amazon / amazon.cloud / 0.4.0 / module / rds_db_instance Creates and manages resource creates an Amazon DB instance | "added in version" 0.3.0 of amazon.cloud" Authors: Ansible Cloud Team (@ansible-collections)amazon.cloud.rds_db_instance (0.4.0) — module
Install with ansible-galaxy collection install amazon.cloud:==0.4.0
collections: - name: amazon.cloud version: 0.4.0
Creates and manages resource creates an Amazon DB instance.
The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster.
iops: description: - The number of I/O operations per second (IOPS) that the database provisions. type: int tags: aliases: - resource_tags description: - A dict of tags to apply to the resource. - To remove all tags set I(tags={}) and I(purge_tags=true). type: dict wait: default: false description: - Wait for operation to complete before returning. type: bool force: default: false description: - Cancel IN_PROGRESS and PENDING resource requestes. - Because you can only perform a single operation on a given resource at a time, there might be cases where you need to cancel the current resource operation to make the resource available so that another operation may be performed on it. type: bool state: choices: - present - absent - list - describe - get default: present description: - Goal state for resource. - I(state=present) creates the resource if it doesn't exist, or updates to the provided state if the resource already exists. - I(state=absent) ensures an existing instance is deleted. - I(state=list) get all the existing resources. - I(state=describe) or I(state=get) retrieves information on an existing resource. type: str domain: description: - The Active Directory directory ID to create the DB instance in. - Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain. type: str engine: description: - The name of the database engine that you want to use for this DB instance. type: str region: aliases: - aws_region - ec2_region description: - The AWS region to use. - For global services such as IAM, Route53 and CloudFront, I(region) is ignored. - The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used. - See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). - The C(ec2_region) alias has been deprecated and will be removed in a release after 2024-12-01 - Support for the C(EC2_REGION) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str db_name: description: - The meaning of this parameter differs according to the database engine you use. type: str profile: aliases: - aws_profile description: - A named AWS profile to use for authentication. - See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html). - The C(AWS_PROFILE) environment variable may also be used. - The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key) and I(security_token) options. type: str endpoint: description: - Specifies the connection endpoint. suboptions: {} type: dict multi_az: description: - Specifies whether the database instance is a multiple Availability Zone deployment. type: bool timezone: description: - The time zone of the DB instance. - The time zone parameter is currently supported only by Microsoft SQL Server. type: str access_key: aliases: - aws_access_key_id - aws_access_key - ec2_access_key description: - AWS access key ID. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables may also be used in decreasing order of preference. - The I(aws_access_key) and I(profile) options are mutually exclusive. - The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_access_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str aws_config: description: - A dictionary to modify the botocore configuration. - Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config). type: dict kms_key_id: description: - The ARN of the AWS Key Management Service (AWS KMS) master key thats used to encrypt the DB instance. type: str purge_tags: default: true description: - Remove tags not listed in I(tags). type: bool secret_key: aliases: - aws_secret_access_key - aws_secret_key - ec2_secret_key description: - AWS secret access key. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment variables may also be used in decreasing order of preference. - The I(secret_key) and I(profile) options are mutually exclusive. - The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_secret_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str endpoint_url: aliases: - ec2_url - aws_endpoint_url - s3_url description: - URL to connect to instead of the default AWS endpoints. While this can be used to connection to other AWS-compatible services the amazon.aws and community.aws collections are only tested against AWS. - The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing order of preference. - The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_URL) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str network_type: description: - The network type of the DB cluster. type: str replica_mode: description: - The open mode of an Oracle read replica. - The default is open-read-only. type: str restore_time: description: - The date and time to restore from. type: str storage_type: description: - Specifies the storage type to be associated with the DB instance. type: str wait_timeout: default: 320 description: - How many seconds to wait for an operation to complete before timing out. type: int aws_ca_bundle: description: - The location of a CA Bundle to use when validating SSL certificates. - The C(AWS_CA_BUNDLE) environment variable may also be used. type: path license_model: description: - License model information for this DB instance. type: str session_token: aliases: - aws_session_token - security_token - aws_security_token - access_token description: - AWS STS session token for use with temporary credentials. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment variables may also be used in decreasing order of preference. - The I(security_token) and I(profile) options are mutually exclusive. - Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with the parameter being renamed from I(security_token) to I(session_token) in release 6.0.0. - The I(security_token), I(aws_security_token), and I(access_token) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables has been deprecated and will be removed in a release after 2024-12-01. type: str source_region: description: - The ID of the region that contains the source DB instance for the Read Replica. type: str engine_version: description: - The version number of the database engine to use. type: str promotion_tier: default: 1 description: - A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. type: int validate_certs: default: true description: - When set to C(false), SSL certificates will not be validated for communication with the AWS APIs. - Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider setting I(aws_ca_bundle) instead. type: bool master_username: description: - The master user name for the DB instance. type: str associated_roles: description: - The AWS Identity and Access Management (IAM) roles associated with the DB instance. elements: dict suboptions: feature_name: description: - The name of the feature associated with the AWS Identity and Access Management (IAM) role. - IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. type: str role_arn: description: - The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance. type: str type: list allocated_storage: description: - The amount of storage (in gigabytes) to be initially allocated for the database instance. type: str availability_zone: description: - The Availability Zone (AZ) where the database will be created. - For information on AWS Regions and Availability Zones. type: str db_instance_class: description: - The compute and memory capacity of the DB instance, for example, db.m4.large. - Not all DB instance classes are available in all AWS Regions, or for all database engines. type: str option_group_name: description: - Indicates that the DB instance should be associated with the specified option group. type: str storage_encrypted: description: - A value that indicates whether the DB instance is encrypted. - By default, it isnt encrypted. type: bool character_set_name: description: - For supported engines, indicates that the DB instance should be associated with the specified character set. type: str db_security_groups: description: - A list of the DB security groups to assign to the DB instance. - The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template. elements: str type: list master_user_secret: description: - Contains the secret managed by RDS in AWS Secrets Manager for the master user password. suboptions: kms_key_id: description: - The AWS KMS key identifier that is used to encrypt the secret. type: str type: dict processor_features: description: - The number of CPU cores and the number of threads per core for the DB instance class of the DB instance. elements: dict suboptions: name: choices: - coreCount - threadsPerCore description: - The name of the processor feature. - Valid names are coreCount and threadsPerCore. type: str value: description: - The value of a processor feature name. type: str type: list storage_throughput: description: - Specifies the storage throughput for the DB instance. type: int tde_credential_arn: description: - The ARN from the key store with which to associate the instance for TDE encryption. type: str certificate_details: description: - Returns the details of the DB instances server certificate. suboptions: {} type: dict deletion_protection: description: - A value that indicates whether the DB instance has deletion protection enabled. - The database cant be deleted when deletion protection is enabled. - By default, deletion protection is disabled. type: bool monitoring_interval: default: 0 description: - The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. - To disable collecting Enhanced Monitoring metrics, specify 0. - The default is 0. type: int monitoring_role_arn: description: - The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. type: str publicly_accessible: description: - Indicates whether the DB instance is an internet-facing instance. - If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. - If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address. type: bool vpc_security_groups: description: - A list of the VPC security group IDs to assign to the DB instance. - The list can include both the physical IDs of existing VPC security groups and references to AWS::EC2::SecurityGroup resources created in the template. elements: str type: list db_subnet_group_name: description: - A DB subnet group to associate with the DB instance. - If you update this value, the new subnet group must be a subnet group in a new VPC. type: str domain_iam_role_name: description: - Specify the name of the IAM role to be used when making API calls to the Directory Service. type: str master_user_password: description: - The password for the master user. type: str copy_tags_to_snapshot: description: - A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance. - By default, tags are not copied. type: bool db_cluster_identifier: description: - The identifier of the DB cluster that the instance will belong to. type: str max_allocated_storage: description: - The upper limit to which Amazon RDS can automatically scale the storage of the DB instance. type: int db_instance_identifier: description: - A name for the DB instance. - If you specify a name, AWS CloudFormation converts it to lowercase. - If you dont specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. type: str db_snapshot_identifier: description: - The name or Amazon Resource Name (ARN) of the DB snapshot thats used to restore the DB instance. - If youre restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot. type: str source_dbi_resource_id: description: - The resource ID of the source DB instance from which to restore. type: str backup_retention_period: default: 1 description: - The number of days for which automated backups are retained. - Setting this parameter to a positive number enables backups. - Setting this parameter to 0 disables automated backups. type: int db_parameter_group_name: description: - The name of an existing DB parameter group or a reference to an AWS::RDS::DBParameterGroup resource created in the template. type: str preferred_backup_window: description: - The daily time range during which automated backups are created if automated backups are enabled, using the BackupRetentionPeriod parameter. type: str tde_credential_password: description: - The password for the given ARN from the key store in order to access the device. type: str delete_automated_backups: description: - A value that indicates whether to remove automated backups immediately after the DB instance is deleted. - This parameter isnt case-sensitive. - The default is to remove automated backups immediately after the DB instance is deleted. type: bool nchar_character_set_name: description: - The name of the NCHAR character set for the Oracle DB instance. - This parameter doesnt apply to RDS Custom. type: str ca_certificate_identifier: description: - The identifier of the CA certificate for this DB instance. type: str auto_minor_version_upgrade: description: - A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. - By default, minor engine upgrades are applied automatically. type: bool use_latest_restorable_time: description: - A value that indicates whether the DB instance is restored from the latest backup time. - By default, the DB instance isnt restored from the latest backup time. type: bool allow_major_version_upgrade: description: - A value that indicates whether major version upgrades are allowed. - Changing this parameter doesnt result in an outage and the change is asynchronously applied as soon as possible. type: bool custom_iam_instance_profile: description: - The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. - The instance profile must meet the following requirements:. - '* The profile must exist in your account.' - '* The profile must have an IAM role that Amazon EC2 has permissions to assume.' - '* The instance profile name and the associated IAM role name must start with the prefix AWSRDSCustom .' - For the list of permissions required for the IAM role, see Configure IAM and your VPC in the Amazon RDS User Guide . - This setting is required for RDS Custom. type: str enable_performance_insights: description: - A value that indicates whether to enable Performance Insights for the DB instance. type: bool manage_master_user_password: description: - A value that indicates whether to manage the master user password with AWS Secrets Manager. type: bool certificate_rotation_restart: description: - A value that indicates whether the DB instance is restarted when you rotate your SSL/TLS certificate. - By default, the DB instance is restarted when you rotate your SSL/TLS certificate. - The certificate is not updated until the DB instance is restarted. - If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate. - This setting doesnt apply to RDS Custom. type: bool debug_botocore_endpoint_logs: default: false description: - Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action") API calls made during a task, outputing the set to the resource_actions key in the task results. Use the C(aws_resource_action) callback to output to total list made during a playbook. - The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used. type: bool preferred_maintenance_window: description: - he weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). type: str source_db_instance_identifier: description: - If you want to create a Read Replica DB instance, specify the ID of the source DB instance. - Each DB instance can have a limited number of Read Replicas. type: str db_cluster_snapshot_identifier: description: - The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from. - For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide . - Constraints:. - '* Must match the identifier of an existing Multi-AZ DB cluster snapshot.' - '* Cant be specified when DBSnapshotIdentifier is specified.' - '* Must be specified when DBSnapshotIdentifier isnt specified.' - '* If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot.' - '* Cant be the identifier of an Aurora DB cluster snapshot.' - '* Cant be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.' type: str enable_cloudwatch_logs_exports: description: - The list of log types that need to be enabled for exporting to CloudWatch Logs. - The values in the list depend on the DB engine being used. elements: str type: list use_default_processor_features: description: - A value that indicates whether the DB instance class of the DB instance uses its default processor features. type: bool performance_insights_kms_key_id: description: - The AWS KMS key identifier for encryption of Performance Insights data. - The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key. type: str enable_iam_database_authentication: description: - A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. - By default, mapping is disabled. type: bool performance_insights_retention_period: description: - The amount of time, in days, to retain Performance Insights data. - Valid values are 7 or 731 (2 years). type: int source_db_instance_automated_backups_arn: description: - The Amazon Resource Name (ARN) of the replicated automated backups from which to restore. type: str
result: contains: identifier: description: The unique identifier of the resource. type: str properties: description: The resource properties. type: dict description: - When I(state=list), it is a list containing dictionaries of resource information. - Otherwise, it is a dictionary of resource information. - When I(state=absent), it is an empty dictionary. returned: always type: complex