
+            rds_dS = api.add_rds_data_source_v2("rds", cluster, secret, "demos")
+            
+            # Set up a resolver for an RDS query.
+            rds_dS.create_resolver("QueryGetDemosRdsResolver",
+                type_name="Query",
+                field_name="getDemosRds",
+                request_mapping_template=appsync.MappingTemplate.from_string("""
+                      {
+                        "version": "2018-05-29",
+                        "statements": [
+                          "SELECT * FROM demos"
+                        ]
+                      }
+                      """),
+                response_mapping_template=appsync.MappingTemplate.from_string("""
+                        $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
+                      """)
+            )
+            
+            # Set up a resolver for an RDS mutation.
+            rds_dS.create_resolver("MutationAddDemoRdsResolver",
+                type_name="Mutation",
+                field_name="addDemoRds",
+                request_mapping_template=appsync.MappingTemplate.from_string("""
+                      {
+                        "version": "2018-05-29",
+                        "statements": [
+                          "INSERT INTO demos VALUES (:id, :version)",
+                          "SELECT * WHERE id = :id"
+                        ],
+                        "variableMap": {
+                          ":id": $util.toJson($util.autoId()),
+                          ":version": $util.toJson($ctx.args.version)
+                        }
+                      }
+                      """),
+                response_mapping_template=appsync.MappingTemplate.from_string("""
+                        $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
+                      """)
             )
         '''
         if __debug__:
@@ -2699,22 +2750,67 @@ class AuroraPostgresEngineVersion(
 
     Example::
 
-        # vpc: ec2.Vpc
+        # Build a data source for AppSync to access the database.
+        # api: appsync.GraphqlApi
+        # Create username and password secret for DB Cluster
+        secret = rds.DatabaseSecret(self, "AuroraSecret",
+            username="clusteradmin"
+        )
         
-        cluster = rds.DatabaseCluster(self, "Database",
-            engine=rds.DatabaseClusterEngine.aurora_postgres(version=rds.AuroraPostgresEngineVersion.VER_15_2),
-            credentials=rds.Credentials.from_username("adminuser", password=SecretValue.unsafe_plain_text("7959866cacc02c2d243ecfe177464fe6")),
-            writer=rds.ClusterInstance.provisioned("writer",
-                publicly_accessible=False
-            ),
-            readers=[
-                rds.ClusterInstance.provisioned("reader")
-            ],
-            storage_type=rds.DBClusterStorageType.AURORA_IOPT1,
-            vpc_subnets=ec2.SubnetSelection(
-                subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS
-            ),
-            vpc=vpc
+        # The VPC to place the cluster in
+        vpc = ec2.Vpc(self, "AuroraVpc")
+        
+        # Create the serverless cluster, provide all values needed to customise the database.
+        cluster = rds.DatabaseCluster(self, "AuroraClusterV2",
+            engine=rds.DatabaseClusterEngine.aurora_postgres(version=rds.AuroraPostgresEngineVersion.VER_15_5),
+            credentials={"username": "clusteradmin"},
+            cluster_identifier="db-endpoint-test",
+            writer=rds.ClusterInstance.serverless_v2("writer"),
+            serverless_v2_min_capacity=2,
+            serverless_v2_max_capacity=10,
+            vpc=vpc,
+            default_database_name="demos",
+            enable_data_api=True
+        )
+        rds_dS = api.add_rds_data_source_v2("rds", cluster, secret, "demos")
+        
+        # Set up a resolver for an RDS query.
+        rds_dS.create_resolver("QueryGetDemosRdsResolver",
+            type_name="Query",
+            field_name="getDemosRds",
+            request_mapping_template=appsync.MappingTemplate.from_string("""
+                  {
+                    "version": "2018-05-29",
+                    "statements": [
+                      "SELECT * FROM demos"
+                    ]
+                  }
+                  """),
+            response_mapping_template=appsync.MappingTemplate.from_string("""
+                    $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
+                  """)
+        )
+        
+        # Set up a resolver for an RDS mutation.
+        rds_dS.create_resolver("MutationAddDemoRdsResolver",
+            type_name="Mutation",
+            field_name="addDemoRds",
+            request_mapping_template=appsync.MappingTemplate.from_string("""
+                  {
+                    "version": "2018-05-29",
+                    "statements": [
+                      "INSERT INTO demos VALUES (:id, :version)",
+                      "SELECT * WHERE id = :id"
+                    ],
+                    "variableMap": {
+                      ":id": $util.toJson($util.autoId()),
+                      ":version": $util.toJson($ctx.args.version)
+                    }
+                  }
+                  """),
+            response_mapping_template=appsync.MappingTemplate.from_string("""
+                    $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
+                  """)
         )
     '''
 
@@ -3623,20 +3719,23 @@ class CfnCustomDBEngineVersion(
         from aws_cdk import aws_rds as rds
         
         cfn_custom_dBEngine_version = rds.CfnCustomDBEngineVersion(self, "MyCfnCustomDBEngineVersion",
-            database_installation_files_s3_bucket_name="databaseInstallationFilesS3BucketName",
             engine="engine",
             engine_version="engineVersion",
         
             # the properties below are optional
+            database_installation_files_s3_bucket_name="databaseInstallationFilesS3BucketName",
             database_installation_files_s3_prefix="databaseInstallationFilesS3Prefix",
             description="description",
+            image_id="imageId",
             kms_key_id="kmsKeyId",
             manifest="manifest",
+            source_custom_db_engine_version_identifier="sourceCustomDbEngineVersionIdentifier",
             status="status",
             tags=[CfnTag(
                 key="key",
                 value="value"
-            )]
+            )],
+            use_aws_provided_latest_image=False
         )
     '''
 
@@ -3645,43 +3744,52 @@ class CfnCustomDBEngineVersion(
         scope: _constructs_77d1e7e8.Construct,
         id: builtins.str,
         *,
-        database_installation_files_s3_bucket_name: builtins.str,
         engine: builtins.str,
         engine_version: builtins.str,
+        database_installation_files_s3_bucket_name: typing.Optional[builtins.str] = None,
         database_installation_files_s3_prefix: typing.Optional[builtins.str] = None,
         description: typing.Optional[builtins.str] = None,
+        image_id: typing.Optional[builtins.str] = None,
         kms_key_id: typing.Optional[builtins.str] = None,
         manifest: typing.Optional[builtins.str] = None,
+        source_custom_db_engine_version_identifier: typing.Optional[builtins.str] = None,
         status: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+        use_aws_provided_latest_image: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     ) -> None:
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param database_installation_files_s3_bucket_name: The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is ``my-custom-installation-files`` .
         :param engine: The database engine to use for your custom engine version (CEV). Valid values: - ``custom-oracle-ee`` - ``custom-oracle-ee-cdb``
         :param engine_version: The name of your CEV. The name format is ``major version.customized_string`` . For example, a valid CEV name is ``19.my_cev1`` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of ``Engine`` and ``EngineVersion`` is unique per customer per Region. *Constraints:* Minimum length is 1. Maximum length is 60. *Pattern:* ``^[a-z0-9_.-]{1,60$`` }
+        :param database_installation_files_s3_bucket_name: The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is ``my-custom-installation-files`` .
         :param database_installation_files_s3_prefix: The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is ``123456789012/cev1`` . If this setting isn't specified, no prefix is assumed.
         :param description: An optional description of your CEV.
+        :param image_id: A value that indicates the ID of the AMI.
         :param kms_key_id: The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS. If you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in `Creating a symmetric encryption KMS key <https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk>`_ in the *AWS Key Management Service Developer Guide* . You can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.
         :param manifest: The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed. The following JSON fields are valid: - **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format ``YYYY-MM-DD`` . - **databaseInstallationFileNames** - Ordered list of installation files for the CEV. - **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine. - **psuRuPatchFileNames** - The PSU and RU patches for this CEV. - **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches. For more information, see `Creating the CEV manifest <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest>`_ in the *Amazon RDS User Guide* .
+        :param source_custom_db_engine_version_identifier: The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either ``Source`` or ``UseAwsProvidedLatestImage`` . You can't specify a different JSON manifest when you specify ``SourceCustomDbEngineVersionIdentifier`` .
         :param status: A value that indicates the status of a custom engine version (CEV). Default: - "available"
         :param tags: A list of tags. For more information, see `Tagging Amazon RDS Resources <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html>`_ in the *Amazon RDS User Guide.*
+        :param use_aws_provided_latest_image: Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify ``UseAwsProvidedLatestImage`` , you can't also specify ``ImageId`` .
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__dccc4ebf781452ad945a67eeaa182293b79bd42fee7658aaea830a59e6546b0b)
             check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = CfnCustomDBEngineVersionProps(
-            database_installation_files_s3_bucket_name=database_installation_files_s3_bucket_name,
             engine=engine,
             engine_version=engine_version,
+            database_installation_files_s3_bucket_name=database_installation_files_s3_bucket_name,
             database_installation_files_s3_prefix=database_installation_files_s3_prefix,
             description=description,
+            image_id=image_id,
             kms_key_id=kms_key_id,
             manifest=manifest,
+            source_custom_db_engine_version_identifier=source_custom_db_engine_version_identifier,
             status=status,
             tags=tags,
+            use_aws_provided_latest_image=use_aws_provided_latest_image,
         )
 
         jsii.create(self.__class__, self, [scope, id, props])
@@ -3736,19 +3844,6 @@ class CfnCustomDBEngineVersion(
     def _cfn_properties(self) -> typing.Mapping[builtins.str, typing.Any]:
         return typing.cast(typing.Mapping[builtins.str, typing.Any], jsii.get(self, "cfnProperties"))
 
-    @builtins.property
-    @jsii.member(jsii_name="databaseInstallationFilesS3BucketName")
-    def database_installation_files_s3_bucket_name(self) -> builtins.str:
-        '''The name of an Amazon S3 bucket that contains database installation files for your CEV.'''
-        return typing.cast(builtins.str, jsii.get(self, "databaseInstallationFilesS3BucketName"))
-
-    @database_installation_files_s3_bucket_name.setter
-    def database_installation_files_s3_bucket_name(self, value: builtins.str) -> None:
-        if __debug__:
-            type_hints = typing.get_type_hints(_typecheckingstub__e8dcd4aecfb92c6617a76401829247508a5196d1219bdf3c496c1eef202e0c37)
-            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
-        jsii.set(self, "databaseInstallationFilesS3BucketName", value)
-
     @builtins.property
     @jsii.member(jsii_name="engine")
     def engine(self) -> builtins.str:
@@ -3775,6 +3870,24 @@ class CfnCustomDBEngineVersion(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "engineVersion", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="databaseInstallationFilesS3BucketName")
+    def database_installation_files_s3_bucket_name(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The name of an Amazon S3 bucket that contains database installation files for your CEV.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "databaseInstallationFilesS3BucketName"))
+
+    @database_installation_files_s3_bucket_name.setter
+    def database_installation_files_s3_bucket_name(
+        self,
+        value: typing.Optional[builtins.str],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__e8dcd4aecfb92c6617a76401829247508a5196d1219bdf3c496c1eef202e0c37)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "databaseInstallationFilesS3BucketName", value)
+
     @builtins.property
     @jsii.member(jsii_name="databaseInstallationFilesS3Prefix")
     def database_installation_files_s3_prefix(self) -> typing.Optional[builtins.str]:
@@ -3804,6 +3917,19 @@ class CfnCustomDBEngineVersion(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "description", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="imageId")
+    def image_id(self) -> typing.Optional[builtins.str]:
+        '''A value that indicates the ID of the AMI.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "imageId"))
+
+    @image_id.setter
+    def image_id(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__573de89cab865fb2fe6437920ada3b601ffcf5832b228e0d126bedaf494c57eb)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "imageId", value)
+
     @builtins.property
     @jsii.member(jsii_name="kmsKeyId")
     def kms_key_id(self) -> typing.Optional[builtins.str]:
@@ -3830,6 +3956,24 @@ class CfnCustomDBEngineVersion(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "manifest", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="sourceCustomDbEngineVersionIdentifier")
+    def source_custom_db_engine_version_identifier(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The ARN of a CEV to use as a source for creating a new CEV.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "sourceCustomDbEngineVersionIdentifier"))
+
+    @source_custom_db_engine_version_identifier.setter
+    def source_custom_db_engine_version_identifier(
+        self,
+        value: typing.Optional[builtins.str],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__ab74f194180555de35de6a9023fe9e2d2972ffd40051f7cc505df6dd0438f8d6)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "sourceCustomDbEngineVersionIdentifier", value)
+
     @builtins.property
     @jsii.member(jsii_name="status")
     def status(self) -> typing.Optional[builtins.str]:
@@ -3856,47 +4000,74 @@ class CfnCustomDBEngineVersion(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "tags", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="useAwsProvidedLatestImage")
+    def use_aws_provided_latest_image(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        '''Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV.'''
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], jsii.get(self, "useAwsProvidedLatestImage"))
+
+    @use_aws_provided_latest_image.setter
+    def use_aws_provided_latest_image(
+        self,
+        value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__30204c42eef4323c823e84f7a43420a689740a78fa5382e0d646d46b0102a5c1)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "useAwsProvidedLatestImage", value)
+
 
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_rds.CfnCustomDBEngineVersionProps",
     jsii_struct_bases=[],
     name_mapping={
-        "database_installation_files_s3_bucket_name": "databaseInstallationFilesS3BucketName",
         "engine": "engine",
         "engine_version": "engineVersion",
+        "database_installation_files_s3_bucket_name": "databaseInstallationFilesS3BucketName",
         "database_installation_files_s3_prefix": "databaseInstallationFilesS3Prefix",
         "description": "description",
+        "image_id": "imageId",
         "kms_key_id": "kmsKeyId",
         "manifest": "manifest",
+        "source_custom_db_engine_version_identifier": "sourceCustomDbEngineVersionIdentifier",
         "status": "status",
         "tags": "tags",
+        "use_aws_provided_latest_image": "useAwsProvidedLatestImage",
     },
 )
 class CfnCustomDBEngineVersionProps:
     def __init__(
         self,
         *,
-        database_installation_files_s3_bucket_name: builtins.str,
         engine: builtins.str,
         engine_version: builtins.str,
+        database_installation_files_s3_bucket_name: typing.Optional[builtins.str] = None,
         database_installation_files_s3_prefix: typing.Optional[builtins.str] = None,
         description: typing.Optional[builtins.str] = None,
+        image_id: typing.Optional[builtins.str] = None,
         kms_key_id: typing.Optional[builtins.str] = None,
         manifest: typing.Optional[builtins.str] = None,
+        source_custom_db_engine_version_identifier: typing.Optional[builtins.str] = None,
         status: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+        use_aws_provided_latest_image: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     ) -> None:
         '''Properties for defining a ``CfnCustomDBEngineVersion``.
 
-        :param database_installation_files_s3_bucket_name: The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is ``my-custom-installation-files`` .
         :param engine: The database engine to use for your custom engine version (CEV). Valid values: - ``custom-oracle-ee`` - ``custom-oracle-ee-cdb``
         :param engine_version: The name of your CEV. The name format is ``major version.customized_string`` . For example, a valid CEV name is ``19.my_cev1`` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of ``Engine`` and ``EngineVersion`` is unique per customer per Region. *Constraints:* Minimum length is 1. Maximum length is 60. *Pattern:* ``^[a-z0-9_.-]{1,60$`` }
+        :param database_installation_files_s3_bucket_name: The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is ``my-custom-installation-files`` .
         :param database_installation_files_s3_prefix: The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is ``123456789012/cev1`` . If this setting isn't specified, no prefix is assumed.
         :param description: An optional description of your CEV.
+        :param image_id: A value that indicates the ID of the AMI.
         :param kms_key_id: The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS. If you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in `Creating a symmetric encryption KMS key <https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk>`_ in the *AWS Key Management Service Developer Guide* . You can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.
         :param manifest: The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed. The following JSON fields are valid: - **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format ``YYYY-MM-DD`` . - **databaseInstallationFileNames** - Ordered list of installation files for the CEV. - **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine. - **psuRuPatchFileNames** - The PSU and RU patches for this CEV. - **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches. For more information, see `Creating the CEV manifest <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest>`_ in the *Amazon RDS User Guide* .
+        :param source_custom_db_engine_version_identifier: The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either ``Source`` or ``UseAwsProvidedLatestImage`` . You can't specify a different JSON manifest when you specify ``SourceCustomDbEngineVersionIdentifier`` .
         :param status: A value that indicates the status of a custom engine version (CEV). Default: - "available"
         :param tags: A list of tags. For more information, see `Tagging Amazon RDS Resources <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html>`_ in the *Amazon RDS User Guide.*
+        :param use_aws_provided_latest_image: Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify ``UseAwsProvidedLatestImage`` , you can't also specify ``ImageId`` .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html
         :exampleMetadata: fixture=_generated
@@ -3908,62 +4079,63 @@ class CfnCustomDBEngineVersionProps:
             from aws_cdk import aws_rds as rds
             
             cfn_custom_dBEngine_version_props = rds.CfnCustomDBEngineVersionProps(
-                database_installation_files_s3_bucket_name="databaseInstallationFilesS3BucketName",
                 engine="engine",
                 engine_version="engineVersion",
             
                 # the properties below are optional
+                database_installation_files_s3_bucket_name="databaseInstallationFilesS3BucketName",
                 database_installation_files_s3_prefix="databaseInstallationFilesS3Prefix",
                 description="description",
+                image_id="imageId",
                 kms_key_id="kmsKeyId",
                 manifest="manifest",
+                source_custom_db_engine_version_identifier="sourceCustomDbEngineVersionIdentifier",
                 status="status",
                 tags=[CfnTag(
                     key="key",
                     value="value"
-                )]
+                )],
+                use_aws_provided_latest_image=False
             )
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__70c4d3797ab8093b0278a7f532fcb1c42c50e74a1c04dfe5259dbb57e7fe2191)
-            check_type(argname="argument database_installation_files_s3_bucket_name", value=database_installation_files_s3_bucket_name, expected_type=type_hints["database_installation_files_s3_bucket_name"])
             check_type(argname="argument engine", value=engine, expected_type=type_hints["engine"])
             check_type(argname="argument engine_version", value=engine_version, expected_type=type_hints["engine_version"])
+            check_type(argname="argument database_installation_files_s3_bucket_name", value=database_installation_files_s3_bucket_name, expected_type=type_hints["database_installation_files_s3_bucket_name"])
             check_type(argname="argument database_installation_files_s3_prefix", value=database_installation_files_s3_prefix, expected_type=type_hints["database_installation_files_s3_prefix"])
             check_type(argname="argument description", value=description, expected_type=type_hints["description"])
+            check_type(argname="argument image_id", value=image_id, expected_type=type_hints["image_id"])
             check_type(argname="argument kms_key_id", value=kms_key_id, expected_type=type_hints["kms_key_id"])
             check_type(argname="argument manifest", value=manifest, expected_type=type_hints["manifest"])
+            check_type(argname="argument source_custom_db_engine_version_identifier", value=source_custom_db_engine_version_identifier, expected_type=type_hints["source_custom_db_engine_version_identifier"])
             check_type(argname="argument status", value=status, expected_type=type_hints["status"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
+            check_type(argname="argument use_aws_provided_latest_image", value=use_aws_provided_latest_image, expected_type=type_hints["use_aws_provided_latest_image"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
-            "database_installation_files_s3_bucket_name": database_installation_files_s3_bucket_name,
             "engine": engine,
             "engine_version": engine_version,
         }
+        if database_installation_files_s3_bucket_name is not None:
+            self._values["database_installation_files_s3_bucket_name"] = database_installation_files_s3_bucket_name
         if database_installation_files_s3_prefix is not None:
             self._values["database_installation_files_s3_prefix"] = database_installation_files_s3_prefix
         if description is not None:
             self._values["description"] = description
+        if image_id is not None:
+            self._values["image_id"] = image_id
         if kms_key_id is not None:
             self._values["kms_key_id"] = kms_key_id
         if manifest is not None:
             self._values["manifest"] = manifest
+        if source_custom_db_engine_version_identifier is not None:
+            self._values["source_custom_db_engine_version_identifier"] = source_custom_db_engine_version_identifier
         if status is not None:
             self._values["status"] = status
         if tags is not None:
             self._values["tags"] = tags
-
-    @builtins.property
-    def database_installation_files_s3_bucket_name(self) -> builtins.str:
-        '''The name of an Amazon S3 bucket that contains database installation files for your CEV.
-
-        For example, a valid bucket name is ``my-custom-installation-files`` .
-
-        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html#cfn-rds-customdbengineversion-databaseinstallationfiless3bucketname
-        '''
-        result = self._values.get("database_installation_files_s3_bucket_name")
-        assert result is not None, "Required property 'database_installation_files_s3_bucket_name' is missing"
-        return typing.cast(builtins.str, result)
+        if use_aws_provided_latest_image is not None:
+            self._values["use_aws_provided_latest_image"] = use_aws_provided_latest_image
 
     @builtins.property
     def engine(self) -> builtins.str:
@@ -3996,6 +4168,19 @@ class CfnCustomDBEngineVersionProps:
         assert result is not None, "Required property 'engine_version' is missing"
         return typing.cast(builtins.str, result)
 
+    @builtins.property
+    def database_installation_files_s3_bucket_name(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The name of an Amazon S3 bucket that contains database installation files for your CEV.
+
+        For example, a valid bucket name is ``my-custom-installation-files`` .
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html#cfn-rds-customdbengineversion-databaseinstallationfiless3bucketname
+        '''
+        result = self._values.get("database_installation_files_s3_bucket_name")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def database_installation_files_s3_prefix(self) -> typing.Optional[builtins.str]:
         '''The Amazon S3 directory that contains the database installation files for your CEV.
@@ -4016,6 +4201,15 @@ class CfnCustomDBEngineVersionProps:
         result = self._values.get("description")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def image_id(self) -> typing.Optional[builtins.str]:
+        '''A value that indicates the ID of the AMI.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html#cfn-rds-customdbengineversion-imageid
+        '''
+        result = self._values.get("image_id")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def kms_key_id(self) -> typing.Optional[builtins.str]:
         '''The AWS KMS key identifier for an encrypted CEV.
@@ -4050,6 +4244,19 @@ class CfnCustomDBEngineVersionProps:
         result = self._values.get("manifest")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def source_custom_db_engine_version_identifier(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The ARN of a CEV to use as a source for creating a new CEV.
+
+        You can specify a different Amazon Machine Imagine (AMI) by using either ``Source`` or ``UseAwsProvidedLatestImage`` . You can't specify a different JSON manifest when you specify ``SourceCustomDbEngineVersionIdentifier`` .
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html#cfn-rds-customdbengineversion-sourcecustomdbengineversionidentifier
+        '''
+        result = self._values.get("source_custom_db_engine_version_identifier")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def status(self) -> typing.Optional[builtins.str]:
         '''A value that indicates the status of a custom engine version (CEV).
@@ -4072,6 +4279,19 @@ class CfnCustomDBEngineVersionProps:
         result = self._values.get("tags")
         return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], result)
 
+    @builtins.property
+    def use_aws_provided_latest_image(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        '''Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV.
+
+        If you specify ``UseAwsProvidedLatestImage`` , you can't also specify ``ImageId`` .
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-customdbengineversion.html#cfn-rds-customdbengineversion-useawsprovidedlatestimage
+        '''
+        result = self._values.get("use_aws_provided_latest_image")
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -4285,7 +4505,7 @@ class CfnDBCluster(
         :param db_cluster_identifier: The DB cluster identifier. This parameter is stored as a lowercase string. Constraints: - Must contain from 1 to 63 letters, numbers, or hyphens. - First character must be a letter. - Can't end with a hyphen or contain two consecutive hyphens. Example: ``my-cluster1`` Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param db_cluster_instance_class: The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example ``db.m6gd.xlarge`` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes and availability for your engine, see `DB instance class <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only
         :param db_cluster_parameter_group_name: The name of the DB cluster parameter group to associate with this DB cluster. .. epigraph:: If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting. If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. To list all of the available DB cluster parameter group names, use the following command: ``aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text`` Valid for: Aurora DB clusters and Multi-AZ DB clusters Default: - "default.aurora5.6"
-        :param db_instance_parameter_group_name: The name of the DB parameter group to apply to all instances of the DB cluster. .. epigraph:: When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. Default: The existing name setting Constraints: - The DB parameter group must be in the same DB parameter group family as this DB cluster.
+        :param db_instance_parameter_group_name: The name of the DB parameter group to apply to all instances of the DB cluster. .. epigraph:: When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. Valid for Cluster Type: Aurora DB clusters only Default: The existing name setting Constraints: - The DB parameter group must be in the same DB parameter group family as this DB cluster. - The ``DBInstanceParameterGroupName`` parameter is valid in combination with the ``AllowMajorVersionUpgrade`` parameter for a major version upgrade only.
         :param db_subnet_group_name: A DB subnet group that you want to associate with this DB cluster. If you are restoring a DB cluster to a point in time with ``RestoreType`` set to ``copy-on-write`` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param db_system_id: Reserved for future use.
         :param deletion_protection: A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. Valid for: Aurora DB clusters and Multi-AZ DB clusters
@@ -4296,7 +4516,7 @@ class CfnDBCluster(
         :param enable_http_endpoint: Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled. When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor. RDS Data API is supported with the following DB clusters: - Aurora PostgreSQL Serverless v2 and provisioned - Aurora PostgreSQL and Aurora MySQL Serverless v1 For more information, see `Using RDS Data API <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html>`_ in the *Amazon Aurora User Guide* . Valid for Cluster Type: Aurora DB clusters only
         :param enable_iam_database_authentication: A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. For more information, see `IAM Database Authentication <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html>`_ in the *Amazon Aurora User Guide.* Valid for: Aurora DB clusters only
         :param engine: The name of the database engine to be used for this DB cluster. Valid Values: - ``aurora-mysql`` - ``aurora-postgresql`` - ``mysql`` - ``postgres`` Valid for: Aurora DB clusters and Multi-AZ DB clusters
-        :param engine_mode: The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless`` . The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* : - `Limitations of Aurora Serverless v1 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations>`_ - `Requirements for Aurora Serverless v2 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html>`_ Valid for Cluster Type: Aurora DB clusters only
+        :param engine_mode: The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless`` . The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the ``provisioned`` engine mode. For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* : - `Limitations of Aurora Serverless v1 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations>`_ - `Requirements for Aurora Serverless v2 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html>`_ Valid for Cluster Type: Aurora DB clusters only
         :param engine_version: The version number of the database engine to use. To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command: ``aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion"`` You can supply either ``5.7`` or ``8.0`` to use the default engine version for Aurora MySQL version 2 or version 3, respectively. To list all of the available engine versions for Aurora PostgreSQL, use the following command: ``aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion"`` To list all of the available engine versions for RDS for MySQL, use the following command: ``aws rds describe-db-engine-versions --engine mysql --query "DBEngineVersions[].EngineVersion"`` To list all of the available engine versions for RDS for PostgreSQL, use the following command: ``aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion"`` *Aurora MySQL* For information, see `Database engine updates for Amazon Aurora MySQL <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html>`_ in the *Amazon Aurora User Guide* . *Aurora PostgreSQL* For information, see `Amazon Aurora PostgreSQL releases and engine versions <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html>`_ in the *Amazon Aurora User Guide* . *MySQL* For information, see `Amazon RDS for MySQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide* . *PostgreSQL* For information, see `Amazon RDS for PostgreSQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts>`_ in the *Amazon RDS User Guide* . Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param global_cluster_identifier: If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the `AWS::RDS::GlobalCluster <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html>`_ resource. If you aren't configuring a global database cluster, don't specify this property. .. epigraph:: To remove the DB cluster from a global database cluster, specify an empty value for the ``GlobalClusterIdentifier`` property. For information about Aurora global databases, see `Working with Amazon Aurora Global Databases <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html>`_ in the *Amazon Aurora User Guide* . Valid for: Aurora DB clusters only
         :param iops: The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid IOPS values, see `Provisioned IOPS storage <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only Constraints: - Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
@@ -6353,7 +6573,7 @@ class CfnDBClusterProps:
         :param db_cluster_identifier: The DB cluster identifier. This parameter is stored as a lowercase string. Constraints: - Must contain from 1 to 63 letters, numbers, or hyphens. - First character must be a letter. - Can't end with a hyphen or contain two consecutive hyphens. Example: ``my-cluster1`` Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param db_cluster_instance_class: The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example ``db.m6gd.xlarge`` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes and availability for your engine, see `DB instance class <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only
         :param db_cluster_parameter_group_name: The name of the DB cluster parameter group to associate with this DB cluster. .. epigraph:: If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting. If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. To list all of the available DB cluster parameter group names, use the following command: ``aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[].DBClusterParameterGroupName" --output text`` Valid for: Aurora DB clusters and Multi-AZ DB clusters Default: - "default.aurora5.6"
-        :param db_instance_parameter_group_name: The name of the DB parameter group to apply to all instances of the DB cluster. .. epigraph:: When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. Default: The existing name setting Constraints: - The DB parameter group must be in the same DB parameter group family as this DB cluster.
+        :param db_instance_parameter_group_name: The name of the DB parameter group to apply to all instances of the DB cluster. .. epigraph:: When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. Valid for Cluster Type: Aurora DB clusters only Default: The existing name setting Constraints: - The DB parameter group must be in the same DB parameter group family as this DB cluster. - The ``DBInstanceParameterGroupName`` parameter is valid in combination with the ``AllowMajorVersionUpgrade`` parameter for a major version upgrade only.
         :param db_subnet_group_name: A DB subnet group that you want to associate with this DB cluster. If you are restoring a DB cluster to a point in time with ``RestoreType`` set to ``copy-on-write`` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param db_system_id: Reserved for future use.
         :param deletion_protection: A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. Valid for: Aurora DB clusters and Multi-AZ DB clusters
@@ -6364,7 +6584,7 @@ class CfnDBClusterProps:
         :param enable_http_endpoint: Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled. When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor. RDS Data API is supported with the following DB clusters: - Aurora PostgreSQL Serverless v2 and provisioned - Aurora PostgreSQL and Aurora MySQL Serverless v1 For more information, see `Using RDS Data API <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html>`_ in the *Amazon Aurora User Guide* . Valid for Cluster Type: Aurora DB clusters only
         :param enable_iam_database_authentication: A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. For more information, see `IAM Database Authentication <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html>`_ in the *Amazon Aurora User Guide.* Valid for: Aurora DB clusters only
         :param engine: The name of the database engine to be used for this DB cluster. Valid Values: - ``aurora-mysql`` - ``aurora-postgresql`` - ``mysql`` - ``postgres`` Valid for: Aurora DB clusters and Multi-AZ DB clusters
-        :param engine_mode: The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless`` . The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* : - `Limitations of Aurora Serverless v1 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations>`_ - `Requirements for Aurora Serverless v2 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html>`_ Valid for Cluster Type: Aurora DB clusters only
+        :param engine_mode: The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless`` . The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the ``provisioned`` engine mode. For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* : - `Limitations of Aurora Serverless v1 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations>`_ - `Requirements for Aurora Serverless v2 <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html>`_ Valid for Cluster Type: Aurora DB clusters only
         :param engine_version: The version number of the database engine to use. To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command: ``aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion"`` You can supply either ``5.7`` or ``8.0`` to use the default engine version for Aurora MySQL version 2 or version 3, respectively. To list all of the available engine versions for Aurora PostgreSQL, use the following command: ``aws rds describe-db-engine-versions --engine aurora-postgresql --query "DBEngineVersions[].EngineVersion"`` To list all of the available engine versions for RDS for MySQL, use the following command: ``aws rds describe-db-engine-versions --engine mysql --query "DBEngineVersions[].EngineVersion"`` To list all of the available engine versions for RDS for PostgreSQL, use the following command: ``aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion"`` *Aurora MySQL* For information, see `Database engine updates for Amazon Aurora MySQL <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html>`_ in the *Amazon Aurora User Guide* . *Aurora PostgreSQL* For information, see `Amazon Aurora PostgreSQL releases and engine versions <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html>`_ in the *Amazon Aurora User Guide* . *MySQL* For information, see `Amazon RDS for MySQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide* . *PostgreSQL* For information, see `Amazon RDS for PostgreSQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts>`_ in the *Amazon RDS User Guide* . Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param global_cluster_identifier: If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the `AWS::RDS::GlobalCluster <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html>`_ resource. If you aren't configuring a global database cluster, don't specify this property. .. epigraph:: To remove the DB cluster from a global database cluster, specify an empty value for the ``GlobalClusterIdentifier`` property. For information about Aurora global databases, see `Working with Amazon Aurora Global Databases <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html>`_ in the *Amazon Aurora User Guide* . Valid for: Aurora DB clusters only
         :param iops: The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid IOPS values, see `Provisioned IOPS storage <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only Constraints: - Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
@@ -6841,11 +7061,14 @@ class CfnDBClusterProps:
 
            When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.
 
+        Valid for Cluster Type: Aurora DB clusters only
+
         Default: The existing name setting
 
         Constraints:
 
         - The DB parameter group must be in the same DB parameter group family as this DB cluster.
+        - The ``DBInstanceParameterGroupName`` parameter is valid in combination with the ``AllowMajorVersionUpgrade`` parameter for a major version upgrade only.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbinstanceparametergroupname
         '''
@@ -7016,7 +7239,7 @@ class CfnDBClusterProps:
     def engine_mode(self) -> typing.Optional[builtins.str]:
         '''The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless`` .
 
-        The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters.
+        The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the ``provisioned`` engine mode.
 
         For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :
 
@@ -7907,10 +8130,10 @@ class CfnDBInstance(
         :param enable_iam_database_authentication: A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see `IAM Database Authentication for MariaDB, MySQL, and PostgreSQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html>`_ in the *Amazon RDS User Guide.* *Amazon Aurora* Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.
         :param enable_performance_insights: Specifies whether to enable Performance Insights for the DB instance. For more information, see `Using Amazon Performance Insights <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html>`_ in the *Amazon RDS User Guide* . This setting doesn't apply to RDS Custom DB instances.
         :param endpoint: The connection endpoint for the DB instance. .. epigraph:: The endpoint might not be shown for instances with the status of ``creating`` .
-        :param engine: The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region. This property is required when creating a DB instance. .. epigraph:: You can change the architecture of an Oracle database from the non-container database (CDB) architecture to the CDB architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` or ``oracle-ee-cdb`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption. Valid Values: - ``aurora-mysql`` (for Aurora MySQL DB instances) - ``aurora-postgresql`` (for Aurora PostgreSQL DB instances) - ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances) - ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances) - ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances) - ``db2-ae`` - ``db2-se`` - ``mariadb`` - ``mysql`` - ``oracle-ee`` - ``oracle-ee-cdb`` - ``oracle-se2`` - ``oracle-se2-cdb`` - ``postgres`` - ``sqlserver-ee`` - ``sqlserver-se`` - ``sqlserver-ex`` - ``sqlserver-web``
+        :param engine: The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region. This property is required when creating a DB instance. .. epigraph:: You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption. Valid Values: - ``aurora-mysql`` (for Aurora MySQL DB instances) - ``aurora-postgresql`` (for Aurora PostgreSQL DB instances) - ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances) - ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances) - ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances) - ``db2-ae`` - ``db2-se`` - ``mariadb`` - ``mysql`` - ``oracle-ee`` - ``oracle-ee-cdb`` - ``oracle-se2`` - ``oracle-se2-cdb`` - ``postgres`` - ``sqlserver-ee`` - ``sqlserver-se`` - ``sqlserver-ex`` - ``sqlserver-web``
         :param engine_version: The version number of the database engine to use. For a list of valid engine versions, use the ``DescribeDBEngineVersions`` action. The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region. *Amazon Aurora* Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster. *Db2* See `Amazon RDS for Db2 <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *MariaDB* See `MariaDB on Amazon RDS Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *Microsoft SQL Server* See `Microsoft SQL Server Versions on Amazon RDS <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport>`_ in the *Amazon RDS User Guide.* *MySQL* See `MySQL on Amazon RDS Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *Oracle* See `Oracle Database Engine Release Notes <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html>`_ in the *Amazon RDS User Guide.* *PostgreSQL* See `Supported PostgreSQL Database Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions>`_ in the *Amazon RDS User Guide.*
         :param iops: The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see `Amazon RDS Provisioned IOPS Storage to Improve Performance <https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . .. epigraph:: If you specify ``io1`` for the ``StorageType`` property, then you must also specify the ``Iops`` property. Constraints: - For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance. - For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.
-        :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
+        :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
         :param license_model: License model information for this DB instance. Valid Values: - Aurora MySQL - ``general-public-license`` - Aurora PostgreSQL - ``postgresql-license`` - RDS for Db2 - ``bring-your-own-license`` . For more information about RDS for Db2 licensing, see ` <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html>`_ in the *Amazon RDS User Guide.* - RDS for MariaDB - ``general-public-license`` - RDS for Microsoft SQL Server - ``license-included`` - RDS for MySQL - ``general-public-license`` - RDS for Oracle - ``bring-your-own-license`` or ``license-included`` - RDS for PostgreSQL - ``postgresql-license`` .. epigraph:: If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.* Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
         :param master_username: The master user name for the DB instance. .. epigraph:: If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot. When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. *Amazon Aurora* Not applicable. The name for the master user is managed by the DB cluster. *RDS for Db2* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MariaDB* Constraints: - Must be 1 to 16 letters or numbers. - Can't be a reserved word for the chosen database engine. *RDS for Microsoft SQL Server* Constraints: - Must be 1 to 128 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MySQL* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for Oracle* Constraints: - Must be 1 to 30 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for PostgreSQL* Constraints: - Must be 1 to 63 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine.
@@ -7938,7 +8161,7 @@ class CfnDBInstance(
         :param source_db_instance_identifier: If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see `Working with Read Replicas <https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html>`_ in the *Amazon RDS User Guide* . For information about constraints that apply to DB instance identifiers, see `Naming constraints in Amazon RDS <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints>`_ in the *Amazon RDS User Guide* . The ``SourceDBInstanceIdentifier`` property determines whether a DB instance is a read replica. If you remove the ``SourceDBInstanceIdentifier`` property from your template and then update your stack, AWS CloudFormation promotes the Read Replica to a standalone DB instance. .. epigraph:: - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the ``VPCSecurityGroups`` property. If you don't specify the property, the read replica inherits the value of the ``VPCSecurityGroups`` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's ``VPCSecurityGroups`` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues. - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica. - If you specify ``SourceDBInstanceIdentifier`` , don't specify the ``DBSnapshotIdentifier`` property. You can't create a read replica from a snapshot. - Don't set the ``BackupRetentionPeriod`` , ``DBName`` , ``MasterUsername`` , ``MasterUserPassword`` , and ``PreferredBackupWindow`` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas. - If the source DB instance is in a different region than the read replica, specify the source region in ``SourceRegion`` , and specify an ARN for a valid DB instance in ``SourceDBInstanceIdentifier`` . For more information, see `Constructing a Amazon RDS Amazon Resource Name (ARN) <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN>`_ in the *Amazon RDS User Guide* . - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.
         :param source_dbi_resource_id: The resource ID of the source DB instance from which to restore.
         :param source_region: The ID of the region that contains the source DB instance for the read replica.
-        :param storage_encrypted: A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. If you specify the ``KmsKeyId`` property, then you must enable encryption. If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify the ``DBSnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used. If you specify the ``DBSnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to ``false`` . *Amazon Aurora* Not applicable. The encryption for DB instances is managed by the DB cluster.
+        :param storage_encrypted: A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. If you specify the ``KmsKeyId`` property, then you must enable encryption. If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot. *Amazon Aurora* Not applicable. The encryption for DB instances is managed by the DB cluster.
         :param storage_throughput: Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. This setting doesn't apply to RDS Custom or Amazon Aurora.
         :param storage_type: The storage type to associate with the DB instance. If you specify ``io1`` , ``io2`` , or ``gp3`` , you must also include a value for the ``Iops`` parameter. This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster. Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` Default: ``io1`` , if the ``Iops`` parameter is specified. Otherwise, ``gp2`` .
         :param tags: An optional array of key-value pairs to apply to this DB instance.
@@ -9893,10 +10116,10 @@ class CfnDBInstanceProps:
         :param enable_iam_database_authentication: A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see `IAM Database Authentication for MariaDB, MySQL, and PostgreSQL <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html>`_ in the *Amazon RDS User Guide.* *Amazon Aurora* Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.
         :param enable_performance_insights: Specifies whether to enable Performance Insights for the DB instance. For more information, see `Using Amazon Performance Insights <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html>`_ in the *Amazon RDS User Guide* . This setting doesn't apply to RDS Custom DB instances.
         :param endpoint: The connection endpoint for the DB instance. .. epigraph:: The endpoint might not be shown for instances with the status of ``creating`` .
-        :param engine: The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region. This property is required when creating a DB instance. .. epigraph:: You can change the architecture of an Oracle database from the non-container database (CDB) architecture to the CDB architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` or ``oracle-ee-cdb`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption. Valid Values: - ``aurora-mysql`` (for Aurora MySQL DB instances) - ``aurora-postgresql`` (for Aurora PostgreSQL DB instances) - ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances) - ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances) - ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances) - ``db2-ae`` - ``db2-se`` - ``mariadb`` - ``mysql`` - ``oracle-ee`` - ``oracle-ee-cdb`` - ``oracle-se2`` - ``oracle-se2-cdb`` - ``postgres`` - ``sqlserver-ee`` - ``sqlserver-se`` - ``sqlserver-ex`` - ``sqlserver-web``
+        :param engine: The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region. This property is required when creating a DB instance. .. epigraph:: You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption. Valid Values: - ``aurora-mysql`` (for Aurora MySQL DB instances) - ``aurora-postgresql`` (for Aurora PostgreSQL DB instances) - ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances) - ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances) - ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances) - ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances) - ``db2-ae`` - ``db2-se`` - ``mariadb`` - ``mysql`` - ``oracle-ee`` - ``oracle-ee-cdb`` - ``oracle-se2`` - ``oracle-se2-cdb`` - ``postgres`` - ``sqlserver-ee`` - ``sqlserver-se`` - ``sqlserver-ex`` - ``sqlserver-web``
         :param engine_version: The version number of the database engine to use. For a list of valid engine versions, use the ``DescribeDBEngineVersions`` action. The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region. *Amazon Aurora* Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster. *Db2* See `Amazon RDS for Db2 <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *MariaDB* See `MariaDB on Amazon RDS Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *Microsoft SQL Server* See `Microsoft SQL Server Versions on Amazon RDS <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport>`_ in the *Amazon RDS User Guide.* *MySQL* See `MySQL on Amazon RDS Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt>`_ in the *Amazon RDS User Guide.* *Oracle* See `Oracle Database Engine Release Notes <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html>`_ in the *Amazon RDS User Guide.* *PostgreSQL* See `Supported PostgreSQL Database Versions <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions>`_ in the *Amazon RDS User Guide.*
         :param iops: The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see `Amazon RDS Provisioned IOPS Storage to Improve Performance <https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . .. epigraph:: If you specify ``io1`` for the ``StorageType`` property, then you must also specify the ``Iops`` property. Constraints: - For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance. - For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.
-        :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
+        :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
         :param license_model: License model information for this DB instance. Valid Values: - Aurora MySQL - ``general-public-license`` - Aurora PostgreSQL - ``postgresql-license`` - RDS for Db2 - ``bring-your-own-license`` . For more information about RDS for Db2 licensing, see ` <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html>`_ in the *Amazon RDS User Guide.* - RDS for MariaDB - ``general-public-license`` - RDS for Microsoft SQL Server - ``license-included`` - RDS for MySQL - ``general-public-license`` - RDS for Oracle - ``bring-your-own-license`` or ``license-included`` - RDS for PostgreSQL - ``postgresql-license`` .. epigraph:: If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.* Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
         :param master_username: The master user name for the DB instance. .. epigraph:: If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot. When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. *Amazon Aurora* Not applicable. The name for the master user is managed by the DB cluster. *RDS for Db2* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MariaDB* Constraints: - Must be 1 to 16 letters or numbers. - Can't be a reserved word for the chosen database engine. *RDS for Microsoft SQL Server* Constraints: - Must be 1 to 128 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MySQL* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for Oracle* Constraints: - Must be 1 to 30 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for PostgreSQL* Constraints: - Must be 1 to 63 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine.
@@ -9924,7 +10147,7 @@ class CfnDBInstanceProps:
         :param source_db_instance_identifier: If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see `Working with Read Replicas <https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html>`_ in the *Amazon RDS User Guide* . For information about constraints that apply to DB instance identifiers, see `Naming constraints in Amazon RDS <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints>`_ in the *Amazon RDS User Guide* . The ``SourceDBInstanceIdentifier`` property determines whether a DB instance is a read replica. If you remove the ``SourceDBInstanceIdentifier`` property from your template and then update your stack, AWS CloudFormation promotes the Read Replica to a standalone DB instance. .. epigraph:: - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the ``VPCSecurityGroups`` property. If you don't specify the property, the read replica inherits the value of the ``VPCSecurityGroups`` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's ``VPCSecurityGroups`` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues. - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica. - If you specify ``SourceDBInstanceIdentifier`` , don't specify the ``DBSnapshotIdentifier`` property. You can't create a read replica from a snapshot. - Don't set the ``BackupRetentionPeriod`` , ``DBName`` , ``MasterUsername`` , ``MasterUserPassword`` , and ``PreferredBackupWindow`` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas. - If the source DB instance is in a different region than the read replica, specify the source region in ``SourceRegion`` , and specify an ARN for a valid DB instance in ``SourceDBInstanceIdentifier`` . For more information, see `Constructing a Amazon RDS Amazon Resource Name (ARN) <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN>`_ in the *Amazon RDS User Guide* . - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.
         :param source_dbi_resource_id: The resource ID of the source DB instance from which to restore.
         :param source_region: The ID of the region that contains the source DB instance for the read replica.
-        :param storage_encrypted: A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. If you specify the ``KmsKeyId`` property, then you must enable encryption. If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify the ``DBSnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used. If you specify the ``DBSnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to ``false`` . *Amazon Aurora* Not applicable. The encryption for DB instances is managed by the DB cluster.
+        :param storage_encrypted: A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. If you specify the ``KmsKeyId`` property, then you must enable encryption. If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot. *Amazon Aurora* Not applicable. The encryption for DB instances is managed by the DB cluster.
         :param storage_throughput: Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. This setting doesn't apply to RDS Custom or Amazon Aurora.
         :param storage_type: The storage type to associate with the DB instance. If you specify ``io1`` , ``io2`` , or ``gp3`` , you must also include a value for the ``Iops`` parameter. This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster. Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` Default: ``io1`` , if the ``Iops`` parameter is specified. Otherwise, ``gp2`` .
         :param tags: An optional array of key-value pairs to apply to this DB instance.
@@ -11001,7 +11224,7 @@ class CfnDBInstanceProps:
         This property is required when creating a DB instance.
         .. epigraph::
 
-           You can change the architecture of an Oracle database from the non-container database (CDB) architecture to the CDB architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` or ``oracle-ee-cdb`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption.
+           You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb`` . Converting to the CDB architecture requires an interruption.
 
         Valid Values:
 
@@ -11103,7 +11326,7 @@ class CfnDBInstanceProps:
 
         If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.
 
-        If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.
+        If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot.
 
         If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* .
 
@@ -11636,9 +11859,7 @@ class CfnDBInstanceProps:
 
         If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.
 
-        If you specify the ``DBSnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used.
-
-        If you specify the ``DBSnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to ``false`` .
+        If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot.
 
         *Amazon Aurora*
 
@@ -18044,14 +18265,18 @@ class Credentials(
         vpc = ec2.Vpc(self, "AuroraVpc")
         
         # Create the serverless cluster, provide all values needed to customise the database.
-        cluster = rds.ServerlessCluster(self, "AuroraCluster",
-            engine=rds.DatabaseClusterEngine.AURORA_MYSQL,
-            vpc=vpc,
+        cluster = rds.DatabaseCluster(self, "AuroraClusterV2",
+            engine=rds.DatabaseClusterEngine.aurora_postgres(version=rds.AuroraPostgresEngineVersion.VER_15_5),
             credentials={"username": "clusteradmin"},
             cluster_identifier="db-endpoint-test",
-            default_database_name="demos"
+            writer=rds.ClusterInstance.serverless_v2("writer"),
+            serverless_v2_min_capacity=2,
+            serverless_v2_max_capacity=10,
+            vpc=vpc,
+            default_database_name="demos",
+            enable_data_api=True
         )
-        rds_dS = api.add_rds_data_source("rds", cluster, secret, "demos")
+        rds_dS = api.add_rds_data_source_v2("rds", cluster, secret, "demos")
         
         # Set up a resolver for an RDS query.
         rds_dS.create_resolver("QueryGetDemosRdsResolver",
@@ -25098,6 +25323,14 @@ class IDatabaseCluster(
         '''
         ...
 
+    @jsii.member(jsii_name="grantDataApiAccess")
+    def grant_data_api_access(self, grantee: _IGrantable_71c4f5de) -> _Grant_a7ae64f8:
+        '''Grant the given identity to access to the Data API.
+
+        :param grantee: The principal to grant access to.
+        '''
+        ...
+
     @jsii.member(jsii_name="metric")
     def metric(
         self,
@@ -25671,6 +25904,17 @@ class _IDatabaseClusterProxy(
             check_type(argname="argument db_user", value=db_user, expected_type=type_hints["db_user"])
         return typing.cast(_Grant_a7ae64f8, jsii.invoke(self, "grantConnect", [grantee, db_user]))
 
+    @jsii.member(jsii_name="grantDataApiAccess")
+    def grant_data_api_access(self, grantee: _IGrantable_71c4f5de) -> _Grant_a7ae64f8:
+        '''Grant the given identity to access to the Data API.
+
+        :param grantee: The principal to grant access to.
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__cecf222e59ae304eb2915600c2ab7f5bdc161841f08ea5f6b7f029f7bec9a12a)
+            check_type(argname="argument grantee", value=grantee, expected_type=type_hints["grantee"])
+        return typing.cast(_Grant_a7ae64f8, jsii.invoke(self, "grantDataApiAccess", [grantee]))
+
     @jsii.member(jsii_name="metric")
     def metric(
         self,
@@ -38176,7 +38420,7 @@ class DatabaseClusterBase(
     @jsii.member(jsii_name="secret")
     @abc.abstractmethod
     def secret(self) -> typing.Optional[_ISecret_6e020e6a]:
-        '''Secret in SecretsManager to store the database cluster user credentials.'''
+        '''The secret attached to this cluster.'''
         ...
 
     @builtins.property
@@ -38252,7 +38496,7 @@ class _DatabaseClusterBaseProxy(
     @builtins.property
     @jsii.member(jsii_name="secret")
     def secret(self) -> typing.Optional[_ISecret_6e020e6a]:
-        '''Secret in SecretsManager to store the database cluster user credentials.'''
+        '''The secret attached to this cluster.'''
         return typing.cast(typing.Optional[_ISecret_6e020e6a], jsii.get(self, "secret"))
 
     @builtins.property
@@ -43425,15 +43669,18 @@ def _typecheckingstub__dccc4ebf781452ad945a67eeaa182293b79bd42fee7658aaea830a59e
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,
     *,
-    database_installation_files_s3_bucket_name: builtins.str,
     engine: builtins.str,
     engine_version: builtins.str,
+    database_installation_files_s3_bucket_name: typing.Optional[builtins.str] = None,
     database_installation_files_s3_prefix: typing.Optional[builtins.str] = None,
     description: typing.Optional[builtins.str] = None,
+    image_id: typing.Optional[builtins.str] = None,
     kms_key_id: typing.Optional[builtins.str] = None,
     manifest: typing.Optional[builtins.str] = None,
+    source_custom_db_engine_version_identifier: typing.Optional[builtins.str] = None,
     status: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+    use_aws_provided_latest_image: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -43450,20 +43697,20 @@ def _typecheckingstub__3e83f468f7dd18d22c9b612734116e5d82023ddbd1b241f1dae9c33e1
     """Type checking stubs"""
     pass
 
-def _typecheckingstub__e8dcd4aecfb92c6617a76401829247508a5196d1219bdf3c496c1eef202e0c37(
+def _typecheckingstub__57b06d6a61a7aa40468b988c47f903780541aacb379dfa0bf146f37e0c779729(
     value: builtins.str,
 ) -> None:
     """Type checking stubs"""
     pass
 
-def _typecheckingstub__57b06d6a61a7aa40468b988c47f903780541aacb379dfa0bf146f37e0c779729(
+def _typecheckingstub__09530b6c217cbc4998aaea3601330c702807beb29fc30fa9af5ceab12214408d(
     value: builtins.str,
 ) -> None:
     """Type checking stubs"""
     pass
 
-def _typecheckingstub__09530b6c217cbc4998aaea3601330c702807beb29fc30fa9af5ceab12214408d(
-    value: builtins.str,
+def _typecheckingstub__e8dcd4aecfb92c6617a76401829247508a5196d1219bdf3c496c1eef202e0c37(
+    value: typing.Optional[builtins.str],
 ) -> None:
     """Type checking stubs"""
     pass
@@ -43480,6 +43727,12 @@ def _typecheckingstub__4aaac4d275f054bf611e124a013cfc149ce4ce49db255d6b8bdbf9937
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__573de89cab865fb2fe6437920ada3b601ffcf5832b228e0d126bedaf494c57eb(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__1a0cd73871adb0d339f703041dbaa1e90b6c3ad3be57fe4b1f55f2e61af11dca(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -43492,6 +43745,12 @@ def _typecheckingstub__463fc7056b1df9d389ba18cfed697b7ea579834be61dc7627fe4a6bba
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__ab74f194180555de35de6a9023fe9e2d2972ffd40051f7cc505df6dd0438f8d6(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__ec128ecf80f4b2e6d4529f80259fe9fb957476b36db57ec7b870982375842eac(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -43504,17 +43763,26 @@ def _typecheckingstub__72ea58fd4af1464d2f87e63b0113772cf0f44d78fc2c7531901713687
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__30204c42eef4323c823e84f7a43420a689740a78fa5382e0d646d46b0102a5c1(
+    value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__70c4d3797ab8093b0278a7f532fcb1c42c50e74a1c04dfe5259dbb57e7fe2191(
     *,
-    database_installation_files_s3_bucket_name: builtins.str,
     engine: builtins.str,
     engine_version: builtins.str,
+    database_installation_files_s3_bucket_name: typing.Optional[builtins.str] = None,
     database_installation_files_s3_prefix: typing.Optional[builtins.str] = None,
     description: typing.Optional[builtins.str] = None,
+    image_id: typing.Optional[builtins.str] = None,
     kms_key_id: typing.Optional[builtins.str] = None,
     manifest: typing.Optional[builtins.str] = None,
+    source_custom_db_engine_version_identifier: typing.Optional[builtins.str] = None,
     status: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+    use_aws_provided_latest_image: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -46232,6 +46500,12 @@ def _typecheckingstub__28dac6f0afb3a1f37eb08d0603ed9c527826656bdcb35c560bfe5b409
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__cecf222e59ae304eb2915600c2ab7f5bdc161841f08ea5f6b7f029f7bec9a12a(
+    grantee: _IGrantable_71c4f5de,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__cb438e41c5d27e4b968b536ac8e59048e5a810f9216c9316ab7091ead553a3cd(
     metric_name: builtins.str,
     *,