1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. rds
  5. Instance
Alibaba Cloud v3.69.0 published on Monday, Dec 9, 2024 by Pulumi

alicloud.rds.Instance

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.69.0 published on Monday, Dec 9, 2024 by Pulumi

    Import

    RDS instance can be imported using the id, e.g.

    $ pulumi import alicloud:rds/instance:Instance example rm-abc12345678
    

    Create Instance Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Instance(name: string, args: InstanceArgs, opts?: CustomResourceOptions);
    @overload
    def Instance(resource_name: str,
                 args: InstanceArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Instance(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 engine: Optional[str] = None,
                 engine_version: Optional[str] = None,
                 instance_storage: Optional[int] = None,
                 instance_type: Optional[str] = None,
                 acl: Optional[str] = None,
                 auto_renew: Optional[bool] = None,
                 auto_renew_period: Optional[int] = None,
                 auto_upgrade_minor_version: Optional[str] = None,
                 babelfish_configs: Optional[Sequence[InstanceBabelfishConfigArgs]] = None,
                 babelfish_port: Optional[str] = None,
                 ca_type: Optional[str] = None,
                 category: Optional[str] = None,
                 client_ca_cert: Optional[str] = None,
                 client_ca_enabled: Optional[int] = None,
                 client_cert_revocation_list: Optional[str] = None,
                 client_crl_enabled: Optional[int] = None,
                 connection_string_prefix: Optional[str] = None,
                 db_instance_ip_array_attribute: Optional[str] = None,
                 db_instance_ip_array_name: Optional[str] = None,
                 db_instance_storage_type: Optional[str] = None,
                 db_is_ignore_case: Optional[bool] = None,
                 db_param_group_id: Optional[str] = None,
                 db_time_zone: Optional[str] = None,
                 deletion_protection: Optional[bool] = None,
                 direction: Optional[str] = None,
                 effective_time: Optional[str] = None,
                 encryption_key: Optional[str] = None,
                 force: Optional[str] = None,
                 force_restart: Optional[bool] = None,
                 fresh_white_list_readins: Optional[str] = None,
                 ha_config: Optional[str] = None,
                 instance_charge_type: Optional[str] = None,
                 instance_name: Optional[str] = None,
                 maintain_time: Optional[str] = None,
                 manual_ha_time: Optional[str] = None,
                 modify_mode: Optional[str] = None,
                 monitoring_period: Optional[int] = None,
                 node_id: Optional[str] = None,
                 parameters: Optional[Sequence[InstanceParameterArgs]] = None,
                 period: Optional[int] = None,
                 pg_hba_confs: Optional[Sequence[InstancePgHbaConfArgs]] = None,
                 port: Optional[str] = None,
                 private_ip_address: Optional[str] = None,
                 released_keep_policy: Optional[str] = None,
                 replication_acl: Optional[str] = None,
                 resource_group_id: Optional[str] = None,
                 role_arn: Optional[str] = None,
                 security_group_id: Optional[str] = None,
                 security_group_ids: Optional[Sequence[str]] = None,
                 security_ip_mode: Optional[str] = None,
                 security_ip_type: Optional[str] = None,
                 security_ips: Optional[Sequence[str]] = None,
                 server_cert: Optional[str] = None,
                 server_key: Optional[str] = None,
                 serverless_configs: Optional[Sequence[InstanceServerlessConfigArgs]] = None,
                 sql_collector_config_value: Optional[int] = None,
                 sql_collector_status: Optional[str] = None,
                 ssl_action: Optional[str] = None,
                 ssl_connection_string: Optional[str] = None,
                 storage_auto_scale: Optional[str] = None,
                 storage_threshold: Optional[int] = None,
                 storage_upper_bound: Optional[int] = None,
                 switch_time: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 target_minor_version: Optional[str] = None,
                 tcp_connection_type: Optional[str] = None,
                 tde_status: Optional[str] = None,
                 upgrade_db_instance_kernel_version: Optional[bool] = None,
                 upgrade_time: Optional[str] = None,
                 vpc_id: Optional[str] = None,
                 vswitch_id: Optional[str] = None,
                 whitelist_network_type: Optional[str] = None,
                 zone_id: Optional[str] = None,
                 zone_id_slave_a: Optional[str] = None,
                 zone_id_slave_b: Optional[str] = None)
    func NewInstance(ctx *Context, name string, args InstanceArgs, opts ...ResourceOption) (*Instance, error)
    public Instance(string name, InstanceArgs args, CustomResourceOptions? opts = null)
    public Instance(String name, InstanceArgs args)
    public Instance(String name, InstanceArgs args, CustomResourceOptions options)
    
    type: alicloud:rds:Instance
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args InstanceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args InstanceArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args InstanceArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args InstanceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args InstanceArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampleinstanceResourceResourceFromRdsinstance = new AliCloud.Rds.Instance("exampleinstanceResourceResourceFromRdsinstance", new()
    {
        Engine = "string",
        EngineVersion = "string",
        InstanceStorage = 0,
        InstanceType = "string",
        Acl = "string",
        AutoRenew = false,
        AutoRenewPeriod = 0,
        AutoUpgradeMinorVersion = "string",
        BabelfishConfigs = new[]
        {
            new AliCloud.Rds.Inputs.InstanceBabelfishConfigArgs
            {
                BabelfishEnabled = "string",
                MasterUserPassword = "string",
                MasterUsername = "string",
                MigrationMode = "string",
            },
        },
        BabelfishPort = "string",
        CaType = "string",
        Category = "string",
        ClientCaCert = "string",
        ClientCaEnabled = 0,
        ClientCertRevocationList = "string",
        ClientCrlEnabled = 0,
        ConnectionStringPrefix = "string",
        DbInstanceIpArrayAttribute = "string",
        DbInstanceIpArrayName = "string",
        DbInstanceStorageType = "string",
        DbIsIgnoreCase = false,
        DbParamGroupId = "string",
        DbTimeZone = "string",
        DeletionProtection = false,
        Direction = "string",
        EffectiveTime = "string",
        EncryptionKey = "string",
        Force = "string",
        ForceRestart = false,
        FreshWhiteListReadins = "string",
        HaConfig = "string",
        InstanceChargeType = "string",
        InstanceName = "string",
        MaintainTime = "string",
        ManualHaTime = "string",
        ModifyMode = "string",
        MonitoringPeriod = 0,
        NodeId = "string",
        Parameters = new[]
        {
            new AliCloud.Rds.Inputs.InstanceParameterArgs
            {
                Name = "string",
                Value = "string",
            },
        },
        Period = 0,
        PgHbaConfs = new[]
        {
            new AliCloud.Rds.Inputs.InstancePgHbaConfArgs
            {
                Address = "string",
                Database = "string",
                Method = "string",
                PriorityId = 0,
                Type = "string",
                User = "string",
                Mask = "string",
                Option = "string",
            },
        },
        Port = "string",
        PrivateIpAddress = "string",
        ReleasedKeepPolicy = "string",
        ReplicationAcl = "string",
        ResourceGroupId = "string",
        RoleArn = "string",
        SecurityGroupIds = new[]
        {
            "string",
        },
        SecurityIpMode = "string",
        SecurityIpType = "string",
        SecurityIps = new[]
        {
            "string",
        },
        ServerCert = "string",
        ServerKey = "string",
        ServerlessConfigs = new[]
        {
            new AliCloud.Rds.Inputs.InstanceServerlessConfigArgs
            {
                MaxCapacity = 0,
                MinCapacity = 0,
                AutoPause = false,
                SwitchForce = false,
            },
        },
        SqlCollectorConfigValue = 0,
        SqlCollectorStatus = "string",
        SslAction = "string",
        SslConnectionString = "string",
        StorageAutoScale = "string",
        StorageThreshold = 0,
        StorageUpperBound = 0,
        SwitchTime = "string",
        Tags = 
        {
            { "string", "string" },
        },
        TargetMinorVersion = "string",
        TcpConnectionType = "string",
        TdeStatus = "string",
        UpgradeTime = "string",
        VpcId = "string",
        VswitchId = "string",
        WhitelistNetworkType = "string",
        ZoneId = "string",
        ZoneIdSlaveA = "string",
        ZoneIdSlaveB = "string",
    });
    
    example, err := rds.NewInstance(ctx, "exampleinstanceResourceResourceFromRdsinstance", &rds.InstanceArgs{
    	Engine:                  pulumi.String("string"),
    	EngineVersion:           pulumi.String("string"),
    	InstanceStorage:         pulumi.Int(0),
    	InstanceType:            pulumi.String("string"),
    	Acl:                     pulumi.String("string"),
    	AutoRenew:               pulumi.Bool(false),
    	AutoRenewPeriod:         pulumi.Int(0),
    	AutoUpgradeMinorVersion: pulumi.String("string"),
    	BabelfishConfigs: rds.InstanceBabelfishConfigArray{
    		&rds.InstanceBabelfishConfigArgs{
    			BabelfishEnabled:   pulumi.String("string"),
    			MasterUserPassword: pulumi.String("string"),
    			MasterUsername:     pulumi.String("string"),
    			MigrationMode:      pulumi.String("string"),
    		},
    	},
    	BabelfishPort:              pulumi.String("string"),
    	CaType:                     pulumi.String("string"),
    	Category:                   pulumi.String("string"),
    	ClientCaCert:               pulumi.String("string"),
    	ClientCaEnabled:            pulumi.Int(0),
    	ClientCertRevocationList:   pulumi.String("string"),
    	ClientCrlEnabled:           pulumi.Int(0),
    	ConnectionStringPrefix:     pulumi.String("string"),
    	DbInstanceIpArrayAttribute: pulumi.String("string"),
    	DbInstanceIpArrayName:      pulumi.String("string"),
    	DbInstanceStorageType:      pulumi.String("string"),
    	DbIsIgnoreCase:             pulumi.Bool(false),
    	DbParamGroupId:             pulumi.String("string"),
    	DbTimeZone:                 pulumi.String("string"),
    	DeletionProtection:         pulumi.Bool(false),
    	Direction:                  pulumi.String("string"),
    	EffectiveTime:              pulumi.String("string"),
    	EncryptionKey:              pulumi.String("string"),
    	Force:                      pulumi.String("string"),
    	ForceRestart:               pulumi.Bool(false),
    	FreshWhiteListReadins:      pulumi.String("string"),
    	HaConfig:                   pulumi.String("string"),
    	InstanceChargeType:         pulumi.String("string"),
    	InstanceName:               pulumi.String("string"),
    	MaintainTime:               pulumi.String("string"),
    	ManualHaTime:               pulumi.String("string"),
    	ModifyMode:                 pulumi.String("string"),
    	MonitoringPeriod:           pulumi.Int(0),
    	NodeId:                     pulumi.String("string"),
    	Parameters: rds.InstanceParameterArray{
    		&rds.InstanceParameterArgs{
    			Name:  pulumi.String("string"),
    			Value: pulumi.String("string"),
    		},
    	},
    	Period: pulumi.Int(0),
    	PgHbaConfs: rds.InstancePgHbaConfArray{
    		&rds.InstancePgHbaConfArgs{
    			Address:    pulumi.String("string"),
    			Database:   pulumi.String("string"),
    			Method:     pulumi.String("string"),
    			PriorityId: pulumi.Int(0),
    			Type:       pulumi.String("string"),
    			User:       pulumi.String("string"),
    			Mask:       pulumi.String("string"),
    			Option:     pulumi.String("string"),
    		},
    	},
    	Port:               pulumi.String("string"),
    	PrivateIpAddress:   pulumi.String("string"),
    	ReleasedKeepPolicy: pulumi.String("string"),
    	ReplicationAcl:     pulumi.String("string"),
    	ResourceGroupId:    pulumi.String("string"),
    	RoleArn:            pulumi.String("string"),
    	SecurityGroupIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	SecurityIpMode: pulumi.String("string"),
    	SecurityIpType: pulumi.String("string"),
    	SecurityIps: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ServerCert: pulumi.String("string"),
    	ServerKey:  pulumi.String("string"),
    	ServerlessConfigs: rds.InstanceServerlessConfigArray{
    		&rds.InstanceServerlessConfigArgs{
    			MaxCapacity: pulumi.Float64(0),
    			MinCapacity: pulumi.Float64(0),
    			AutoPause:   pulumi.Bool(false),
    			SwitchForce: pulumi.Bool(false),
    		},
    	},
    	SqlCollectorConfigValue: pulumi.Int(0),
    	SqlCollectorStatus:      pulumi.String("string"),
    	SslAction:               pulumi.String("string"),
    	SslConnectionString:     pulumi.String("string"),
    	StorageAutoScale:        pulumi.String("string"),
    	StorageThreshold:        pulumi.Int(0),
    	StorageUpperBound:       pulumi.Int(0),
    	SwitchTime:              pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	TargetMinorVersion:   pulumi.String("string"),
    	TcpConnectionType:    pulumi.String("string"),
    	TdeStatus:            pulumi.String("string"),
    	UpgradeTime:          pulumi.String("string"),
    	VpcId:                pulumi.String("string"),
    	VswitchId:            pulumi.String("string"),
    	WhitelistNetworkType: pulumi.String("string"),
    	ZoneId:               pulumi.String("string"),
    	ZoneIdSlaveA:         pulumi.String("string"),
    	ZoneIdSlaveB:         pulumi.String("string"),
    })
    
    var exampleinstanceResourceResourceFromRdsinstance = new Instance("exampleinstanceResourceResourceFromRdsinstance", InstanceArgs.builder()
        .engine("string")
        .engineVersion("string")
        .instanceStorage(0)
        .instanceType("string")
        .acl("string")
        .autoRenew(false)
        .autoRenewPeriod(0)
        .autoUpgradeMinorVersion("string")
        .babelfishConfigs(InstanceBabelfishConfigArgs.builder()
            .babelfishEnabled("string")
            .masterUserPassword("string")
            .masterUsername("string")
            .migrationMode("string")
            .build())
        .babelfishPort("string")
        .caType("string")
        .category("string")
        .clientCaCert("string")
        .clientCaEnabled(0)
        .clientCertRevocationList("string")
        .clientCrlEnabled(0)
        .connectionStringPrefix("string")
        .dbInstanceIpArrayAttribute("string")
        .dbInstanceIpArrayName("string")
        .dbInstanceStorageType("string")
        .dbIsIgnoreCase(false)
        .dbParamGroupId("string")
        .dbTimeZone("string")
        .deletionProtection(false)
        .direction("string")
        .effectiveTime("string")
        .encryptionKey("string")
        .force("string")
        .forceRestart(false)
        .freshWhiteListReadins("string")
        .haConfig("string")
        .instanceChargeType("string")
        .instanceName("string")
        .maintainTime("string")
        .manualHaTime("string")
        .modifyMode("string")
        .monitoringPeriod(0)
        .nodeId("string")
        .parameters(InstanceParameterArgs.builder()
            .name("string")
            .value("string")
            .build())
        .period(0)
        .pgHbaConfs(InstancePgHbaConfArgs.builder()
            .address("string")
            .database("string")
            .method("string")
            .priorityId(0)
            .type("string")
            .user("string")
            .mask("string")
            .option("string")
            .build())
        .port("string")
        .privateIpAddress("string")
        .releasedKeepPolicy("string")
        .replicationAcl("string")
        .resourceGroupId("string")
        .roleArn("string")
        .securityGroupIds("string")
        .securityIpMode("string")
        .securityIpType("string")
        .securityIps("string")
        .serverCert("string")
        .serverKey("string")
        .serverlessConfigs(InstanceServerlessConfigArgs.builder()
            .maxCapacity(0)
            .minCapacity(0)
            .autoPause(false)
            .switchForce(false)
            .build())
        .sqlCollectorConfigValue(0)
        .sqlCollectorStatus("string")
        .sslAction("string")
        .sslConnectionString("string")
        .storageAutoScale("string")
        .storageThreshold(0)
        .storageUpperBound(0)
        .switchTime("string")
        .tags(Map.of("string", "string"))
        .targetMinorVersion("string")
        .tcpConnectionType("string")
        .tdeStatus("string")
        .upgradeTime("string")
        .vpcId("string")
        .vswitchId("string")
        .whitelistNetworkType("string")
        .zoneId("string")
        .zoneIdSlaveA("string")
        .zoneIdSlaveB("string")
        .build());
    
    exampleinstance_resource_resource_from_rdsinstance = alicloud.rds.Instance("exampleinstanceResourceResourceFromRdsinstance",
        engine="string",
        engine_version="string",
        instance_storage=0,
        instance_type="string",
        acl="string",
        auto_renew=False,
        auto_renew_period=0,
        auto_upgrade_minor_version="string",
        babelfish_configs=[{
            "babelfish_enabled": "string",
            "master_user_password": "string",
            "master_username": "string",
            "migration_mode": "string",
        }],
        babelfish_port="string",
        ca_type="string",
        category="string",
        client_ca_cert="string",
        client_ca_enabled=0,
        client_cert_revocation_list="string",
        client_crl_enabled=0,
        connection_string_prefix="string",
        db_instance_ip_array_attribute="string",
        db_instance_ip_array_name="string",
        db_instance_storage_type="string",
        db_is_ignore_case=False,
        db_param_group_id="string",
        db_time_zone="string",
        deletion_protection=False,
        direction="string",
        effective_time="string",
        encryption_key="string",
        force="string",
        force_restart=False,
        fresh_white_list_readins="string",
        ha_config="string",
        instance_charge_type="string",
        instance_name="string",
        maintain_time="string",
        manual_ha_time="string",
        modify_mode="string",
        monitoring_period=0,
        node_id="string",
        parameters=[{
            "name": "string",
            "value": "string",
        }],
        period=0,
        pg_hba_confs=[{
            "address": "string",
            "database": "string",
            "method": "string",
            "priority_id": 0,
            "type": "string",
            "user": "string",
            "mask": "string",
            "option": "string",
        }],
        port="string",
        private_ip_address="string",
        released_keep_policy="string",
        replication_acl="string",
        resource_group_id="string",
        role_arn="string",
        security_group_ids=["string"],
        security_ip_mode="string",
        security_ip_type="string",
        security_ips=["string"],
        server_cert="string",
        server_key="string",
        serverless_configs=[{
            "max_capacity": 0,
            "min_capacity": 0,
            "auto_pause": False,
            "switch_force": False,
        }],
        sql_collector_config_value=0,
        sql_collector_status="string",
        ssl_action="string",
        ssl_connection_string="string",
        storage_auto_scale="string",
        storage_threshold=0,
        storage_upper_bound=0,
        switch_time="string",
        tags={
            "string": "string",
        },
        target_minor_version="string",
        tcp_connection_type="string",
        tde_status="string",
        upgrade_time="string",
        vpc_id="string",
        vswitch_id="string",
        whitelist_network_type="string",
        zone_id="string",
        zone_id_slave_a="string",
        zone_id_slave_b="string")
    
    const exampleinstanceResourceResourceFromRdsinstance = new alicloud.rds.Instance("exampleinstanceResourceResourceFromRdsinstance", {
        engine: "string",
        engineVersion: "string",
        instanceStorage: 0,
        instanceType: "string",
        acl: "string",
        autoRenew: false,
        autoRenewPeriod: 0,
        autoUpgradeMinorVersion: "string",
        babelfishConfigs: [{
            babelfishEnabled: "string",
            masterUserPassword: "string",
            masterUsername: "string",
            migrationMode: "string",
        }],
        babelfishPort: "string",
        caType: "string",
        category: "string",
        clientCaCert: "string",
        clientCaEnabled: 0,
        clientCertRevocationList: "string",
        clientCrlEnabled: 0,
        connectionStringPrefix: "string",
        dbInstanceIpArrayAttribute: "string",
        dbInstanceIpArrayName: "string",
        dbInstanceStorageType: "string",
        dbIsIgnoreCase: false,
        dbParamGroupId: "string",
        dbTimeZone: "string",
        deletionProtection: false,
        direction: "string",
        effectiveTime: "string",
        encryptionKey: "string",
        force: "string",
        forceRestart: false,
        freshWhiteListReadins: "string",
        haConfig: "string",
        instanceChargeType: "string",
        instanceName: "string",
        maintainTime: "string",
        manualHaTime: "string",
        modifyMode: "string",
        monitoringPeriod: 0,
        nodeId: "string",
        parameters: [{
            name: "string",
            value: "string",
        }],
        period: 0,
        pgHbaConfs: [{
            address: "string",
            database: "string",
            method: "string",
            priorityId: 0,
            type: "string",
            user: "string",
            mask: "string",
            option: "string",
        }],
        port: "string",
        privateIpAddress: "string",
        releasedKeepPolicy: "string",
        replicationAcl: "string",
        resourceGroupId: "string",
        roleArn: "string",
        securityGroupIds: ["string"],
        securityIpMode: "string",
        securityIpType: "string",
        securityIps: ["string"],
        serverCert: "string",
        serverKey: "string",
        serverlessConfigs: [{
            maxCapacity: 0,
            minCapacity: 0,
            autoPause: false,
            switchForce: false,
        }],
        sqlCollectorConfigValue: 0,
        sqlCollectorStatus: "string",
        sslAction: "string",
        sslConnectionString: "string",
        storageAutoScale: "string",
        storageThreshold: 0,
        storageUpperBound: 0,
        switchTime: "string",
        tags: {
            string: "string",
        },
        targetMinorVersion: "string",
        tcpConnectionType: "string",
        tdeStatus: "string",
        upgradeTime: "string",
        vpcId: "string",
        vswitchId: "string",
        whitelistNetworkType: "string",
        zoneId: "string",
        zoneIdSlaveA: "string",
        zoneIdSlaveB: "string",
    });
    
    type: alicloud:rds:Instance
    properties:
        acl: string
        autoRenew: false
        autoRenewPeriod: 0
        autoUpgradeMinorVersion: string
        babelfishConfigs:
            - babelfishEnabled: string
              masterUserPassword: string
              masterUsername: string
              migrationMode: string
        babelfishPort: string
        caType: string
        category: string
        clientCaCert: string
        clientCaEnabled: 0
        clientCertRevocationList: string
        clientCrlEnabled: 0
        connectionStringPrefix: string
        dbInstanceIpArrayAttribute: string
        dbInstanceIpArrayName: string
        dbInstanceStorageType: string
        dbIsIgnoreCase: false
        dbParamGroupId: string
        dbTimeZone: string
        deletionProtection: false
        direction: string
        effectiveTime: string
        encryptionKey: string
        engine: string
        engineVersion: string
        force: string
        forceRestart: false
        freshWhiteListReadins: string
        haConfig: string
        instanceChargeType: string
        instanceName: string
        instanceStorage: 0
        instanceType: string
        maintainTime: string
        manualHaTime: string
        modifyMode: string
        monitoringPeriod: 0
        nodeId: string
        parameters:
            - name: string
              value: string
        period: 0
        pgHbaConfs:
            - address: string
              database: string
              mask: string
              method: string
              option: string
              priorityId: 0
              type: string
              user: string
        port: string
        privateIpAddress: string
        releasedKeepPolicy: string
        replicationAcl: string
        resourceGroupId: string
        roleArn: string
        securityGroupIds:
            - string
        securityIpMode: string
        securityIpType: string
        securityIps:
            - string
        serverCert: string
        serverKey: string
        serverlessConfigs:
            - autoPause: false
              maxCapacity: 0
              minCapacity: 0
              switchForce: false
        sqlCollectorConfigValue: 0
        sqlCollectorStatus: string
        sslAction: string
        sslConnectionString: string
        storageAutoScale: string
        storageThreshold: 0
        storageUpperBound: 0
        switchTime: string
        tags:
            string: string
        targetMinorVersion: string
        tcpConnectionType: string
        tdeStatus: string
        upgradeTime: string
        vpcId: string
        vswitchId: string
        whitelistNetworkType: string
        zoneId: string
        zoneIdSlaveA: string
        zoneIdSlaveB: string
    

    Instance Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Instance resource accepts the following input properties:

    Engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    EngineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    InstanceStorage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    InstanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    Acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    AutoRenew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    AutoRenewPeriod int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    AutoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    BabelfishConfigs List<Pulumi.AliCloud.Rds.Inputs.InstanceBabelfishConfig>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    BabelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    CaType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    Category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    ClientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    ClientCaEnabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    ClientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    ClientCrlEnabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    ConnectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    DbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    DbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    DbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    DbIsIgnoreCase bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    DbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    DbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    DeletionProtection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    Direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    EffectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    EncryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    Force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    ForceRestart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    FreshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    HaConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    InstanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    InstanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    MaintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    ManualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    ModifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    MonitoringPeriod int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    NodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    Parameters List<Pulumi.AliCloud.Rds.Inputs.InstanceParameter>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    Period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    PgHbaConfs List<Pulumi.AliCloud.Rds.Inputs.InstancePgHbaConf>
    The configuration of AD domain . See pg_hba_conf below.
    Port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    PrivateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    ReleasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    ReplicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    ResourceGroupId string
    The ID of resource group which the DB instance belongs.
    RoleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    SecurityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    SecurityGroupIds List<string>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    SecurityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    SecurityIpType string
    The type of IP address in the IP address whitelist.
    SecurityIps List<string>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    ServerCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    ServerKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    ServerlessConfigs List<Pulumi.AliCloud.Rds.Inputs.InstanceServerlessConfig>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    SqlCollectorConfigValue int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    SqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    SslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    SslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    StorageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    StorageThreshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    StorageUpperBound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    SwitchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    TargetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    TcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    TdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    UpgradeDbInstanceKernelVersion bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    UpgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    VpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    VswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    WhitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    ZoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    ZoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    ZoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    Engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    EngineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    InstanceStorage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    InstanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    Acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    AutoRenew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    AutoRenewPeriod int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    AutoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    BabelfishConfigs []InstanceBabelfishConfigArgs

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    BabelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    CaType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    Category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    ClientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    ClientCaEnabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    ClientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    ClientCrlEnabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    ConnectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    DbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    DbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    DbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    DbIsIgnoreCase bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    DbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    DbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    DeletionProtection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    Direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    EffectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    EncryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    Force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    ForceRestart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    FreshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    HaConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    InstanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    InstanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    MaintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    ManualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    ModifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    MonitoringPeriod int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    NodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    Parameters []InstanceParameterArgs
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    Period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    PgHbaConfs []InstancePgHbaConfArgs
    The configuration of AD domain . See pg_hba_conf below.
    Port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    PrivateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    ReleasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    ReplicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    ResourceGroupId string
    The ID of resource group which the DB instance belongs.
    RoleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    SecurityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    SecurityGroupIds []string
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    SecurityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    SecurityIpType string
    The type of IP address in the IP address whitelist.
    SecurityIps []string
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    ServerCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    ServerKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    ServerlessConfigs []InstanceServerlessConfigArgs
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    SqlCollectorConfigValue int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    SqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    SslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    SslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    StorageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    StorageThreshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    StorageUpperBound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    SwitchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    Tags map[string]string

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    TargetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    TcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    TdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    UpgradeDbInstanceKernelVersion bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    UpgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    VpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    VswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    WhitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    ZoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    ZoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    ZoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    engine String

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion String
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    instanceStorage Integer
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType String

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    acl String
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew Boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod Integer
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion String

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs List<InstanceBabelfishConfig>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort String

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType String
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category String

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert String
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled Integer
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList String
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled Integer
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionStringPrefix String

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    dbInstanceIpArrayAttribute String

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName String

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType String
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbIsIgnoreCase Boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId String
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone String

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection Boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction String
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime String
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey String
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    force String
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart Boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins String
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig String

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType String
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName String
    The name of DB instance. It a string of 2 to 256 characters.
    maintainTime String
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime String

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode String
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod Integer
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId String
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters List<InstanceParameter>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period Integer

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs List<InstancePgHbaConf>
    The configuration of AD domain . See pg_hba_conf below.
    port String
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress String
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy String

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl String
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId String
    The ID of resource group which the DB instance belongs.
    roleArn String

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId String
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds List<String>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode String
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType String
    The type of IP address in the IP address whitelist.
    securityIps List<String>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert String
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey String
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs List<InstanceServerlessConfig>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue Integer
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus String
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction String

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString String
    The internal or public endpoint for which the server certificate needs to be created or updated.
    storageAutoScale String

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold Integer

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound Integer

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime String

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Map<String,String>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion String

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType String
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus String
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion Boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime String
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId String

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId String
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType String

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId String
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA String
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB String
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    instanceStorage number
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod number
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs InstanceBabelfishConfig[]

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled number
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled number
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    dbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbIsIgnoreCase boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    maintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod number
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters InstanceParameter[]
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period number

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs InstancePgHbaConf[]
    The configuration of AD domain . See pg_hba_conf below.
    port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId string
    The ID of resource group which the DB instance belongs.
    roleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds string[]
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType string
    The type of IP address in the IP address whitelist.
    securityIps string[]
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs InstanceServerlessConfig[]
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue number
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    storageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold number

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound number

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    engine str

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engine_version str
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    instance_storage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instance_type str

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    acl str
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    auto_renew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    auto_renew_period int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    auto_upgrade_minor_version str

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfish_configs Sequence[InstanceBabelfishConfigArgs]

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfish_port str

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    ca_type str
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category str

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    client_ca_cert str
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    client_ca_enabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    client_cert_revocation_list str
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    client_crl_enabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connection_string_prefix str

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    db_instance_ip_array_attribute str

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    db_instance_ip_array_name str

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    db_instance_storage_type str
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    db_is_ignore_case bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    db_param_group_id str
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    db_time_zone str

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletion_protection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction str
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effective_time str
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryption_key str
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    force str
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    force_restart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    fresh_white_list_readins str
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    ha_config str

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instance_charge_type str
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instance_name str
    The name of DB instance. It a string of 2 to 256 characters.
    maintain_time str
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manual_ha_time str

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modify_mode str
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoring_period int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    node_id str
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters Sequence[InstanceParameterArgs]
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pg_hba_confs Sequence[InstancePgHbaConfArgs]
    The configuration of AD domain . See pg_hba_conf below.
    port str
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    private_ip_address str
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    released_keep_policy str

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replication_acl str
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resource_group_id str
    The ID of resource group which the DB instance belongs.
    role_arn str

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    security_group_id str
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    security_group_ids Sequence[str]
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    security_ip_mode str
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    security_ip_type str
    The type of IP address in the IP address whitelist.
    security_ips Sequence[str]
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    server_cert str
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    server_key str
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverless_configs Sequence[InstanceServerlessConfigArgs]
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sql_collector_config_value int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sql_collector_status str
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    ssl_action str

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    ssl_connection_string str
    The internal or public endpoint for which the server certificate needs to be created or updated.
    storage_auto_scale str

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storage_threshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storage_upper_bound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switch_time str

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    target_minor_version str

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcp_connection_type str
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tde_status str
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgrade_db_instance_kernel_version bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgrade_time str
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpc_id str

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitch_id str
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelist_network_type str

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zone_id str
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zone_id_slave_a str
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zone_id_slave_b str
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    engine String

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion String
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    instanceStorage Number
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType String

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    acl String
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew Boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod Number
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion String

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs List<Property Map>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort String

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType String
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category String

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert String
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled Number
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList String
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled Number
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionStringPrefix String

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    dbInstanceIpArrayAttribute String

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName String

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType String
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbIsIgnoreCase Boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId String
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone String

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection Boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction String
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime String
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey String
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    force String
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart Boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins String
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig String

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType String
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName String
    The name of DB instance. It a string of 2 to 256 characters.
    maintainTime String
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime String

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode String
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod Number
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId String
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters List<Property Map>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period Number

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs List<Property Map>
    The configuration of AD domain . See pg_hba_conf below.
    port String
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress String
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy String

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl String
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId String
    The ID of resource group which the DB instance belongs.
    roleArn String

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId String
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds List<String>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode String
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType String
    The type of IP address in the IP address whitelist.
    securityIps List<String>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert String
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey String
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs List<Property Map>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue Number
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus String
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction String

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString String
    The internal or public endpoint for which the server certificate needs to be created or updated.
    storageAutoScale String

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold Number

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound Number

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime String

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Map<String>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion String

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType String
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus String
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion Boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime String
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId String

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId String
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType String

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId String
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA String
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB String
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Instance resource produces the following output properties:

    ConnectionString string
    RDS database connection string.
    CreateTime string
    (Available since 1.204.1) The creation time of db instance.
    DbInstanceType string
    (Available since 1.197.0) The type of db instance.
    Id string
    The provider-assigned unique ID for this managed resource.
    SslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    Status string
    (Available since 1.204.1) The status of db instance.
    ConnectionString string
    RDS database connection string.
    CreateTime string
    (Available since 1.204.1) The creation time of db instance.
    DbInstanceType string
    (Available since 1.197.0) The type of db instance.
    Id string
    The provider-assigned unique ID for this managed resource.
    SslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    Status string
    (Available since 1.204.1) The status of db instance.
    connectionString String
    RDS database connection string.
    createTime String
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceType String
    (Available since 1.197.0) The type of db instance.
    id String
    The provider-assigned unique ID for this managed resource.
    sslStatus String
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status String
    (Available since 1.204.1) The status of db instance.
    connectionString string
    RDS database connection string.
    createTime string
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceType string
    (Available since 1.197.0) The type of db instance.
    id string
    The provider-assigned unique ID for this managed resource.
    sslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status string
    (Available since 1.204.1) The status of db instance.
    connection_string str
    RDS database connection string.
    create_time str
    (Available since 1.204.1) The creation time of db instance.
    db_instance_type str
    (Available since 1.197.0) The type of db instance.
    id str
    The provider-assigned unique ID for this managed resource.
    ssl_status str
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status str
    (Available since 1.204.1) The status of db instance.
    connectionString String
    RDS database connection string.
    createTime String
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceType String
    (Available since 1.197.0) The type of db instance.
    id String
    The provider-assigned unique ID for this managed resource.
    sslStatus String
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status String
    (Available since 1.204.1) The status of db instance.

    Look up Existing Instance Resource

    Get an existing Instance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: InstanceState, opts?: CustomResourceOptions): Instance
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acl: Optional[str] = None,
            auto_renew: Optional[bool] = None,
            auto_renew_period: Optional[int] = None,
            auto_upgrade_minor_version: Optional[str] = None,
            babelfish_configs: Optional[Sequence[InstanceBabelfishConfigArgs]] = None,
            babelfish_port: Optional[str] = None,
            ca_type: Optional[str] = None,
            category: Optional[str] = None,
            client_ca_cert: Optional[str] = None,
            client_ca_enabled: Optional[int] = None,
            client_cert_revocation_list: Optional[str] = None,
            client_crl_enabled: Optional[int] = None,
            connection_string: Optional[str] = None,
            connection_string_prefix: Optional[str] = None,
            create_time: Optional[str] = None,
            db_instance_ip_array_attribute: Optional[str] = None,
            db_instance_ip_array_name: Optional[str] = None,
            db_instance_storage_type: Optional[str] = None,
            db_instance_type: Optional[str] = None,
            db_is_ignore_case: Optional[bool] = None,
            db_param_group_id: Optional[str] = None,
            db_time_zone: Optional[str] = None,
            deletion_protection: Optional[bool] = None,
            direction: Optional[str] = None,
            effective_time: Optional[str] = None,
            encryption_key: Optional[str] = None,
            engine: Optional[str] = None,
            engine_version: Optional[str] = None,
            force: Optional[str] = None,
            force_restart: Optional[bool] = None,
            fresh_white_list_readins: Optional[str] = None,
            ha_config: Optional[str] = None,
            instance_charge_type: Optional[str] = None,
            instance_name: Optional[str] = None,
            instance_storage: Optional[int] = None,
            instance_type: Optional[str] = None,
            maintain_time: Optional[str] = None,
            manual_ha_time: Optional[str] = None,
            modify_mode: Optional[str] = None,
            monitoring_period: Optional[int] = None,
            node_id: Optional[str] = None,
            parameters: Optional[Sequence[InstanceParameterArgs]] = None,
            period: Optional[int] = None,
            pg_hba_confs: Optional[Sequence[InstancePgHbaConfArgs]] = None,
            port: Optional[str] = None,
            private_ip_address: Optional[str] = None,
            released_keep_policy: Optional[str] = None,
            replication_acl: Optional[str] = None,
            resource_group_id: Optional[str] = None,
            role_arn: Optional[str] = None,
            security_group_id: Optional[str] = None,
            security_group_ids: Optional[Sequence[str]] = None,
            security_ip_mode: Optional[str] = None,
            security_ip_type: Optional[str] = None,
            security_ips: Optional[Sequence[str]] = None,
            server_cert: Optional[str] = None,
            server_key: Optional[str] = None,
            serverless_configs: Optional[Sequence[InstanceServerlessConfigArgs]] = None,
            sql_collector_config_value: Optional[int] = None,
            sql_collector_status: Optional[str] = None,
            ssl_action: Optional[str] = None,
            ssl_connection_string: Optional[str] = None,
            ssl_status: Optional[str] = None,
            status: Optional[str] = None,
            storage_auto_scale: Optional[str] = None,
            storage_threshold: Optional[int] = None,
            storage_upper_bound: Optional[int] = None,
            switch_time: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            target_minor_version: Optional[str] = None,
            tcp_connection_type: Optional[str] = None,
            tde_status: Optional[str] = None,
            upgrade_db_instance_kernel_version: Optional[bool] = None,
            upgrade_time: Optional[str] = None,
            vpc_id: Optional[str] = None,
            vswitch_id: Optional[str] = None,
            whitelist_network_type: Optional[str] = None,
            zone_id: Optional[str] = None,
            zone_id_slave_a: Optional[str] = None,
            zone_id_slave_b: Optional[str] = None) -> Instance
    func GetInstance(ctx *Context, name string, id IDInput, state *InstanceState, opts ...ResourceOption) (*Instance, error)
    public static Instance Get(string name, Input<string> id, InstanceState? state, CustomResourceOptions? opts = null)
    public static Instance get(String name, Output<String> id, InstanceState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    AutoRenew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    AutoRenewPeriod int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    AutoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    BabelfishConfigs List<Pulumi.AliCloud.Rds.Inputs.InstanceBabelfishConfig>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    BabelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    CaType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    Category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    ClientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    ClientCaEnabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    ClientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    ClientCrlEnabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    ConnectionString string
    RDS database connection string.
    ConnectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    CreateTime string
    (Available since 1.204.1) The creation time of db instance.
    DbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    DbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    DbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    DbInstanceType string
    (Available since 1.197.0) The type of db instance.
    DbIsIgnoreCase bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    DbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    DbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    DeletionProtection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    Direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    EffectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    EncryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    Engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    EngineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    Force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    ForceRestart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    FreshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    HaConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    InstanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    InstanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    InstanceStorage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    InstanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    MaintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    ManualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    ModifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    MonitoringPeriod int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    NodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    Parameters List<Pulumi.AliCloud.Rds.Inputs.InstanceParameter>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    Period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    PgHbaConfs List<Pulumi.AliCloud.Rds.Inputs.InstancePgHbaConf>
    The configuration of AD domain . See pg_hba_conf below.
    Port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    PrivateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    ReleasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    ReplicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    ResourceGroupId string
    The ID of resource group which the DB instance belongs.
    RoleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    SecurityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    SecurityGroupIds List<string>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    SecurityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    SecurityIpType string
    The type of IP address in the IP address whitelist.
    SecurityIps List<string>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    ServerCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    ServerKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    ServerlessConfigs List<Pulumi.AliCloud.Rds.Inputs.InstanceServerlessConfig>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    SqlCollectorConfigValue int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    SqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    SslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    SslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    SslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    Status string
    (Available since 1.204.1) The status of db instance.
    StorageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    StorageThreshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    StorageUpperBound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    SwitchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    TargetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    TcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    TdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    UpgradeDbInstanceKernelVersion bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    UpgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    VpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    VswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    WhitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    ZoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    ZoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    ZoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    Acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    AutoRenew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    AutoRenewPeriod int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    AutoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    BabelfishConfigs []InstanceBabelfishConfigArgs

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    BabelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    CaType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    Category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    ClientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    ClientCaEnabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    ClientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    ClientCrlEnabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    ConnectionString string
    RDS database connection string.
    ConnectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    CreateTime string
    (Available since 1.204.1) The creation time of db instance.
    DbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    DbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    DbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    DbInstanceType string
    (Available since 1.197.0) The type of db instance.
    DbIsIgnoreCase bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    DbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    DbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    DeletionProtection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    Direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    EffectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    EncryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    Engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    EngineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    Force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    ForceRestart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    FreshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    HaConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    InstanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    InstanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    InstanceStorage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    InstanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    MaintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    ManualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    ModifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    MonitoringPeriod int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    NodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    Parameters []InstanceParameterArgs
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    Period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    PgHbaConfs []InstancePgHbaConfArgs
    The configuration of AD domain . See pg_hba_conf below.
    Port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    PrivateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    ReleasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    ReplicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    ResourceGroupId string
    The ID of resource group which the DB instance belongs.
    RoleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    SecurityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    SecurityGroupIds []string
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    SecurityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    SecurityIpType string
    The type of IP address in the IP address whitelist.
    SecurityIps []string
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    ServerCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    ServerKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    ServerlessConfigs []InstanceServerlessConfigArgs
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    SqlCollectorConfigValue int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    SqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    SslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    SslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    SslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    Status string
    (Available since 1.204.1) The status of db instance.
    StorageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    StorageThreshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    StorageUpperBound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    SwitchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    Tags map[string]string

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    TargetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    TcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    TdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    UpgradeDbInstanceKernelVersion bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    UpgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    VpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    VswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    WhitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    ZoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    ZoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    ZoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    acl String
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew Boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod Integer
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion String

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs List<InstanceBabelfishConfig>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort String

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType String
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category String

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert String
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled Integer
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList String
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled Integer
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionString String
    RDS database connection string.
    connectionStringPrefix String

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    createTime String
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceIpArrayAttribute String

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName String

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType String
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbInstanceType String
    (Available since 1.197.0) The type of db instance.
    dbIsIgnoreCase Boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId String
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone String

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection Boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction String
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime String
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey String
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    engine String

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion String
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    force String
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart Boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins String
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig String

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType String
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName String
    The name of DB instance. It a string of 2 to 256 characters.
    instanceStorage Integer
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType String

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    maintainTime String
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime String

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode String
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod Integer
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId String
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters List<InstanceParameter>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period Integer

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs List<InstancePgHbaConf>
    The configuration of AD domain . See pg_hba_conf below.
    port String
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress String
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy String

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl String
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId String
    The ID of resource group which the DB instance belongs.
    roleArn String

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId String
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds List<String>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode String
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType String
    The type of IP address in the IP address whitelist.
    securityIps List<String>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert String
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey String
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs List<InstanceServerlessConfig>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue Integer
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus String
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction String

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString String
    The internal or public endpoint for which the server certificate needs to be created or updated.
    sslStatus String
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status String
    (Available since 1.204.1) The status of db instance.
    storageAutoScale String

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold Integer

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound Integer

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime String

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Map<String,String>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion String

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType String
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus String
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion Boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime String
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId String

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId String
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType String

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId String
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA String
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB String
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    acl string
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod number
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion string

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs InstanceBabelfishConfig[]

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort string

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType string
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category string

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert string
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled number
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList string
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled number
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionString string
    RDS database connection string.
    connectionStringPrefix string

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    createTime string
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceIpArrayAttribute string

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName string

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType string
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbInstanceType string
    (Available since 1.197.0) The type of db instance.
    dbIsIgnoreCase boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId string
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone string

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction string
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime string
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey string
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    engine string

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion string
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    force string
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins string
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig string

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType string
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName string
    The name of DB instance. It a string of 2 to 256 characters.
    instanceStorage number
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType string

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    maintainTime string
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime string

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode string
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod number
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId string
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters InstanceParameter[]
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period number

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs InstancePgHbaConf[]
    The configuration of AD domain . See pg_hba_conf below.
    port string
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress string
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy string

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl string
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId string
    The ID of resource group which the DB instance belongs.
    roleArn string

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId string
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds string[]
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode string
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType string
    The type of IP address in the IP address whitelist.
    securityIps string[]
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert string
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey string
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs InstanceServerlessConfig[]
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue number
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus string
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction string

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString string
    The internal or public endpoint for which the server certificate needs to be created or updated.
    sslStatus string
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status string
    (Available since 1.204.1) The status of db instance.
    storageAutoScale string

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold number

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound number

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime string

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion string

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType string
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus string
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime string
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId string

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId string
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType string

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId string
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA string
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB string
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    acl str
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    auto_renew bool
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    auto_renew_period int
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    auto_upgrade_minor_version str

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfish_configs Sequence[InstanceBabelfishConfigArgs]

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfish_port str

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    ca_type str
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category str

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    client_ca_cert str
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    client_ca_enabled int
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    client_cert_revocation_list str
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    client_crl_enabled int
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connection_string str
    RDS database connection string.
    connection_string_prefix str

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    create_time str
    (Available since 1.204.1) The creation time of db instance.
    db_instance_ip_array_attribute str

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    db_instance_ip_array_name str

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    db_instance_storage_type str
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    db_instance_type str
    (Available since 1.197.0) The type of db instance.
    db_is_ignore_case bool
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    db_param_group_id str
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    db_time_zone str

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletion_protection bool

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction str
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effective_time str
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryption_key str
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    engine str

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engine_version str
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    force str
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    force_restart bool
    Set it to true to make some parameter efficient when modifying them. Default to false.
    fresh_white_list_readins str
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    ha_config str

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instance_charge_type str
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instance_name str
    The name of DB instance. It a string of 2 to 256 characters.
    instance_storage int
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instance_type str

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    maintain_time str
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manual_ha_time str

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modify_mode str
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoring_period int
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    node_id str
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters Sequence[InstanceParameterArgs]
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period int

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pg_hba_confs Sequence[InstancePgHbaConfArgs]
    The configuration of AD domain . See pg_hba_conf below.
    port str
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    private_ip_address str
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    released_keep_policy str

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replication_acl str
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resource_group_id str
    The ID of resource group which the DB instance belongs.
    role_arn str

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    security_group_id str
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    security_group_ids Sequence[str]
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    security_ip_mode str
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    security_ip_type str
    The type of IP address in the IP address whitelist.
    security_ips Sequence[str]
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    server_cert str
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    server_key str
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverless_configs Sequence[InstanceServerlessConfigArgs]
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sql_collector_config_value int
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sql_collector_status str
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    ssl_action str

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    ssl_connection_string str
    The internal or public endpoint for which the server certificate needs to be created or updated.
    ssl_status str
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status str
    (Available since 1.204.1) The status of db instance.
    storage_auto_scale str

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storage_threshold int

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storage_upper_bound int

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switch_time str

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    target_minor_version str

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcp_connection_type str
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tde_status str
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgrade_db_instance_kernel_version bool
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgrade_time str
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpc_id str

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitch_id str
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelist_network_type str

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zone_id str
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zone_id_slave_a str
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zone_id_slave_b str
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.
    acl String
    The method that is used to verify the identities of clients. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    autoRenew Boolean
    Whether to renewal a DB instance automatically or not. It is valid when instance_charge_type is PrePaid. Default to false.
    autoRenewPeriod Number
    Auto-renewal period of an instance, in the unit of the month. It is valid when instance_charge_type is PrePaid. Valid value:[1~12], Default to 1.
    autoUpgradeMinorVersion String

    The upgrade method to use. Valid values:

    • Auto: Instances are automatically upgraded to a higher minor version.
    • Manual: Instances are forcibly upgraded to a higher minor version when the current version is unpublished.

    See more details and limitation.

    babelfishConfigs List<Property Map>

    The configuration of an ApsaraDB RDS for PostgreSQL instance for which Babelfish is enabled. See babelfish_config below.

    NOTE: This parameter takes effect only when you create an ApsaraDB RDS for PostgreSQL instance. For more information, see Introduction to Babelfish.

    babelfishPort String

    The TDS port of the instance for which Babelfish is enabled.

    NOTE: This parameter applies only to ApsaraDB RDS for PostgreSQL instances. For more information about Babelfish for ApsaraDB RDS for PostgreSQL, see Introduction to Babelfish.

    caType String
    The type of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the SSLEnabled parameter to 1, the default value of this parameter is aliyun. NOTE: From version 1.231.0, ca_type start support MySQL engine. Value range:

    • aliyun: a cloud certificate
    • custom: a custom certificate
    category String

    The RDS edition of the instance. If you want to create a serverless instance, you must use this value. Valid values:

    • Basic: Basic Edition.
    • HighAvailability: High-availability Edition.
    • AlwaysOn: Cluster Edition.
    • Finance: Enterprise Edition.
    • cluster: MySQL Cluster Edition. (Available since 1.202.0)
    • serverless_basic: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.200.0)
    • serverless_standard: RDS Serverless Basic Edition. This edition is available only for instances that run MySQL and PostgreSQL. (Available since 1.204.0)
    • serverless_ha: RDS Serverless High-availability Edition for SQL Server. (Available since 1.204.0)

    NOTE: zone_id_slave_a and zone_id_slave_b can specify slave zone ids when creating the high-availability or enterprise edition instances. Meanwhile, vswitch_id needs to pass in the corresponding vswitch id to the slave zone by order (If the vswitch_id is not specified, the classic network version will be created). For example, zone_id = "zone-a" and zone_id_slave_a = "zone-c", zone_id_slave_b = "zone-b", then the vswitch_id must be "vsw-zone-a,vsw-zone-c,vsw-zone-b". Of course, you can also choose automatic allocation , for example, zone_id = "zone-a" and zone_id_slave_a = "Auto",zone_id_slave_b = "Auto", then the vswitch_id must be "vsw-zone-a,Auto,Auto". The list contains up to 2 slave zone ids , separated by commas.

    clientCaCert String
    The public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCAEbabled parameter to 1, you must also specify this parameter.
    clientCaEnabled Number
    Specifies whether to enable the public key of the CA that issues client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. Valid values:

    • 1: enables the public key
    • 0: disables the public key
    clientCertRevocationList String
    The CRL that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. If you set the ClientCrlEnabled parameter to 1, you must also specify this parameter.
    clientCrlEnabled Number
    Specifies whether to enable a certificate revocation list (CRL) that contains revoked client certificates. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • 1: enables the CRL
    • 0: disables the CRL
    connectionString String
    RDS database connection string.
    connectionStringPrefix String

    The private connection string prefix. If you want to update public connection string prefix, please use resource alicloud.rds.Connection connection_prefix.

    NOTE: The prefix must be 8 to 64 characters in length and can contain letters, digits, and hyphens (-). It cannot contain Chinese characters and special characters ~!#%^&*=+|{};:'",<>/?

    createTime String
    (Available since 1.204.1) The creation time of db instance.
    dbInstanceIpArrayAttribute String

    The attribute of the IP address whitelist. By default, this parameter is empty.

    NOTE: The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).

    dbInstanceIpArrayName String

    The name of the IP address whitelist. Default value: Default.

    NOTE: A maximum of 200 IP address whitelists can be configured for each instance.

    dbInstanceStorageType String
    The storage type of the instance. Serverless instance, only cloud_essd can be selected. Valid values:

    • local_ssd: specifies to use local SSDs. This value is recommended.
    • cloud_ssd: specifies to use standard SSDs.
    • cloud_essd: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd2: specifies to use enhanced SSDs (ESSDs).
    • cloud_essd3: specifies to use enhanced SSDs (ESSDs).
    • general_essd: general essd.
    dbInstanceType String
    (Available since 1.197.0) The type of db instance.
    dbIsIgnoreCase Boolean
    Specifies whether table names on the instance are case-sensitive. Valid values: true, false.
    dbParamGroupId String
    Parameter template ID. Only MySQL and PostgreSQL support this parameter. If this parameter is not specified, the default parameter template is used. You can also customize a parameter template and use it here.
    dbTimeZone String

    The time zone of the instance. This parameter takes effect only when you set the Engine parameter to MySQL or PostgreSQL.

    • If you set the Engine parameter to MySQL.
    • This time zone of the instance is in UTC. Valid values: -12:59 to +13:00.
    • You can specify this parameter when the instance is equipped with local SSDs. For example, you can specify the time zone to Asia/Hong_Kong. For more information about time zones, see Time zones.
    • If you set the Engine parameter to PostgreSQL.
    • This time zone of the instance is not in UTC. For more information about time zones, see Time zones.
    • You can specify this parameter only when the instance is equipped with standard SSDs or ESSDs.

    NOTE: You can specify the time zone when you create a primary instance. You cannot specify the time zone when you create a read-only instance. Read-only instances inherit the time zone of their primary instance. If you do not specify this parameter, the system assigns the default time zone of the region where the instance resides.

    deletionProtection Boolean

    The switch of delete protection. Valid values:

    • true: delete protect.
    • false: no delete protect.

    NOTE: deletion_protection is valid only when attribute instance_charge_type is set to Postpaid or Serverless, supported engine type: MySQL, PostgreSQL, MariaDB, MSSQL.

    direction String
    The instance configuration type. Valid values: ["Up", "Down", "TempUpgrade", "Serverless"]
    effectiveTime String
    The method to update the engine version and change. Default value: Immediate. Valid values:

    • Immediate: The change immediately takes effect.
    • MaintainTime: The change takes effect during the specified maintenance window. For more information, see ModifyDBInstanceMaintainTime.
    encryptionKey String
    The key id of the KMS. Used for encrypting a disk if not null. Only for PostgreSQL, MySQL and SQLServer.
    engine String

    Database type. Value options: MySQL, SQLServer, PostgreSQL, MariaDB.

    NOTE: When the 'engine_version' changes, it can be used as the target database version for the large version upgrade of RDS for MySQL instance.

    engineVersion String
    Database version. Value options can refer to the latest docs CreateDBInstance EngineVersion.

    • MySQL: [ 5.5、5.6、5.7、8.0 ]
    • SQLServer: [ 2008r2、08r2_ent_ha、2012、2012_ent_ha、2012_std_ha、2012_web、2014_std_ha、2016_ent_ha、2016_std_ha、2016_web、2017_std_ha、2017_ent、2019_std_ha、2019_ent ]
    • PostgreSQL: [ 10.0、11.0、12.0、13.0、14.0、15.0 ]
    • MariaDB: [ 10.3 ]
    • Serverless
    • MySQL: [ 5.7、8.0 ]
    • SQLServer: [ 2016_std_sl、2017_std_sl、2019_std_sl ]
    • PostgreSQL: [ 14.0 ]
    • MariaDB does not support creating serverless instances.
    force String
    Specifies whether to enable forcible switching. Valid values:

    • Yes
    • No
    forceRestart Boolean
    Set it to true to make some parameter efficient when modifying them. Default to false.
    freshWhiteListReadins String
    The read-only instances to which you want to synchronize the IP address whitelist.

    • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
    • If the instance is not attached with a read-only instance, this parameter is empty.
    haConfig String

    The primary/secondary switchover mode of the instance. Default value: Auto. Valid values:

    • Auto: The system automatically switches over services from the primary to secondary instances in the event of a fault.
    • Manual: You must manually switch over services from the primary to secondary instances in the event of a fault.

    NOTE: If you set this parameter to Manual, you must specify the ManualHATime parameter.

    instanceChargeType String
    Valid values are Prepaid, Postpaid, Serverless, Default to Postpaid. Currently, the resource only supports PostPaid to PrePaid. For more information, see Overview.
    instanceName String
    The name of DB instance. It a string of 2 to 256 characters.
    instanceStorage Number
    User-defined DB instance storage space. Value range:

    • [5, 2000] for MySQL/PostgreSQL HA dual node edition;
    • [20,1000] for MySQL 5.7 basic single node edition;
    • [10, 2000] for SQL Server 2008R2;
    • [20,2000] for SQL Server 2012 basic single node edition Increase progressively at a rate of 5 GB. For details, see Instance type table. Note: There is extra 5 GB storage for SQL Server Instance, and it is not in specified instance_storage.
    instanceType String

    DB Instance type. For details, see Instance type table.

    • To create a serverless instance, please pass the following values:
    • MySQL basic: mysql.n2.serverless.1c
    • MySQL high availability: mysql.n2.serverless.2c
    • SQLServer high availability: mssql.mem2.serverless.s2
    • PostgreSQL basic: pg.n2.serverless.1c

    NOTE: When storage_auto_scale="Enable", do not perform instance_storage check. when storage_auto_scale="Disable", if the instance itself instance_storagehas changed. You need to manually revise the instance_storage in the template value. When payment_type="Serverless" and when modifying, do not perform instance_storage check. Otherwise, check.

    maintainTime String
    Maintainable time period format of the instance: HH:MMZ-HH:MMZ (UTC time)
    manualHaTime String

    The time after when you want to enable automatic primary/secondary switchover. At most, you can set this parameter to 23:59:59 seven days later. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

    NOTE: This parameter only takes effect when the HAConfig parameter is set to Manual.

    modifyMode String
    The method that is used to modify the IP address whitelist. Default value: Cover. Valid values:

    • Cover: Use the value of the SecurityIps parameter to overwrite the existing entries in the IP address whitelist.
    • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
    • Delete: Delete IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.
    monitoringPeriod Number
    The monitoring frequency in seconds. Valid values are 5, 10, 60, 300. Defaults to 300.
    nodeId String
    The globally unique identifier (GUID) of the secondary instance. You can call the DescribeDBInstanceHAConfig operation to query the GUID of the secondary instance.
    parameters List<Property Map>
    Set of parameters needs to be set after DB instance was launched. Available parameters can refer to the latest docs View database parameter templates . See parameters below.
    period Number

    The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36.

    NOTE: The attribute period is only used to create Subscription instance or modify the PayAsYouGo instance to Subscription. Once effect, it will not be modified that means running pulumi up will not effect the resource.

    pgHbaConfs List<Property Map>
    The configuration of AD domain . See pg_hba_conf below.
    port String
    The private port of the database service. If you want to update public port, please use resource alicloud.rds.Connection port.
    privateIpAddress String
    The private IP address of the instance. The private IP address must be within the Classless Inter-Domain Routing (CIDR) block of the vSwitch that is specified by the VSwitchId parameter.
    releasedKeepPolicy String

    The policy based on which ApsaraDB RDS retains archived backup files after the instance is released. Valid values:

    • None: No archived backup files are retained.
    • Lastest: Only the last archived backup file is retained.
    • All: All the archived backup files are retained.

    NOTE: This parameter is supported only when the instance runs the MySQL database engine.

    replicationAcl String
    The method that is used to verify the replication permission. This parameter is supported only when the instance runs PostgreSQL with standard or enhanced SSDs. In addition, this parameter is available only when the public key of the CA that issues client certificates is enabled. Valid values:

    • cert
    • perfer
    • verify-ca
    • verify-full (supported only when the instance runs PostgreSQL 12 or later)
    resourceGroupId String
    The ID of resource group which the DB instance belongs.
    roleArn String

    The Alibaba Cloud Resource Name (ARN) of the RAM role.

    NOTE: This parameter is not required when you create an instance that runs MySQL, PostgreSQL, or SQL Server. You need to only specify the RoleARN parameter to create an instance that has cloud disk encryption enabled by using the obtained key ID. You can configure RAM authorization to require a RAM user to enable cloud disk encryption when the RAM user is used to create an instance. If cloud disk encryption is disabled during the instance creation, the creation operation fails. To complete the configuration, you can attach the following policy to the RAM user: {"Version":"1","Statement":[{"Effect":"Deny","Action":"rds:CreateDBInstance","Resource":"*","Condition":{"StringEquals":{"rds:DiskEncryptionRequired":"false"}}}]}

    securityGroupId String
    It has been deprecated from 1.69.0 and use security_group_ids instead.

    Deprecated: Attribute security_group_id has been deprecated from 1.69.0 and use security_group_ids instead.

    securityGroupIds List<String>
    , Available since 1.69.0) The list IDs to join ECS Security Group. At most supports three security groups.
    securityIpMode String
    Valid values are normal, safety, Default to normal. support safety switch to high security access mode.
    securityIpType String
    The type of IP address in the IP address whitelist.
    securityIps List<String>
    List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]).
    serverCert String
    The content of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_cert start support MySQL engine.
    serverKey String
    The private key of the server certificate. This parameter is supported only when the instance runs PostgreSQL or MySQL with standard or enhanced SSDs. If you set the CAType parameter to custom, you must also specify this parameter. NOTE: From version 1.231.0, server_key start support MySQL engine.
    serverlessConfigs List<Property Map>
    The settings of the serverless instance. This parameter is required when you create a serverless instance. This parameter takes effect only when you create an ApsaraDB RDS for Serverless instance. See serverless_config below.
    sqlCollectorConfigValue Number
    The sql collector keep time of the instance. Valid values are 30, 180, 365, 1095, 1825, Default to 30.
    sqlCollectorStatus String
    The sql collector status of the instance. Valid values are Enabled, Disabled, Default to Disabled.
    sslAction String

    Actions performed on SSL functions. Valid values: Open: turn on SSL encryption; Close: turn off SSL encryption; Update: update SSL certificate. See more engine and engineVersion limitation.

    NOTE: The attribute ssl_action will be ignored when setting instance_charge_type = "Serverless" for SQLServer, PostgreSQL or MariaDB.

    sslConnectionString String
    The internal or public endpoint for which the server certificate needs to be created or updated.
    sslStatus String
    Status of the SSL feature. Yes: SSL is turned on; No: SSL is turned off.
    status String
    (Available since 1.204.1) The status of db instance.
    storageAutoScale String

    Automatic storage space expansion switch. Valid values:

    • Enable
    • Disable

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable.

    storageThreshold Number

    The threshold in percentage based on which an automatic storage expansion is triggered. If the available storage reaches the threshold, ApsaraDB RDS increases the storage capacity of the instance. Valid values: [10, 20, 30, 40, 50].

    NOTE: This parameter only takes effect when the StorageAutoScale parameter is set to Enable. The value must be greater than or equal to the total size of the current storage space of the instance.

    storageUpperBound Number

    The upper limit of the total storage space for automatic expansion of the storage space, that is, automatic expansion will not cause the total storage space of the instance to exceed this value. Unit: GB. The value must be ≥0.

    NOTE: Because of data backup and migration, change DB instance type and storage would cost 15~20 minutes. Please make full preparation before changing them.

    switchTime String

    The specific point in time when you want to perform the update. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. It is valid only when target_minor_version is changed. The time must be in UTC.

    NOTE: This parameter takes effect only when you set the UpgradeTime parameter to SpecifyTime.

    tags Map<String>

    A mapping of tags to assign to the resource.

    • Key: It can be up to 64 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It cannot be a null string.
    • Value: It can be up to 128 characters in length. It cannot begin with "aliyun", "acs:", "http://", or "https://". It can be a null string.

    Note: From 1.63.0, the tag key and value are case sensitive. Before that, they are not case sensitive.

    targetMinorVersion String

    The minor engine version to which you want to update the instance. If you do not specify this parameter, the instance is updated to the latest minor engine version. You must specify the minor engine version in one of the following formats:

    • PostgreSQL: rds_postgres_00_. Example: rds_postgres_1200_20200830.
    • MySQL: _. Examples: rds_20200229, xcluster_20200229, and xcluster80_20200229. The following RDS editions are supported:
    • rds: The instance runs RDS Basic or High-availability Edition.
    • xcluster: The instance runs MySQL 5.7 on RDS Enterprise Edition.
    • xcluster80: The instance runs MySQL 8.0 on RDS Enterprise Edition.
    • SQLServer: . Example: 15.0.4073.23.

    NOTE: For more information about minor engine versions, see Release notes of minor AliPG versions, Release notes of minor AliSQL versions, and Release notes of minor engine versions of ApsaraDB RDS for SQL Server.

    tcpConnectionType String
    The availability check method of the instance. Valid values:

    • SHORT: Alibaba Cloud uses short-lived connections to check the availability of the instance.
    • LONG: Alibaba Cloud uses persistent connections to check the availability of the instance.
    tdeStatus String
    The TDE(Transparent Data Encryption) status. After TDE is turned on, it cannot be turned off. See more engine and engineVersion limitation.
    upgradeDbInstanceKernelVersion Boolean
    Whether to upgrade a minor version of the kernel. Valid values:

    • true: upgrade
    • false: not to upgrade

    Deprecated: Attribute upgrade_db_instance_kernel_version has been deprecated from 1.198.0 and use target_minor_version instead.

    upgradeTime String
    The method to update the minor engine version. Default value: Immediate. It is valid only when target_minor_version is changed. Valid values:

    • Immediate: The minor engine version is immediately updated.
    • MaintainTime: The minor engine version is updated during the maintenance window. For more information about how to change the maintenance window, see ModifyDBInstanceMaintainTime.
    • SpecifyTime: The minor engine version is updated at the point in time you specify.
    vpcId String

    The VPC ID of the instance.

    NOTE: This parameter applies only to ApsaraDB RDS for MySQL instances. For more information about Upgrade the major engine version of an ApsaraDB RDS for MySQL instance, see Upgrade the major engine version of an RDS instance in the ApsaraDB RDS console.

    vswitchId String
    The virtual switch ID to launch DB instances in one VPC. If there are multiple vswitches, separate them with commas.
    whitelistNetworkType String

    The network type of the IP address whitelist. Default value: MIX. Valid values:

    • Classic: classic network in enhanced whitelist mode
    • VPC: virtual private cloud (VPC) in enhanced whitelist mode
    • MIX: standard whitelist mode

    NOTE: In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.

    zoneId String
    The Zone to launch the DB instance. From version 1.8.1, it supports multiple zone. If it is a multi-zone and vswitch_id is specified, the vswitch must in the one of them. The multiple zone ID can be retrieved by setting multi to "true" in the data source alicloud.getZones.
    zoneIdSlaveA String
    The region ID of the secondary instance if you create a secondary instance. If you set this parameter to the same value as the ZoneId parameter, the instance is deployed in a single zone. Otherwise, the instance is deployed in multiple zones.
    zoneIdSlaveB String
    RDS MySQL Cluster series instances support creating 1 to 2 secondary nodes at the same time when establishing a new instance. If you have this requirement, you can use this parameter to specify the availability zone for the second secondary node.

    Supporting Types

    InstanceBabelfishConfig, InstanceBabelfishConfigArgs

    BabelfishEnabled string
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    MasterUserPassword string
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    MasterUsername string
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    MigrationMode string
    The migration mode of the instance. Valid values: single-db and multi-db.
    BabelfishEnabled string
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    MasterUserPassword string
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    MasterUsername string
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    MigrationMode string
    The migration mode of the instance. Valid values: single-db and multi-db.
    babelfishEnabled String
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    masterUserPassword String
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    masterUsername String
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    migrationMode String
    The migration mode of the instance. Valid values: single-db and multi-db.
    babelfishEnabled string
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    masterUserPassword string
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    masterUsername string
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    migrationMode string
    The migration mode of the instance. Valid values: single-db and multi-db.
    babelfish_enabled str
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    master_user_password str
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    master_username str
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    migration_mode str
    The migration mode of the instance. Valid values: single-db and multi-db.
    babelfishEnabled String
    specifies whether to enable the Babelfish for the instance. If you set this parameter to true, you enable Babelfish for the instance. If you leave this parameter empty, you disable Babelfish for the instance.
    masterUserPassword String
    The password of the administrator account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. It must be 8 to 32 characters in length. The password can contain any of the following characters:! @ # $ % ^ & * () _ + - =
    masterUsername String
    The name of the administrator account. The name can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. It can be up to 63 characters in length and cannot start with pg.
    migrationMode String
    The migration mode of the instance. Valid values: single-db and multi-db.

    InstanceParameter, InstanceParameterArgs

    Name string
    The parameter name.
    Value string
    The parameter value.
    Name string
    The parameter name.
    Value string
    The parameter value.
    name String
    The parameter name.
    value String
    The parameter value.
    name string
    The parameter name.
    value string
    The parameter value.
    name str
    The parameter name.
    value str
    The parameter value.
    name String
    The parameter name.
    value String
    The parameter value.

    InstancePgHbaConf, InstancePgHbaConfArgs

    Address string
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    Database string
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    Method string
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    PriorityId int
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    Type string

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    User string
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    Mask string
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    Option string
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.
    Address string
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    Database string
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    Method string
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    PriorityId int
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    Type string

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    User string
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    Mask string
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    Option string
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.
    address String
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    database String
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    method String
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    priorityId Integer
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    type String

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    user String
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    mask String
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    option String
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.
    address string
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    database string
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    method string
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    priorityId number
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    type string

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    user string
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    mask string
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    option string
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.
    address str
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    database str
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    method str
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    priority_id int
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    type str

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    user str
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    mask str
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    option str
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.
    address String
    The IP addresses from which the specified users can access the specified databases. If you set this parameter to 0.0.0.0/0, the specified users are allowed to access the specified databases from all IP addresses.
    database String
    The name of the database that the specified users are allowed to access. If you set this parameter to all, the specified users are allowed to access all databases in the instance. If you specify multiple databases, separate the database names with commas (,).
    method String
    The authentication method of Lightweight Directory Access Protocol (LDAP). Valid values: trust, reject, scram-sha-256, md5, password, gss, sspi, ldap, radius, cert, pam.
    priorityId Number
    The priority of an AD domain. If you set this parameter to 0, the AD domain has the highest priority. Valid values: 0 to 10000. This parameter is used to identify each AD domain. When you add an AD domain, the value of the PriorityId parameter of the new AD domain cannot be the same as the value of the PriorityId parameter for any existing AD domain. When you modify or delete an AD domain, you must also modify or delete the value of the PriorityId parameter for this AD domain.
    type String

    The type of connection to the instance. Valid values:

    • host: specifies to verify TCP/IP connections, including SSL connections and non-SSL connections.
    • hostssl: specifies to verify only TCP/IP connections that are established over SSL connections.
    • hostnossl: specifies to verify only TCP/IP connections that are established over non-SSL connections.

    NOTE: You can set this parameter to hostssl only when SSL encryption is enabled for the instance. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance.

    user String
    The user that is allowed to access the instance. If you specify multiple users, separate the usernames with commas (,).
    mask String
    The mask of the instance. If the value of the Address parameter is an IP address, you can use this parameter to specify the mask of the IP address.
    option String
    Optional. The value of this parameter is based on the value of the HbaItem.N.Method parameter. In this topic, LDAP is used as an example. You must configure this parameter. For more information, see Authentication Methods.

    InstanceServerlessConfig, InstanceServerlessConfigArgs

    MaxCapacity double
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    MinCapacity double
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    AutoPause bool
    SwitchForce bool
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.
    MaxCapacity float64
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    MinCapacity float64
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    AutoPause bool
    SwitchForce bool
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.
    maxCapacity Double
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    minCapacity Double
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    autoPause Boolean
    switchForce Boolean
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.
    maxCapacity number
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    minCapacity number
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    autoPause boolean
    switchForce boolean
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.
    max_capacity float
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    min_capacity float
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    auto_pause bool
    switch_force bool
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.
    maxCapacity Number
    The maximum number of RDS Capacity Units (RCUs). The value of this parameter must be greater than or equal to min_capacity and only supports passing integers. Valid values:

    • MySQL: 1~8
    • SQLServer: 2~8
    • PostgreSQL: 1~12
    minCapacity Number
    The minimum number of RCUs. The value of this parameter must be less than or equal to max_capacity. Valid values:

    • MySQL: 0.5~8
    • SQLServer: 2~8 (Supports integers only).
    • PostgreSQL: 0.5~12
    autoPause Boolean
    switchForce Boolean
    Specifies whether to enable the forced scaling feature for the serverless instance. Valid values:

    • true: enables the feature.
    • false: disables the feature. This is the default value.
    • Only MySQL Serverless instances need to set this parameter. After enabling this parameter, there will be a flash break within 1 minute when the instance is forced to expand or shrink. Please use it with caution according to the actual situation.
    • The elastic scaling of an instance RCU usually takes effect immediately, but in some special circumstances (such as during large transaction execution), it is not possible to complete scaling immediately. In this case, this parameter can be enabled to force scaling.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.69.0 published on Monday, Dec 9, 2024 by Pulumi