daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

agent-claw: automated task changes

Browse Source
This commit is contained in:
daniel
2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

407
cdk/node_modules/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.d.ts generated vendored Normal file
View File

@@ -0,0 +1,407 @@
import type { Construct } from 'constructs';
import type { CaCertificate } from './ca-certificate';
import type { IDatabaseCluster } from './cluster-ref';
import type { IParameterGroup } from './parameter-group';
import { PerformanceInsightRetention } from './props';
import * as ec2 from '../../aws-ec2';
import type { IRoleRef } from '../../aws-iam';
import type * as kms from '../../aws-kms';
import type { IResource, Duration, RemovalPolicy } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Options for binding the instance to the cluster
*/
export interface ClusterInstanceBindOptions {
/**
* The interval, in seconds, between points when Amazon RDS collects enhanced
* monitoring metrics for the DB instances.
*
* @default no enhanced monitoring
*/
readonly monitoringInterval?: Duration;
/**
* Role that will be used to manage DB instances monitoring.
*
* @default - A role is automatically created for you
*/
readonly monitoringRole?: IRoleRef;
/**
* The removal policy on the cluster
*
* @default - RemovalPolicy.DESTROY (cluster snapshot can restore)
*/
readonly removalPolicy?: RemovalPolicy;
/**
* The promotion tier of the cluster instance
*
* This matters more for serverlessV2 instances. If a serverless
* instance is in tier 0-1 then it will scale with the writer.
*
* For provisioned instances this just determines the failover priority.
* If multiple instances have the same priority then one will be picked at random
*
* @default 2
*/
readonly promotionTier?: number;
/**
* Existing subnet group for the cluster.
* This is only needed when using the isFromLegacyInstanceProps
*
* @default - cluster subnet group is used
*/
readonly subnetGroup?: aws_rds.IDBSubnetGroupRef;
}
/**
* The type of Aurora Cluster Instance. Can be either serverless v2
* or provisioned
*/
export declare class ClusterInstanceType {
private readonly instanceType;
readonly type: InstanceType;
/**
* Aurora Serverless V2 instance type
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html
*/
static serverlessV2(): ClusterInstanceType;
/**
* Aurora Provisioned instance type
*/
static provisioned(instanceType?: ec2.InstanceType): ClusterInstanceType;
constructor(instanceType: string, type: InstanceType);
/**
* String representation of the instance type that can be used in the CloudFormation resource
*/
toString(): string;
}
/**
* Represents an Aurora cluster instance
* This can be either a provisioned instance or a serverless v2 instance
*/
export interface IClusterInstance {
/**
* Create the database instance within the provided cluster
*/
bind(scope: Construct, cluster: IDatabaseCluster, options: ClusterInstanceBindOptions): IAuroraClusterInstance;
}
/**
* Options for creating a provisioned instance
*/
export interface ProvisionedClusterInstanceProps extends ClusterInstanceOptions {
/**
* The cluster instance type
*
* @default db.t3.medium
*/
readonly instanceType?: ec2.InstanceType;
/**
* The promotion tier of the cluster instance
*
* Can be between 0-15
*
* For provisioned instances this just determines the failover priority.
* If multiple instances have the same priority then one will be picked at random
*
* @default 2
*/
readonly promotionTier?: number;
}
/**
* Options for creating a serverless v2 instance
*/
export interface ServerlessV2ClusterInstanceProps extends ClusterInstanceOptions {
/**
* Only applicable to reader instances.
*
* If this is true then the instance will be placed in promotion tier 1, otherwise
* it will be placed in promotion tier 2.
*
* For serverless v2 instances this means:
* - true: The serverless v2 reader will scale to match the writer instance (provisioned or serverless)
* - false: The serverless v2 reader will scale with the read workload on the instance
*
* @default false
*/
readonly scaleWithWriter?: boolean;
}
/**
* Common options for creating cluster instances (both serverless and provisioned)
*/
export interface ClusterInstanceProps extends ClusterInstanceOptions {
/**
* The type of cluster instance to create. Can be either
* provisioned or serverless v2
*/
readonly instanceType: ClusterInstanceType;
/**
* The promotion tier of the cluster instance
*
* This matters more for serverlessV2 instances. If a serverless
* instance is in tier 0-1 then it will scale with the writer.
*
* For provisioned instances this just determines the failover priority.
* If multiple instances have the same priority then one will be picked at random
*
* @default 2
*/
readonly promotionTier?: number;
}
/**
* Common options for creating a cluster instance
*/
export interface ClusterInstanceOptions {
/**
* The identifier for the database instance
*
* @default - CloudFormation generated identifier
*/
readonly instanceIdentifier?: string;
/**
* Whether to enable automatic upgrade of minor version for the DB instance.
*
* @default - true
*/
readonly autoMinorVersionUpgrade?: boolean;
/**
* Whether to enable Performance Insights for the DB instance.
*
* @default - false, unless ``performanceInsightRetention`` or ``performanceInsightEncryptionKey`` is set.
*/
readonly enablePerformanceInsights?: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*
* @default 7
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*
* @default - default master key
*/
readonly performanceInsightEncryptionKey?: kms.IKey;
/**
* Indicates whether the DB instance is an internet-facing instance. If not specified,
* the cluster's vpcSubnets will be used to determine if the instance is internet-facing
* or not.
*
* @default - `true` if the cluster's `vpcSubnets` is `subnetType: SubnetType.PUBLIC`, `false` otherwise
*/
readonly publiclyAccessible?: boolean;
/**
* The Availability Zone (AZ) where the database will be created.
*
* For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones.
* Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html
* @default - A random, system-chosen Availability Zone in the endpointʼs AWS Region.
*/
readonly availabilityZone?: string;
/**
* A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
*
* Example: 'Sun:23:45-Mon:00:15'
*
* @default - 30-minute window selected at random from an 8-hour block of time for
* each AWS Region, occurring on a random day of the week.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
*/
readonly preferredMaintenanceWindow?: string;
/**
* The parameters in the DBParameterGroup to create automatically
*
* You can only specify parameterGroup or parameters but not both.
* You need to use a versioned engine to auto-generate a DBParameterGroup.
*
* @default - None
*/
readonly parameters?: {
[key: string]: string;
};
/**
* Whether to allow upgrade of major version for the DB instance.
*
* @default - false
*/
readonly allowMajorVersionUpgrade?: boolean;
/**
* The DB parameter group to associate with the instance.
* This is only needed if you need to configure different parameter
* groups for each individual instance, otherwise you should not
* provide this and just use the cluster parameter group
*
* @default the cluster parameter group is used
*/
readonly parameterGroup?: IParameterGroup;
/**
* Only used for migrating existing clusters from using `instanceProps` to `writer` and `readers`
*
* @example
* // existing cluster
* declare const vpc: ec2.Vpc;
* const cluster = new rds.DatabaseCluster(this, 'Database', {
* engine: rds.DatabaseClusterEngine.auroraMysql({
* version: rds.AuroraMysqlEngineVersion.VER_3_03_0,
* }),
* instances: 2,
* instanceProps: {
* instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL),
* vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC },
* vpc,
* },
* });
*
* // migration
*
* const instanceProps = {
* instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL),
* isFromLegacyInstanceProps: true,
* };
*
* const myCluster = new rds.DatabaseCluster(this, 'Database', {
* engine: rds.DatabaseClusterEngine.auroraMysql({
* version: rds.AuroraMysqlEngineVersion.VER_3_03_0,
* }),
* vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC },
* vpc,
* writer: rds.ClusterInstance.provisioned('Instance1', {
* instanceType: instanceProps.instanceType,
* isFromLegacyInstanceProps: instanceProps.isFromLegacyInstanceProps,
* }),
* readers: [
* rds.ClusterInstance.provisioned('Instance2', {
* instanceType: instanceProps.instanceType,
* isFromLegacyInstanceProps: instanceProps.isFromLegacyInstanceProps,
* }),
* ],
* });
*
* @default false
*/
readonly isFromLegacyInstanceProps?: boolean;
/**
* The identifier of the CA certificate for this DB cluster's instances.
*
* Specifying or updating this property triggers a reboot.
*
* For RDS DB engines:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html
* For Aurora DB engines:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html
*
* @default - RDS will choose a certificate authority
*/
readonly caCertificate?: CaCertificate;
/**
* Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `preferredMaintenanceWindow` setting.
* If set to `false`, changes are applied during the next maintenance window.
*
* Until RDS applies the changes, the DB instance remains in a drift state.
* As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.
*
* This property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Modifying.html
*
* @default - Changes will be applied immediately
*/
readonly applyImmediately?: boolean;
}
/**
* Create an RDS Aurora Cluster Instance. You can create either provisioned or
* serverless v2 instances.
*
* @example
*
* declare const vpc: ec2.Vpc;
* const myCluster = new rds.DatabaseCluster(this, 'Database', {
* engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_2_08_1 }),
* writer: rds.ClusterInstance.provisioned('writer', {
* instanceType: ec2.InstanceType.of(ec2.InstanceClass.R6G, ec2.InstanceSize.XLARGE4),
* }),
* serverlessV2MinCapacity: 6.5,
* serverlessV2MaxCapacity: 64,
* readers: [
* // will be put in promotion tier 1 and will scale with the writer
* rds.ClusterInstance.serverlessV2('reader1', { scaleWithWriter: true }),
* // will be put in promotion tier 2 and will not scale with the writer
* rds.ClusterInstance.serverlessV2('reader2'),
* ],
* vpc,
* });
*/
export declare class ClusterInstance implements IClusterInstance {
private id;
private readonly props;
/**
* Add a provisioned instance to the cluster
*
* @example
* rds.ClusterInstance.provisioned('ClusterInstance', {
* instanceType: ec2.InstanceType.of(ec2.InstanceClass.R6G, ec2.InstanceSize.XLARGE4),
* });
*/
static provisioned(id: string, props?: ProvisionedClusterInstanceProps): IClusterInstance;
/**
* Add a serverless v2 instance to the cluster
*
* @example
* rds.ClusterInstance.serverlessV2('ClusterInstance', {
* scaleWithWriter: true,
* });
*/
static serverlessV2(id: string, props?: ServerlessV2ClusterInstanceProps): IClusterInstance;
private constructor();
/**
* Add the ClusterInstance to the cluster
*/
bind(scope: Construct, cluster: IDatabaseCluster, props: ClusterInstanceBindOptions): IAuroraClusterInstance;
}
export declare enum InstanceType {
PROVISIONED = "PROVISIONED",
SERVERLESS_V2 = "SERVERLESS_V2"
}
/**
* An Aurora Cluster Instance
*/
export interface IAuroraClusterInstance extends IResource, aws_rds.IDBInstanceRef {
/**
* The instance ARN
*/
readonly dbInstanceArn: string;
/**
* The instance resource ID
*/
readonly dbiResourceId: string;
/**
* The instance endpoint address
*/
readonly dbInstanceEndpointAddress: string;
/**
* The instance identifier
*/
readonly instanceIdentifier: string;
/**
* The instance type (provisioned vs serverless v2)
*/
readonly type: InstanceType;
/**
* The instance size if the instance is a provisioned type
*/
readonly instanceSize?: string;
/**
* The promotion tier the instance was created in
*/
readonly tier: number;
/**
* Whether Performance Insights is enabled
*/
readonly performanceInsightsEnabled?: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*/
readonly performanceInsightEncryptionKey?: kms.IKey;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/aurora-cluster-instance.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

51
cdk/node_modules/aws-cdk-lib/aws-rds/lib/ca-certificate.d.ts generated vendored Normal file
View File

@@ -0,0 +1,51 @@
/**
* The CA certificate used for a DB instance.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
*/
export declare class CaCertificate {
private readonly identifier;
/**
* rds-ca-2019 certificate authority
* @deprecated rds-ca-2019 expired in August, 2024.
*/
static readonly RDS_CA_2019: CaCertificate;
/**
* rds-ca-ecc384-g1 certificate authority
*/
static readonly RDS_CA_ECC384_G1: CaCertificate;
/**
* rds-ca-rsa2048-g1 certificate authority
*
* @deprecated use RDS_CA_RSA2048_G1 (slight misspelling)
*/
static readonly RDS_CA_RDS2048_G1: CaCertificate;
/**
* rds-ca-rsa2048-g1 certificate authority
*/
static readonly RDS_CA_RSA2048_G1: CaCertificate;
/**
* rds-ca-rsa4096-g1 certificate authority
*
* @deprecated use RDS_CA_RSA4096_G1 (slight misspelling)
*/
static readonly RDS_CA_RDS4096_G1: CaCertificate;
/**
* rds-ca-rsa4096-g1 certificate authority
*/
static readonly RDS_CA_RSA4096_G1: CaCertificate;
/**
* Custom CA certificate
*
* @param identifier - CA certificate identifier
*/
static of(identifier: string): CaCertificate;
/**
* @param identifier - CA certificate identifier
*/
private constructor();
/**
* Returns the CA certificate identifier as a string
*/
toString(): string;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/ca-certificate.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.CaCertificate=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");class CaCertificate{identifier;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_rds.CaCertificate",version:"2.252.0"};static RDS_CA_2019=CaCertificate.of("rds-ca-2019");static RDS_CA_ECC384_G1=CaCertificate.of("rds-ca-ecc384-g1");static RDS_CA_RDS2048_G1=CaCertificate.of("rds-ca-rsa2048-g1");static RDS_CA_RSA2048_G1=CaCertificate.of("rds-ca-rsa2048-g1");static RDS_CA_RDS4096_G1=CaCertificate.of("rds-ca-rsa4096-g1");static RDS_CA_RSA4096_G1=CaCertificate.of("rds-ca-rsa4096-g1");static of(identifier){return new CaCertificate(identifier)}constructor(identifier){this.identifier=identifier}toString(){return this.identifier}}exports.CaCertificate=CaCertificate;

1225
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster-engine.d.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster-engine.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

139
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster-ref.d.ts generated vendored Normal file
View File

@@ -0,0 +1,139 @@
import type { IClusterEngine } from './cluster-engine';
import type { Endpoint } from './endpoint';
import type { DatabaseProxy, DatabaseProxyOptions } from './proxy';
import type * as ec2 from '../../aws-ec2';
import type * as iam from '../../aws-iam';
import type * as secretsmanager from '../../aws-secretsmanager';
import type { IResource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Create a clustered database with a given number of instances.
*/
export interface IDatabaseCluster extends IResource, ec2.IConnectable, secretsmanager.ISecretAttachmentTarget, aws_rds.IDBClusterRef {
/**
* Identifier of the cluster
*/
readonly clusterIdentifier: string;
/**
* The immutable identifier for the cluster; for example: cluster-ABCD1234EFGH5678IJKL90MNOP.
*
* This AWS Region-unique identifier is used in things like IAM authentication policies.
*/
readonly clusterResourceIdentifier: string;
/**
* Identifiers of the replicas
*/
readonly instanceIdentifiers: string[];
/**
* The endpoint to use for read/write operations
* @attribute EndpointAddress,EndpointPort
*/
readonly clusterEndpoint: Endpoint;
/**
* Endpoint to use for load-balanced read-only operations.
* @attribute ReadEndpointAddress
*/
readonly clusterReadEndpoint: Endpoint;
/**
* Endpoints which address each individual replica.
*/
readonly instanceEndpoints: Endpoint[];
/**
* The engine of this Cluster.
* May be not known for imported Clusters if it wasn't provided explicitly.
*/
readonly engine?: IClusterEngine;
/**
* The ARN of the database cluster
*/
readonly clusterArn: string;
/**
* Add a new db proxy to this cluster.
*/
addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
/**
* Grant the given identity connection access to the Cluster.
*
* @param grantee the Principal to grant the permissions to
* @param dbUser the name of the database user to allow connecting
*
*/
grantConnect(grantee: iam.IGrantable, dbUser: string): iam.Grant;
/**
* Grant the given identity to access to the Data API.
*
* @param grantee The principal to grant access to
*/
grantDataApiAccess(grantee: iam.IGrantable): iam.Grant;
}
/**
* Properties that describe an existing cluster instance
*/
export interface DatabaseClusterAttributes {
/**
* Identifier for the cluster
*/
readonly clusterIdentifier: string;
/**
* The immutable identifier for the cluster; for example: cluster-ABCD1234EFGH5678IJKL90MNOP.
*
* This AWS Region-unique identifier is used to grant access to the cluster.
*
* @default none
*/
readonly clusterResourceIdentifier?: string;
/**
* The database port
*
* @default - none
*/
readonly port?: number;
/**
* The security groups of the database cluster
*
* @default - no security groups
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* Identifier for the instances
*
* @default - no instance identifiers
*/
readonly instanceIdentifiers?: string[];
/**
* Cluster endpoint address
*
* @default - no endpoint address
*/
readonly clusterEndpointAddress?: string;
/**
* Reader endpoint address
*
* @default - no reader address
*/
readonly readerEndpointAddress?: string;
/**
* Endpoint addresses of individual instances
*
* @default - no instance endpoints
*/
readonly instanceEndpointAddresses?: string[];
/**
* The engine of the existing Cluster.
*
* @default - the imported Cluster's engine is unknown
*/
readonly engine?: IClusterEngine;
/**
* The secret attached to the database cluster
*
* @default - the imported Cluster's secret is unknown
*/
readonly secret?: secretsmanager.ISecret;
/**
* Whether the Data API for the cluster is enabled.
*
* @default false
*/
readonly dataApiEnabled?: boolean;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster-ref.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});

834
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster.d.ts generated vendored Normal file
View File

@@ -0,0 +1,834 @@
import type { Construct } from 'constructs';
import type { IClusterInstance } from './aurora-cluster-instance';
import type { IClusterEngine } from './cluster-engine';
import type { DatabaseClusterAttributes, IDatabaseCluster } from './cluster-ref';
import { DatabaseInsightsMode } from './database-insights-mode';
import { Endpoint } from './endpoint';
import type { NetworkType } from './instance';
import type { IParameterGroup } from './parameter-group';
import type { BackupProps, Credentials, InstanceProps, RotationSingleUserOptions, RotationMultiUserOptions, SnapshotCredentials, EngineLifecycleSupport } from './props';
import { PerformanceInsightRetention } from './props';
import type { DatabaseProxyOptions } from './proxy';
import { DatabaseProxy } from './proxy';
import type { CfnDBClusterProps } from './rds.generated';
import type { ISubnetGroup } from './subnet-group';
import type * as cloudwatch from '../../aws-cloudwatch';
import * as ec2 from '../../aws-ec2';
import type { IRole } from '../../aws-iam';
import * as iam from '../../aws-iam';
import type * as kms from '../../aws-kms';
import * as logs from '../../aws-logs';
import type * as s3 from '../../aws-s3';
import * as secretsmanager from '../../aws-secretsmanager';
import type { Duration } from '../../core';
import { RemovalPolicy, Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Common properties for a new database cluster or cluster from snapshot.
*/
interface DatabaseClusterBaseProps {
/**
* What kind of database to start
*/
readonly engine: IClusterEngine;
/**
* How many replicas/instances to create
*
* Has to be at least 1.
*
* @default 2
* @deprecated - use writer and readers instead
*/
readonly instances?: number;
/**
* Settings for the individual instances that are launched
*
* @deprecated - use writer and readers instead
*/
readonly instanceProps?: InstanceProps;
/**
* The instance to use for the cluster writer
*
* @default - required if instanceProps is not provided
*/
readonly writer?: IClusterInstance;
/**
* A list of instances to create as cluster reader instances
*
* @default - no readers are created. The cluster will have a single writer/reader
*/
readonly readers?: IClusterInstance[];
/**
* The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster.
* You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on.
* The largest value that you can use is 256.
*
* The maximum capacity must be higher than 0.5 ACUs.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations
*
* @default 2
*/
readonly serverlessV2MaxCapacity?: number;
/**
* The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster.
* You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on.
* The smallest value that you can use is 0.
*
* For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0.
* For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.min_capacity_considerations
*
* @default 0.5
*/
readonly serverlessV2MinCapacity?: number;
/**
* Specifies the duration an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it.
*
* The duration must be between 300 seconds (5 minutes) and 86,400 seconds (24 hours).
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2-auto-pause.html
*
* @default - The default is 300 seconds (5 minutes).
*/
readonly serverlessV2AutoPauseDuration?: Duration;
/**
* What subnets to run the RDS instances in.
*
* Must be at least 2 subnets in two different AZs.
*/
readonly vpc?: ec2.IVpc;
/**
* Where to place the instances within the VPC
*
* @default - the Vpc default strategy if not specified.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* Security group.
*
* @default - a new security group is created.
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The ordering of updates for instances
*
* @default InstanceUpdateBehaviour.BULK
*/
readonly instanceUpdateBehaviour?: InstanceUpdateBehaviour;
/**
* The number of seconds to set a cluster's target backtrack window to.
* This feature is only supported by the Aurora MySQL database engine and
* cannot be enabled on existing clusters.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Managing.Backtrack.html
* @default 0 seconds (no backtrack)
*/
readonly backtrackWindow?: Duration;
/**
* Backup settings
*
* @default - Backup retention period for automated backups is 1 day.
* Backup preferred window is set to a 30-minute window selected at random from an
* 8-hour block of time for each AWS Region, occurring on a random day of the week.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
*/
readonly backup?: BackupProps;
/**
* What port to listen on
*
* @default - The default for the engine is used.
*/
readonly port?: number;
/**
* An optional identifier for the cluster
*
* @default - A name is automatically generated.
*/
readonly clusterIdentifier?: string;
/**
* Base identifier for instances
*
* Every replica is named by appending the replica number to this string, 1-based.
*
* @default - clusterIdentifier is used with the word "Instance" appended.
* If clusterIdentifier is not provided, the identifier is automatically generated.
*/
readonly instanceIdentifierBase?: string;
/**
* Name of a database which is automatically created inside the cluster
*
* @default - Database is not created in cluster.
*/
readonly defaultDatabaseName?: string;
/**
* Indicates whether the DB cluster should have deletion protection enabled.
*
* @default - true if `removalPolicy` is RETAIN, `undefined` otherwise, which will not enable deletion protection.
* To disable deletion protection after it has been enabled, you must explicitly set this value to `false`.
*/
readonly deletionProtection?: boolean;
/**
* A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
*
* Example: 'Sun:23:45-Mon:00:15'
*
* @default - 30-minute window selected at random from an 8-hour block of time for
* each AWS Region, occurring on a random day of the week.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
*/
readonly preferredMaintenanceWindow?: string;
/**
* Additional parameters to pass to the database engine
*
* @default - No parameter group.
*/
readonly parameterGroup?: IParameterGroup;
/**
* The parameters in the DBClusterParameterGroup to create automatically
*
* You can only specify parameterGroup or parameters but not both.
* You need to use a versioned engine to auto-generate a DBClusterParameterGroup.
*
* @default - None
*/
readonly parameters?: {
[key: string]: string;
};
/**
* The removal policy to apply when the cluster and its instances are removed
* from the stack or replaced during an update.
*
* @default - RemovalPolicy.SNAPSHOT (remove the cluster and instances, but retain a snapshot of the data)
*/
readonly removalPolicy?: RemovalPolicy;
/**
* The list of log types that need to be enabled for exporting to
* CloudWatch Logs.
*
* @default - no log exports
*/
readonly cloudwatchLogsExports?: string[];
/**
* The number of days log events are kept in CloudWatch Logs. When updating
* this property, unsetting it doesn't remove the log retention policy. To
* remove the retention policy, set the value to `Infinity`.
*
* @default - logs never expire
*/
readonly cloudwatchLogsRetention?: logs.RetentionDays;
/**
* The IAM role for the Lambda function associated with the custom resource
* that sets the retention policy.
*
* @default - a new role is created.
*/
readonly cloudwatchLogsRetentionRole?: IRole;
/**
* The interval between points when Amazon RDS collects enhanced monitoring metrics.
*
* If you enable `enableClusterLevelEnhancedMonitoring`, this property is applied to the cluster,
* otherwise it is applied to the instances.
*
* @default - no enhanced monitoring
*/
readonly monitoringInterval?: Duration;
/**
* Role that will be used to manage DB monitoring.
*
* If you enable `enableClusterLevelEnhancedMonitoring`, this property is applied to the cluster,
* otherwise it is applied to the instances.
*
* @default - A role is automatically created for you
*/
readonly monitoringRole?: IRole;
/**
* Whether to enable enhanced monitoring at the cluster level.
*
* If set to true, `monitoringInterval` and `monitoringRole` are applied to not the instances, but the cluster.
* `monitoringInterval` is required to be set if `enableClusterLevelEnhancedMonitoring` is set to true.
*
* @default - When the `monitoringInterval` is set, enhanced monitoring is enabled for each instance.
*/
readonly enableClusterLevelEnhancedMonitoring?: boolean;
/**
* Role that will be associated with this DB cluster to enable S3 import.
* This feature is only supported by the Aurora database engine.
*
* This property must not be used if `s3ImportBuckets` is used.
* To use this property with Aurora PostgreSQL, it must be configured with the S3 import feature enabled when creating the DatabaseClusterEngine
* For MySQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.LoadFromS3.html
*
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
*
* @default - New role is created if `s3ImportBuckets` is set, no role is defined otherwise
*/
readonly s3ImportRole?: IRole;
/**
* S3 buckets that you want to load data from. This feature is only supported by the Aurora database engine.
*
* This property must not be used if `s3ImportRole` is used.
*
* For MySQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.LoadFromS3.html
*
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Migrating.html
*
* @default - None
*/
readonly s3ImportBuckets?: s3.IBucket[];
/**
* Role that will be associated with this DB cluster to enable S3 export.
* This feature is only supported by the Aurora database engine.
*
* This property must not be used if `s3ExportBuckets` is used.
* To use this property with Aurora PostgreSQL, it must be configured with the S3 export feature enabled when creating the DatabaseClusterEngine
* For MySQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.SaveIntoS3.html
*
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
*
* @default - New role is created if `s3ExportBuckets` is set, no role is defined otherwise
*/
readonly s3ExportRole?: IRole;
/**
* S3 buckets that you want to load data into. This feature is only supported by the Aurora database engine.
*
* This property must not be used if `s3ExportRole` is used.
*
* For MySQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.SaveIntoS3.html
*
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/postgresql-s3-export.html
*
* @default - None
*/
readonly s3ExportBuckets?: s3.IBucket[];
/**
* Existing subnet group for the cluster.
*
* @default - a new subnet group will be created.
*/
readonly subnetGroup?: aws_rds.IDBSubnetGroupRef;
/**
* Whether to enable mapping of AWS Identity and Access Management (IAM) accounts
* to database accounts.
*
* @default false
*/
readonly iamAuthentication?: boolean;
/**
* Whether to enable storage encryption.
*
* @default - true if storageEncryptionKey is provided, false otherwise
*/
readonly storageEncrypted?: boolean;
/**
* The KMS key for storage encryption.
* If specified, `storageEncrypted` will be set to `true`.
*
* @default - if storageEncrypted is true then the default master key, no key otherwise
*/
readonly storageEncryptionKey?: kms.IKeyRef;
/**
* The storage type to be associated with the DB cluster.
*
* @default - DBClusterStorageType.AURORA
*/
readonly storageType?: DBClusterStorageType;
/**
* Whether to copy tags to the snapshot when a snapshot is created.
*
* @default - true
*/
readonly copyTagsToSnapshot?: boolean;
/**
* The network type of the DB instance.
*
* @default - IPV4
*/
readonly networkType?: NetworkType;
/**
* Directory ID for associating the DB cluster with a specific Active Directory.
*
* Necessary for enabling Kerberos authentication. If specified, the DB cluster joins the given Active Directory, enabling Kerberos authentication.
* If not specified, the DB cluster will not be associated with any Active Directory, and Kerberos authentication will not be enabled.
*
* @default - DB cluster is not associated with an Active Directory; Kerberos authentication is not enabled.
*/
readonly domain?: string;
/**
* The IAM role to be used when making API calls to the Directory Service. The role needs the AWS-managed policy
* `AmazonRDSDirectoryServiceAccess` or equivalent.
*
* @default - If `DatabaseClusterBaseProps.domain` is specified, a role with the `AmazonRDSDirectoryServiceAccess` policy is automatically created.
*/
readonly domainRole?: iam.IRole;
/**
* Whether to enable the Data API for the cluster.
*
* @default - false
*/
readonly enableDataApi?: boolean;
/**
* Whether read replicas can forward write operations to the writer DB instance in the DB cluster.
*
* This setting can only be enabled for Aurora MySQL 3.04 or higher, and for Aurora PostgreSQL 16.4
* or higher (for version 16), 15.8 or higher (for version 15), and 14.13 or higher (for version 14).
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-write-forwarding.html
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-postgresql-write-forwarding.html
*
* @default false
*/
readonly enableLocalWriteForwarding?: boolean;
/**
* Whether to enable Performance Insights for the DB cluster.
*
* @default - false, unless `performanceInsightRetention` or `performanceInsightEncryptionKey` is set,
* or `databaseInsightsMode` is set to `DatabaseInsightsMode.ADVANCED`.
*/
readonly enablePerformanceInsights?: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*
* If you set `databaseInsightsMode` to `DatabaseInsightsMode.ADVANCED`, you must set this property to `PerformanceInsightRetention.MONTHS_15`.
*
* @default - 7
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*
* @default - default master key
*/
readonly performanceInsightEncryptionKey?: kms.IKey;
/**
* The database insights mode.
*
* @default - DatabaseInsightsMode.STANDARD when performance insights are enabled and Amazon Aurora engine is used, otherwise not set.
*/
readonly databaseInsightsMode?: DatabaseInsightsMode;
/**
* Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window.
*
* @default true
*/
readonly autoMinorVersionUpgrade?: boolean;
/**
* Specifies the scalability mode of the Aurora DB cluster.
*
* Set LIMITLESS if you want to use a limitless database; otherwise, set it to STANDARD.
*
* @default ClusterScalabilityType.STANDARD
*/
readonly clusterScalabilityType?: ClusterScalabilityType;
/**
* [Misspelled] Specifies the scalability mode of the Aurora DB cluster.
*
* Set LIMITLESS if you want to use a limitless database; otherwise, set it to STANDARD.
*
* @default ClusterScailabilityType.STANDARD
* @deprecated Use clusterScalabilityType instead. This will be removed in the next major version.
*/
readonly clusterScailabilityType?: ClusterScailabilityType;
/**
* The life cycle type for this DB cluster.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*
* @default undefined - AWS RDS default setting is `EngineLifecycleSupport.OPEN_SOURCE_RDS_EXTENDED_SUPPORT`
*/
readonly engineLifecycleSupport?: EngineLifecycleSupport;
/**
* Specifies whether to remove automated backups immediately after the DB cluster is deleted.
*
* @default undefined - AWS RDS default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.
*/
readonly deleteAutomatedBackups?: boolean;
}
/**
* The storage type to be associated with the DB cluster.
*/
export declare enum DBClusterStorageType {
/**
* Storage type for Aurora DB standard clusters.
*/
AURORA = "aurora",
/**
* Storage type for Aurora DB I/O-Optimized clusters.
*/
AURORA_IOPT1 = "aurora-iopt1"
}
/**
* The orchestration of updates of multiple instances
*/
export declare enum InstanceUpdateBehaviour {
/**
* In a bulk update, all instances of the cluster are updated at the same time.
* This results in a faster update procedure.
* During the update, however, all instances might be unavailable at the same time and thus a downtime might occur.
*/
BULK = "BULK",
/**
* In a rolling update, one instance after another is updated.
* This results in at most one instance being unavailable during the update.
* If your cluster consists of more than 1 instance, the downtime periods are limited to the time a primary switch needs.
*/
ROLLING = "ROLLING"
}
/**
* The scalability mode of the Aurora DB cluster.
*/
export declare enum ClusterScalabilityType {
/**
* The cluster uses normal DB instance creation.
*/
STANDARD = "standard",
/**
* The cluster operates as an Aurora Limitless Database,
* allowing you to create a DB shard group for horizontal scaling (sharding) capabilities.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/limitless.html
*/
LIMITLESS = "limitless"
}
/**
* The scalability mode of the Aurora DB cluster.
* @deprecated Use ClusterScalabilityType instead. This will be removed in the next major version.
*/
export declare enum ClusterScailabilityType {
/**
* The cluster uses normal DB instance creation.
*/
STANDARD = "standard",
/**
* The cluster operates as an Aurora Limitless Database,
* allowing you to create a DB shard group for horizontal scaling (sharding) capabilities.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/limitless.html
*/
LIMITLESS = "limitless"
}
/**
* Properties for looking up an existing DatabaseCluster.
*/
export interface DatabaseClusterLookupOptions {
/**
* The cluster identifier of the DatabaseCluster
*/
readonly clusterIdentifier: string;
}
/**
* A new or imported clustered database.
*/
export declare abstract class DatabaseClusterBase extends Resource implements IDatabaseCluster {
abstract readonly engine?: IClusterEngine;
/**
* Identifier of the cluster
*/
abstract readonly clusterIdentifier: string;
/**
* The immutable identifier for the cluster; for example: cluster-ABCD1234EFGH5678IJKL90MNOP.
*
* This AWS Region-unique identifier is used in things like IAM authentication policies.
*/
abstract readonly clusterResourceIdentifier: string;
/**
* Identifiers of the replicas
*/
abstract readonly instanceIdentifiers: string[];
/**
* The endpoint to use for read/write operations
*/
abstract readonly clusterEndpoint: Endpoint;
/**
* Endpoint to use for load-balanced read-only operations.
*/
abstract readonly clusterReadEndpoint: Endpoint;
/**
* Endpoints which address each individual replica.
*/
abstract readonly instanceEndpoints: Endpoint[];
/**
* Access to the network connections
*/
abstract readonly connections: ec2.Connections;
/**
* The secret attached to this cluster
*/
abstract readonly secret?: secretsmanager.ISecret;
protected abstract enableDataApi?: boolean;
/**
* The ARN of the cluster
*/
get clusterArn(): string;
/**
* A reference to this database cluster
*/
get dbClusterRef(): aws_rds.DBClusterReference;
/**
* Add a new db proxy to this cluster.
*/
addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
/**
* Renders the secret attachment target specifications.
*/
asSecretAttachmentTarget(): secretsmanager.SecretAttachmentTargetProps;
/**
* [disable-awslint:no-grants]
*/
grantConnect(grantee: iam.IGrantable, dbUser: string): iam.Grant;
/**
* Grant the given identity to access the Data API.
*
* [disable-awslint:no-grants]
*/
grantDataApiAccess(grantee: iam.IGrantable): iam.Grant;
}
/**
* Abstract base for ``DatabaseCluster`` and ``DatabaseClusterFromSnapshot``
*/
declare abstract class DatabaseClusterNew extends DatabaseClusterBase {
/**
* The engine for this Cluster.
* Never undefined.
*/
readonly engine?: IClusterEngine;
protected readonly newCfnProps: CfnDBClusterProps;
protected readonly securityGroups: ec2.ISecurityGroup[];
protected readonly subnetGroupRef: aws_rds.IDBSubnetGroupRef;
private readonly domainId?;
private readonly domainRole?;
/**
* Secret in SecretsManager to store the database cluster user credentials.
*/
abstract readonly secret?: secretsmanager.ISecret;
/**
* The VPC network to place the cluster in.
*/
readonly vpc: ec2.IVpc;
/**
* The cluster's subnets.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* The log group is created when `cloudwatchLogsExports` is set.
*
* Each export value will create a separate log group.
*/
readonly cloudwatchLogGroups: {
[engine: string]: logs.ILogGroup;
};
/**
* Application for single user rotation of the master password to this cluster.
*/
readonly singleUserRotationApplication: secretsmanager.SecretRotationApplication;
/**
* Application for multi user rotation to this cluster.
*/
readonly multiUserRotationApplication: secretsmanager.SecretRotationApplication;
/**
* Whether Performance Insights is enabled at cluster level.
*/
readonly performanceInsightsEnabled: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*/
readonly performanceInsightEncryptionKey?: kms.IKey;
/**
* The database insights mode.
*/
readonly databaseInsightsMode?: DatabaseInsightsMode;
/**
* The IAM role for the enhanced monitoring.
*/
readonly monitoringRole?: iam.IRole;
protected readonly serverlessV2MinCapacity: number;
protected readonly serverlessV2MaxCapacity: number;
protected readonly serverlessV2AutoPauseDuration?: Duration;
protected hasServerlessInstance?: boolean;
protected enableDataApi?: boolean;
constructor(scope: Construct, id: string, props: DatabaseClusterBaseProps);
protected get subnetGroup(): ISubnetGroup;
/**
* Create cluster instances
*
* @internal
*/
protected _createInstances(props: DatabaseClusterProps): InstanceConfig;
/**
* Perform validations on the cluster instances
*/
private validateClusterInstances;
/**
* Perform validations on the reader instance
*/
private validateReaderInstance;
/**
* As a cluster-level metric, it represents the average of the ServerlessDatabaseCapacity
* values of all the Aurora Serverless v2 DB instances in the cluster.
*/
metricServerlessDatabaseCapacity(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* This value is represented as a percentage. It's calculated as the value of the
* ServerlessDatabaseCapacity metric divided by the maximum ACU value of the DB cluster.
*
* If this metric approaches a value of 100.0, the DB instance has scaled up as high as it can.
* Consider increasing the maximum ACU setting for the cluster.
*/
metricACUUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The average number of disk read I/O operations per second.
*
* This metric is only available for Aurora database clusters.
* For non-Aurora RDS clusters, this metric will not return any data
* in CloudWatch.
*
* @default - average over 5 minutes
*/
metricVolumeReadIOPs(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The average number of disk write I/O operations per second.
*
* This metric is only available for Aurora database clusters.
* For non-Aurora RDS clusters, this metric will not return any data
* in CloudWatch.
*
* @default - average over 5 minutes
*/
metricVolumeWriteIOPs(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
private validateServerlessScalingConfig;
/**
* Adds the single user rotation of the master password to this cluster.
* See [Single user rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-one-user-one-password)
*/
addRotationSingleUser(options?: RotationSingleUserOptions): secretsmanager.SecretRotation;
/**
* Adds the multi user rotation to this cluster.
* See [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users)
*/
addRotationMultiUser(id: string, options: RotationMultiUserOptions): secretsmanager.SecretRotation;
}
/**
* Properties for a new database cluster
*/
export interface DatabaseClusterProps extends DatabaseClusterBaseProps {
/**
* Credentials for the administrative user
*
* @default - A username of 'admin' (or 'postgres' for PostgreSQL) and SecretsManager-generated password
*/
readonly credentials?: Credentials;
/**
* The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.
* Cannot be used with credentials.
*
* @default - This DB Cluster is not a read replica
*/
readonly replicationSourceIdentifier?: string;
}
/**
* Create a clustered database with a given number of instances.
*
* @resource AWS::RDS::DBCluster
*/
export declare class DatabaseCluster extends DatabaseClusterNew {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Lookup an existing DatabaseCluster using clusterIdentifier.
*/
static fromLookup(scope: Construct, id: string, options: DatabaseClusterLookupOptions): IDatabaseCluster;
/**
* Import an existing DatabaseCluster from properties
*/
static fromDatabaseClusterAttributes(scope: Construct, id: string, attrs: DatabaseClusterAttributes): IDatabaseCluster;
readonly clusterIdentifier: string;
readonly clusterResourceIdentifier: string;
readonly clusterEndpoint: Endpoint;
readonly clusterReadEndpoint: Endpoint;
readonly connections: ec2.Connections;
readonly instanceIdentifiers: string[];
readonly instanceEndpoints: Endpoint[];
/**
* The secret attached to this cluster
*/
readonly secret?: secretsmanager.ISecret;
constructor(scope: Construct, id: string, props: DatabaseClusterProps);
}
/**
* Properties for ``DatabaseClusterFromSnapshot``
*/
export interface DatabaseClusterFromSnapshotProps extends DatabaseClusterBaseProps {
/**
* The identifier for the DB instance snapshot or DB cluster snapshot to restore from.
* You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot.
* However, you can use only the ARN to specify a DB instance snapshot.
*/
readonly snapshotIdentifier: string;
/**
* Credentials for the administrative user
*
* Note - using this prop only works with `Credentials.fromPassword()` with the
* username of the snapshot, `Credentials.fromUsername()` with the username and
* password of the snapshot or `Credentials.fromSecret()` with a secret containing
* the username and password of the snapshot.
*
* @default - A username of 'admin' (or 'postgres' for PostgreSQL) and SecretsManager-generated password
* that **will not be applied** to the cluster, use `snapshotCredentials` for the correct behavior.
*
* @deprecated use `snapshotCredentials` which allows to generate a new password
*/
readonly credentials?: Credentials;
/**
* Master user credentials.
*
* Note - It is not possible to change the master username for a snapshot;
* however, it is possible to provide (or generate) a new password.
*
* @default - The existing username and password from the snapshot will be used.
*/
readonly snapshotCredentials?: SnapshotCredentials;
}
/**
* A database cluster restored from a snapshot.
*
* @resource AWS::RDS::DBCluster
*/
export declare class DatabaseClusterFromSnapshot extends DatabaseClusterNew {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
readonly clusterIdentifier: string;
readonly clusterResourceIdentifier: string;
readonly clusterEndpoint: Endpoint;
readonly clusterReadEndpoint: Endpoint;
readonly connections: ec2.Connections;
readonly instanceIdentifiers: string[];
readonly instanceEndpoints: Endpoint[];
/**
* The secret attached to this cluster
*/
readonly secret?: secretsmanager.ISecret;
constructor(scope: Construct, id: string, props: DatabaseClusterFromSnapshotProps);
}
/** Output from the createInstances method; used to set instance identifiers and endpoints */
interface InstanceConfig {
readonly instanceIdentifiers: string[];
readonly instanceEndpoints: Endpoint[];
}
export {};

5
cdk/node_modules/aws-cdk-lib/aws-rds/lib/cluster.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

13
cdk/node_modules/aws-cdk-lib/aws-rds/lib/database-insights-mode.d.ts generated vendored Normal file
View File

@@ -0,0 +1,13 @@
/**
* The database insights mode.
*/
export declare enum DatabaseInsightsMode {
/**
* Standard mode.
*/
STANDARD = "standard",
/**
* Advanced mode.
*/
ADVANCED = "advanced"
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/database-insights-mode.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.DatabaseInsightsMode=void 0;var DatabaseInsightsMode;(function(DatabaseInsightsMode2){DatabaseInsightsMode2.STANDARD="standard",DatabaseInsightsMode2.ADVANCED="advanced"})(DatabaseInsightsMode||(exports.DatabaseInsightsMode=DatabaseInsightsMode={}));

71
cdk/node_modules/aws-cdk-lib/aws-rds/lib/database-secret.d.ts generated vendored Normal file
View File

@@ -0,0 +1,71 @@
import type { Construct } from 'constructs';
import type * as kms from '../../aws-kms';
import * as secretsmanager from '../../aws-secretsmanager';
/**
* Construction properties for a DatabaseSecret.
*/
export interface DatabaseSecretProps {
/**
* The username.
*/
readonly username: string;
/**
* The database name, if not using the default one
*
* @default - whatever the secret generates after the attach method is run
*/
readonly dbname?: string;
/**
* A name for the secret.
*
* @default - A name is generated by CloudFormation.
*/
readonly secretName?: string;
/**
* The KMS key to use to encrypt the secret.
*
* @default default master key
*/
readonly encryptionKey?: kms.IKey;
/**
* The master secret which will be used to rotate this secret.
*
* @default - no master secret information will be included
*/
readonly masterSecret?: secretsmanager.ISecret;
/**
* Characters to not include in the generated password.
*
* @default " %+~`#$&*()|[]{}:;<>?!'/@\"\\"
*/
readonly excludeCharacters?: string;
/**
* Whether to replace this secret when the criteria for the password change.
*
* This is achieved by overriding the logical id of the AWS::SecretsManager::Secret
* with a hash of the options that influence the password generation. This
* way a new secret will be created when the password is regenerated and the
* cluster or instance consuming this secret will have its credentials updated.
*
* @default false
*/
readonly replaceOnPasswordCriteriaChanges?: boolean;
/**
* A list of regions where to replicate this secret.
*
* @default - Secret is not replicated
*/
readonly replicaRegions?: secretsmanager.ReplicaRegion[];
}
/**
* A database secret.
*
* @resource AWS::SecretsManager::Secret
*/
export declare class DatabaseSecret extends secretsmanager.Secret {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
constructor(scope: Construct, id: string, props: DatabaseSecretProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/database-secret.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.DatabaseSecret=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var util_1=()=>{var tmp=require("./private/util");return util_1=()=>tmp,tmp},secretsmanager=()=>{var tmp=require("../../aws-secretsmanager");return secretsmanager=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp},helpers_internal_1=()=>{var tmp=require("../../core/lib/helpers-internal");return helpers_internal_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp};let DatabaseSecret=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=secretsmanager().Secret;var DatabaseSecret2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),DatabaseSecret2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_rds.DatabaseSecret",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-rds.DatabaseSecret";constructor(scope,id,props){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_rds_DatabaseSecretProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,DatabaseSecret2),error}const excludeCharacters=props.excludeCharacters??util_1().DEFAULT_PASSWORD_EXCLUDE_CHARS;if(super(scope,id,{encryptionKey:props.encryptionKey,description:`Generated by the CDK for stack: ${core_1().Aws.STACK_NAME}`,secretName:props.secretName,generateSecretString:{passwordLength:30,secretStringTemplate:JSON.stringify({username:props.username,dbname:props.dbname,masterarn:props.masterSecret?.secretArn}),generateStringKey:"password",excludeCharacters},replicaRegions:props.replicaRegions}),(0,metadata_resource_1().addConstructMetadata)(this,props),props.replaceOnPasswordCriteriaChanges){const hash=(0,helpers_internal_1().md5hash)(JSON.stringify({excludeCharacters})),logicalId=`${core_1().Names.uniqueId(this)}${hash}`;this.node.defaultChild.overrideLogicalId(logicalId.slice(-255))}}static{__runInitializers(_classThis,_classExtraInitializers)}};return DatabaseSecret2=_classThis})();exports.DatabaseSecret=DatabaseSecret;

20
cdk/node_modules/aws-cdk-lib/aws-rds/lib/endpoint.d.ts generated vendored Normal file
View File

@@ -0,0 +1,20 @@
/**
* Connection endpoint of a database cluster or instance
*
* Consists of a combination of hostname and port.
*/
export declare class Endpoint {
/**
* The hostname of the endpoint
*/
readonly hostname: string;
/**
* The port of the endpoint
*/
readonly port: number;
constructor(address: string, port: number);
/**
* The combination of "HOSTNAME:PORT" for this endpoint
*/
get socketAddress(): string;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/endpoint.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Endpoint=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};class Endpoint{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_rds.Endpoint",version:"2.252.0"};hostname;port;constructor(address,port){this.hostname=address,this.port=port}get socketAddress(){const portDesc=core_1().Token.isUnresolved(this.port)?core_1().Token.asString(this.port):this.port;return`${this.hostname}:${portDesc}`}}exports.Endpoint=Endpoint;

22
cdk/node_modules/aws-cdk-lib/aws-rds/lib/engine-version.d.ts generated vendored Normal file
View File

@@ -0,0 +1,22 @@
/**
* A version of an engine -
* for either a cluster, or instance.
*/
export interface EngineVersion {
/**
* The full version string of the engine,
* for example, "5.6.mysql_aurora.1.22.1".
* It can be undefined,
* which means RDS should use whatever version it deems appropriate for the given engine type.
*
* @default - no version specified
*/
readonly fullVersion?: string;
/**
* The major version of the engine,
* for example, "5.6".
* Used in specifying the ParameterGroup family
* and OptionGroup version for this engine.
*/
readonly majorVersion: string;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/engine-version.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});

44
cdk/node_modules/aws-cdk-lib/aws-rds/lib/engine.d.ts generated vendored Normal file
View File

@@ -0,0 +1,44 @@
import type { EngineVersion } from './engine-version';
/**
* A common interface for database engines.
* Don't implement this interface directly,
* instead implement one of the known sub-interfaces,
* like IClusterEngine and IInstanceEngine.
*/
export interface IEngine {
/** The type of the engine, for example "mysql". */
readonly engineType: string;
/**
* The exact version of the engine that is used,
* for example "5.1.42".
*
* @default - use the default version for this engine type
*/
readonly engineVersion?: EngineVersion;
/**
* The family to use for ParameterGroups using this engine.
* This is usually equal to "<engineType><engineMajorVersion>",
* but can sometimes be a variation of that.
* You can pass this property when creating new ParameterGroup.
*
* @default - the ParameterGroup family is not known
* (which means the major version of the engine is also not known)
*/
readonly parameterGroupFamily?: string;
/**
* The family this engine belongs to,
* like "MYSQL", or "POSTGRESQL".
* This property is used when creating a Database Proxy.
* Most engines don't belong to any family
* (and because of that, you can't create Database Proxies for their Clusters or Instances).
*
* @default - the engine doesn't belong to any family
*/
readonly engineFamily?: string;
/**
* The default name of the master database user if one was not provided explicitly.
* The global default of 'admin' will be used if this is `undefined`.
* Note that 'admin' is a reserved word in PostgreSQL and cannot be used.
*/
readonly defaultUsername?: string;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/engine.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});

21
cdk/node_modules/aws-cdk-lib/aws-rds/lib/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,21 @@
export * from './engine';
export * from './engine-version';
export * from './ca-certificate';
export * from './database-insights-mode';
export * from './cluster';
export * from './cluster-ref';
export * from './cluster-engine';
export * from './instance-engine';
export * from './props';
export * from './parameter-group';
export * from './database-secret';
export * from './endpoint';
export * from './option-group';
export * from './instance';
export * from './proxy';
export * from './proxy-endpoint';
export * from './serverless-cluster';
export * from './subnet-group';
export * from './aurora-cluster-instance';
export * from './rds.generated';
import './rds-augmentations.generated';

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/index.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

2502
cdk/node_modules/aws-cdk-lib/aws-rds/lib/instance-engine.d.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/instance-engine.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

926
cdk/node_modules/aws-cdk-lib/aws-rds/lib/instance.d.ts generated vendored Normal file
View File

@@ -0,0 +1,926 @@
import type { Construct } from 'constructs';
import type { CaCertificate } from './ca-certificate';
import { DatabaseInsightsMode } from './database-insights-mode';
import { Endpoint } from './endpoint';
import type { IInstanceEngine } from './instance-engine';
import type { IOptionGroup } from './option-group';
import type { IParameterGroup } from './parameter-group';
import type { Credentials, EngineLifecycleSupport, RotationMultiUserOptions, RotationSingleUserOptions, SnapshotCredentials } from './props';
import { PerformanceInsightRetention } from './props';
import type { DatabaseProxyOptions } from './proxy';
import { DatabaseProxy } from './proxy';
import type { CfnDBInstanceProps } from './rds.generated';
import * as ec2 from '../../aws-ec2';
import * as events from '../../aws-events';
import * as iam from '../../aws-iam';
import type * as kms from '../../aws-kms';
import * as logs from '../../aws-logs';
import type * as s3 from '../../aws-s3';
import * as secretsmanager from '../../aws-secretsmanager';
import type { Duration, IResource } from '../../core';
import { RemovalPolicy, Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* A database instance
*/
export interface IDatabaseInstance extends IResource, ec2.IConnectable, secretsmanager.ISecretAttachmentTarget, aws_rds.IDBInstanceRef {
/**
* The instance identifier.
*/
readonly instanceIdentifier: string;
/**
* The instance arn.
*/
readonly instanceArn: string;
/**
* The instance endpoint address.
*
* @attribute EndpointAddress
*/
readonly dbInstanceEndpointAddress: string;
/**
* The instance endpoint port.
*
* @attribute EndpointPort
*/
readonly dbInstanceEndpointPort: string;
/**
* The AWS Region-unique, immutable identifier for the DB instance.
* This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed.
*
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values
*/
readonly instanceResourceId?: string;
/**
* The instance endpoint.
*/
readonly instanceEndpoint: Endpoint;
/**
* The engine of this database Instance.
* May be not known for imported Instances if it wasn't provided explicitly,
* or for read replicas.
*/
readonly engine?: IInstanceEngine;
/**
* Add a new db proxy to this instance.
*/
addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
/**
* Grant the given identity connection access to the database.
*
* @param grantee the Principal to grant the permissions to
* @param dbUser the name of the database user to allow connecting as to the db instance
*/
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
/**
* Defines a CloudWatch event rule which triggers for instance events. Use
* `rule.addEventPattern(pattern)` to specify a filter.
*/
onEvent(id: string, options?: events.OnEventOptions): events.Rule;
}
/**
* Properties that describe an existing instance
*/
export interface DatabaseInstanceAttributes {
/**
* The instance identifier.
*/
readonly instanceIdentifier: string;
/**
* The endpoint address.
*/
readonly instanceEndpointAddress: string;
/**
* The database port.
*/
readonly port: number;
/**
* The AWS Region-unique, immutable identifier for the DB instance.
* This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed.
*
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values
*/
readonly instanceResourceId?: string;
/**
* The security groups of the instance.
*/
readonly securityGroups: ec2.ISecurityGroup[];
/**
* The engine of the existing database Instance.
*
* @default - the imported Instance's engine is unknown
*/
readonly engine?: IInstanceEngine;
}
/**
* A new or imported database instance.
*/
export declare abstract class DatabaseInstanceBase extends Resource implements IDatabaseInstance {
/**
* Lookup an existing DatabaseInstance using instanceIdentifier.
*/
static fromLookup(scope: Construct, id: string, options: DatabaseInstanceLookupOptions): IDatabaseInstance;
/**
* Import an existing database instance.
*/
static fromDatabaseInstanceAttributes(scope: Construct, id: string, attrs: DatabaseInstanceAttributes): IDatabaseInstance;
abstract readonly instanceIdentifier: string;
abstract readonly dbInstanceEndpointAddress: string;
abstract readonly dbInstanceEndpointPort: string;
abstract readonly instanceResourceId?: string;
abstract readonly instanceEndpoint: Endpoint;
abstract readonly engine?: IInstanceEngine;
protected abstract enableIamAuthentication?: boolean;
/**
* Access to network connections.
*/
abstract readonly connections: ec2.Connections;
/**
* Add a new db proxy to this instance.
*/
addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
/**
* [disable-awslint:no-grants]
*/
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
/**
* Defines a CloudWatch event rule which triggers for instance events. Use
* `rule.addEventPattern(pattern)` to specify a filter.
*/
onEvent(id: string, options?: events.OnEventOptions): events.Rule;
/**
* The instance arn.
*/
get instanceArn(): string;
/**
* A reference to this database instance
*/
get dbInstanceRef(): aws_rds.DBInstanceReference;
/**
* Renders the secret attachment target specifications.
*/
asSecretAttachmentTarget(): secretsmanager.SecretAttachmentTargetProps;
}
/**
* The license model.
*/
export declare enum LicenseModel {
/**
* License included.
*/
LICENSE_INCLUDED = "license-included",
/**
* Bring your own license.
*/
BRING_YOUR_OWN_LICENSE = "bring-your-own-license",
/**
* General public license.
*/
GENERAL_PUBLIC_LICENSE = "general-public-license"
}
/**
* The processor features.
*/
export interface ProcessorFeatures {
/**
* The number of CPU core.
*
* @default - the default number of CPU cores for the chosen instance class.
*/
readonly coreCount?: number;
/**
* The number of threads per core.
*
* @default - the default number of threads per core for the chosen instance class.
*/
readonly threadsPerCore?: number;
}
/**
* The type of storage.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html
*/
export declare enum StorageType {
/**
* Standard.
*
* Amazon RDS supports magnetic storage for backward compatibility. It is recommended to use
* General Purpose SSD or Provisioned IOPS SSD for any new storage needs.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#CHAP_Storage.Magnetic
*/
STANDARD = "standard",
/**
* General purpose SSD (gp2).
*
* Baseline performance determined by volume size
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
*/
GP2 = "gp2",
/**
* General purpose SSD (gp3).
*
* Performance scales independently from storage
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
*/
GP3 = "gp3",
/**
* Provisioned IOPS SSD (io1).
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS
*/
IO1 = "io1",
/**
* Provisioned IOPS SSD (io2).
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS
*/
IO2 = "io2"
}
/**
* The network type of the DB instance.
*/
export declare enum NetworkType {
/**
* IPv4 only network type.
*/
IPV4 = "IPV4",
/**
* Dual-stack network type.
*/
DUAL = "DUAL",
/**
* IPv6 only network type.
*/
IPV6 = "IPV6"
}
/**
* Construction properties for a DatabaseInstanceNew
*/
export interface DatabaseInstanceNewProps {
/**
* Specifies if the database instance is a multiple Availability Zone deployment.
*
* @default false
*/
readonly multiAz?: boolean;
/**
* The name of the Availability Zone where the DB instance will be located.
*
* @default - no preference
*/
readonly availabilityZone?: string;
/**
* The storage type to associate with the DB instance.
* Storage types supported are gp2, gp3, io1, io2, and standard.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
*
* @default StorageType.GP2
*/
readonly storageType?: StorageType;
/**
* The storage throughput, specified in mebibytes per second (MiBps).
*
* Only applicable for GP3.
*
* @see https://docs.aws.amazon.com//AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage
*
* @default - 125 MiBps if allocated storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL,
* less than 200 GiB for Oracle and less than 20 GiB for SQL Server. 500 MiBps otherwise (except for
* SQL Server where the default is always 125 MiBps).
*/
readonly storageThroughput?: number;
/**
* The number of I/O operations per second (IOPS) that the database provisions.
* The value must be equal to or greater than 1000.
*
* @default - no provisioned iops if storage type is not specified. For GP3: 3,000 IOPS if allocated
* storage is less than 400 GiB for MariaDB, MySQL, and PostgreSQL, less than 200 GiB for Oracle and
* less than 20 GiB for SQL Server. 12,000 IOPS otherwise (except for SQL Server where the default is
* always 3,000 IOPS).
*/
readonly iops?: number;
/**
* The number of CPU cores and the number of threads per core.
*
* @default - the default number of CPU cores and threads per core for the
* chosen instance class.
*
* See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor
*/
readonly processorFeatures?: ProcessorFeatures;
/**
* A name for the DB instance. If you specify a name, AWS CloudFormation
* converts it to lowercase.
*
* @default - a CloudFormation generated name
*/
readonly instanceIdentifier?: string;
/**
* The VPC network where the DB subnet group should be created.
*/
readonly vpc: ec2.IVpc;
/**
* The type of subnets to add to the created DB subnet group.
*
* @default - private subnets
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* The security groups to assign to the DB instance.
*
* @default - a new security group is created
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The port for the instance.
*
* @default - the default port for the chosen engine.
*/
readonly port?: number;
/**
* The DB parameter group to associate with the instance.
*
* @default - no parameter group
*/
readonly parameterGroup?: IParameterGroup;
/**
* The option group to associate with the instance.
*
* @default - no option group
*/
readonly optionGroup?: IOptionGroup;
/**
* Whether to enable mapping of AWS Identity and Access Management (IAM) accounts
* to database accounts.
*
* @default false
*/
readonly iamAuthentication?: boolean;
/**
* The number of days during which automatic DB snapshots are retained.
* Set to zero to disable backups.
* When creating a read replica, you must enable automatic backups on the source
* database instance by setting the backup retention to a value other than zero.
*
* @default - Duration.days(1) for source instances, disabled for read replicas
*/
readonly backupRetention?: Duration;
/**
* The daily time range during which automated backups are performed.
*
* Constraints:
* - Must be in the format `hh24:mi-hh24:mi`.
* - Must be in Universal Coordinated Time (UTC).
* - Must not conflict with the preferred maintenance window.
* - Must be at least 30 minutes.
*
* @default - a 30-minute window selected at random from an 8-hour block of
* time for each AWS Region. To see the time blocks available, see
* https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
*/
readonly preferredBackupWindow?: string;
/**
* Indicates whether to copy all of the user-defined tags from the
* DB instance to snapshots of the DB instance.
*
* @default true
*/
readonly copyTagsToSnapshot?: boolean;
/**
* Indicates whether automated backups should be deleted or retained when
* you delete a DB instance.
*
* @default true
*/
readonly deleteAutomatedBackups?: boolean;
/**
* The interval, in seconds, between points when Amazon RDS collects enhanced
* monitoring metrics for the DB instance.
*
* @default - no enhanced monitoring
*/
readonly monitoringInterval?: Duration;
/**
* Role that will be used to manage DB instance monitoring.
*
* @default - A role is automatically created for you
*/
readonly monitoringRole?: iam.IRoleRef;
/**
* Whether to enable Performance Insights for the DB instance.
*
* @default - false, unless ``performanceInsightRetention`` or ``performanceInsightEncryptionKey`` is set.
*/
readonly enablePerformanceInsights?: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*
* If you set `databaseInsightsMode` to `DatabaseInsightsMode.ADVANCED`, you must set this property to `PerformanceInsightRetention.MONTHS_15`.
*
* @default 7 this is the free tier
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*
* @default - default master key
*/
readonly performanceInsightEncryptionKey?: kms.IKeyRef;
/**
* The database insights mode.
*
* @default - DatabaseInsightsMode.STANDARD when performance insights are enabled, otherwise not set.
*/
readonly databaseInsightsMode?: DatabaseInsightsMode;
/**
* The list of log types that need to be enabled for exporting to
* CloudWatch Logs.
*
* @default - no log exports
*/
readonly cloudwatchLogsExports?: string[];
/**
* The number of days log events are kept in CloudWatch Logs. When updating
* this property, unsetting it doesn't remove the log retention policy. To
* remove the retention policy, set the value to `Infinity`.
*
* @default - logs never expire
*/
readonly cloudwatchLogsRetention?: logs.RetentionDays;
/**
* The IAM role for the Lambda function associated with the custom resource
* that sets the retention policy.
*
* @default - a new role is created.
*/
readonly cloudwatchLogsRetentionRole?: iam.IRole;
/**
* Indicates that minor engine upgrades are applied automatically to the
* DB instance during the maintenance window.
*
* @default true
*/
readonly autoMinorVersionUpgrade?: boolean;
/**
* The weekly time range (in UTC) during which system maintenance can occur.
*
* Format: `ddd:hh24:mi-ddd:hh24:mi`
* Constraint: Minimum 30-minute window
*
* @default - a 30-minute window selected at random from an 8-hour block of
* time for each AWS Region, occurring on a random day of the week. To see
* the time blocks available, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
*/
readonly preferredMaintenanceWindow?: string;
/**
* Indicates whether the DB instance should have deletion protection enabled.
*
* @default - true if ``removalPolicy`` is RETAIN, false otherwise
*/
readonly deletionProtection?: boolean;
/**
* The CloudFormation policy to apply when the instance is removed from the
* stack or replaced during an update.
*
* @default - RemovalPolicy.SNAPSHOT (remove the resource, but retain a snapshot of the data)
*/
readonly removalPolicy?: RemovalPolicy;
/**
* Upper limit to which RDS can scale the storage in GiB(Gibibyte).
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling
* @default - No autoscaling of RDS instance
*/
readonly maxAllocatedStorage?: number;
/**
* The Active Directory directory ID to create the DB instance in.
*
* @default - Do not join domain
*/
readonly domain?: string;
/**
* The IAM role to be used when making API calls to the Directory Service. The role needs the AWS-managed policy
* AmazonRDSDirectoryServiceAccess or equivalent.
*
* @default - The role will be created for you if `DatabaseInstanceNewProps#domain` is specified
*/
readonly domainRole?: iam.IRoleRef;
/**
* Existing subnet group for the instance.
*
* @default - a new subnet group will be created.
*/
readonly subnetGroup?: aws_rds.IDBSubnetGroupRef;
/**
* Role that will be associated with this DB instance to enable S3 import.
* This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
*
* This property must not be used if `s3ImportBuckets` is used.
*
* For Microsoft SQL Server:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Procedural.Importing.html
* For Oracle:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
*
* @default - New role is created if `s3ImportBuckets` is set, no role is defined otherwise
*/
readonly s3ImportRole?: iam.IRole;
/**
* S3 buckets that you want to load data from.
* This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
*
* This property must not be used if `s3ImportRole` is used.
*
* For Microsoft SQL Server:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Procedural.Importing.html
* For Oracle:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
* For PostgreSQL:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
*
* @default - None
*/
readonly s3ImportBuckets?: s3.IBucket[];
/**
* Role that will be associated with this DB instance to enable S3 export.
*
* This property must not be used if `s3ExportBuckets` is used.
*
* For Microsoft SQL Server:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Procedural.Importing.html
* For Oracle:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
*
* @default - New role is created if `s3ExportBuckets` is set, no role is defined otherwise
*/
readonly s3ExportRole?: iam.IRole;
/**
* S3 buckets that you want to load data into.
*
* This property must not be used if `s3ExportRole` is used.
*
* For Microsoft SQL Server:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Procedural.Importing.html
* For Oracle:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
*
* @default - None
*/
readonly s3ExportBuckets?: s3.IBucket[];
/**
* Indicates whether the DB instance is an internet-facing instance. If not specified,
* the instance's vpcSubnets will be used to determine if the instance is internet-facing
* or not.
*
* @default - `true` if the instance's `vpcSubnets` is `subnetType: SubnetType.PUBLIC`, `false` otherwise
*/
readonly publiclyAccessible?: boolean;
/**
* The network type of the DB instance.
*
* @default - IPV4
*/
readonly networkType?: NetworkType;
/**
* The identifier of the CA certificate for this DB instance.
*
* Specifying or updating this property triggers a reboot.
*
* For RDS DB engines:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html
* For Aurora DB engines:
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html
*
* @default - RDS will choose a certificate authority
*/
readonly caCertificate?: CaCertificate;
/**
* Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `preferredMaintenanceWindow` setting.
* If set to `false`, changes are applied during the next maintenance window.
*
* Until RDS applies the changes, the DB instance remains in a drift state.
* As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.
*
* This property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html
*
* @default - Changes will be applied immediately
*/
readonly applyImmediately?: boolean;
/**
* The life cycle type for this DB instance.
* This setting applies only to RDS for MySQL and RDS for PostgreSQL.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
*
* @default undefined - AWS RDS default setting is `EngineLifecycleSupport.OPEN_SOURCE_RDS_EXTENDED_SUPPORT`
*/
readonly engineLifecycleSupport?: EngineLifecycleSupport;
}
/**
* A new database instance.
*/
declare abstract class DatabaseInstanceNew extends DatabaseInstanceBase implements IDatabaseInstance {
/**
* The VPC where this database instance is deployed.
*/
readonly vpc: ec2.IVpc;
readonly connections: ec2.Connections;
/**
* The log group is created when `cloudwatchLogsExports` is set.
*
* Each export value will create a separate log group.
*/
readonly cloudwatchLogGroups: {
[engine: string]: logs.ILogGroup;
};
protected abstract readonly instanceType: ec2.InstanceType;
protected readonly vpcPlacement?: ec2.SubnetSelection;
protected readonly newCfnProps: CfnDBInstanceProps;
private readonly cloudwatchLogsExports?;
private readonly cloudwatchLogsRetention?;
private readonly cloudwatchLogsRetentionRole?;
private readonly domainId?;
private readonly domainRole?;
protected enableIamAuthentication?: boolean;
constructor(scope: Construct, id: string, props: DatabaseInstanceNewProps);
protected setLogRetention(): void;
}
/**
* Construction properties for a DatabaseInstanceSource
*/
export interface DatabaseInstanceSourceProps extends DatabaseInstanceNewProps {
/**
* The database engine.
*/
readonly engine: IInstanceEngine;
/**
* The name of the compute and memory capacity for the instance.
*
* @default - m5.large (or, more specifically, db.m5.large)
*/
readonly instanceType?: ec2.InstanceType;
/**
* The license model.
*
* @default - RDS default license model
*/
readonly licenseModel?: LicenseModel;
/**
* Whether to allow major version upgrades.
*
* @default false
*/
readonly allowMajorVersionUpgrade?: boolean;
/**
* The time zone of the instance. This is currently supported only by Microsoft Sql Server.
*
* @default - RDS default timezone
*/
readonly timezone?: string;
/**
* The allocated storage size, specified in gibibytes (GiB).
*
* @default 100
*/
readonly allocatedStorage?: number;
/**
* The name of the database.
*
* @default - no name
*/
readonly databaseName?: string;
/**
* The parameters in the DBParameterGroup to create automatically
*
* You can only specify parameterGroup or parameters but not both.
* You need to use a versioned engine to auto-generate a DBParameterGroup.
*
* @default - None
*/
readonly parameters?: {
[key: string]: string;
};
}
/**
* A new source database instance (not a read replica)
*/
declare abstract class DatabaseInstanceSource extends DatabaseInstanceNew implements IDatabaseInstance {
readonly engine?: IInstanceEngine;
/**
* The AWS Secrets Manager secret attached to the instance.
*/
abstract readonly secret?: secretsmanager.ISecret;
protected readonly sourceCfnProps: CfnDBInstanceProps;
protected readonly instanceType: ec2.InstanceType;
private readonly singleUserRotationApplication;
private readonly multiUserRotationApplication;
constructor(scope: Construct, id: string, props: DatabaseInstanceSourceProps);
/**
* Adds the single user rotation of the master password to this instance.
*
* @param options the options for the rotation,
* if you want to override the defaults
*/
addRotationSingleUser(options?: RotationSingleUserOptions): secretsmanager.SecretRotation;
/**
* Adds the multi user rotation to this instance.
*/
addRotationMultiUser(id: string, options: RotationMultiUserOptions): secretsmanager.SecretRotation;
/**
* Grant the given identity connection access to the database.
*
* [disable-awslint:no-grants]
*
* @param grantee the Principal to grant the permissions to
* @param dbUser the name of the database user to allow connecting as to the db instance,
* or the default database user, obtained from the Secret, if not specified
*/
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
}
/**
* Properties for looking up an existing DatabaseInstance.
*/
export interface DatabaseInstanceLookupOptions {
/**
* The instance identifier of the DatabaseInstance
*/
readonly instanceIdentifier: string;
}
/**
* Construction properties for a DatabaseInstance.
*/
export interface DatabaseInstanceProps extends DatabaseInstanceSourceProps {
/**
* Credentials for the administrative user
*
* @default - A username of 'admin' (or 'postgres' for PostgreSQL) and SecretsManager-generated password
*/
readonly credentials?: Credentials;
/**
* For supported engines, specifies the character set to associate with the
* DB instance.
*
* @default - RDS default character set name
*/
readonly characterSetName?: string;
/**
* Indicates whether the DB instance is encrypted.
*
* @default - true if storageEncryptionKey has been provided, false otherwise
*/
readonly storageEncrypted?: boolean;
/**
* The KMS key that's used to encrypt the DB instance.
*
* @default - default master key if storageEncrypted is true, no key otherwise
*/
readonly storageEncryptionKey?: kms.IKeyRef;
}
/**
* A database instance
*
* @resource AWS::RDS::DBInstance
*/
export declare class DatabaseInstance extends DatabaseInstanceSource implements IDatabaseInstance {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
get instanceIdentifier(): string;
readonly dbInstanceEndpointAddress: string;
readonly dbInstanceEndpointPort: string;
readonly instanceResourceId?: string;
readonly instanceEndpoint: Endpoint;
readonly secret?: secretsmanager.ISecret;
private readonly _resource;
constructor(scope: Construct, id: string, props: DatabaseInstanceProps);
}
/**
* Construction properties for a DatabaseInstanceFromSnapshot.
*/
export interface DatabaseInstanceFromSnapshotProps extends DatabaseInstanceSourceProps {
/**
* The name or Amazon Resource Name (ARN) of the DB snapshot that's used to
* restore the DB instance. If you're restoring from a shared manual DB
* snapshot, you must specify the ARN of the snapshot.
* Constraints:
*
* - Can't be specified when `clusterSnapshotIdentifier` is specified.
* - Must be specified when `clusterSnapshotIdentifier` isn't specified.
*
* @default - None
*/
readonly snapshotIdentifier?: string;
/**
* The identifier for the Multi-AZ DB cluster snapshot to restore from.
*
* For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .
*
* Constraints:
*
* - Can't be specified when `snapshotIdentifier` is specified.
* - Must be specified when `snapshotIdentifier` isn't specified.
* - If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `clusterSnapshotIdentifier` must be the ARN of the shared snapshot.
* - Can't be the identifier of an Aurora DB cluster snapshot.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_RestoreFromMultiAZDBClusterSnapshot.html
* @default - None
*/
readonly clusterSnapshotIdentifier?: string;
/**
* Master user credentials.
*
* Note - It is not possible to change the master username for a snapshot;
* however, it is possible to provide (or generate) a new password.
*
* @default - The existing username and password from the snapshot will be used.
*/
readonly credentials?: SnapshotCredentials;
}
/**
* A database instance restored from a snapshot.
*
* @resource AWS::RDS::DBInstance
*/
export declare class DatabaseInstanceFromSnapshot extends DatabaseInstanceSource implements IDatabaseInstance {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
get instanceIdentifier(): string;
readonly dbInstanceEndpointAddress: string;
readonly dbInstanceEndpointPort: string;
readonly instanceResourceId?: string;
readonly instanceEndpoint: Endpoint;
readonly secret?: secretsmanager.ISecret;
private readonly _resource;
constructor(scope: Construct, id: string, props: DatabaseInstanceFromSnapshotProps);
}
/**
* Construction properties for a DatabaseInstanceReadReplica.
*/
export interface DatabaseInstanceReadReplicaProps extends DatabaseInstanceNewProps {
/**
* The name of the compute and memory capacity classes.
*/
readonly instanceType: ec2.InstanceType;
/**
* The source database instance.
*
* Each DB instance can have a limited number of read replicas. For more
* information, see https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html.
*
*/
readonly sourceDatabaseInstance: IDatabaseInstance;
/**
* Indicates whether the DB instance is encrypted.
*
* @default - true if storageEncryptionKey has been provided, false otherwise
*/
readonly storageEncrypted?: boolean;
/**
* The KMS key that's used to encrypt the DB instance.
*
* @default - default master key if storageEncrypted is true, no key otherwise
*/
readonly storageEncryptionKey?: kms.IKeyRef;
/**
* The allocated storage size, specified in gibibytes (GiB).
*
* @default - The replica will inherit the allocated storage of the source database instance
*/
readonly allocatedStorage?: number;
}
/**
* A read replica database instance.
*
* @resource AWS::RDS::DBInstance
*/
export declare class DatabaseInstanceReadReplica extends DatabaseInstanceNew implements IDatabaseInstance {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
get instanceIdentifier(): string;
readonly dbInstanceEndpointAddress: string;
readonly dbInstanceEndpointPort: string;
/**
* The AWS Region-unique, immutable identifier for the DB instance.
* This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed.
*
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values
*/
readonly instanceResourceId?: string;
readonly instanceEndpoint: Endpoint;
readonly engine?: IInstanceEngine;
protected readonly instanceType: ec2.InstanceType;
private readonly _resource;
constructor(scope: Construct, id: string, props: DatabaseInstanceReadReplicaProps);
}
export {};

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/instance.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

122
cdk/node_modules/aws-cdk-lib/aws-rds/lib/option-group.d.ts generated vendored Normal file
View File

@@ -0,0 +1,122 @@
import type { Construct } from 'constructs';
import type { IInstanceEngine } from './instance-engine';
import type { IOptionGroupRef, OptionGroupReference } from './rds.generated';
import * as ec2 from '../../aws-ec2';
import type { IResource } from '../../core';
import { Resource } from '../../core';
/**
* An option group
*/
export interface IOptionGroup extends IResource, IOptionGroupRef {
/**
* The name of the option group.
*
* @attribute
*/
readonly optionGroupName: string;
/**
* Adds a configuration to this OptionGroup.
* This method is a no-op for an imported OptionGroup.
*
* @returns true if the OptionConfiguration was successfully added.
*/
addConfiguration(configuration: OptionConfiguration): boolean;
}
/**
* Configuration properties for an option.
*/
export interface OptionConfiguration {
/**
* The name of the option.
*/
readonly name: string;
/**
* The settings for the option.
*
* @default - no settings
*/
readonly settings?: {
[name: string]: string;
};
/**
* The version for the option.
*
* @default - no version
*/
readonly version?: string;
/**
* The port number that this option uses. If `port` is specified then `vpc`
* must also be specified.
*
* @default - no port
*/
readonly port?: number;
/**
* The VPC where a security group should be created for this option. If `vpc`
* is specified then `port` must also be specified.
*
* @default - no VPC
*/
readonly vpc?: ec2.IVpc;
/**
* Optional list of security groups to use for this option, if `vpc` is specified.
* If no groups are provided, a default one will be created.
*
* @default - a default group will be created if `port` or `vpc` are specified.
*/
readonly securityGroups?: ec2.ISecurityGroup[];
}
/**
* Construction properties for an OptionGroup.
*/
export interface OptionGroupProps {
/**
* The database engine that this option group is associated with.
*/
readonly engine: IInstanceEngine;
/**
* A description of the option group.
*
* @default a CDK generated description
*/
readonly description?: string;
/**
* The configurations for this option group.
*/
readonly configurations: OptionConfiguration[];
/**
* The name of the option group.
*
* @default - a CDK generated name
*/
readonly optionGroupName?: string;
}
/**
* An option group
*/
export declare class OptionGroup extends Resource implements IOptionGroup {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing option group.
*/
static fromOptionGroupName(scope: Construct, id: string, optionGroupName: string): IOptionGroup;
/**
* The name of the option group.
*/
readonly optionGroupName: string;
/**
* The connections object for the options.
*/
readonly optionConnections: {
[key: string]: ec2.Connections;
};
private readonly configurations;
constructor(scope: Construct, id: string, props: OptionGroupProps);
addConfiguration(configuration: OptionConfiguration): boolean;
/**
* Renders the option configurations specifications.
*/
private renderConfigurations;
get optionGroupRef(): OptionGroupReference;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/option-group.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

162
cdk/node_modules/aws-cdk-lib/aws-rds/lib/parameter-group.d.ts generated vendored Normal file
View File

@@ -0,0 +1,162 @@
import type { Construct } from 'constructs';
import type { IEngine } from './engine';
import type { IResource } from '../../core';
import { RemovalPolicy, Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Options for `IParameterGroup.bindToCluster`.
* Empty for now, but can be extended later.
*/
export interface ParameterGroupClusterBindOptions {
}
/**
* The type returned from `IParameterGroup.bindToCluster`.
*/
export interface ParameterGroupClusterConfig {
/** The name of this parameter group. */
readonly parameterGroupName: string;
}
/**
* Options for `IParameterGroup.bindToInstance`.
* Empty for now, but can be extended later.
*/
export interface ParameterGroupInstanceBindOptions {
}
/**
* The type returned from `IParameterGroup.bindToInstance`.
*/
export interface ParameterGroupInstanceConfig {
/** The name of this parameter group. */
readonly parameterGroupName: string;
}
/**
* A parameter group.
* Represents both a cluster parameter group,
* and an instance parameter group.
*/
export interface IParameterGroup extends IResource, aws_rds.IDBParameterGroupRef, aws_rds.IDBClusterParameterGroupRef {
/**
* Method called when this Parameter Group is used when defining a database cluster.
*/
bindToCluster(options: ParameterGroupClusterBindOptions): ParameterGroupClusterConfig;
/**
* Method called when this Parameter Group is used when defining a database instance.
*/
bindToInstance(options: ParameterGroupInstanceBindOptions): ParameterGroupInstanceConfig;
/**
* Adds a parameter to this group.
* If this is an imported parameter group,
* this method does nothing.
*
* @returns true if the parameter was actually added
* (i.e., this ParameterGroup is not imported),
* false otherwise
*/
addParameter(key: string, value: string): boolean;
}
/**
* Properties for a parameter group
*/
export interface ParameterGroupProps {
/**
* The database engine for this parameter group.
*/
readonly engine: IEngine;
/**
* The name of this parameter group.
*
* @default - CloudFormation-generated name
*/
readonly name?: string;
/**
* Description for this parameter group
*
* @default a CDK generated description
*/
readonly description?: string;
/**
* The parameters in this parameter group
*
* @default - None
*/
readonly parameters?: {
[key: string]: string;
};
/**
* The CloudFormation policy to apply when the instance is removed from the
* stack or replaced during an update.
*
* @default - RemovalPolicy.DESTROY
*/
readonly removalPolicy?: RemovalPolicy;
}
/**
* A parameter group.
* Represents both a cluster parameter group (AWS::RDS::DBClusterParameterGroup),
* and an instance parameter group (AWS::RDS::DBParameterGroup).
*
* @resource AWS::RDS::DBParameterGroup
*/
export declare class ParameterGroup extends Resource implements IParameterGroup {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Imports a parameter group
*/
static fromParameterGroupName(scope: Construct, id: string, parameterGroupName: string): IParameterGroup;
/**
* Creates a standalone instance parameter group.
*
* This method allows you to explicitly create a parameter group
* without binding it to a database instance.
*
* @returns instance parameter group (AWS::RDS::DBParameterGroup)
*/
static forInstance(scope: Construct, id: string, props: ParameterGroupProps): IParameterGroup;
/**
* Creates a standalone cluster parameter group.
*
* This method allows you to explicitly create a parameter group
* without binding it to a database cluster.
*
* @returns cluster parameter group (AWS::RDS::DBClusterParameterGroup)
*/
static forCluster(scope: Construct, id: string, props: ParameterGroupProps): IParameterGroup;
private readonly parameters;
private readonly family;
private readonly removalPolicy?;
private readonly description?;
private readonly name?;
private clusterCfnGroup?;
private instanceCfnGroup?;
constructor(scope: Construct, id: string, props: ParameterGroupProps);
bindToCluster(_options: ParameterGroupClusterBindOptions): ParameterGroupClusterConfig;
bindToInstance(_options: ParameterGroupInstanceBindOptions): ParameterGroupInstanceConfig;
/**
* Add a parameter to this parameter group
*
* @param key The key of the parameter to be added
* @param value The value of the parameter to be added
*/
addParameter(key: string, value: string): boolean;
/**
* Creates the instance parameter group CloudFormation resource if it doesn't exist.
* @returns parameter group name
*/
private createInstanceParameterGroup;
/**
* Creates the cluster parameter group CloudFormation resource if it doesn't exist.
* @returns parameter group name
*/
private createClusterParameterGroup;
/**
* A reference to this parameter group as a DB parameter group
*/
get dbParameterGroupRef(): aws_rds.DBParameterGroupReference;
/**
* A reference to this parameter group as a DB cluster parameter group
*/
get dbClusterParameterGroupRef(): aws_rds.DBClusterParameterGroupReference;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/parameter-group.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/perms.d.ts generated vendored Normal file
View File

@@ -0,0 +1 @@
export declare const DATA_API_ACTIONS: string[];

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/perms.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.DATA_API_ACTIONS=void 0,exports.DATA_API_ACTIONS=["rds-data:BatchExecuteStatement","rds-data:BeginTransaction","rds-data:CommitTransaction","rds-data:ExecuteStatement","rds-data:RollbackTransaction"];

7
cdk/node_modules/aws-cdk-lib/aws-rds/lib/private/ref-utils.d.ts generated vendored Normal file
View File

@@ -0,0 +1,7 @@
import type { IDBSubnetGroupRef } from '../rds.generated';
import type { ISubnetGroup } from '../subnet-group';
/**
* Convert an IBackupVaultRef to IBackupVault, throwing an error if the instance
* doesn't implement the full IBackupVault interface.
*/
export declare function toISubnetGroup(group: IDBSubnetGroupRef): ISubnetGroup;

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/private/ref-utils.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.toISubnetGroup=toISubnetGroup;var core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};function toISubnetGroup(group){if(!("subnetGroupName"in group))throw new(core_1()).UnscopedValidationError((0,literal_string_1().lit)`GroupInstanceShouldImplement`,`'group' instance should implement ISubnetGroup, but doesn't: ${group.constructor.name}`);return group}

71
cdk/node_modules/aws-cdk-lib/aws-rds/lib/private/util.d.ts generated vendored Normal file
View File

@@ -0,0 +1,71 @@
import type { Construct } from 'constructs';
import type * as ec2 from '../../../aws-ec2';
import * as iam from '../../../aws-iam';
import type * as s3 from '../../../aws-s3';
import { RemovalPolicy } from '../../../core';
import type { IEngine } from '../engine';
import type { CommonRotationUserOptions } from '../props';
import { Credentials, SnapshotCredentials } from '../props';
/**
* The default set of characters we exclude from generated passwords for database users.
* It's a combination of characters that have a tendency to cause problems in shell scripts,
* some engine-specific characters (for example, Oracle doesn't like '@' in its passwords),
* and some that trip up other services, like DMS.
*
* This constant is private to the RDS module.
*/
export declare const DEFAULT_PASSWORD_EXCLUDE_CHARS = " %+~`#$&*()|[]{}:;<>?!'/@\"\\";
/** Common base of `DatabaseInstanceProps` and `DatabaseClusterBaseProps` that has only the S3 props */
export interface DatabaseS3ImportExportProps {
readonly s3ImportRole?: iam.IRole;
readonly s3ImportBuckets?: s3.IBucket[];
readonly s3ExportRole?: iam.IRole;
readonly s3ExportBuckets?: s3.IBucket[];
}
/**
* Validates the S3 import/export props and returns the import/export roles, if any.
* If `combineRoles` is true, will reuse the import role for export (or vice versa) if possible.
*
* Notably, `combineRoles` is set to true for instances, but false for clusters.
* This is because the `combineRoles` functionality is most applicable to instances and didn't exist
* for the initial clusters implementation. To maintain backwards compatibility, it is set to false for clusters.
*/
export declare function setupS3ImportExport(scope: Construct, props: DatabaseS3ImportExportProps, combineRoles: boolean): {
s3ImportRole?: iam.IRole;
s3ExportRole?: iam.IRole;
};
export declare function engineDescription(engine: IEngine): string;
/**
* By default, deletion protection is disabled.
* Enable if explicitly provided or if the RemovalPolicy has been set to RETAIN
*/
export declare function defaultDeletionProtection(deletionProtection?: boolean, removalPolicy?: RemovalPolicy): boolean | undefined;
/**
* Renders the credentials for an instance or cluster
*/
export declare function renderCredentials(scope: Construct, engine: IEngine, credentials?: Credentials): Credentials;
/**
* Renders the credentials for an instance or cluster using provided snapshot credentials
*/
export declare function renderSnapshotCredentials(scope: Construct, credentials?: SnapshotCredentials): SnapshotCredentials | undefined;
/**
* The RemovalPolicy that should be applied to a "helper" resource, if the base resource has the given removal policy
*
* - For Clusters, this determines the RemovalPolicy for Instances/SubnetGroups.
* - For Instances, this determines the RemovalPolicy for SubnetGroups.
*
* If the basePolicy is:
*
* DESTROY or SNAPSHOT -> DESTROY (snapshot is good enough to recreate)
* RETAIN -> RETAIN (anything else will lose data or fail to deploy)
* (undefined) -> DESTROY (base policy is assumed to be SNAPSHOT)
*/
export declare function helperRemovalPolicy(basePolicy?: RemovalPolicy): RemovalPolicy;
/**
* Return a given value unless it's the same as another value
*/
export declare function renderUnless<A>(value: A, suppressValue: A): A | undefined;
/**
* Applies defaults for rotation options
*/
export declare function applyDefaultRotationOptions(options: CommonRotationUserOptions, defaultvpcSubnets?: ec2.SubnetSelection): CommonRotationUserOptions;

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/private/util.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.DEFAULT_PASSWORD_EXCLUDE_CHARS=void 0,exports.setupS3ImportExport=setupS3ImportExport,exports.engineDescription=engineDescription,exports.defaultDeletionProtection=defaultDeletionProtection,exports.renderCredentials=renderCredentials,exports.renderSnapshotCredentials=renderSnapshotCredentials,exports.helperRemovalPolicy=helperRemovalPolicy,exports.renderUnless=renderUnless,exports.applyDefaultRotationOptions=applyDefaultRotationOptions;var iam=()=>{var tmp=require("../../../aws-iam");return iam=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},database_secret_1=()=>{var tmp=require("../database-secret");return database_secret_1=()=>tmp,tmp},props_1=()=>{var tmp=require("../props");return props_1=()=>tmp,tmp};exports.DEFAULT_PASSWORD_EXCLUDE_CHARS=" %+~`#$&*()|[]{}:;<>?!'/@\"\\";function setupS3ImportExport(scope,props,combineRoles){let s3ImportRole=props.s3ImportRole,s3ExportRole=props.s3ExportRole;if(props.s3ImportBuckets&&props.s3ImportBuckets.length>0){if(props.s3ImportRole)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`OneImportRoleImportBuckets`,"Only one of s3ImportRole or s3ImportBuckets must be specified, not both.",scope);s3ImportRole=combineRoles&&s3ExportRole?s3ExportRole:new(iam()).Role(scope,"S3ImportRole",{assumedBy:new(iam()).ServicePrincipal("rds.amazonaws.com")});for(const bucket of props.s3ImportBuckets)bucket.grantRead(s3ImportRole)}if(props.s3ExportBuckets&&props.s3ExportBuckets.length>0){if(props.s3ExportRole)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`OneExportRoleExportBuckets`,"Only one of s3ExportRole or s3ExportBuckets must be specified, not both.",scope);s3ExportRole=combineRoles&&s3ImportRole?s3ImportRole:new(iam()).Role(scope,"S3ExportRole",{assumedBy:new(iam()).ServicePrincipal("rds.amazonaws.com")});for(const bucket of props.s3ExportBuckets)bucket.grantReadWrite(s3ExportRole)}return{s3ImportRole,s3ExportRole}}function engineDescription(engine){return engine.engineType+(engine.engineVersion?.fullVersion?`-${engine.engineVersion.fullVersion}`:"")}function defaultDeletionProtection(deletionProtection,removalPolicy){return deletionProtection??(removalPolicy===core_1().RemovalPolicy.RETAIN?!0:void 0)}function renderCredentials(scope,engine,credentials){let renderedCredentials=credentials??props_1().Credentials.fromUsername(engine.defaultUsername??"admin");return!renderedCredentials.secret&&!renderedCredentials.password&&(renderedCredentials=props_1().Credentials.fromSecret(new(database_secret_1()).DatabaseSecret(scope,"Secret",{username:renderedCredentials.username,secretName:renderedCredentials.secretName,encryptionKey:renderedCredentials.encryptionKey,excludeCharacters:renderedCredentials.excludeCharacters,replaceOnPasswordCriteriaChanges:credentials?.usernameAsString,replicaRegions:renderedCredentials.replicaRegions}),credentials?.usernameAsString?renderedCredentials.username:void 0)),renderedCredentials}function renderSnapshotCredentials(scope,credentials){let renderedCredentials=credentials;if(!renderedCredentials?.secret&&renderedCredentials?.generatePassword){if(!renderedCredentials.username)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`MustBeSpecifiedTrue`,"`snapshotCredentials` `username` must be specified when `generatePassword` is set to true",scope);renderedCredentials=props_1().SnapshotCredentials.fromSecret(new(database_secret_1()).DatabaseSecret(scope,"SnapshotSecret",{username:renderedCredentials.username,encryptionKey:renderedCredentials.encryptionKey,excludeCharacters:renderedCredentials.excludeCharacters,replaceOnPasswordCriteriaChanges:renderedCredentials.replaceOnPasswordCriteriaChanges,replicaRegions:renderedCredentials.replicaRegions}))}return renderedCredentials}function helperRemovalPolicy(basePolicy){return basePolicy===core_1().RemovalPolicy.RETAIN?core_1().RemovalPolicy.RETAIN:core_1().RemovalPolicy.DESTROY}function renderUnless(value,suppressValue){return value===suppressValue?void 0:value}function applyDefaultRotationOptions(options,defaultvpcSubnets){return{excludeCharacters:exports.DEFAULT_PASSWORD_EXCLUDE_CHARS,vpcSubnets:defaultvpcSubnets,...options}}

503
cdk/node_modules/aws-cdk-lib/aws-rds/lib/props.d.ts generated vendored Normal file
View File

@@ -0,0 +1,503 @@
import type { IParameterGroup } from './parameter-group';
import type * as ec2 from '../../aws-ec2';
import type * as kms from '../../aws-kms';
import type * as secretsmanager from '../../aws-secretsmanager';
import type { Duration, SecretValue } from '../../core';
/**
* Instance properties for database instances
*/
export interface InstanceProps {
/**
* What type of instance to start for the replicas.
*
* @default - t3.medium (or, more precisely, db.t3.medium)
*/
readonly instanceType?: ec2.InstanceType;
/**
* What subnets to run the RDS instances in.
*
* Must be at least 2 subnets in two different AZs.
*/
readonly vpc: ec2.IVpc;
/**
* Where to place the instances within the VPC
*
* @default - the Vpc default strategy if not specified.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* Security group.
*
* @default a new security group is created.
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The DB parameter group to associate with the instance.
*
* @default no parameter group
*/
readonly parameterGroup?: IParameterGroup;
/**
* The parameters in the DBParameterGroup to create automatically
*
* You can only specify parameterGroup or parameters but not both.
* You need to use a versioned engine to auto-generate a DBParameterGroup.
*
* @default - None
*/
readonly parameters?: {
[key: string]: string;
};
/**
* Whether to enable Performance Insights for the DB instance.
*
* @default - false, unless ``performanceInsightRetention`` or ``performanceInsightEncryptionKey`` is set.
*/
readonly enablePerformanceInsights?: boolean;
/**
* The amount of time, in days, to retain Performance Insights data.
*
* @default 7
*/
readonly performanceInsightRetention?: PerformanceInsightRetention;
/**
* The AWS KMS key for encryption of Performance Insights data.
*
* @default - default master key
*/
readonly performanceInsightEncryptionKey?: kms.IKey;
/**
* Whether to enable automatic upgrade of minor version for the DB instance.
*
* @default - true
*/
readonly autoMinorVersionUpgrade?: boolean;
/**
* Whether to allow upgrade of major version for the DB instance.
*
* @default - false
*/
readonly allowMajorVersionUpgrade?: boolean;
/**
* Whether to remove automated backups immediately after the DB instance is deleted for the DB instance.
*
* @default - true
*/
readonly deleteAutomatedBackups?: boolean;
/**
* Indicates whether the DB instance is an internet-facing instance.
*
* @default - `true` if `vpcSubnets` is `subnetType: SubnetType.PUBLIC`, `false` otherwise
*/
readonly publiclyAccessible?: boolean;
/**
* A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
*
* Example: 'Sun:23:45-Mon:00:15'
*
* @default - 30-minute window selected at random from an 8-hour block of time for
* each AWS Region, occurring on a random day of the week.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
*/
readonly preferredMaintenanceWindow?: string;
}
/**
* Backup configuration for RDS databases
*
* @default - The retention period for automated backups is 1 day.
* The preferred backup window will be a 30-minute window selected at random
* from an 8-hour block of time for each AWS Region.
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
*/
export interface BackupProps {
/**
* How many days to retain the backup
*/
readonly retention: Duration;
/**
* A daily time range in 24-hours UTC format in which backups preferably execute.
*
* Must be at least 30 minutes long.
*
* Example: '01:00-02:00'
*
* @default - a 30-minute window selected at random from an 8-hour block of
* time for each AWS Region. To see the time blocks available, see
* https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow
*/
readonly preferredWindow?: string;
}
/**
* Base options for creating Credentials.
*/
export interface CredentialsBaseOptions {
/**
* The name of the secret.
*
* @default - A name is generated by CloudFormation.
*/
readonly secretName?: string;
/**
* KMS encryption key to encrypt the generated secret.
*
* @default - default master key
*/
readonly encryptionKey?: kms.IKey;
/**
* The characters to exclude from the generated password.
* Has no effect if `password` has been provided.
*
* @default - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\\")
*/
readonly excludeCharacters?: string;
/**
* A list of regions where to replicate this secret.
*
* @default - Secret is not replicated
*/
readonly replicaRegions?: secretsmanager.ReplicaRegion[];
}
/**
* Options for creating Credentials from a username.
*/
export interface CredentialsFromUsernameOptions extends CredentialsBaseOptions {
/**
* Password
*
* Do not put passwords in your CDK code directly.
*
* @default - a Secrets Manager generated password
*/
readonly password?: SecretValue;
}
/**
* Username and password combination
*/
export declare abstract class Credentials {
/**
* Creates Credentials with a password generated and stored in Secrets Manager.
*/
static fromGeneratedSecret(username: string, options?: CredentialsBaseOptions): Credentials;
/**
* Creates Credentials from a password
*
* Do not put passwords in your CDK code directly.
*/
static fromPassword(username: string, password: SecretValue): Credentials;
/**
* Creates Credentials for the given username, and optional password and key.
* If no password is provided, one will be generated and stored in Secrets Manager.
*/
static fromUsername(username: string, options?: CredentialsFromUsernameOptions): Credentials;
/**
* Creates Credentials from an existing Secrets Manager ``Secret`` (or ``DatabaseSecret``)
*
* The Secret must be a JSON string with a ``username`` and ``password`` field:
* ```
* {
* ...
* "username": <required: username>,
* "password": <required: password>,
* }
* ```
*
* @param secret The secret where the credentials are stored
* @param username The username defined in the secret. If specified the username
* will be referenced as a string and not a dynamic reference to the username
* field in the secret. This allows to replace the secret without replacing the
* instance or cluster.
*/
static fromSecret(secret: secretsmanager.ISecret, username?: string): Credentials;
/**
* Username
*/
abstract readonly username: string;
/**
* The name to use for the Secret if a new Secret is to be generated in
* SecretsManager for these Credentials.
*
* @default - A name is generated by CloudFormation.
*/
abstract readonly secretName?: string;
/**
* Whether the username should be referenced as a string and not as a dynamic
* reference to the username in the secret.
*
* @default false
*/
abstract readonly usernameAsString?: boolean;
/**
* Password
*
* Do not put passwords in your CDK code directly.
*
* @default - a Secrets Manager generated password
*/
abstract readonly password?: SecretValue;
/**
* KMS encryption key to encrypt the generated secret.
*
* @default - default master key
*/
abstract readonly encryptionKey?: kms.IKey;
/**
* Secret used to instantiate this Login.
*
* @default - none
*/
abstract readonly secret?: secretsmanager.ISecret;
/**
* The characters to exclude from the generated password.
* Only used if `password` has not been set.
*
* @default - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\\")
*/
abstract readonly excludeCharacters?: string;
/**
* A list of regions where to replicate the generated secret.
*
* @default - Secret is not replicated
*/
abstract readonly replicaRegions?: secretsmanager.ReplicaRegion[];
}
/**
* Options used in the `SnapshotCredentials.fromGeneratedPassword` method.
*/
export interface SnapshotCredentialsFromGeneratedPasswordOptions {
/**
* KMS encryption key to encrypt the generated secret.
*
* @default - default master key
*/
readonly encryptionKey?: kms.IKey;
/**
* The characters to exclude from the generated password.
*
* @default - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\\")
*/
readonly excludeCharacters?: string;
/**
* A list of regions where to replicate this secret.
*
* @default - Secret is not replicated
*/
readonly replicaRegions?: secretsmanager.ReplicaRegion[];
}
/**
* Credentials to update the password for a ``DatabaseInstanceFromSnapshot``.
*/
export declare abstract class SnapshotCredentials {
/**
* Generate a new password for the snapshot, using the existing username and an optional encryption key.
* The new credentials are stored in Secrets Manager.
*
* Note - The username must match the existing master username of the snapshot.
*/
static fromGeneratedSecret(username: string, options?: SnapshotCredentialsFromGeneratedPasswordOptions): SnapshotCredentials;
/**
* Generate a new password for the snapshot, using the existing username and an optional encryption key.
*
* Note - The username must match the existing master username of the snapshot.
*
* NOTE: use `fromGeneratedSecret()` for new Clusters and Instances. Switching from
* `fromGeneratedPassword()` to `fromGeneratedSecret()` for already deployed Clusters
* or Instances will update their master password.
*/
static fromGeneratedPassword(username: string, options?: SnapshotCredentialsFromGeneratedPasswordOptions): SnapshotCredentials;
/**
* Update the snapshot login with an existing password.
*/
static fromPassword(password: SecretValue): SnapshotCredentials;
/**
* Update the snapshot login with an existing password from a Secret.
*
* The Secret must be a JSON string with a ``password`` field:
* ```
* {
* ...
* "password": <required: password>,
* }
* ```
*/
static fromSecret(secret: secretsmanager.ISecret): SnapshotCredentials;
/**
* The master user name.
*
* Must be the **current** master user name of the snapshot.
* It is not possible to change the master user name of a RDS instance.
*
* @default - the existing username from the snapshot
*/
abstract readonly username?: string;
/**
* Whether a new password should be generated.
*/
abstract readonly generatePassword: boolean;
/**
* Whether to replace the generated secret when the criteria for the password change.
*
* @default false
*/
abstract readonly replaceOnPasswordCriteriaChanges?: boolean;
/**
* The master user password.
*
* Do not put passwords in your CDK code directly.
*
* @default - the existing password from the snapshot
*/
abstract readonly password?: SecretValue;
/**
* KMS encryption key to encrypt the generated secret.
*
* @default - default master key
*/
abstract readonly encryptionKey?: kms.IKey;
/**
* Secret used to instantiate this Login.
*
* @default - none
*/
abstract readonly secret?: secretsmanager.ISecret;
/**
* The characters to exclude from the generated password.
* Only used if `generatePassword` if true.
*
* @default - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\\")
*/
abstract readonly excludeCharacters?: string;
/**
* A list of regions where to replicate the generated secret.
*
* @default - Secret is not replicated
*/
abstract readonly replicaRegions?: secretsmanager.ReplicaRegion[];
}
/**
* Properties common to single-user and multi-user rotation options.
*/
export interface CommonRotationUserOptions {
/**
* Specifies the number of days after the previous rotation
* before Secrets Manager triggers the next automatic rotation.
*
* @default - 30 days
*/
readonly automaticallyAfter?: Duration;
/**
* Specifies characters to not include in generated passwords.
*
* @default " %+~`#$&*()|[]{}:;<>?!'/@\"\\"
*/
readonly excludeCharacters?: string;
/**
* Where to place the rotation Lambda function
*
* @default - same placement as instance or cluster
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* The VPC interface endpoint to use for the Secrets Manager API
*
* If you enable private DNS hostnames for your VPC private endpoint (the default), you don't
* need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager
* CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically
* resolves to your VPC endpoint.
*
* @default https://secretsmanager.<region>.amazonaws.com
*/
readonly endpoint?: ec2.IInterfaceVpcEndpoint;
/**
* The security group for the Lambda rotation function
*
* @default - a new security group is created
*/
readonly securityGroup?: ec2.ISecurityGroup;
/**
* Specifies whether to rotate the secret immediately or wait until the next
* scheduled rotation window.
*
* @default true
*/
readonly rotateImmediatelyOnUpdate?: boolean;
}
/**
* Options to add the multi user rotation
*/
export interface RotationSingleUserOptions extends CommonRotationUserOptions {
}
/**
* Options to add the multi user rotation
*/
export interface RotationMultiUserOptions extends CommonRotationUserOptions {
/**
* The secret to rotate. It must be a JSON string with the following format:
* ```
* {
* "engine": <required: database engine>,
* "host": <required: instance host name>,
* "username": <required: username>,
* "password": <required: password>,
* "dbname": <optional: database name>,
* "port": <optional: if not specified, default port will be used>,
* "masterarn": <required: the arn of the master secret which will be used to create users/change passwords>
* }
* ```
*/
readonly secret: secretsmanager.ISecret;
}
/**
* The retention period for Performance Insight data, in days.
*
* Per https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-performanceinsightsretentionperiod
* This must be either
* - 7 days (the default, free tier)
* - month * 31, where month is a number of months from 1-23
* - 731 (2 years)
*/
export declare enum PerformanceInsightRetention {
/**
* Default retention period of 7 days.
*/
DEFAULT = 7,
MONTHS_1 = 31,
MONTHS_2 = 62,
MONTHS_3 = 93,
MONTHS_4 = 124,
MONTHS_5 = 155,
MONTHS_6 = 186,
MONTHS_7 = 217,
MONTHS_8 = 248,
MONTHS_9 = 279,
MONTHS_10 = 310,
MONTHS_11 = 341,
MONTHS_12 = 372,
MONTHS_13 = 403,
MONTHS_14 = 434,
MONTHS_15 = 465,
MONTHS_16 = 496,
MONTHS_17 = 527,
MONTHS_18 = 558,
MONTHS_19 = 589,
MONTHS_20 = 620,
MONTHS_21 = 651,
MONTHS_22 = 682,
MONTHS_23 = 713,
/**
* Long term retention period of 2 years.
*/
LONG_TERM = 731
}
/**
* Engine lifecycle support for Amazon RDS and Amazon Aurora
*/
export declare enum EngineLifecycleSupport {
/**
* Using Amazon RDS extended support
*/
OPEN_SOURCE_RDS_EXTENDED_SUPPORT = "open-source-rds-extended-support",
/**
* Not using Amazon RDS extended support
*/
OPEN_SOURCE_RDS_EXTENDED_SUPPORT_DISABLED = "open-source-rds-extended-support-disabled"
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/props.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

147
cdk/node_modules/aws-cdk-lib/aws-rds/lib/proxy-endpoint.d.ts generated vendored Normal file
View File

@@ -0,0 +1,147 @@
import type { Construct } from 'constructs';
import type * as ec2 from '../../aws-ec2';
import type { IResource } from '../../core';
import { Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* A DB proxy endpoint.
*/
export interface IDatabaseProxyEndpoint extends IResource, aws_rds.IDBProxyEndpointRef {
/**
* DB Proxy Endpoint Name
*
* @attribute
*/
readonly dbProxyEndpointName: string;
/**
* DB Proxy Endpoint ARN
*
* @attribute
*/
readonly dbProxyEndpointArn: string;
/**
* Endpoint
*
* @attribute
*/
readonly endpoint: string;
}
/**
* Options for a new DatabaseProxyEndpoint
*/
export interface DatabaseProxyEndpointOptions {
/**
* The name of the DB proxy endpoint
*
* @default - a CDK generated name
*/
readonly dbProxyEndpointName?: string;
/**
* The VPC of the DB proxy endpoint.
*/
readonly vpc: ec2.IVpc;
/**
* The VPC security groups to associate with the new proxy endpoint.
*
* @default - Default security group for the VPC
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The subnets of DB proxy endpoint.
*
* @default - the VPC default strategy if not specified.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
*
* @default - ProxyEndpointTargetRole.READ_WRITE
*/
readonly targetRole?: ProxyEndpointTargetRole;
}
/**
* Construction properties for a DatabaseProxyEndpoint
*/
export interface DatabaseProxyEndpointProps extends DatabaseProxyEndpointOptions {
/**
* The DB proxy associated with the DB proxy endpoint.
*/
readonly dbProxy: aws_rds.IDBProxyRef;
}
/**
* Properties that describe an existing DB Proxy Endpoint
*/
export interface DatabaseProxyEndpointAttributes {
/**
* DB Proxy Endpoint Name
*/
readonly dbProxyEndpointName: string;
/**
* DB Proxy Endpoint ARN
*/
readonly dbProxyEndpointArn: string;
/**
* The endpoint that you can use to connect to the DB proxy
*/
readonly endpoint: string;
}
/**
* A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
*/
export declare enum ProxyEndpointTargetRole {
/**
* The proxy endpoint can be used for both read and write operations.
*/
READ_WRITE = "READ_WRITE",
/**
* The proxy endpoint can be used only for read operations.
*/
READ_ONLY = "READ_ONLY"
}
/**
* Represents an RDS Database Proxy Endpoint.
*/
declare abstract class DatabaseProxyEndpointBase extends Resource implements IDatabaseProxyEndpoint {
abstract readonly dbProxyEndpointName: string;
abstract readonly dbProxyEndpointArn: string;
abstract readonly endpoint: string;
/**
* A reference to this database proxy endpoint
*/
get dbProxyEndpointRef(): aws_rds.DBProxyEndpointReference;
}
/**
* RDS Database Proxy Endpoint
*
* @resource AWS::RDS::DBProxyEndpoint
*/
export declare class DatabaseProxyEndpoint extends DatabaseProxyEndpointBase {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing database proxy endpoint.
*/
static fromDatabaseProxyEndpointAttributes(scope: Construct, id: string, attrs: DatabaseProxyEndpointAttributes): IDatabaseProxyEndpoint;
/**
* DB Proxy Endpoint Name
*
* @attribute
*/
readonly dbProxyEndpointName: string;
/**
* DB Proxy Endpoint ARN
*
* @attribute
*/
readonly dbProxyEndpointArn: string;
/**
* The endpoint that you can use to connect to the DB proxy
*
* @attribute
*/
readonly endpoint: string;
constructor(scope: Construct, id: string, props: DatabaseProxyEndpointProps);
}
export {};

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/proxy-endpoint.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

389
cdk/node_modules/aws-cdk-lib/aws-rds/lib/proxy.d.ts generated vendored Normal file
View File

@@ -0,0 +1,389 @@
import type { Construct } from 'constructs';
import type { IDatabaseCluster } from './cluster-ref';
import type { IDatabaseInstance } from './instance';
import type { DatabaseProxyEndpointOptions, IDatabaseProxyEndpoint } from './proxy-endpoint';
import * as ec2 from '../../aws-ec2';
import * as iam from '../../aws-iam';
import * as secretsmanager from '../../aws-secretsmanager';
import * as cdk from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Client password authentication type used by a proxy to log in as a specific database user.
*/
export declare enum ClientPasswordAuthType {
/**
* MySQL Native Password client authentication type.
*/
MYSQL_NATIVE_PASSWORD = "MYSQL_NATIVE_PASSWORD",
/**
* SCRAM SHA 256 client authentication type.
*/
POSTGRES_SCRAM_SHA_256 = "POSTGRES_SCRAM_SHA_256",
/**
* PostgreSQL MD5 client authentication type.
*/
POSTGRES_MD5 = "POSTGRES_MD5",
/**
* SQL Server Authentication client authentication type.
*/
SQL_SERVER_AUTHENTICATION = "SQL_SERVER_AUTHENTICATION",
/**
* MySQL Caching SHA2 Password client authentication type.
*/
MYSQL_CACHING_SHA2_PASSWORD = "MYSQL_CACHING_SHA2_PASSWORD"
}
/**
* The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
*/
export declare enum DefaultAuthScheme {
/**
* IAM authentication.
*/
IAM_AUTH = "IAM_AUTH",
/**
* No default authentication.
*/
NONE = "NONE"
}
/**
* SessionPinningFilter
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html#rds-proxy-pinning
*/
export declare class SessionPinningFilter {
/**
* Filter name
*/
readonly filterName: string;
/**
* You can opt out of session pinning for the following kinds of application statements:
*
* - Setting session variables and configuration settings.
*/
static readonly EXCLUDE_VARIABLE_SETS: SessionPinningFilter;
/**
* custom filter
*/
static of(filterName: string): SessionPinningFilter;
private constructor();
}
/**
* Proxy target: Instance or Cluster
*
* A target group is a collection of databases that the proxy can connect to.
* Currently, you can specify only one RDS DB instance or Aurora DB cluster.
*/
export declare class ProxyTarget {
private readonly dbInstance;
private readonly dbCluster;
/**
* From instance
*
* @param instance RDS database instance
*/
static fromInstance(instance: IDatabaseInstance): ProxyTarget;
/**
* From cluster
*
* @param cluster RDS database cluster
*/
static fromCluster(cluster: IDatabaseCluster): ProxyTarget;
private constructor();
/**
* Bind this target to the specified database proxy.
*/
bind(proxy: DatabaseProxy): ProxyTargetConfig;
}
/**
* The result of binding a `ProxyTarget` to a `DatabaseProxy`.
*/
export interface ProxyTargetConfig {
/**
* The engine family of the database instance or cluster this proxy connects with.
*/
readonly engineFamily: string;
/**
* The database instances to which this proxy connects.
* Either this or `dbClusters` will be set and the other `undefined`.
* @default - `undefined` if `dbClusters` is set.
*/
readonly dbInstances?: IDatabaseInstance[];
/**
* The database clusters to which this proxy connects.
* Either this or `dbInstances` will be set and the other `undefined`.
* @default - `undefined` if `dbInstances` is set.
*/
readonly dbClusters?: IDatabaseCluster[];
}
/**
* Options for a new DatabaseProxy
*/
export interface DatabaseProxyOptions {
/**
* The identifier for the proxy.
* This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
* An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens;
* it can't end with a hyphen or contain two consecutive hyphens.
*
* @default - Generated by CloudFormation (recommended)
*/
readonly dbProxyName?: string;
/**
* The duration for a proxy to wait for a connection to become available in the connection pool.
* Only applies when the proxy has opened its maximum number of connections and all connections are busy with client
* sessions.
*
* Value must be between 1 second and 1 hour, or `Duration.seconds(0)` to represent unlimited.
*
* @default cdk.Duration.seconds(120)
*/
readonly borrowTimeout?: cdk.Duration;
/**
* One or more SQL statements for the proxy to run when opening each new database connection.
* Typically used with SET statements to make sure that each connection has identical settings such as time zone
* and character set.
* For multiple statements, use semicolons as the separator.
* You can also include multiple variables in a single SET statement, such as SET x=1, y=2.
*
* not currently supported for PostgreSQL.
*
* @default - no initialization query
*/
readonly initQuery?: string;
/**
* The maximum size of the connection pool for each target in a target group.
* For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance or Aurora DB
* cluster used by the target group.
*
* 1-100
*
* @default 100
*/
readonly maxConnectionsPercent?: number;
/**
* Controls how actively the proxy closes idle database connections in the connection pool.
* A high value enables the proxy to leave a high percentage of idle connections open.
* A low value causes the proxy to close idle client connections and return the underlying database connections
* to the connection pool.
* For Aurora MySQL, it is expressed as a percentage of the max_connections setting for the RDS DB instance
* or Aurora DB cluster used by the target group.
*
* between 0 and MaxConnectionsPercent
*
* @default 50
*/
readonly maxIdleConnectionsPercent?: number;
/**
* Each item in the list represents a class of SQL operations that normally cause all later statements in a session
* using a proxy to be pinned to the same underlying database connection.
* Including an item in the list exempts that class of SQL operations from the pinning behavior.
*
* @default - no session pinning filters
*/
readonly sessionPinningFilters?: SessionPinningFilter[];
/**
* Whether the proxy includes detailed information about SQL statements in its logs.
* This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections.
* The debug information includes the text of SQL statements that you submit through the proxy.
* Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive
* information that appears in the logs.
*
* @default false
*/
readonly debugLogging?: boolean;
/**
* Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy.
*
* @default false
*/
readonly iamAuth?: boolean;
/**
* The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
* You can set this value higher or lower than the connection timeout limit for the associated database.
*
* @default cdk.Duration.minutes(30)
*/
readonly idleClientTimeout?: cdk.Duration;
/**
* A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
* By enabling this setting, you can enforce encrypted TLS connections to the proxy.
*
* @default true
*/
readonly requireTLS?: boolean;
/**
* IAM role that the proxy uses to access secrets in AWS Secrets Manager.
*
* @default - A role will automatically be created
*/
readonly role?: iam.IRole;
/**
* The secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster.
* These secrets are stored within Amazon Secrets Manager.
* One or more secrets are required when defaultAuthScheme is `DefaultAuthScheme.NONE`.
*
* @default None
*/
readonly secrets?: secretsmanager.ISecret[];
/**
* One or more VPC security groups to associate with the new proxy.
*
* @default - No security groups
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The subnets used by the proxy.
*
* @default - the VPC default strategy if not specified.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* The VPC to associate with the new proxy.
*/
readonly vpc: ec2.IVpc;
/**
* Specifies the details of authentication used by a proxy to log in as a specific database user.
*
* @default - CloudFormation defaults will apply given the specified database engine.
*/
readonly clientPasswordAuthType?: ClientPasswordAuthType;
/**
* The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
* When set to `DefaultAuthScheme.IAM_AUTH`, the proxy uses end-to-end IAM authentication to connect to the database.
*
* @default DefaultAuthScheme.NONE
*/
readonly defaultAuthScheme?: DefaultAuthScheme;
}
/**
* Construction properties for a DatabaseProxy
*/
export interface DatabaseProxyProps extends DatabaseProxyOptions {
/**
* DB proxy target: Instance or Cluster
*/
readonly proxyTarget: ProxyTarget;
}
/**
* Properties that describe an existing DB Proxy
*/
export interface DatabaseProxyAttributes {
/**
* DB Proxy Name
*/
readonly dbProxyName: string;
/**
* DB Proxy ARN
*/
readonly dbProxyArn: string;
/**
* Endpoint
*/
readonly endpoint: string;
/**
* The security groups of the instance.
*/
readonly securityGroups: ec2.ISecurityGroup[];
}
/**
* DB Proxy
*/
export interface IDatabaseProxy extends cdk.IResource, aws_rds.IDBProxyRef {
/**
* DB Proxy Name
*
* @attribute
*/
readonly dbProxyName: string;
/**
* DB Proxy ARN
*
* @attribute
*/
readonly dbProxyArn: string;
/**
* Endpoint
*
* @attribute
*/
readonly endpoint: string;
/**
* Grant the given identity connection access to the proxy.
*
* @param grantee the Principal to grant the permissions to
* @param dbUser the name of the database user to allow connecting as to the proxy
*
* @default - if the Proxy had been provided a single Secret value,
* the user will be taken from that Secret
*/
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
}
/**
* Represents an RDS Database Proxy.
*
*/
declare abstract class DatabaseProxyBase extends cdk.Resource implements IDatabaseProxy {
abstract readonly dbProxyName: string;
abstract readonly dbProxyArn: string;
abstract readonly endpoint: string;
/**
* A reference to this database proxy
*/
get dbProxyRef(): aws_rds.DBProxyReference;
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
}
/**
* RDS Database Proxy
*
* @resource AWS::RDS::DBProxy
*/
export declare class DatabaseProxy extends DatabaseProxyBase implements ec2.IConnectable, secretsmanager.ISecretAttachmentTarget {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing database proxy.
*/
static fromDatabaseProxyAttributes(scope: Construct, id: string, attrs: DatabaseProxyAttributes): IDatabaseProxy;
/**
* DB Proxy Name
*
* @attribute
*/
readonly dbProxyName: string;
/**
* DB Proxy ARN
*
* @attribute
*/
readonly dbProxyArn: string;
/**
* Endpoint
*
* @attribute
*/
readonly endpoint: string;
/**
* Access to network connections.
*/
readonly connections: ec2.Connections;
private readonly secrets?;
private readonly resource;
private readonly vpc;
constructor(scope: Construct, id: string, props: DatabaseProxyProps);
/**
* Add an Endpoint to this DB Proxy
*/
addEndpoint(id: string, options?: DatabaseProxyEndpointOptions): IDatabaseProxyEndpoint;
/**
* Renders the secret attachment target specifications.
*/
asSecretAttachmentTarget(): secretsmanager.SecretAttachmentTargetProps;
/**
* [disable-awslint:no-grants]
*/
grantConnect(grantee: iam.IGrantable, dbUser?: string): iam.Grant;
private validateClientPasswordAuthType;
}
export {};

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/proxy.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

273
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds-augmentations.generated.d.ts generated vendored Normal file
View File

@@ -0,0 +1,273 @@
import * as cw from "../../aws-cloudwatch";
declare module "./cluster-ref" {
interface IDatabaseCluster {
/**
* Return the given named metric for this DBCluster
*/
metric(metricName: string, props?: cw.MetricOptions): cw.Metric;
/**
* The percentage of CPU utilization.
*
* Average over 5 minutes
*/
metricCPUUtilization(props?: cw.MetricOptions): cw.Metric;
/**
* The number of database connections in use.
*
* Average over 5 minutes
*/
metricDatabaseConnections(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of deadlocks in the database per second.
*
* Average over 5 minutes
*/
metricDeadlocks(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of time that the instance has been running, in seconds.
*
* Average over 5 minutes
*/
metricEngineUptime(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available random access memory, in bytes.
*
* Average over 5 minutes
*/
metricFreeableMemory(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of local storage available, in bytes.
*
* Average over 5 minutes
*/
metricFreeLocalStorage(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput received from clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkReceiveThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput sent to clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkTransmitThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
*
* Average over 5 minutes
*/
metricSnapshotStorageUsed(props?: cw.MetricOptions): cw.Metric;
/**
* The total amount of backup storage in bytes for which you are billed.
*
* Average over 5 minutes
*/
metricTotalBackupStorageBilled(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of storage used by your Aurora DB instance, in bytes.
*
* Average over 5 minutes
*/
metricVolumeBytesUsed(props?: cw.MetricOptions): cw.Metric;
/**
* The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
*
* Average over 5 minutes
*/
metricVolumeReadIOPs(props?: cw.MetricOptions): cw.Metric;
/**
* The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
*
* Average over 5 minutes
*/
metricVolumeWriteIOPs(props?: cw.MetricOptions): cw.Metric;
}
}
declare module "./cluster" {
interface DatabaseClusterBase {
/**
* Return the given named metric for this DBCluster
*/
metric(metricName: string, props?: cw.MetricOptions): cw.Metric;
/**
* The percentage of CPU utilization.
*
* Average over 5 minutes
*/
metricCPUUtilization(props?: cw.MetricOptions): cw.Metric;
/**
* The number of database connections in use.
*
* Average over 5 minutes
*/
metricDatabaseConnections(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of deadlocks in the database per second.
*
* Average over 5 minutes
*/
metricDeadlocks(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of time that the instance has been running, in seconds.
*
* Average over 5 minutes
*/
metricEngineUptime(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available random access memory, in bytes.
*
* Average over 5 minutes
*/
metricFreeableMemory(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of local storage available, in bytes.
*
* Average over 5 minutes
*/
metricFreeLocalStorage(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput received from clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkReceiveThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput both received from and transmitted to clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of network throughput sent to clients by each instance, in bytes per second.
*
* Average over 5 minutes
*/
metricNetworkTransmitThroughput(props?: cw.MetricOptions): cw.Metric;
/**
* The total amount of backup storage in bytes consumed by all Aurora snapshots outside its backup retention window.
*
* Average over 5 minutes
*/
metricSnapshotStorageUsed(props?: cw.MetricOptions): cw.Metric;
/**
* The total amount of backup storage in bytes for which you are billed.
*
* Average over 5 minutes
*/
metricTotalBackupStorageBilled(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of storage used by your Aurora DB instance, in bytes.
*
* Average over 5 minutes
*/
metricVolumeBytesUsed(props?: cw.MetricOptions): cw.Metric;
/**
* The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
*
* Average over 5 minutes
*/
metricVolumeReadIOPs(props?: cw.MetricOptions): cw.Metric;
/**
* The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
*
* Average over 5 minutes
*/
metricVolumeWriteIOPs(props?: cw.MetricOptions): cw.Metric;
}
}
declare module "./instance" {
interface IDatabaseInstance {
/**
* Return the given named metric for this DBInstance
*/
metric(metricName: string, props?: cw.MetricOptions): cw.Metric;
/**
* The percentage of CPU utilization.
*
* Average over 5 minutes
*/
metricCPUUtilization(props?: cw.MetricOptions): cw.Metric;
/**
* The number of database connections in use.
*
* Average over 5 minutes
*/
metricDatabaseConnections(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available storage space.
*
* Average over 5 minutes
*/
metricFreeStorageSpace(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available random access memory.
*
* Average over 5 minutes
*/
metricFreeableMemory(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of disk read I/O operations per second.
*
* Average over 5 minutes
*/
metricWriteIOPS(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of disk write I/O operations per second.
*
* Average over 5 minutes
*/
metricReadIOPS(props?: cw.MetricOptions): cw.Metric;
}
}
declare module "./instance" {
interface DatabaseInstanceBase {
/**
* Return the given named metric for this DBInstance
*/
metric(metricName: string, props?: cw.MetricOptions): cw.Metric;
/**
* The percentage of CPU utilization.
*
* Average over 5 minutes
*/
metricCPUUtilization(props?: cw.MetricOptions): cw.Metric;
/**
* The number of database connections in use.
*
* Average over 5 minutes
*/
metricDatabaseConnections(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available storage space.
*
* Average over 5 minutes
*/
metricFreeStorageSpace(props?: cw.MetricOptions): cw.Metric;
/**
* The amount of available random access memory.
*
* Average over 5 minutes
*/
metricFreeableMemory(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of disk read I/O operations per second.
*
* Average over 5 minutes
*/
metricWriteIOPS(props?: cw.MetricOptions): cw.Metric;
/**
* The average number of disk write I/O operations per second.
*
* Average over 5 minutes
*/
metricReadIOPS(props?: cw.MetricOptions): cw.Metric;
}
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds-augmentations.generated.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var cw=()=>{var tmp=require("../../aws-cloudwatch");return cw=()=>tmp,tmp},cluster_1=()=>{var tmp=require("./cluster");return cluster_1=()=>tmp,tmp},instance_1=()=>{var tmp=require("./instance");return instance_1=()=>tmp,tmp};cluster_1().DatabaseClusterBase.prototype.metric=function(metricName,props){return new(cw()).Metric({namespace:"AWS/RDS",metricName,dimensionsMap:{DBClusterIdentifier:this.clusterIdentifier},...props}).attachTo(this)},cluster_1().DatabaseClusterBase.prototype.metricCPUUtilization=function(props){return this.metric("CPUUtilization",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricDatabaseConnections=function(props){return this.metric("DatabaseConnections",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricDeadlocks=function(props){return this.metric("Deadlocks",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricEngineUptime=function(props){return this.metric("EngineUptime",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricFreeableMemory=function(props){return this.metric("FreeableMemory",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricFreeLocalStorage=function(props){return this.metric("FreeLocalStorage",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricNetworkReceiveThroughput=function(props){return this.metric("NetworkReceiveThroughput",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricNetworkThroughput=function(props){return this.metric("NetworkThroughput",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricNetworkTransmitThroughput=function(props){return this.metric("NetworkTransmitThroughput",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricSnapshotStorageUsed=function(props){return this.metric("SnapshotStorageUsed",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricTotalBackupStorageBilled=function(props){return this.metric("TotalBackupStorageBilled",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricVolumeBytesUsed=function(props){return this.metric("VolumeBytesUsed",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricVolumeReadIOPs=function(props){return this.metric("VolumeReadIOPs",{statistic:"Average",...props})},cluster_1().DatabaseClusterBase.prototype.metricVolumeWriteIOPs=function(props){return this.metric("VolumeWriteIOPs",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metric=function(metricName,props){return new(cw()).Metric({namespace:"AWS/RDS",metricName,dimensionsMap:{DBInstanceIdentifier:this.instanceIdentifier},...props}).attachTo(this)},instance_1().DatabaseInstanceBase.prototype.metricCPUUtilization=function(props){return this.metric("CPUUtilization",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metricDatabaseConnections=function(props){return this.metric("DatabaseConnections",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metricFreeStorageSpace=function(props){return this.metric("FreeStorageSpace",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metricFreeableMemory=function(props){return this.metric("FreeableMemory",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metricWriteIOPS=function(props){return this.metric("WriteIOPS",{statistic:"Average",...props})},instance_1().DatabaseInstanceBase.prototype.metricReadIOPS=function(props){return this.metric("ReadIOPS",{statistic:"Average",...props})};

113
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds-canned-metrics.generated.d.ts generated vendored Normal file
View File

@@ -0,0 +1,113 @@
export interface MetricWithDims<D> {
readonly namespace: string;
readonly metricName: string;
readonly statistic: string;
readonly dimensionsMap: D;
}
export declare class RDSMetrics {
static cpuUtilizationAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static cpuUtilizationAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static readLatencyAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static readLatencyAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static databaseConnectionsSum(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static databaseConnectionsSum(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static freeStorageSpaceAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static freeStorageSpaceAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static freeableMemoryAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static freeableMemoryAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static readThroughputAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static readThroughputAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static readIopsAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static readIopsAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static writeLatencyAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static writeLatencyAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static writeThroughputAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static writeThroughputAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static writeIopsAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
static writeIopsAverage(this: void, dimensions: {
DBClusterIdentifier: string;
}): MetricWithDims<{
DBClusterIdentifier: string;
}>;
static serverlessDatabaseCapacityAverage(this: void, dimensions: {
DBInstanceIdentifier: string;
}): MetricWithDims<{
DBInstanceIdentifier: string;
}>;
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds-canned-metrics.generated.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RDSMetrics=void 0;class RDSMetrics{static cpuUtilizationAverage(dimensions){return{namespace:"AWS/RDS",metricName:"CPUUtilization",dimensionsMap:dimensions,statistic:"Average"}}static readLatencyAverage(dimensions){return{namespace:"AWS/RDS",metricName:"ReadLatency",dimensionsMap:dimensions,statistic:"Average"}}static databaseConnectionsSum(dimensions){return{namespace:"AWS/RDS",metricName:"DatabaseConnections",dimensionsMap:dimensions,statistic:"Sum"}}static freeStorageSpaceAverage(dimensions){return{namespace:"AWS/RDS",metricName:"FreeStorageSpace",dimensionsMap:dimensions,statistic:"Average"}}static freeableMemoryAverage(dimensions){return{namespace:"AWS/RDS",metricName:"FreeableMemory",dimensionsMap:dimensions,statistic:"Average"}}static readThroughputAverage(dimensions){return{namespace:"AWS/RDS",metricName:"ReadThroughput",dimensionsMap:dimensions,statistic:"Average"}}static readIopsAverage(dimensions){return{namespace:"AWS/RDS",metricName:"ReadIOPS",dimensionsMap:dimensions,statistic:"Average"}}static writeLatencyAverage(dimensions){return{namespace:"AWS/RDS",metricName:"WriteLatency",dimensionsMap:dimensions,statistic:"Average"}}static writeThroughputAverage(dimensions){return{namespace:"AWS/RDS",metricName:"WriteThroughput",dimensionsMap:dimensions,statistic:"Average"}}static writeIopsAverage(dimensions){return{namespace:"AWS/RDS",metricName:"WriteIOPS",dimensionsMap:dimensions,statistic:"Average"}}static serverlessDatabaseCapacityAverage(dimensions){return{namespace:"AWS/RDS",metricName:"ServerlessDatabaseCapacity",dimensionsMap:dimensions,statistic:"Average"}}}exports.RDSMetrics=RDSMetrics;

8083
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds.generated.d.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/rds.generated.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

427
cdk/node_modules/aws-cdk-lib/aws-rds/lib/serverless-cluster.d.ts generated vendored Normal file
View File

@@ -0,0 +1,427 @@
import type { Construct } from 'constructs';
import type { IClusterEngine } from './cluster-engine';
import { Endpoint } from './endpoint';
import type { IParameterGroup } from './parameter-group';
import type { Credentials, RotationMultiUserOptions, RotationSingleUserOptions, SnapshotCredentials } from './props';
import type { CfnDBClusterProps } from './rds.generated';
import * as ec2 from '../../aws-ec2';
import * as iam from '../../aws-iam';
import type * as kms from '../../aws-kms';
import * as secretsmanager from '../../aws-secretsmanager';
import type { Duration, IResource } from '../../core';
import { RemovalPolicy, Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Interface representing a serverless database cluster.
*
*/
export interface IServerlessCluster extends IResource, ec2.IConnectable, secretsmanager.ISecretAttachmentTarget, aws_rds.IDBClusterRef {
/**
* Identifier of the cluster
*/
readonly clusterIdentifier: string;
/**
* The ARN of the cluster
*/
readonly clusterArn: string;
/**
* The endpoint to use for read/write operations
* @attribute EndpointAddress,EndpointPort
*/
readonly clusterEndpoint: Endpoint;
/**
* Endpoint to use for load-balanced read-only operations.
* @attribute ReadEndpointAddress
*/
readonly clusterReadEndpoint: Endpoint;
/**
* Grant the given identity to access to the Data API.
*
* [disable-awslint:no-grants]
*
* @param grantee The principal to grant access to
*/
grantDataApiAccess(grantee: iam.IGrantable): iam.Grant;
}
/**
* Common Properties to configure new Aurora Serverless v1 Cluster or Aurora Serverless v1 Cluster from snapshot
*/
interface ServerlessClusterNewProps {
/**
* What kind of database to start
*/
readonly engine: IClusterEngine;
/**
* An optional identifier for the cluster
*
* @default - A name is automatically generated.
*/
readonly clusterIdentifier?: string;
/**
* The number of days during which automatic DB snapshots are retained.
* Automatic backup retention cannot be disabled on serverless clusters.
* Must be a value from 1 day to 35 days.
*
* @default Duration.days(1)
*/
readonly backupRetention?: Duration;
/**
* Name of a database which is automatically created inside the cluster
*
* @default - Database is not created in cluster.
*/
readonly defaultDatabaseName?: string;
/**
* Indicates whether the DB cluster should have deletion protection enabled.
*
* @default - true if removalPolicy is RETAIN, false otherwise
*/
readonly deletionProtection?: boolean;
/**
* Whether to enable the Data API.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html
*
* @default false
*/
readonly enableDataApi?: boolean;
/**
* The VPC that this Aurora Serverless v1 Cluster has been created in.
*
* @default - the default VPC in the account and region will be used
*/
readonly vpc?: ec2.IVpc;
/**
* Where to place the instances within the VPC.
* If provided, the `vpc` property must also be specified.
*
* @default - the VPC default strategy if not specified.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* Scaling configuration of an Aurora Serverless database cluster.
*
* @default - Serverless cluster is automatically paused after 5 minutes of being idle.
* minimum capacity: 2 ACU
* maximum capacity: 16 ACU
*/
readonly scaling?: ServerlessScalingOptions;
/**
* The removal policy to apply when the cluster and its instances are removed
* from the stack or replaced during an update.
*
* @default - RemovalPolicy.SNAPSHOT (remove the cluster and instances, but retain a snapshot of the data)
*/
readonly removalPolicy?: RemovalPolicy;
/**
* Security group.
*
* @default - a new security group is created if `vpc` was provided.
* If the `vpc` property was not provided, no VPC security groups will be associated with the DB cluster.
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* Additional parameters to pass to the database engine
*
* @default - no parameter group.
*/
readonly parameterGroup?: IParameterGroup;
/**
* Existing subnet group for the cluster.
*
* @default - a new subnet group is created if `vpc` was provided.
* If the `vpc` property was not provided, no subnet group will be associated with the DB cluster
*/
readonly subnetGroup?: aws_rds.IDBSubnetGroupRef;
/**
* Whether to copy tags to the snapshot when a snapshot is created.
*
* @default - true
*/
readonly copyTagsToSnapshot?: boolean;
}
/**
* Properties that describe an existing cluster instance
*
*/
export interface ServerlessClusterAttributes {
/**
* Identifier for the cluster
*/
readonly clusterIdentifier: string;
/**
* The database port
*
* @default - none
*/
readonly port?: number;
/**
* The security groups of the database cluster
*
* @default - no security groups
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* Cluster endpoint address
*
* @default - no endpoint address
*/
readonly clusterEndpointAddress?: string;
/**
* Reader endpoint address
*
* @default - no reader address
*/
readonly readerEndpointAddress?: string;
/**
* The secret attached to the database cluster
*
* @default - no secret
*/
readonly secret?: secretsmanager.ISecret;
}
/**
* Aurora capacity units (ACUs).
* Each ACU is a combination of processing and memory capacity.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.setting-capacity.html
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.architecture
*
*/
export declare enum AuroraCapacityUnit {
/** 1 Aurora Capacity Unit */
ACU_1 = 1,
/** 2 Aurora Capacity Units */
ACU_2 = 2,
/** 4 Aurora Capacity Units */
ACU_4 = 4,
/** 8 Aurora Capacity Units */
ACU_8 = 8,
/** 16 Aurora Capacity Units */
ACU_16 = 16,
/** 32 Aurora Capacity Units */
ACU_32 = 32,
/** 64 Aurora Capacity Units */
ACU_64 = 64,
/** 128 Aurora Capacity Units */
ACU_128 = 128,
/** 192 Aurora Capacity Units */
ACU_192 = 192,
/** 256 Aurora Capacity Units */
ACU_256 = 256,
/** 384 Aurora Capacity Units */
ACU_384 = 384
}
/**
* TimeoutAction defines the action to take when a timeout occurs if a scaling point is not found.
*
* @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v1.how-it-works.html#aurora-serverless.how-it-works.timeout-action
*/
export declare enum TimeoutAction {
/**
* FORCE_APPLY_CAPACITY_CHANGE sets the capacity to the specified value as soon as possible.
* Transactions may be interrupted, and connections to temporary tables and locks may be dropped.
* Only select this option if your application can recover from dropped connections or incomplete transactions.
*/
FORCE_APPLY_CAPACITY_CHANGE = "ForceApplyCapacityChange",
/**
* ROLLBACK_CAPACITY_CHANGE ignores the capacity change if a scaling point is not found.
* This is the default behavior.
*/
ROLLBACK_CAPACITY_CHANGE = "RollbackCapacityChange"
}
/**
* Options for configuring scaling on an Aurora Serverless v1 Cluster
*
*/
export interface ServerlessScalingOptions {
/**
* The minimum capacity for an Aurora Serverless database cluster.
*
* @default - determined by Aurora based on database engine
*/
readonly minCapacity?: AuroraCapacityUnit;
/**
* The maximum capacity for an Aurora Serverless database cluster.
*
* @default - determined by Aurora based on database engine
*/
readonly maxCapacity?: AuroraCapacityUnit;
/**
* The time before an Aurora Serverless database cluster is paused.
* A database cluster can be paused only when it is idle (it has no connections).
* Auto pause time must be between 5 minutes and 1 day.
*
* If a DB cluster is paused for more than seven days, the DB cluster might be
* backed up with a snapshot. In this case, the DB cluster is restored when there
* is a request to connect to it.
*
* Set to 0 to disable
*
* @default - automatic pause enabled after 5 minutes
*/
readonly autoPause?: Duration;
/**
* The amount of time that Aurora Serverless v1 tries to find a scaling point to perform
* seamless scaling before enforcing the timeout action.
*
* @default - 5 minutes
*/
readonly timeout?: Duration;
/**
* The action to take when the timeout is reached.
* Selecting ForceApplyCapacityChange will force the capacity to the specified value as soon as possible, even without a scaling point.
* Selecting RollbackCapacityChange will ignore the capacity change if a scaling point is not found. This is the default behavior.
*
* @default - TimeoutAction.ROLLBACK_CAPACITY_CHANGE
*/
readonly timeoutAction?: TimeoutAction;
}
/**
* New or imported Serverless Cluster
*/
declare abstract class ServerlessClusterBase extends Resource implements IServerlessCluster {
/**
* Identifier of the cluster
*/
abstract readonly clusterIdentifier: string;
/**
* The endpoint to use for read/write operations
*/
abstract readonly clusterEndpoint: Endpoint;
/**
* The endpoint to use for read/write operations
*/
abstract readonly clusterReadEndpoint: Endpoint;
/**
* Access to the network connections
*/
abstract readonly connections: ec2.Connections;
/**
* The secret attached to this cluster
*/
abstract readonly secret?: secretsmanager.ISecret;
protected abstract enableDataApi?: boolean;
/**
* The ARN of the cluster
*/
get clusterArn(): string;
/**
* A reference to this serverless cluster
*/
get dbClusterRef(): aws_rds.DBClusterReference;
/**
* Grant the given identity to access to the Data API, including read access to the secret attached to the cluster if present
*
* [disable-awslint:no-grants]
*
* @param grantee The principal to grant access to
*/
grantDataApiAccess(grantee: iam.IGrantable): iam.Grant;
/**
* Renders the secret attachment target specifications.
*/
asSecretAttachmentTarget(): secretsmanager.SecretAttachmentTargetProps;
}
/**
* Create an Aurora Serverless v1 Cluster
*
* @resource AWS::RDS::DBCluster
*/
declare abstract class ServerlessClusterNew extends ServerlessClusterBase {
readonly connections: ec2.Connections;
protected readonly newCfnProps: CfnDBClusterProps;
protected readonly securityGroups: ec2.ISecurityGroup[];
protected enableDataApi?: boolean;
constructor(scope: Construct, id: string, props: ServerlessClusterNewProps);
private renderScalingConfiguration;
}
/**
* Properties for a new Aurora Serverless v1 Cluster
*/
export interface ServerlessClusterProps extends ServerlessClusterNewProps {
/**
* Credentials for the administrative user
*
* @default - A username of 'admin' and SecretsManager-generated password
*/
readonly credentials?: Credentials;
/**
* The KMS key for storage encryption.
*
* @default - the default master key will be used for storage encryption
*/
readonly storageEncryptionKey?: kms.IKey;
}
/**
* Create an Aurora Serverless v1 Cluster
*
* @resource AWS::RDS::DBCluster
*
*/
export declare class ServerlessCluster extends ServerlessClusterNew {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing DatabaseCluster from properties
*/
static fromServerlessClusterAttributes(scope: Construct, id: string, attrs: ServerlessClusterAttributes): IServerlessCluster;
readonly clusterIdentifier: string;
private readonly _clusterEndpoint;
readonly clusterReadEndpoint: Endpoint;
readonly secret?: secretsmanager.ISecret;
private readonly vpc?;
private readonly vpcSubnets?;
private readonly singleUserRotationApplication;
private readonly multiUserRotationApplication;
constructor(scope: Construct, id: string, props: ServerlessClusterProps);
get clusterEndpoint(): Endpoint;
/**
* Adds the single user rotation of the master password to this cluster.
*/
addRotationSingleUser(options?: RotationSingleUserOptions): secretsmanager.SecretRotation;
/**
* Adds the multi user rotation to this cluster.
*/
addRotationMultiUser(id: string, options: RotationMultiUserOptions): secretsmanager.SecretRotation;
}
/**
* Properties for ``ServerlessClusterFromSnapshot``
*/
export interface ServerlessClusterFromSnapshotProps extends ServerlessClusterNewProps {
/**
* The identifier for the DB instance snapshot or DB cluster snapshot to restore from.
* You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot.
* However, you can use only the ARN to specify a DB instance snapshot.
*/
readonly snapshotIdentifier: string;
/**
* Master user credentials.
*
* Note - It is not possible to change the master username for a snapshot;
* however, it is possible to provide (or generate) a new password.
*
* @default - The existing username and password from the snapshot will be used.
*/
readonly credentials?: SnapshotCredentials;
}
/**
* A Aurora Serverless v1 Cluster restored from a snapshot.
*
* @resource AWS::RDS::DBCluster
*/
export declare class ServerlessClusterFromSnapshot extends ServerlessClusterNew {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
readonly clusterIdentifier: string;
private readonly _clusterEndpoint;
readonly clusterReadEndpoint: Endpoint;
readonly secret?: secretsmanager.ISecret;
constructor(scope: Construct, id: string, props: ServerlessClusterFromSnapshotProps);
get clusterEndpoint(): Endpoint;
}
export {};

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/serverless-cluster.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

66
cdk/node_modules/aws-cdk-lib/aws-rds/lib/subnet-group.d.ts generated vendored Normal file
View File

@@ -0,0 +1,66 @@
import type { Construct } from 'constructs';
import * as ec2 from '../../aws-ec2';
import type { IResource, RemovalPolicy } from '../../core';
import { Resource } from '../../core';
import type { aws_rds } from '../../interfaces';
/**
* Interface for a subnet group.
*/
export interface ISubnetGroup extends IResource, aws_rds.IDBSubnetGroupRef {
/**
* The name of the subnet group.
* @attribute
*/
readonly subnetGroupName: string;
}
/**
* Properties for creating a SubnetGroup.
*/
export interface SubnetGroupProps {
/**
* Description of the subnet group.
*/
readonly description: string;
/**
* The VPC to place the subnet group in.
*/
readonly vpc: ec2.IVpc;
/**
* The name of the subnet group.
*
* @default - a name is generated
*/
readonly subnetGroupName?: string;
/**
* Which subnets within the VPC to associate with this group.
*
* @default - private subnets
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* The removal policy to apply when the subnet group are removed
* from the stack or replaced during an update.
*
* @default RemovalPolicy.DESTROY
*/
readonly removalPolicy?: RemovalPolicy;
}
/**
* Class for creating a RDS DB subnet group
*
* @resource AWS::RDS::DBSubnetGroup
*/
export declare class SubnetGroup extends Resource implements ISubnetGroup {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* Imports an existing subnet group by name.
*/
static fromSubnetGroupName(scope: Construct, id: string, subnetGroupName: string): ISubnetGroup;
readonly subnetGroupName: string;
/**
* A reference to this subnet group
*/
get dbSubnetGroupRef(): aws_rds.DBSubnetGroupReference;
constructor(scope: Construct, id: string, props: SubnetGroupProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/subnet-group.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.SubnetGroup=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var rds_generated_1=()=>{var tmp=require("./rds.generated");return rds_generated_1=()=>tmp,tmp},ec2=()=>{var tmp=require("../../aws-ec2");return ec2=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp};let SubnetGroup=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=core_1().Resource;var SubnetGroup2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),SubnetGroup2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_rds.SubnetGroup",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-rds.SubnetGroup";static fromSubnetGroupName(scope,id,subnetGroupName){return new class extends core_1().Resource{subnetGroupName=subnetGroupName;get dbSubnetGroupRef(){return{dbSubnetGroupName:this.subnetGroupName}}}(scope,id)}subnetGroupName;get dbSubnetGroupRef(){return{dbSubnetGroupName:this.subnetGroupName}}constructor(scope,id,props){super(scope,id);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_rds_SubnetGroupProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,SubnetGroup2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const{subnetIds}=props.vpc.selectSubnets(props.vpcSubnets??{subnetType:ec2().SubnetType.PRIVATE_WITH_EGRESS}),subnetGroup=new(rds_generated_1()).CfnDBSubnetGroup(this,"Default",{dbSubnetGroupDescription:props.description,dbSubnetGroupName:core_1().Token.isUnresolved(props.subnetGroupName)?props.subnetGroupName:props.subnetGroupName?.toLowerCase(),subnetIds});props.removalPolicy&&subnetGroup.applyRemovalPolicy(props.removalPolicy),this.subnetGroupName=subnetGroup.ref}static{__runInitializers(_classThis,_classExtraInitializers)}};return SubnetGroup2=_classThis})();exports.SubnetGroup=SubnetGroup;

11
cdk/node_modules/aws-cdk-lib/aws-rds/lib/validate-database-insights.d.ts generated vendored Normal file
View File

@@ -0,0 +1,11 @@
import type { Construct } from 'constructs';
import type { DatabaseClusterProps } from './cluster';
import type { DatabaseInstanceProps } from './instance';
/**
* Validates database instance properties
*/
export declare function validateDatabaseInstanceProps(scope: Construct, props: DatabaseInstanceProps): void;
/**
* Validates database cluster properties
*/
export declare function validateDatabaseClusterProps(scope: Construct, props: DatabaseClusterProps): void;

1
cdk/node_modules/aws-cdk-lib/aws-rds/lib/validate-database-insights.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.validateDatabaseInstanceProps=validateDatabaseInstanceProps,exports.validateDatabaseClusterProps=validateDatabaseClusterProps;var cluster_1=()=>{var tmp=require("./cluster");return cluster_1=()=>tmp,tmp},database_insights_mode_1=()=>{var tmp=require("./database-insights-mode");return database_insights_mode_1=()=>tmp,tmp},instance_1=()=>{var tmp=require("./instance");return instance_1=()=>tmp,tmp},props_1=()=>{var tmp=require("./props");return props_1=()=>tmp,tmp},helpers_internal_1=()=>{var tmp=require("../../core/lib/helpers-internal");return helpers_internal_1=()=>tmp,tmp};const databaseInsightsRules=[{condition:props=>props.enablePerformanceInsights===!1&&(props.performanceInsightRetention!==void 0||props.performanceInsightEncryptionKey!==void 0||props.databaseInsightsMode===database_insights_mode_1().DatabaseInsightsMode.ADVANCED),message:()=>"`enablePerformanceInsights` disabled, but `performanceInsightRetention` or `performanceInsightEncryptionKey` was set, or `databaseInsightsMode` was set to '${DatabaseInsightsMode.ADVANCED}'"},{condition:props=>props.databaseInsightsMode===database_insights_mode_1().DatabaseInsightsMode.ADVANCED&&props.performanceInsightRetention!==props_1().PerformanceInsightRetention.MONTHS_15,message:()=>"`performanceInsightRetention` must be set to '${PerformanceInsightRetention.MONTHS_15}' when `databaseInsightsMode` is set to '${DatabaseInsightsMode.ADVANCED}'"}],clusterSpecificRules=[{condition:props=>props.replicationSourceIdentifier!==void 0&&props.credentials!==void 0,message:()=>"Cannot specify both `replicationSourceIdentifier` and `credentials`. The value is inherited from the source DB cluster"}],limitlessDatabaseRules=[{condition:props=>!props.enablePerformanceInsights,message:()=>"Performance Insights must be enabled for Aurora Limitless Database"},{condition:props=>!props.performanceInsightRetention||props.performanceInsightRetention<props_1().PerformanceInsightRetention.MONTHS_1,message:()=>"Performance Insights retention period must be set to at least 31 days for Aurora Limitless Database"},{condition:props=>!props.monitoringInterval||!props.enableClusterLevelEnhancedMonitoring,message:()=>"Cluster level enhanced monitoring must be set for Aurora Limitless Database. Please set 'monitoringInterval' and enable 'enableClusterLevelEnhancedMonitoring'"},{condition:props=>!!(props.writer||props.readers),message:()=>"Aurora Limitless Database does not support reader or writer instances"},{condition:props=>!props.engine.engineVersion?.fullVersion?.endsWith("limitless"),message:props=>`Aurora Limitless Database requires an engine version that supports it, got: ${props.engine.engineVersion?.fullVersion}`},{condition:props=>props.storageType!==cluster_1().DBClusterStorageType.AURORA_IOPT1,message:props=>`Aurora Limitless Database requires I/O optimized storage type, got: ${props.storageType}`},{condition:props=>props.cloudwatchLogsExports===void 0||props.cloudwatchLogsExports.length===0,message:()=>"Aurora Limitless Database requires CloudWatch Logs exports to be set"}];function validateDatabaseInstanceProps(scope,props){(0,helpers_internal_1().validateAllProps)(scope,instance_1().DatabaseInstance.name,props,databaseInsightsRules)}function validateDatabaseClusterProps(scope,props){const applicableRules=props.clusterScailabilityType===cluster_1().ClusterScailabilityType.LIMITLESS?[...databaseInsightsRules,...clusterSpecificRules,...limitlessDatabaseRules]:[...databaseInsightsRules,...clusterSpecificRules];(0,helpers_internal_1().validateAllProps)(scope,cluster_1().DatabaseCluster.name,props,applicableRules)}