Try SpotterCreates and manages resource creates an Amazon DB instance
| "added in version" 0.3.0 of amazon.cloud"
Authors: Ansible Cloud Team (@ansible-collections)
Install with ansible-galaxy collection install amazon.cloud:==0.4.0
collections:
- name: amazon.cloud
version: 0.4.0Creates and manages resource creates an Amazon DB instance.
The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster.
iops:
description:
- The number of I/O operations per second (IOPS) that the database provisions.
type: int
tags:
aliases:
- resource_tags
description:
- A dict of tags to apply to the resource.
- To remove all tags set I(tags={}) and I(purge_tags=true).
type: dict
wait:
default: false
description:
- Wait for operation to complete before returning.
type: bool
force:
default: false
description:
- Cancel IN_PROGRESS and PENDING resource requestes.
- Because you can only perform a single operation on a given resource at a time, there
might be cases where you need to cancel the current resource operation to make the
resource available so that another operation may be performed on it.
type: bool
state:
choices:
- present
- absent
- list
- describe
- get
default: present
description:
- Goal state for resource.
- I(state=present) creates the resource if it doesn't exist, or updates to the provided
state if the resource already exists.
- I(state=absent) ensures an existing instance is deleted.
- I(state=list) get all the existing resources.
- I(state=describe) or I(state=get) retrieves information on an existing resource.
type: str
domain:
description:
- The Active Directory directory ID to create the DB instance in.
- Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances
can be created in an Active Directory Domain.
type: str
engine:
description:
- The name of the database engine that you want to use for this DB instance.
type: str
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use.
- For global services such as IAM, Route53 and CloudFront, I(region) is ignored.
- The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used.
- See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region).
- The C(ec2_region) alias has been deprecated and will be removed in a release after
2024-12-01
- Support for the C(EC2_REGION) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
db_name:
description:
- The meaning of this parameter differs according to the database engine you use.
type: str
profile:
aliases:
- aws_profile
description:
- A named AWS profile to use for authentication.
- See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html).
- The C(AWS_PROFILE) environment variable may also be used.
- The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key)
and I(security_token) options.
type: str
endpoint:
description:
- Specifies the connection endpoint.
suboptions: {}
type: dict
multi_az:
description:
- Specifies whether the database instance is a multiple Availability Zone deployment.
type: bool
timezone:
description:
- The time zone of the DB instance.
- The time zone parameter is currently supported only by Microsoft SQL Server.
type: str
access_key:
aliases:
- aws_access_key_id
- aws_access_key
- ec2_access_key
description:
- AWS access key ID.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables
may also be used in decreasing order of preference.
- The I(aws_access_key) and I(profile) options are mutually exclusive.
- The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the
AWS botocore SDK.
- The I(ec2_access_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
type: dict
kms_key_id:
description:
- The ARN of the AWS Key Management Service (AWS KMS) master key thats used to encrypt
the DB instance.
type: str
purge_tags:
default: true
description:
- Remove tags not listed in I(tags).
type: bool
secret_key:
aliases:
- aws_secret_access_key
- aws_secret_key
- ec2_secret_key
description:
- AWS secret access key.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment
variables may also be used in decreasing order of preference.
- The I(secret_key) and I(profile) options are mutually exclusive.
- The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with
the AWS botocore SDK.
- The I(ec2_secret_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
endpoint_url:
aliases:
- ec2_url
- aws_endpoint_url
- s3_url
description:
- URL to connect to instead of the default AWS endpoints. While this can be used
to connection to other AWS-compatible services the amazon.aws and community.aws
collections are only tested against AWS.
- The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing
order of preference.
- The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in
a release after 2024-12-01.
- Support for the C(EC2_URL) environment variable has been deprecated and will be
removed in a release after 2024-12-01.
type: str
network_type:
description:
- The network type of the DB cluster.
type: str
replica_mode:
description:
- The open mode of an Oracle read replica.
- The default is open-read-only.
type: str
restore_time:
description:
- The date and time to restore from.
type: str
storage_type:
description:
- Specifies the storage type to be associated with the DB instance.
type: str
wait_timeout:
default: 320
description:
- How many seconds to wait for an operation to complete before timing out.
type: int
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- The C(AWS_CA_BUNDLE) environment variable may also be used.
type: path
license_model:
description:
- License model information for this DB instance.
type: str
session_token:
aliases:
- aws_session_token
- security_token
- aws_security_token
- access_token
description:
- AWS STS session token for use with temporary credentials.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment
variables may also be used in decreasing order of preference.
- The I(security_token) and I(profile) options are mutually exclusive.
- Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with
the parameter being renamed from I(security_token) to I(session_token) in release
6.0.0.
- The I(security_token), I(aws_security_token), and I(access_token) aliases have been
deprecated and will be removed in a release after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables
has been deprecated and will be removed in a release after 2024-12-01.
type: str
source_region:
description:
- The ID of the region that contains the source DB instance for the Read Replica.
type: str
engine_version:
description:
- The version number of the database engine to use.
type: str
promotion_tier:
default: 1
description:
- A value that specifies the order in which an Aurora Replica is promoted to the primary
instance after a failure of the existing primary instance.
type: int
validate_certs:
default: true
description:
- When set to C(false), SSL certificates will not be validated for communication with
the AWS APIs.
- Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider
setting I(aws_ca_bundle) instead.
type: bool
master_username:
description:
- The master user name for the DB instance.
type: str
associated_roles:
description:
- The AWS Identity and Access Management (IAM) roles associated with the DB instance.
elements: dict
suboptions:
feature_name:
description:
- The name of the feature associated with the AWS Identity and Access Management
(IAM) role.
- IAM roles that are associated with a DB instance grant permission for the DB
instance to access other AWS services on your behalf.
type: str
role_arn:
description:
- The Amazon Resource Name (ARN) of the IAM role that is associated with the DB
instance.
type: str
type: list
allocated_storage:
description:
- The amount of storage (in gigabytes) to be initially allocated for the database
instance.
type: str
availability_zone:
description:
- The Availability Zone (AZ) where the database will be created.
- For information on AWS Regions and Availability Zones.
type: str
db_instance_class:
description:
- The compute and memory capacity of the DB instance, for example, db.m4.large.
- Not all DB instance classes are available in all AWS Regions, or for all database
engines.
type: str
option_group_name:
description:
- Indicates that the DB instance should be associated with the specified option group.
type: str
storage_encrypted:
description:
- A value that indicates whether the DB instance is encrypted.
- By default, it isnt encrypted.
type: bool
character_set_name:
description:
- For supported engines, indicates that the DB instance should be associated with
the specified character set.
type: str
db_security_groups:
description:
- A list of the DB security groups to assign to the DB instance.
- The list can include both the name of existing DB security groups or references
to AWS::RDS::DBSecurityGroup resources created in the template.
elements: str
type: list
master_user_secret:
description:
- Contains the secret managed by RDS in AWS Secrets Manager for the master user password.
suboptions:
kms_key_id:
description:
- The AWS KMS key identifier that is used to encrypt the secret.
type: str
type: dict
processor_features:
description:
- The number of CPU cores and the number of threads per core for the DB instance class
of the DB instance.
elements: dict
suboptions:
name:
choices:
- coreCount
- threadsPerCore
description:
- The name of the processor feature.
- Valid names are coreCount and threadsPerCore.
type: str
value:
description:
- The value of a processor feature name.
type: str
type: list
storage_throughput:
description:
- Specifies the storage throughput for the DB instance.
type: int
tde_credential_arn:
description:
- The ARN from the key store with which to associate the instance for TDE encryption.
type: str
certificate_details:
description:
- Returns the details of the DB instances server certificate.
suboptions: {}
type: dict
deletion_protection:
description:
- A value that indicates whether the DB instance has deletion protection enabled.
- The database cant be deleted when deletion protection is enabled.
- By default, deletion protection is disabled.
type: bool
monitoring_interval:
default: 0
description:
- The interval, in seconds, between points when Enhanced Monitoring metrics are collected
for the DB instance.
- To disable collecting Enhanced Monitoring metrics, specify 0.
- The default is 0.
type: int
monitoring_role_arn:
description:
- The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to
Amazon CloudWatch Logs.
type: str
publicly_accessible:
description:
- Indicates whether the DB instance is an internet-facing instance.
- If you specify true, AWS CloudFormation creates an instance with a publicly resolvable
DNS name, which resolves to a public IP address.
- If you specify false, AWS CloudFormation creates an internal instance with a DNS
name that resolves to a private IP address.
type: bool
vpc_security_groups:
description:
- A list of the VPC security group IDs to assign to the DB instance.
- The list can include both the physical IDs of existing VPC security groups and references
to AWS::EC2::SecurityGroup resources created in the template.
elements: str
type: list
db_subnet_group_name:
description:
- A DB subnet group to associate with the DB instance.
- If you update this value, the new subnet group must be a subnet group in a new VPC.
type: str
domain_iam_role_name:
description:
- Specify the name of the IAM role to be used when making API calls to the Directory
Service.
type: str
master_user_password:
description:
- The password for the master user.
type: str
copy_tags_to_snapshot:
description:
- A value that indicates whether to copy tags from the DB instance to snapshots of
the DB instance.
- By default, tags are not copied.
type: bool
db_cluster_identifier:
description:
- The identifier of the DB cluster that the instance will belong to.
type: str
max_allocated_storage:
description:
- The upper limit to which Amazon RDS can automatically scale the storage of the DB
instance.
type: int
db_instance_identifier:
description:
- A name for the DB instance.
- If you specify a name, AWS CloudFormation converts it to lowercase.
- If you dont specify a name, AWS CloudFormation generates a unique physical ID and
uses that ID for the DB instance.
type: str
db_snapshot_identifier:
description:
- The name or Amazon Resource Name (ARN) of the DB snapshot thats used to restore
the DB instance.
- If youre restoring from a shared manual DB snapshot, you must specify the ARN of
the snapshot.
type: str
source_dbi_resource_id:
description:
- The resource ID of the source DB instance from which to restore.
type: str
backup_retention_period:
default: 1
description:
- The number of days for which automated backups are retained.
- Setting this parameter to a positive number enables backups.
- Setting this parameter to 0 disables automated backups.
type: int
db_parameter_group_name:
description:
- The name of an existing DB parameter group or a reference to an AWS::RDS::DBParameterGroup
resource created in the template.
type: str
preferred_backup_window:
description:
- The daily time range during which automated backups are created if automated backups
are enabled, using the BackupRetentionPeriod parameter.
type: str
tde_credential_password:
description:
- The password for the given ARN from the key store in order to access the device.
type: str
delete_automated_backups:
description:
- A value that indicates whether to remove automated backups immediately after the
DB instance is deleted.
- This parameter isnt case-sensitive.
- The default is to remove automated backups immediately after the DB instance is
deleted.
type: bool
nchar_character_set_name:
description:
- The name of the NCHAR character set for the Oracle DB instance.
- This parameter doesnt apply to RDS Custom.
type: str
ca_certificate_identifier:
description:
- The identifier of the CA certificate for this DB instance.
type: str
auto_minor_version_upgrade:
description:
- A value that indicates whether minor engine upgrades are applied automatically to
the DB instance during the maintenance window.
- By default, minor engine upgrades are applied automatically.
type: bool
use_latest_restorable_time:
description:
- A value that indicates whether the DB instance is restored from the latest backup
time.
- By default, the DB instance isnt restored from the latest backup time.
type: bool
allow_major_version_upgrade:
description:
- A value that indicates whether major version upgrades are allowed.
- Changing this parameter doesnt result in an outage and the change is asynchronously
applied as soon as possible.
type: bool
custom_iam_instance_profile:
description:
- The instance profile associated with the underlying Amazon EC2 instance of an RDS
Custom DB instance.
- The instance profile must meet the following requirements:.
- '* The profile must exist in your account.'
- '* The profile must have an IAM role that Amazon EC2 has permissions to assume.'
- '* The instance profile name and the associated IAM role name must start with the
prefix AWSRDSCustom .'
- For the list of permissions required for the IAM role, see Configure IAM and your
VPC in the Amazon RDS User Guide .
- This setting is required for RDS Custom.
type: str
enable_performance_insights:
description:
- A value that indicates whether to enable Performance Insights for the DB instance.
type: bool
manage_master_user_password:
description:
- A value that indicates whether to manage the master user password with AWS Secrets
Manager.
type: bool
certificate_rotation_restart:
description:
- A value that indicates whether the DB instance is restarted when you rotate your
SSL/TLS certificate.
- By default, the DB instance is restarted when you rotate your SSL/TLS certificate.
- The certificate is not updated until the DB instance is restarted.
- If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions
for your DB engine to rotate your SSL/TLS certificate.
- This setting doesnt apply to RDS Custom.
type: bool
debug_botocore_endpoint_logs:
default: false
description:
- Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action")
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the C(aws_resource_action) callback to output to total list made
during a playbook.
- The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used.
type: bool
preferred_maintenance_window:
description:
- he weekly time range during which system maintenance can occur, in Universal Coordinated
Time (UTC).
type: str
source_db_instance_identifier:
description:
- If you want to create a Read Replica DB instance, specify the ID of the source DB
instance.
- Each DB instance can have a limited number of Read Replicas.
type: str
db_cluster_snapshot_identifier:
description:
- The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from.
- For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two
readable standby DB instances in the Amazon RDS User Guide .
- Constraints:.
- '* Must match the identifier of an existing Multi-AZ DB cluster snapshot.'
- '* Cant be specified when DBSnapshotIdentifier is specified.'
- '* Must be specified when DBSnapshotIdentifier isnt specified.'
- '* If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the DBClusterSnapshotIdentifier
must be the ARN of the shared snapshot.'
- '* Cant be the identifier of an Aurora DB cluster snapshot.'
- '* Cant be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.'
type: str
enable_cloudwatch_logs_exports:
description:
- The list of log types that need to be enabled for exporting to CloudWatch Logs.
- The values in the list depend on the DB engine being used.
elements: str
type: list
use_default_processor_features:
description:
- A value that indicates whether the DB instance class of the DB instance uses its
default processor features.
type: bool
performance_insights_kms_key_id:
description:
- The AWS KMS key identifier for encryption of Performance Insights data.
- The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS
key alias for the KMS encryption key.
type: str
enable_iam_database_authentication:
description:
- A value that indicates whether to enable mapping of AWS Identity and Access Management
(IAM) accounts to database accounts.
- By default, mapping is disabled.
type: bool
performance_insights_retention_period:
description:
- The amount of time, in days, to retain Performance Insights data.
- Valid values are 7 or 731 (2 years).
type: int
source_db_instance_automated_backups_arn:
description:
- The Amazon Resource Name (ARN) of the replicated automated backups from which to
restore.
type: str
result:
contains:
identifier:
description: The unique identifier of the resource.
type: str
properties:
description: The resource properties.
type: dict
description:
- When I(state=list), it is a list containing dictionaries of resource information.
- Otherwise, it is a dictionary of resource information.
- When I(state=absent), it is an empty dictionary.
returned: always
type: complex