AWS::DocDB::DBCluster
The AWS::DocDB::DBCluster Amazon DocumentDB (with MongoDB compatibility) resource describes a DBCluster.
Amazon DocumentDB is a fully managed, MongoDB-compatible document database engine. For more information, see
DBCluster in the Amazon DocumentDB Developer Guide.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::DocDB::DBCluster", "Properties" : { "AvailabilityZones" :[ String, ... ], "BackupRetentionPeriod" :Integer, "CopyTagsToSnapshot" :Boolean, "DBClusterIdentifier" :String, "DBClusterParameterGroupName" :String, "DBSubnetGroupName" :String, "DeletionProtection" :Boolean, "EnableCloudwatchLogsExports" :[ String, ... ], "EngineVersion" :String, "KmsKeyId" :String, "MasterUsername" :String, "MasterUserPassword" :String, "Port" :Integer, "PreferredBackupWindow" :String, "PreferredMaintenanceWindow" :String, "RestoreToTime" :String, "RestoreType" :String, "SnapshotIdentifier" :String, "SourceDBClusterIdentifier" :String, "StorageEncrypted" :Boolean, "Tags" :[ Tag, ... ], "UseLatestRestorableTime" :Boolean, "VpcSecurityGroupIds" :[ String, ... ]} }
YAML
Type: AWS::DocDB::DBCluster Properties: AvailabilityZones:- StringBackupRetentionPeriod:IntegerCopyTagsToSnapshot:BooleanDBClusterIdentifier:StringDBClusterParameterGroupName:StringDBSubnetGroupName:StringDeletionProtection:BooleanEnableCloudwatchLogsExports:- StringEngineVersion:StringKmsKeyId:StringMasterUsername:StringMasterUserPassword:StringPort:IntegerPreferredBackupWindow:StringPreferredMaintenanceWindow:StringRestoreToTime:StringRestoreType:StringSnapshotIdentifier:StringSourceDBClusterIdentifier:StringStorageEncrypted:BooleanTags:- TagUseLatestRestorableTime:BooleanVpcSecurityGroupIds:- String
Properties
AvailabilityZones-
A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.
Required: No
Type: List of String
Update requires: Replacement
BackupRetentionPeriod-
The number of days for which automated backups are retained. You must specify a minimum value of 1.
Default: 1
Constraints:
-
Must be a value from 1 to 35.
Required: No
Type: Integer
Update requires: No interruption
-
CopyTagsToSnapshotProperty description not available.
Required: No
Type: Boolean
Update requires: No interruption
DBClusterIdentifier-
The cluster identifier. This parameter is stored as a lowercase string.
Constraints:
-
Must contain from 1 to 63 letters, numbers, or hyphens.
-
The first character must be a letter.
-
Cannot end with a hyphen or contain two consecutive hyphens.
Example:
my-clusterRequired: No
Type: String
Update requires: Replacement
-
DBClusterParameterGroupName-
The name of the cluster parameter group to associate with this cluster.
Required: No
Type: String
Update requires: No interruption
DBSubnetGroupName-
A subnet group to associate with this cluster.
Constraints: Must match the name of an existing
DBSubnetGroup. Must not be default.Example:
mySubnetgroupRequired: No
Type: String
Update requires: Replacement
DeletionProtection-
Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and
DeletionProtectionis disabled.Required: No
Type: Boolean
Update requires: No interruption
EnableCloudwatchLogsExports-
The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see Auditing Amazon DocumentDB Events and Profiling Amazon DocumentDB Operations.
Required: No
Type: List of String
Update requires: No interruption
EngineVersion-
The version number of the database engine to use. The
--engine-versionwill default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.Required: No
Type: String
Update requires: Replacement
KmsKeyId-
The Amazon KMS key identifier for an encrypted cluster.
The Amazon KMS key identifier is the Amazon Resource Name (ARN) for the Amazon KMS encryption key. If you are creating a cluster using the same Amazon Web Services account that owns the Amazon KMS encryption key that is used to encrypt the new cluster, you can use the Amazon KMS key alias instead of the ARN for the Amazon KMS encryption key.
If an encryption key is not specified in
KmsKeyId:-
If the
StorageEncryptedparameter istrue, Amazon DocumentDB uses your default encryption key.
Amazon KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Regions.
Required: No
Type: String
Update requires: Replacement
-
MasterUsername-
The name of the master user for the cluster.
Constraints:
-
Must be from 1 to 63 letters or numbers.
-
The first character must be a letter.
-
Cannot be a reserved word for the chosen database engine.
Required: Conditional
Type: String
Update requires: Replacement
-
MasterUserPassword-
The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote ("), or the "at" symbol (@).
Constraints: Must contain from 8 to 100 characters.
Required: Conditional
Type: String
Update requires: No interruption
Port-
Specifies the port that the database engine is listening on.
Required: No
Type: Integer
Update requires: No interruption
PreferredBackupWindow-
The daily time range during which automated backups are created if automated backups are enabled using the
BackupRetentionPeriodparameter.The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region.
Constraints:
-
Must be in the format
hh24:mi-hh24:mi. -
Must be in Universal Coordinated Time (UTC).
-
Must not conflict with the preferred maintenance window.
-
Must be at least 30 minutes.
Required: No
Type: String
Update requires: No interruption
-
PreferredMaintenanceWindow-
The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format:
ddd:hh24:mi-ddd:hh24:miThe default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week.
Valid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun
Constraints: Minimum 30-minute window.
Required: No
Type: String
Update requires: No interruption
RestoreToTimeProperty description not available.
Required: No
Type: String
Update requires: No interruption
RestoreTypeProperty description not available.
Required: No
Type: String
Update requires: No interruption
SnapshotIdentifier-
The identifier for the snapshot or cluster snapshot to restore from.
You can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.
Constraints:
-
Must match the identifier of an existing snapshot.
Required: No
Type: String
Update requires: Replacement
-
SourceDBClusterIdentifierProperty description not available.
Required: No
Type: String
Update requires: Replacement
StorageEncrypted-
Specifies whether the cluster is encrypted.
Required: Conditional
Type: Boolean
Update requires: Replacement
Tags-
The tags to be assigned to the cluster.
Required: No
Type: List of Tag
Update requires: No interruption
UseLatestRestorableTimeProperty description not available.
Required: No
Type: Boolean
Update requires: No interruption
VpcSecurityGroupIds-
A list of EC2 VPC security groups to associate with this cluster.
Required: No
Type: List of String
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the DBClusterIdentifier, such as mycluster.
For more information about using the Reffunction, see Ref.
Fn::GetAtt
The Fn::GetAttintrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAttintrinsic function, see Fn::GetAtt.
ClusterResourceId-
The resource id for the cluster; for example:
cluster-ABCD1234EFGH5678IJKL90MNOP. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies. Endpoint-
The connection endpoint for the cluster, such as
sample-cluster.cluster-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com. Port-
The port number on which the cluster accepts connections. For example:
27017. ReadEndpoint-
The reader endpoint for the cluster. For example:
sample-cluster.cluster-ro-cozrlsfrcjoc.us-east-1.docdb.amazonaws.com.
Examples
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDBInstance" : { "Type" : "AWS::DocDB::DBCluster", "Properties" : { "BackupRetentionPeriod" : 8, "DBClusterIdentifier" : "sample-cluster", "DBClusterParameterGroupName" : "default.docdb3.6", "DBSubnetGroupName" : "default", "KmsKeyId" : "your-kms-key-id", "MasterUsername" : "your-master-username", "MasterUserPassword" : "your-master-user-password", "Port" : "27017", "PreferredBackupWindow" : "07:34-08:04", "PreferredMaintenanceWindow" : "sat:04:51-sat:05:21", "SnapshotIdentifier" : "sample-cluster-snapshot-id", "StorageEncrypted" : true, "Tags" : [ {"Key" : "String", "Value" : "String"} ] } } } }
YAML
AWSTemplateFormatVersion: "2010-09-09" Resources: myDBInstance: Type: "AWS::DocDB::DBCluster" Properties: BackupRetentionPeriod : 8 DBClusterIdentifier : "sample-cluster" DBClusterParameterGroupName : "default.docdb3.6" DBSubnetGroupName : "default" KmsKeyId : "your-kms-key-id" MasterUsername : "your-master-username" MasterUserPassword : "your-master-user-password" Port : "27017" PreferredBackupWindow : "07:34-08:04" PreferredMaintenanceWindow : "sat:04:51-sat:05:21" SnapshotIdentifier : "sample-cluster-snapshot-id" StorageEncrypted : true Tags: - Key: "String" Value: "String"