tb_pulumi.rds

Infrastructural patterns related to AWS’s RDS product.

class tb_pulumi.rds.RdsDatabaseGroup(name: str, project: ThunderbirdPulumiProject, db_name: str, subnets: list[Output], vpc_cidr: str, vpc_id: str, allocated_storage: int = 20, auto_minor_version_upgrade: bool = True, apply_immediately: bool = False, backup_retention_period: int = 7, blue_green_update: bool = False, db_username: str = 'root', enabled_cluster_cloudwatch_logs_exports: list[str] = [], enabled_instance_cloudwatch_logs_exports: list[str] = [], engine: str = 'postgres', engine_version: str = '15.7', exclude_from_project: bool = False, instance_class: str = 'db.t3.micro', internal: bool = True, max_allocated_storage: int = 0, num_instances: int = 1, override_special='!#$%&*()-_=+[]{}<>:?', parameters: list[dict] = None, parameter_group_family: str = 'postgres15', performance_insights_enabled: bool = False, port: int = None, secret_recovery_window_in_days: int = None, sg_cidrs: list[str] = None, skip_final_snapshot: bool = False, storage_type: str = 'gp3', tags: dict = {}, opts: ResourceOptions = None, **kwargs)

Bases: ThunderbirdComponentResource

Pulumi Type: tb:rds:RdsDatabaseGroup

Using RDS, construct a primary database and zero or more read replicas. A Network Load Balancer (NLB) is created to spread load across the read replicas.

Produces the following resources:

• instances - A list of aws.rds.Instances in the group. The zeroth index will always be the primary/writer instance. If there are any replica/reader instances, those will follow.

• key - aws.kms.Key used to encrypt database storage.

• load_balancer - tb_pulumi.ec2.NetworkLoadBalancer routing traffic to the read databases.

• parameter_group - aws.rds.ParameterGroup defining how these databases operate.

• password - pulumi_random.RandomPassword for the database.

• secret - tb_pulumi.secrets.SecretsManagerSecret storing the password within AWS.

• security_group - tb_pulumi.network.SecurityGroupWithRules defining access to the database.

• ssm_param_db_name - aws.ssm.Parameter containing the database name.

• ssm_param_db_write_host - aws.ssm.Parameter containing the write instance’s hostname.

• ssm_param_port - aws.ssm.Parameter containing the database port.

• ssm_param_read_host - aws.ssm.Parameter containing the hostname of the read traffic load balancer.

• subnet_group - aws.rds.SubnetGroup, a logical grouping of subnets in which to build database instances.

Parameters:

• name (str) – A string identifying this set of resources.

• project (tb_pulumi.ThunderbirdPulumiProject) – The ThunderbirdPulumiProject to add these resources to.

• db_name (str) – What to call the name of the database at the schema level.

• subnets (list[pulumi.Output]) – List of subnet Output objects defining the network space to build in.

• vpc_cidr (str) – An IP range to allow incoming traffic from, which is a subset of the IP range allowed by the VPC in which this cluster is built. If you do not specify sg_cidrs, but internal is True, then ingress traffic will be limited to being sourced in this CIDR.

• vpc_id (str) – The ID of the VPC to build in.

• allocated_storage (int, optional) – GB of storage to allot to each instance. AWS may impose different minimum values for this option depending on other storage options. Details are found in AWS RDS documentation. Defaults to 20.

• auto_minor_version_upgrade (bool, optional) – Allow RDS to upgrade the engine as long as it’s only a minor version change, and therefore backward compatible. Defaults to True.

• apply_immediately (bool, optional) – When True, changes to the DB config will be applied right away instead of during the next maintenance window. Depending on the change, this could cause downtime. Defaults to False.

• backup_retention_period (int, optional) – Number of days to keep old backups. Defaults to 7.

• blue_green_update (bool, optional) – When RDS applies updates, it will deploy a new cluster and fail over to it. AWS Reference Defaults to False.

• db_username (str, optional) – The username to use for the root-level administrative user in the database. Defaults to ‘root’.

• enabled_cluster_cloudwatch_logs_exports (list[str], optional) – Any combination of valid log types for a DB instance to export. These include: audit, error, general, slowquery, postgresql. Defaults to [].

• enabled_instance_cloudwatch_logs_exports (list[str], optional) – Any combination of valid log types for a DB cluster to export. For details, see the “EnableCloudwatchLogsExports” section of these docs. Defaults to [].

• engine (str, optional) – The core database engine to use, such as “postgres” or “mysql”. Defaults to ‘postgres’.

• engine_version (str, optional) – The version of the engine to use. This is a specific string that AWS recognizes. You can see a list of those strings by running this command: aws rds describe-db-engine-versions. Defaults to ‘15.7’

• exclude_from_project (bool, optional) – When True , this prevents this component resource from being registered directly with the project. This does not prevent the component resource from being discovered by the project’s flatten function, provided that it is nested within some resource that is not excluded from the project.

• instance_class (str, optional) – One of the database sizes listed in these docs. Defaults to ‘db.t3.micro’.

• internal (bool, optional) – When True, if no sg_cidrs are set, allows ingress only from what vpc_cidr is set to. If False and no sg_cidrs are set, allows ingress from anywhere. Defaults to True.

• max_allocated_storage (int, optional) – Gigabytes of storage which storage autoscaling will refuse to increase beyond. To disable autoscaling, set this to zero. Defaults to 0.

• num_instances (int, optional) – Number of database servers to build. This must be at least 1. This module interprets this number to mean that we should build a primary instance and (num_instances - 1) read replicas. All servers will be built from the same set of options described here. Defaults to 1.

• override_special (str, optional) – The root password is generated using “special characters”. Set this value to a string containing only those special characters that you want included in your otherwise random password. Defaults to ‘!#$%&*()-_=+[]{}<>:?’.

• parameters (list[dict], optional) – A list of dicts describing parameters to override from the defaults set by the parameter_group_family. These dicts should describe one of these. Defaults to None

• parameter_group_family (str, optional) – A special string known to AWS describing the base set of DB parameters to use. These parameters can be overridden with the parameters option. You can get a list of options by running: aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily" Defaults to ‘postgres15’.

• performance_insights_enabled (bool, optional) – Record more detailed monitoring metrics to CloudWatch. Incurs additional costs. Defaults to False.

• port (int, optional) – Specify a non-default listening port. Defaults to None.

• secret_recovery_window_in_days (int, optional) – Number of days to retain the database_url secret after it has been deleted. Set this to zero in testing environments to avoid issues during stack rebuilds. Defaults to None (which causes AWS to default to 7 days).

• sg_cidrs (list[str], optional) – A list of CIDRs from which ingress should be allowed. If this is left to the default value, a sensible default will be selected. If internal is True, this will allow access from the vpc_cidr. Otherwise, traffic will be allowed from anywhere. Defaults to None.

• skip_final_snapshot (bool, optional) – Allow deletion of an RDS instance without performing a final backup. Defaults to False.

• storage_type (str, optional) – Type of storage to provision. Defaults to gp3 but could be set to other values such as io2. For details, see Amazon RDS DB instance storage Defaults to ‘gp3’.

• tags (dict, optional) – Key/value pairs to merge with the default tags which get applied to all resources in this group. Defaults to {}.

• opts (pulumi.ResourceOptions, optional) – Additional pulumi.ResourceOptions to apply to these resources. Defaults to None.

• kwargs – Key/value pairs describing additional arguments to be passed into all RDS Instance declarations. Detail can be found here.

Raises:

ValueError – Raised if no port is supplied, and if a default cannot be found in the lookup table in the constants module.