db_proxies
Creates, updates, deletes or gets a db_proxy resource or lists db_proxies in a region
Overview
| Name | db_proxies |
| Type | Resource |
| Description | Resource schema for AWS::RDS::DBProxy |
| Id | awscc.rds.db_proxies |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
auth | array | The authorization mechanism that the proxy uses. |
db_proxy_arn | string | The Amazon Resource Name (ARN) for the proxy. |
db_proxy_name | string | The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. |
debug_logging | boolean | Whether the proxy includes detailed information about SQL statements in its logs. |
endpoint | string | The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application. |
engine_family | string | The kinds of databases that the proxy can connect to. |
idle_client_timeout | integer | The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. |
require_tls | boolean | A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. |
role_arn | string | The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager. |
tags | array | An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy. |
vpc_id | string | VPC ID to associate with the new DB proxy. |
vpc_security_group_ids | array | VPC security group IDs to associate with the new proxy. |
vpc_subnet_ids | array | VPC subnet IDs to associate with the new proxy. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
db_proxy_name | string | The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. |
region | string | AWS region. |
For more information, see AWS::RDS::DBProxy.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | db_proxies | INSERT | Auth, DBProxyName, EngineFamily, RoleArn, VpcSubnetIds, region |
delete_resource | db_proxies | DELETE | Identifier, region |
update_resource | db_proxies | UPDATE | Identifier, PatchDocument, region |
list_resources | db_proxies_list_only | SELECT | region |
get_resource | db_proxies | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual db_proxy.
SELECT
region,
auth,
db_proxy_arn,
db_proxy_name,
debug_logging,
endpoint,
engine_family,
idle_client_timeout,
require_tls,
role_arn,
tags,
vpc_id,
vpc_security_group_ids,
vpc_subnet_ids
FROM awscc.rds.db_proxies
WHERE
region = 'us-east-1' AND
Identifier = '{{ db_proxy_name }}';
Lists all db_proxies in a region.
SELECT
region,
db_proxy_name
FROM awscc.rds.db_proxies_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new db_proxy resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.rds.db_proxies (
Auth,
DBProxyName,
EngineFamily,
RoleArn,
VpcSubnetIds,
region
)
SELECT
'{{ auth }}',
'{{ db_proxy_name }}',
'{{ engine_family }}',
'{{ role_arn }}',
'{{ vpc_subnet_ids }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.rds.db_proxies (
Auth,
DBProxyName,
DebugLogging,
EngineFamily,
IdleClientTimeout,
RequireTLS,
RoleArn,
Tags,
VpcSecurityGroupIds,
VpcSubnetIds,
region
)
SELECT
'{{ auth }}',
'{{ db_proxy_name }}',
'{{ debug_logging }}',
'{{ engine_family }}',
'{{ idle_client_timeout }}',
'{{ require_tls }}',
'{{ role_arn }}',
'{{ tags }}',
'{{ vpc_security_group_ids }}',
'{{ vpc_subnet_ids }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: db_proxy
props:
- name: auth
value:
- auth_scheme: '{{ auth_scheme }}'
description: '{{ description }}'
iam_auth: '{{ iam_auth }}'
secret_arn: '{{ secret_arn }}'
client_password_auth_type: '{{ client_password_auth_type }}'
- name: db_proxy_name
value: '{{ db_proxy_name }}'
- name: debug_logging
value: '{{ debug_logging }}'
- name: engine_family
value: '{{ engine_family }}'
- name: idle_client_timeout
value: '{{ idle_client_timeout }}'
- name: require_tls
value: '{{ require_tls }}'
- name: role_arn
value: '{{ role_arn }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
- name: vpc_security_group_ids
value:
- '{{ vpc_security_group_ids[0] }}'
- name: vpc_subnet_ids
value:
- '{{ vpc_subnet_ids[0] }}'
UPDATE example
Use the following StackQL query and manifest file to update a db_proxy resource, using stack-deploy.
/*+ update */
UPDATE awscc.rds.db_proxies
SET PatchDocument = string('{{ {
"Auth": auth,
"DebugLogging": debug_logging,
"IdleClientTimeout": idle_client_timeout,
"RequireTLS": require_tls,
"RoleArn": role_arn,
"Tags": tags,
"VpcSecurityGroupIds": vpc_security_group_ids
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ db_proxy_name }}';
DELETE example
/*+ delete */
DELETE FROM awscc.rds.db_proxies
WHERE
Identifier = '{{ db_proxy_name }}' AND
region = 'us-east-1';
Permissions
To operate on the db_proxies resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
rds:CreateDBProxy,
rds:DescribeDBProxies,
iam:PassRole
rds:DescribeDBProxies
rds:ModifyDBProxy,
rds:AddTagsToResource,
rds:RemoveTagsFromResource,
iam:PassRole
rds:DescribeDBProxies,
rds:DeleteDBProxy
rds:DescribeDBProxies