Interface RdsDatabaseInstanceProps

Admin credentials for the database. Must be in JSON format for RDS

Allocated DB storage size in gibibytes (GiB). Must be 20 or greater

Allow RDS to automatically perform major DB engine version updates during defined service window

Allow RDS to automatically perform minor DB engine version updates and patches during defined service window

The number of days during which automatic DB snapshots are retained. Set to zero to disable backups. When creating a read replica, you must enable automatic backups on the source database instance by setting the backup retention to a value other than zero.

Retention period for database CloudWatch logs

Create an empty SecurityGroup that allows access to the database instance from external instances that have the client access security group associated.

Note that the preferred way of granting access to the database is to use the CDK connections API to grant access to the DB default security group from the client instance's security group. This method follows the leas-access principle and creates point-to-point openings from client to the database

DB engine type

Database engine version. Use value from PostgresEngineVersion for 'postgres' DB engine and value from MysqlEngineVersion for 'mysql' DB engine

It is recommended to specify the DB major version only when 'autoMinorVersionUpgrade' is enabled (default). Specifying exact minor version in this case will cause stack drift when the minor version is automatically updated by RDS. When specifying only the major version, RDS will use the latest minor version available when launching the DB instance

Unique name for the DB instance

Protect the DB instance from accidental deletion. Should only be disabled when intentionally deleting the DB instance

Infra environment

Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts

DB instance class to use

DB instance size to use

KMS key to be used to encrypt performance insights data

KMS key to be used to encrypt the DB admin password secret

Required if 'adminCredentials' secret is not provided

KMS key to be used for DB storage encryption

Required if 'snapshotId' is not provided. For snapshots, the KMS key used to encrypt the snapshot is used to encrypt the new DB instance storage

Shared CloudWatch log retention role that CDK-generated Lambda uses to set retention period for the DB CloudWatch log groups. Using a shared role reduces number of redundant resources

Maximum allocated storage in gibibytes (GiB) for storage autoscaling. Storage will not be extended beyond this size

Enable multi-AZ standby instance deployment for the DB instance. Highly recommended for PROD environments for high availability (HA). Should not be used in other environments to reduce costs from the standby instance

Custom port for the database

Private HostedZone to create the DNS alias record for the RDS instance to.

The created alias record is of the format <kebab-case(dbInstanceName)>. Example: my-db-instance.privatezonename.internal

ID or ARN of the database snapshot to create the instance from

Providing a snapshotId will trigger replacement of existing RDS instance. If restoring a snapshot it is recommended to create a separate instance of this construct, not to update existing one

NOTE: When restoring a DB from a snapshot, please refer to the AWS documentation! Potential risk of data loss exists. After restoring a DB from snapshot, the 'snapshotId' property cannot be changed or removed. This will result in CloudFormation replacing the DB instance

VPC to use for the DB instance

Subnets to use for the VPC. Minimum set of 2 subnets needs to be defined