The aws:timestreaminfluxdb/dbInstance:DbInstance resource, part of the Pulumi AWS provider, provisions a Timestream for InfluxDB database instance: its compute size, storage, initial InfluxDB configuration, and VPC placement. This guide focuses on three capabilities: VPC networking setup, S3 log delivery, and Multi-AZ deployment.
Instances require VPC infrastructure and may reference S3 buckets for log delivery. The examples are intentionally small. Combine them with your own VPC design, security groups, and monitoring infrastructure.
Create an instance with VPC networking
Timestream for InfluxDB instances require VPC infrastructure to control network access and placement.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
const exampleSubnet = new aws.ec2.Subnet("example", {
vpcId: example.id,
cidrBlock: "10.0.1.0/24",
});
const exampleSecurityGroup = new aws.ec2.SecurityGroup("example", {
name: "example",
vpcId: example.id,
});
const exampleDbInstance = new aws.timestreaminfluxdb.DbInstance("example", {
allocatedStorage: 20,
bucket: "example-bucket-name",
dbInstanceType: "db.influx.medium",
username: "admin",
password: "example-password",
organization: "organization",
vpcSubnetIds: [exampleSubnet.id],
vpcSecurityGroupIds: [exampleSecurityGroup.id],
name: "example-db-instance",
});
import pulumi
import pulumi_aws as aws
example = aws.ec2.Vpc("example", cidr_block="10.0.0.0/16")
example_subnet = aws.ec2.Subnet("example",
vpc_id=example.id,
cidr_block="10.0.1.0/24")
example_security_group = aws.ec2.SecurityGroup("example",
name="example",
vpc_id=example.id)
example_db_instance = aws.timestreaminfluxdb.DbInstance("example",
allocated_storage=20,
bucket="example-bucket-name",
db_instance_type="db.influx.medium",
username="admin",
password="example-password",
organization="organization",
vpc_subnet_ids=[example_subnet.id],
vpc_security_group_ids=[example_security_group.id],
name="example-db-instance")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
CidrBlock: pulumi.String("10.0.0.0/16"),
})
if err != nil {
return err
}
exampleSubnet, err := ec2.NewSubnet(ctx, "example", &ec2.SubnetArgs{
VpcId: example.ID(),
CidrBlock: pulumi.String("10.0.1.0/24"),
})
if err != nil {
return err
}
exampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, "example", &ec2.SecurityGroupArgs{
Name: pulumi.String("example"),
VpcId: example.ID(),
})
if err != nil {
return err
}
_, err = timestreaminfluxdb.NewDbInstance(ctx, "example", ×treaminfluxdb.DbInstanceArgs{
AllocatedStorage: pulumi.Int(20),
Bucket: pulumi.String("example-bucket-name"),
DbInstanceType: pulumi.String("db.influx.medium"),
Username: pulumi.String("admin"),
Password: pulumi.String("example-password"),
Organization: pulumi.String("organization"),
VpcSubnetIds: pulumi.StringArray{
exampleSubnet.ID(),
},
VpcSecurityGroupIds: pulumi.StringArray{
exampleSecurityGroup.ID(),
},
Name: pulumi.String("example-db-instance"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Ec2.Vpc("example", new()
{
CidrBlock = "10.0.0.0/16",
});
var exampleSubnet = new Aws.Ec2.Subnet("example", new()
{
VpcId = example.Id,
CidrBlock = "10.0.1.0/24",
});
var exampleSecurityGroup = new Aws.Ec2.SecurityGroup("example", new()
{
Name = "example",
VpcId = example.Id,
});
var exampleDbInstance = new Aws.TimestreamInfluxDB.DbInstance("example", new()
{
AllocatedStorage = 20,
Bucket = "example-bucket-name",
DbInstanceType = "db.influx.medium",
Username = "admin",
Password = "example-password",
Organization = "organization",
VpcSubnetIds = new[]
{
exampleSubnet.Id,
},
VpcSecurityGroupIds = new[]
{
exampleSecurityGroup.Id,
},
Name = "example-db-instance",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.ec2.Subnet;
import com.pulumi.aws.ec2.SubnetArgs;
import com.pulumi.aws.ec2.SecurityGroup;
import com.pulumi.aws.ec2.SecurityGroupArgs;
import com.pulumi.aws.timestreaminfluxdb.DbInstance;
import com.pulumi.aws.timestreaminfluxdb.DbInstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Vpc("example", VpcArgs.builder()
.cidrBlock("10.0.0.0/16")
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.vpcId(example.id())
.cidrBlock("10.0.1.0/24")
.build());
var exampleSecurityGroup = new SecurityGroup("exampleSecurityGroup", SecurityGroupArgs.builder()
.name("example")
.vpcId(example.id())
.build());
var exampleDbInstance = new DbInstance("exampleDbInstance", DbInstanceArgs.builder()
.allocatedStorage(20)
.bucket("example-bucket-name")
.dbInstanceType("db.influx.medium")
.username("admin")
.password("example-password")
.organization("organization")
.vpcSubnetIds(exampleSubnet.id())
.vpcSecurityGroupIds(exampleSecurityGroup.id())
.name("example-db-instance")
.build());
}
}
resources:
example:
type: aws:ec2:Vpc
properties:
cidrBlock: 10.0.0.0/16
exampleSubnet:
type: aws:ec2:Subnet
name: example
properties:
vpcId: ${example.id}
cidrBlock: 10.0.1.0/24
exampleSecurityGroup:
type: aws:ec2:SecurityGroup
name: example
properties:
name: example
vpcId: ${example.id}
exampleDbInstance:
type: aws:timestreaminfluxdb:DbInstance
name: example
properties:
allocatedStorage: 20
bucket: example-bucket-name
dbInstanceType: db.influx.medium
username: admin
password: example-password
organization: organization
vpcSubnetIds:
- ${exampleSubnet.id}
vpcSecurityGroupIds:
- ${exampleSecurityGroup.id}
name: example-db-instance
The instance launches in the specified subnet with attached security groups. The allocatedStorage and dbInstanceType properties control capacity; bucket, organization, username, and password define the initial InfluxDB workspace and admin credentials. These credentials are stored in AWS Secrets Manager, with the ARN available via the influxAuthParametersSecretArn output.
Send InfluxDB engine logs to S3
Teams monitoring database performance route InfluxDB engine logs to S3 for centralized analysis.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleBucket = new aws.s3.Bucket("example", {
bucket: "example-s3-bucket",
forceDestroy: true,
});
const example = aws.iam.getPolicyDocumentOutput({
statements: [{
actions: ["s3:PutObject"],
principals: [{
type: "Service",
identifiers: ["timestream-influxdb.amazonaws.com"],
}],
resources: [pulumi.interpolate`${exampleBucket.arn}/*`],
}],
});
const exampleBucketPolicy = new aws.s3.BucketPolicy("example", {
bucket: exampleBucket.id,
policy: example.apply(example => example.json),
});
const exampleDbInstance = new aws.timestreaminfluxdb.DbInstance("example", {
allocatedStorage: 20,
bucket: "example-bucket-name",
dbInstanceType: "db.influx.medium",
username: "admin",
password: "example-password",
organization: "organization",
vpcSubnetIds: [exampleAwsSubnet.id],
vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],
name: "example-db-instance",
logDeliveryConfiguration: {
s3Configuration: {
bucketName: exampleBucket.bucket,
enabled: true,
},
},
});
import pulumi
import pulumi_aws as aws
example_bucket = aws.s3.Bucket("example",
bucket="example-s3-bucket",
force_destroy=True)
example = aws.iam.get_policy_document_output(statements=[{
"actions": ["s3:PutObject"],
"principals": [{
"type": "Service",
"identifiers": ["timestream-influxdb.amazonaws.com"],
}],
"resources": [example_bucket.arn.apply(lambda arn: f"{arn}/*")],
}])
example_bucket_policy = aws.s3.BucketPolicy("example",
bucket=example_bucket.id,
policy=example.json)
example_db_instance = aws.timestreaminfluxdb.DbInstance("example",
allocated_storage=20,
bucket="example-bucket-name",
db_instance_type="db.influx.medium",
username="admin",
password="example-password",
organization="organization",
vpc_subnet_ids=[example_aws_subnet["id"]],
vpc_security_group_ids=[example_aws_security_group["id"]],
name="example-db-instance",
log_delivery_configuration={
"s3_configuration": {
"bucket_name": example_bucket.bucket,
"enabled": True,
},
})
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleBucket, err := s3.NewBucket(ctx, "example", &s3.BucketArgs{
Bucket: pulumi.String("example-s3-bucket"),
ForceDestroy: pulumi.Bool(true),
})
if err != nil {
return err
}
example := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
Statements: iam.GetPolicyDocumentStatementArray{
&iam.GetPolicyDocumentStatementArgs{
Actions: pulumi.StringArray{
pulumi.String("s3:PutObject"),
},
Principals: iam.GetPolicyDocumentStatementPrincipalArray{
&iam.GetPolicyDocumentStatementPrincipalArgs{
Type: pulumi.String("Service"),
Identifiers: pulumi.StringArray{
pulumi.String("timestream-influxdb.amazonaws.com"),
},
},
},
Resources: pulumi.StringArray{
exampleBucket.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/*", arn), nil
}).(pulumi.StringOutput),
},
},
},
}, nil)
_, err = s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{
Bucket: exampleBucket.ID(),
Policy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {
return &example.Json, nil
}).(pulumi.StringPtrOutput)),
})
if err != nil {
return err
}
_, err = timestreaminfluxdb.NewDbInstance(ctx, "example", ×treaminfluxdb.DbInstanceArgs{
AllocatedStorage: pulumi.Int(20),
Bucket: pulumi.String("example-bucket-name"),
DbInstanceType: pulumi.String("db.influx.medium"),
Username: pulumi.String("admin"),
Password: pulumi.String("example-password"),
Organization: pulumi.String("organization"),
VpcSubnetIds: pulumi.StringArray{
exampleAwsSubnet.Id,
},
VpcSecurityGroupIds: pulumi.StringArray{
exampleAwsSecurityGroup.Id,
},
Name: pulumi.String("example-db-instance"),
LogDeliveryConfiguration: ×treaminfluxdb.DbInstanceLogDeliveryConfigurationArgs{
S3Configuration: ×treaminfluxdb.DbInstanceLogDeliveryConfigurationS3ConfigurationArgs{
BucketName: exampleBucket.Bucket,
Enabled: pulumi.Bool(true),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleBucket = new Aws.S3.Bucket("example", new()
{
BucketName = "example-s3-bucket",
ForceDestroy = true,
});
var example = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Actions = new[]
{
"s3:PutObject",
},
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"timestream-influxdb.amazonaws.com",
},
},
},
Resources = new[]
{
$"{exampleBucket.Arn}/*",
},
},
},
});
var exampleBucketPolicy = new Aws.S3.BucketPolicy("example", new()
{
Bucket = exampleBucket.Id,
Policy = example.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var exampleDbInstance = new Aws.TimestreamInfluxDB.DbInstance("example", new()
{
AllocatedStorage = 20,
Bucket = "example-bucket-name",
DbInstanceType = "db.influx.medium",
Username = "admin",
Password = "example-password",
Organization = "organization",
VpcSubnetIds = new[]
{
exampleAwsSubnet.Id,
},
VpcSecurityGroupIds = new[]
{
exampleAwsSecurityGroup.Id,
},
Name = "example-db-instance",
LogDeliveryConfiguration = new Aws.TimestreamInfluxDB.Inputs.DbInstanceLogDeliveryConfigurationArgs
{
S3Configuration = new Aws.TimestreamInfluxDB.Inputs.DbInstanceLogDeliveryConfigurationS3ConfigurationArgs
{
BucketName = exampleBucket.BucketName,
Enabled = true,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.Bucket;
import com.pulumi.aws.s3.BucketArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.s3.BucketPolicy;
import com.pulumi.aws.s3.BucketPolicyArgs;
import com.pulumi.aws.timestreaminfluxdb.DbInstance;
import com.pulumi.aws.timestreaminfluxdb.DbInstanceArgs;
import com.pulumi.aws.timestreaminfluxdb.inputs.DbInstanceLogDeliveryConfigurationArgs;
import com.pulumi.aws.timestreaminfluxdb.inputs.DbInstanceLogDeliveryConfigurationS3ConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleBucket = new Bucket("exampleBucket", BucketArgs.builder()
.bucket("example-s3-bucket")
.forceDestroy(true)
.build());
final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.actions("s3:PutObject")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("timestream-influxdb.amazonaws.com")
.build())
.resources(exampleBucket.arn().applyValue(_arn -> String.format("%s/*", _arn)))
.build())
.build());
var exampleBucketPolicy = new BucketPolicy("exampleBucketPolicy", BucketPolicyArgs.builder()
.bucket(exampleBucket.id())
.policy(example.applyValue(_example -> _example.json()))
.build());
var exampleDbInstance = new DbInstance("exampleDbInstance", DbInstanceArgs.builder()
.allocatedStorage(20)
.bucket("example-bucket-name")
.dbInstanceType("db.influx.medium")
.username("admin")
.password("example-password")
.organization("organization")
.vpcSubnetIds(exampleAwsSubnet.id())
.vpcSecurityGroupIds(exampleAwsSecurityGroup.id())
.name("example-db-instance")
.logDeliveryConfiguration(DbInstanceLogDeliveryConfigurationArgs.builder()
.s3Configuration(DbInstanceLogDeliveryConfigurationS3ConfigurationArgs.builder()
.bucketName(exampleBucket.bucket())
.enabled(true)
.build())
.build())
.build());
}
}
resources:
exampleBucket:
type: aws:s3:Bucket
name: example
properties:
bucket: example-s3-bucket
forceDestroy: true
exampleBucketPolicy:
type: aws:s3:BucketPolicy
name: example
properties:
bucket: ${exampleBucket.id}
policy: ${example.json}
exampleDbInstance:
type: aws:timestreaminfluxdb:DbInstance
name: example
properties:
allocatedStorage: 20
bucket: example-bucket-name
dbInstanceType: db.influx.medium
username: admin
password: example-password
organization: organization
vpcSubnetIds:
- ${exampleAwsSubnet.id}
vpcSecurityGroupIds:
- ${exampleAwsSecurityGroup.id}
name: example-db-instance
logDeliveryConfiguration:
s3Configuration:
bucketName: ${exampleBucket.bucket}
enabled: true
variables:
example:
fn::invoke:
function: aws:iam:getPolicyDocument
arguments:
statements:
- actions:
- s3:PutObject
principals:
- type: Service
identifiers:
- timestream-influxdb.amazonaws.com
resources:
- ${exampleBucket.arn}/*
The logDeliveryConfiguration block enables S3 log delivery. The S3 bucket policy must grant timestream-influxdb.amazonaws.com PutObject permissions; without this policy, log delivery fails silently. The bucketName references the S3 bucket where logs are written.
Deploy with Multi-AZ standby for high availability
Production workloads deploy instances across multiple availability zones to maintain uptime during zone failures.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example1 = new aws.ec2.Subnet("example_1", {
vpcId: exampleAwsVpc.id,
cidrBlock: "10.0.1.0/24",
availabilityZone: "us-west-2a",
});
const example2 = new aws.ec2.Subnet("example_2", {
vpcId: exampleAwsVpc.id,
cidrBlock: "10.0.2.0/24",
availabilityZone: "us-west-2b",
});
const example = new aws.timestreaminfluxdb.DbInstance("example", {
allocatedStorage: 20,
bucket: "example-bucket-name",
dbInstanceType: "db.influx.medium",
deploymentType: "WITH_MULTIAZ_STANDBY",
username: "admin",
password: "example-password",
organization: "organization",
vpcSubnetIds: [
example1.id,
example2.id,
],
vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],
name: "example-db-instance",
});
import pulumi
import pulumi_aws as aws
example1 = aws.ec2.Subnet("example_1",
vpc_id=example_aws_vpc["id"],
cidr_block="10.0.1.0/24",
availability_zone="us-west-2a")
example2 = aws.ec2.Subnet("example_2",
vpc_id=example_aws_vpc["id"],
cidr_block="10.0.2.0/24",
availability_zone="us-west-2b")
example = aws.timestreaminfluxdb.DbInstance("example",
allocated_storage=20,
bucket="example-bucket-name",
db_instance_type="db.influx.medium",
deployment_type="WITH_MULTIAZ_STANDBY",
username="admin",
password="example-password",
organization="organization",
vpc_subnet_ids=[
example1.id,
example2.id,
],
vpc_security_group_ids=[example_aws_security_group["id"]],
name="example-db-instance")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example1, err := ec2.NewSubnet(ctx, "example_1", &ec2.SubnetArgs{
VpcId: pulumi.Any(exampleAwsVpc.Id),
CidrBlock: pulumi.String("10.0.1.0/24"),
AvailabilityZone: pulumi.String("us-west-2a"),
})
if err != nil {
return err
}
example2, err := ec2.NewSubnet(ctx, "example_2", &ec2.SubnetArgs{
VpcId: pulumi.Any(exampleAwsVpc.Id),
CidrBlock: pulumi.String("10.0.2.0/24"),
AvailabilityZone: pulumi.String("us-west-2b"),
})
if err != nil {
return err
}
_, err = timestreaminfluxdb.NewDbInstance(ctx, "example", ×treaminfluxdb.DbInstanceArgs{
AllocatedStorage: pulumi.Int(20),
Bucket: pulumi.String("example-bucket-name"),
DbInstanceType: pulumi.String("db.influx.medium"),
DeploymentType: pulumi.String("WITH_MULTIAZ_STANDBY"),
Username: pulumi.String("admin"),
Password: pulumi.String("example-password"),
Organization: pulumi.String("organization"),
VpcSubnetIds: pulumi.StringArray{
example1.ID(),
example2.ID(),
},
VpcSecurityGroupIds: pulumi.StringArray{
exampleAwsSecurityGroup.Id,
},
Name: pulumi.String("example-db-instance"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example1 = new Aws.Ec2.Subnet("example_1", new()
{
VpcId = exampleAwsVpc.Id,
CidrBlock = "10.0.1.0/24",
AvailabilityZone = "us-west-2a",
});
var example2 = new Aws.Ec2.Subnet("example_2", new()
{
VpcId = exampleAwsVpc.Id,
CidrBlock = "10.0.2.0/24",
AvailabilityZone = "us-west-2b",
});
var example = new Aws.TimestreamInfluxDB.DbInstance("example", new()
{
AllocatedStorage = 20,
Bucket = "example-bucket-name",
DbInstanceType = "db.influx.medium",
DeploymentType = "WITH_MULTIAZ_STANDBY",
Username = "admin",
Password = "example-password",
Organization = "organization",
VpcSubnetIds = new[]
{
example1.Id,
example2.Id,
},
VpcSecurityGroupIds = new[]
{
exampleAwsSecurityGroup.Id,
},
Name = "example-db-instance",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Subnet;
import com.pulumi.aws.ec2.SubnetArgs;
import com.pulumi.aws.timestreaminfluxdb.DbInstance;
import com.pulumi.aws.timestreaminfluxdb.DbInstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example1 = new Subnet("example1", SubnetArgs.builder()
.vpcId(exampleAwsVpc.id())
.cidrBlock("10.0.1.0/24")
.availabilityZone("us-west-2a")
.build());
var example2 = new Subnet("example2", SubnetArgs.builder()
.vpcId(exampleAwsVpc.id())
.cidrBlock("10.0.2.0/24")
.availabilityZone("us-west-2b")
.build());
var example = new DbInstance("example", DbInstanceArgs.builder()
.allocatedStorage(20)
.bucket("example-bucket-name")
.dbInstanceType("db.influx.medium")
.deploymentType("WITH_MULTIAZ_STANDBY")
.username("admin")
.password("example-password")
.organization("organization")
.vpcSubnetIds(
example1.id(),
example2.id())
.vpcSecurityGroupIds(exampleAwsSecurityGroup.id())
.name("example-db-instance")
.build());
}
}
resources:
example1:
type: aws:ec2:Subnet
name: example_1
properties:
vpcId: ${exampleAwsVpc.id}
cidrBlock: 10.0.1.0/24
availabilityZone: us-west-2a
example2:
type: aws:ec2:Subnet
name: example_2
properties:
vpcId: ${exampleAwsVpc.id}
cidrBlock: 10.0.2.0/24
availabilityZone: us-west-2b
example:
type: aws:timestreaminfluxdb:DbInstance
properties:
allocatedStorage: 20
bucket: example-bucket-name
dbInstanceType: db.influx.medium
deploymentType: WITH_MULTIAZ_STANDBY
username: admin
password: example-password
organization: organization
vpcSubnetIds:
- ${example1.id}
- ${example2.id}
vpcSecurityGroupIds:
- ${exampleAwsSecurityGroup.id}
name: example-db-instance
The deploymentType property set to WITH_MULTIAZ_STANDBY creates a standby replica in a second availability zone. The vpcSubnetIds array must include at least two subnets in different zones. During a zone failure, Timestream automatically promotes the standby to primary.
Beyond these examples
These snippets focus on specific instance-level features: VPC networking and security group configuration, S3 log delivery with IAM policies, and Multi-AZ deployment for high availability. They’re intentionally minimal rather than full time-series database deployments.
The examples reference pre-existing infrastructure such as VPC, subnets, and security groups, and S3 buckets with appropriate IAM policies for log delivery. They focus on configuring the database instance rather than provisioning everything around it.
To keep things focused, common instance patterns are omitted, including:
- Public internet access configuration (publiclyAccessible)
- DB parameter groups (dbParameterGroupIdentifier)
- Storage type selection and IOPS tuning (dbStorageType)
- Network type configuration (networkType for IPv4/IPv6)
These omissions are intentional: the goal is to illustrate how each instance feature is wired, not provide drop-in database modules. See the Timestream for InfluxDB DbInstance resource reference for all available configuration options.
Let's create AWS Timestream for InfluxDB Instances
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Configuration & Updates
Why was my instance destroyed when I removed the DB parameter group?
Removing
dbParameterGroupIdentifier from an instance that already has one causes the instance to be destroyed and recreated. Adding or changing this parameter performs an in-place update, but removal triggers replacement.Why can't I update my storage type again?
For single instances,
dbStorageType can only be updated once every 6 hours. Plan storage type changes carefully to avoid being blocked by this cooldown period.What are the storage requirements for different storage types?
Storage ranges from 20 to 16384 GiB, but the minimum depends on
dbStorageType. InfluxIOIncludedT1 requires at least 20 GiB, while InfluxIOIncludedT2 and InfluxIOIncludedT3 require at least 400 GiB.Networking & Access
What ports can I use for my InfluxDB instance?
Valid ports range from 1024 to 65535, but you cannot use 2375-2376, 7788-7799, 8090, or 51678-51680. The examples use port 8086, which is the default InfluxDB port.
How do I make my instance publicly accessible?
Set
publiclyAccessible to true, but you’ll also need to configure additional resources including a VPC, subnet, internet gateway, and route table with appropriate routes.What VPC resources do I need to create an instance?
All instances require a VPC, at least one subnet, and security groups. Configure these using
vpcSubnetIds and vpcSecurityGroupIds. The examples show how to create these prerequisite resources.High Availability
How do I configure Multi-AZ deployment for high availability?
Set
deploymentType to WITH_MULTIAZ_STANDBY and provide at least two subnets in different availability zones via vpcSubnetIds. The standby instance location is available in the secondaryAvailabilityZone output.Security & Credentials
Where are my InfluxDB credentials stored?
The
bucket, organization, username, and password are automatically stored in an AWS Secrets Manager secret. The ARN of this secret is available in the influxAuthParametersSecretArn output attribute.How do I enable S3 log delivery?
Configure
logDeliveryConfiguration.s3Configuration with bucketName and enabled set to true. Your S3 bucket must have a policy allowing timestream-influxdb.amazonaws.com to perform s3:PutObject on the bucket.Naming & Validation
What are the naming rules for the instance name?
The
name must start with a letter, cannot contain consecutive hyphens, and cannot end with a hyphen. This name becomes a prefix in the instance endpoint.What are the username requirements?
The
username must start with a letter and can’t end with a hyphen or contain two consecutive hyphens. This username is used to access the InfluxDB UI and CLI.What instance types are available?
Valid
dbInstanceType values are db.influx.medium, db.influx.large, db.influx.xlarge, db.influx.2xlarge, db.influx.4xlarge, db.influx.8xlarge, db.influx.12xlarge, and db.influx.16xlarge. This parameter is updatable.