diff --git a/api/v1/databaseclaim_types.go b/api/v1/databaseclaim_types.go index 6820f088..6e6c235f 100644 --- a/api/v1/databaseclaim_types.go +++ b/api/v1/databaseclaim_types.go @@ -221,8 +221,6 @@ type DatabaseClaimStatus struct { //tracks status of DB migration. if empty, not started. //non empty denotes migration in progress, unless it is S_Completed MigrationState string `json:"migrationState,omitempty"` - // tracks the DB which is migrated and not more operational - OldDB Status `json:"oldDB,omitempty"` } type Status struct { @@ -260,20 +258,16 @@ type Status struct { // This field used when claim is use-existing-db and attempting to migrate to newdb // +optional SourceDataFrom *SourceDataFrom `json:"sourceDataFrom,omitempty"` - - // Time at the process of post migration actions initiated - PostMigrationActionStartedAt *metav1.Time `json:"postMigrationActionStartedAt,omitempty"` } // DbState keeps track of state of the DB. type DbState string const ( - Ready DbState = "ready" - InProgress DbState = "in-progress" - UsingExistingDB DbState = "using-existing-db" - UsingSharedHost DbState = "using-shared-host" - PostMigrationInProgress DbState = "post-migration-in-progress" + Ready DbState = "ready" + InProgress DbState = "in-progress" + UsingExistingDB DbState = "using-existing-db" + UsingSharedHost DbState = "using-shared-host" ) type DatabaseClaimConnectionInfo struct { diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 67a28a81..1c6b8c84 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -169,7 +169,6 @@ func (in *DatabaseClaimStatus) DeepCopyInto(out *DatabaseClaimStatus) { *out = *in in.NewDB.DeepCopyInto(&out.NewDB) in.ActiveDB.DeepCopyInto(&out.ActiveDB) - in.OldDB.DeepCopyInto(&out.OldDB) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseClaimStatus. @@ -404,10 +403,6 @@ func (in *Status) DeepCopyInto(out *Status) { *out = new(SourceDataFrom) (*in).DeepCopyInto(*out) } - if in.PostMigrationActionStartedAt != nil { - in, out := &in.PostMigrationActionStartedAt, &out.PostMigrationActionStartedAt - *out = (*in).DeepCopy() - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Status. diff --git a/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml b/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml index 7160c0b6..44ffcac7 100644 --- a/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml +++ b/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml @@ -276,10 +276,6 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string shape: description: The optional Shape values are arbitrary and help drive instance selection @@ -417,144 +413,6 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string - shape: - description: The optional Shape values are arbitrary and help - drive instance selection - type: string - sourceDataFrom: - description: SourceDataFrom specifies an existing database or - backup to use when initially provisioning the database. if the - dbclaim has already provisioned a database, this field is ignored - This field used when claim is use-existing-db and attempting - to migrate to newdb - properties: - database: - description: Database defines the connection information to - an existing db - properties: - dsn: - description: 'DSN is the connection string used to reach - the postgres database must have protocol specifier at - beginning (example: mysql:// postgres:// )' - type: string - secretRef: - description: 'SecretRef specifies a secret to use for - connecting to the postgresdb (should be master/root) - TODO: document/validate the secret format required' - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - required: - - dsn - type: object - s3: - description: S3 defines the location of a DB backup in an - S3 bucket - properties: - bucket: - type: string - prefix: - description: Prefix is the path prefix of the S3 bucket - within which the backup to restore is located. - type: string - region: - type: string - secretRef: - description: 'SecretRef specifies a secret to use for - connecting to the s3 bucket via AWS client TODO: document/validate - the secret format required' - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - sourceEngine: - description: SourceEngine is the engine used to create - the backup. - type: string - sourceEngineVersion: - description: 'SourceEngineVersion is the version of the - engine used to create the backup. Example: "5.7.30"' - type: string - required: - - bucket - - region - - sourceEngine - - sourceEngineVersion - type: object - type: - description: Type specifies the type of source - type: string - required: - - type - type: object - type: - description: Specifies the type of database to provision. Only - postgres is supported. - type: string - userUpdatedAt: - description: Time the user/password was updated/created - format: date-time - type: string - required: - - connectionInfo - type: object - oldDB: - description: tracks the DB which is migrated and not more operational - properties: - DbState: - description: DbState of the DB. inprogress, "", ready - type: string - connectionInfo: - properties: - databaseName: - type: string - hostName: - type: string - password: - type: string - port: - type: string - sslMode: - type: string - userName: - type: string - type: object - connectionUpdatedAt: - description: Time the connection info was updated/created. - format: date-time - type: string - dbCreateAt: - description: Time the database was created - format: date-time - type: string - dbversion: - description: Version of the provisioned Database - type: string - matchLabel: - description: The name of the label that was successfully matched - against the fragment key names in the db-controller configMap - type: string - minStorageGB: - description: The optional MinStorageGB value requests the minimum - database host storage capacity in GBytes - type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string shape: description: The optional Shape values are arbitrary and help drive instance selection diff --git a/controllers/databaseclaim_controller.go b/controllers/databaseclaim_controller.go index e4866bcc..67004f8d 100644 --- a/controllers/databaseclaim_controller.go +++ b/controllers/databaseclaim_controller.go @@ -80,9 +80,6 @@ const ( // DebugLevel is used to set V level to 1 as suggested by official docs // https://github.com/kubernetes-sigs/controller-runtime/blob/main/TMP-LOGGING.md DebugLevel = 1 - - operationalStatusTagKey string = "operational-status" - operationalStatusInactiveValue string = "inactive" ) type ModeEnum int @@ -111,7 +108,6 @@ const ( M_UseNewDB M_InitiateDBUpgrade M_UpgradeDBInProgress - M_PostMigrationInProgress ) // DatabaseClaimReconciler reconciles a DatabaseClaim object @@ -150,17 +146,6 @@ func (r *DatabaseClaimReconciler) getMode(dbClaim *persistancev1.DatabaseClaim) logr := r.Log.WithValues("databaseclaim", dbClaim.Namespace+"/"+dbClaim.Name, "func", "getMode") //default mode is M_UseNewDB. any non supported combination needs to be identfied and set to M_NotSupported - if dbClaim.Status.OldDB.DbState == persistancev1.PostMigrationInProgress { - if dbClaim.Status.OldDB.ConnectionInfo == nil || dbClaim.Status.ActiveDB.DbState != persistancev1.Ready || - r.Input.SharedDBHost || *dbClaim.Spec.UseExistingSource || dbClaim.Spec.SourceDataFrom != nil { - return M_NotSupported - } - } - - if dbClaim.Status.OldDB.DbState == persistancev1.PostMigrationInProgress && dbClaim.Status.ActiveDB.DbState == persistancev1.Ready { - return M_PostMigrationInProgress - } - if r.Input.SharedDBHost { if dbClaim.Status.ActiveDB.DbState == persistancev1.UsingSharedHost { activeHostParams := hostparams.GetActiveHostParams(dbClaim) @@ -435,64 +420,6 @@ func (r *DatabaseClaimReconciler) updateStatus(ctx context.Context, dbClaim *per } r.Mode = r.getMode(dbClaim) - if r.Mode == M_PostMigrationInProgress { - logr.Info("post migration is in progress") - - if canTag, err := r.canTagResources(ctx, dbClaim); err != nil { - logr.Error(err, "error in checking criteria post migration ") - return r.manageError(ctx, dbClaim, err) - } else if !canTag { - logr.Info("Skipping post migration actions due to DB being used by other entities") - dbClaim.Status.OldDB = persistancev1.Status{} - return r.manageSuccess(ctx, dbClaim) - } - - // get name of DBInstance from connectionInfo - dbInstanceName := strings.Split(dbClaim.Status.OldDB.ConnectionInfo.Host, ".")[0] - - var dbParamGroupName string - // get name of DBParamGroup from connectionInfo - if dbClaim.Status.OldDB.Type == defaultAuroraPostgresStr { - dbParamGroupName = dbInstanceName + "-a-" + (strings.Split(dbClaim.Status.OldDB.DBVersion, "."))[0] - } else { - dbParamGroupName = dbInstanceName + "-" + (strings.Split(dbClaim.Status.OldDB.DBVersion, "."))[0] - } - - TagsVerified, err := r.manageOperationalTagging(ctx, logr, dbInstanceName, dbParamGroupName) - - // Even though we get error in updating tags, we log the error - // and go ahead with deleting resources - if err != nil || TagsVerified { - - if err != nil { - logr.Error(err, "Failed updating or verifying operational tags") - } - - if err = r.deleteCloudDatabase(dbInstanceName, ctx); err != nil { - logr.Error(err, "Could not delete crossplane DBInstance/DBCLluster") - } - if err = r.deleteParameterGroup(ctx, dbParamGroupName); err != nil { - logr.Error(err, "Could not delete crossplane DBParamGroup/DBClusterParamGroup") - } - - dbClaim.Status.OldDB = persistancev1.Status{} - } else if time.Since(dbClaim.Status.OldDB.PostMigrationActionStartedAt.Time).Minutes() > 5 { - // Lets keep the state of old as it is for defined time to wait and verify tags before actually deleting resources - logr.Info("defined wait time is over to verify operational tags on AWS resources. Moving ahead to delete associated crossplane resources anyway") - - if err = r.deleteCloudDatabase(dbInstanceName, ctx); err != nil { - logr.Error(err, "Could not delete crossplane DBInstance/DBCLluster") - } - if err = r.deleteParameterGroup(ctx, dbParamGroupName); err != nil { - logr.Error(err, "Could not delete crossplane DBParamGroup/DBClusterParamGroup") - } - - dbClaim.Status.OldDB = persistancev1.Status{} - } - - return r.manageSuccess(ctx, dbClaim) - - } if r.Mode == M_UseExistingDB { logr.Info("existing db reconcile started") err := r.reconcileUseExistingDB(ctx, dbClaim) @@ -843,12 +770,6 @@ loop: } dbClaim.Status.MigrationState = pgctl.S_Completed.String() - timenow := metav1.Now() - - dbClaim.Status.OldDB = *dbClaim.Status.ActiveDB.DeepCopy() - dbClaim.Status.OldDB.DbState = persistancev1.PostMigrationInProgress - dbClaim.Status.OldDB.PostMigrationActionStartedAt = &timenow - //done with migration- switch active server to newDB dbClaim.Status.ActiveDB = *dbClaim.Status.NewDB.DeepCopy() dbClaim.Status.ActiveDB.DbState = persistancev1.Ready @@ -858,7 +779,6 @@ loop: logr.Error(err, "could not update db claim") return r.manageError(ctx, dbClaim, err) } - err = r.deleteTempSecret(ctx, dbClaim) if err != nil { logr.Error(err, "ignoring delete temp secret error") @@ -869,218 +789,6 @@ loop: return r.manageSuccess(ctx, dbClaim) } -func (r *DatabaseClaimReconciler) operationalTaggingForDbParamGroup(ctx context.Context, logr logr.Logger, dbParamGroupName string) { - dbParameterGroup := &crossplanerds.DBParameterGroup{} - - err := r.Client.Get(ctx, client.ObjectKey{ - Name: dbParamGroupName, - }, dbParameterGroup) - - if err != nil { - if errors.IsNotFound(err) { - return // nothing to delete - } - logr.Error(err, "Error getting crossplane db param group for old DB ") - } else { - operationalTagForProviderPresent := false - for _, tag := range dbParameterGroup.Spec.ForProvider.Tags { - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - operationalTagForProviderPresent = true - } - } - if !operationalTagForProviderPresent { - patchDBParameterGroup := client.MergeFrom(dbParameterGroup.DeepCopy()) - - operationalTagKey := operationalStatusTagKey - operationalValue := operationalStatusInactiveValue - - dbParameterGroup.Spec.ForProvider.Tags = append(dbParameterGroup.Spec.ForProvider.Tags, &crossplanerds.Tag{ - Key: &operationalTagKey, - Value: &operationalValue, - }) - - err := r.Client.Patch(ctx, dbParameterGroup, patchDBParameterGroup) - if err != nil { - logr.Error(err, "Error updating operational tags for crossplane db param group ") - } - } - } -} - -func (r *DatabaseClaimReconciler) operationalTaggingForDbClusterParamGroup(ctx context.Context, logr logr.Logger, dbParamGroupName string) { - dbClusterParamGroup := &crossplanerds.DBClusterParameterGroup{} - - err := r.Client.Get(ctx, client.ObjectKey{ - Name: dbParamGroupName, - }, dbClusterParamGroup) - - if err != nil { - if errors.IsNotFound(err) { - return // nothing to delete - } - logr.Error(err, "Error getting crossplane db cluster param group for old DB ") - } else { - operationalTagForProviderPresent := false - for _, tag := range dbClusterParamGroup.Spec.ForProvider.Tags { - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - operationalTagForProviderPresent = true - } - } - if !operationalTagForProviderPresent { - patchDBClusterParameterGroup := client.MergeFrom(dbClusterParamGroup.DeepCopy()) - - operationalTagKey := operationalStatusTagKey - operationalValue := operationalStatusInactiveValue - - dbClusterParamGroup.Spec.ForProvider.Tags = append(dbClusterParamGroup.Spec.ForProvider.Tags, &crossplanerds.Tag{ - Key: &operationalTagKey, - Value: &operationalValue, - }) - - err := r.Client.Patch(ctx, dbClusterParamGroup, patchDBClusterParameterGroup) - if err != nil { - logr.Error(err, "Error updating operational tags for crossplane db cluster param group ") - } - } - } - -} - -func (r *DatabaseClaimReconciler) operationalTaggingForDbCluster(ctx context.Context, logr logr.Logger, dbHostName string) { - dbCluster := &crossplanerds.DBCluster{} - - err := r.Client.Get(ctx, client.ObjectKey{ - Name: dbHostName, - }, dbCluster) - - if err != nil { - if errors.IsNotFound(err) { - return // nothing to delete - } - logr.Error(err, "Error getting crossplane DBCluster for old DB") - } else { - operationalTagForProviderPresent := false - for _, tag := range dbCluster.Spec.ForProvider.Tags { - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - operationalTagForProviderPresent = true - } - } - if !operationalTagForProviderPresent { - patchDBClusterParameterGroup := client.MergeFrom(dbCluster.DeepCopy()) - - operationalTagKey := operationalStatusTagKey - operationalValue := operationalStatusInactiveValue - - dbCluster.Spec.ForProvider.Tags = append(dbCluster.Spec.ForProvider.Tags, &crossplanerds.Tag{ - Key: &operationalTagKey, - Value: &operationalValue, - }) - - err := r.Client.Patch(ctx, dbCluster, patchDBClusterParameterGroup) - if err != nil { - logr.Error(err, "Error updating operational tags for crossplane db cluster ") - } - } - } - -} - -func (r *DatabaseClaimReconciler) operationalTaggingForDbInstance(ctx context.Context, logr logr.Logger, dbHostName string) (bool, error) { - - dbInstance := &crossplanerds.DBInstance{} - - err := r.Client.Get(ctx, client.ObjectKey{ - Name: dbHostName, - }, dbInstance) - - if err != nil { - logr.Error(err, "Error getting crossplane dbInstance for old DB") - return false, err - } else { - operationalTagForProviderPresent := false - operationalTagAtProviderPresent := false - // Checking whether tags are already requested - for _, tag := range dbInstance.Spec.ForProvider.Tags { - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - operationalTagForProviderPresent = true - } - } - // checking whether tags have got updated on AWS (This will be done by chekcing tags at AtProvider) - for _, tag := range dbInstance.Status.AtProvider.TagList { - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - operationalTagAtProviderPresent = true - } - } - - if !operationalTagForProviderPresent { - patchDBInstance := client.MergeFrom(dbInstance.DeepCopy()) - - operationalTagKey := operationalStatusTagKey - operationalValue := operationalStatusInactiveValue - - dbInstance.Spec.ForProvider.Tags = append(dbInstance.Spec.ForProvider.Tags, &crossplanerds.Tag{ - Key: &operationalTagKey, - Value: &operationalValue, - }) - - err := r.Client.Patch(ctx, dbInstance, patchDBInstance) - if err != nil { - logr.Error(err, "Error patching crossplane dbInstance for old DB to add operational tags") - return false, err - } - } else if operationalTagForProviderPresent && !operationalTagAtProviderPresent { - logr.Info("could not find operational tags of DBInstance on AWS. These are already requested. Needs to requeue") - return false, nil - } else { - logr.Info("operational tags of DBInstance on AWS found") - return true, nil - } - - } - return false, nil -} - -// manageOperationalTagging: Will update operational tags on old DBInstance, DBCluster, DBClusterParamGroup and DBParamGroup. -// It does not return error for DBCluster, DBClusterParamGroup and DBParamGroup if they fail to update tags. Such error is only logged, but not returned. -// In case of successful updation, It does not to verify whether those tags got updated. -// -// Unlike other resources, -// It returns error just for DBinstance failling to update tags. -// It also verifies whether DBinstance got updated with the tag, and return the signal as boolean. -// -// true: operational tag is updated and verfied. -// false: operational tag is updated but could not be verified yet. -func (r *DatabaseClaimReconciler) manageOperationalTagging(ctx context.Context, logr logr.Logger, dbInstanceName, dbParamGroupName string) (bool, error) { - - r.operationalTaggingForDbClusterParamGroup(ctx, logr, dbParamGroupName) - r.operationalTaggingForDbParamGroup(ctx, logr, dbParamGroupName) - r.operationalTaggingForDbCluster(ctx, logr, dbInstanceName) - - // unlike other resources above, verifying tags updation and handling errors if any just for "DBInstance" resource - isVerfied, err := r.operationalTaggingForDbInstance(ctx, logr, dbInstanceName) - - if r.getMultiAZEnabled() { - isVerfiedforMultiAZ, errMultiAZ := r.operationalTaggingForDbInstance(ctx, logr, dbInstanceName+"-2") - if err != nil { - return false, err - } else if errMultiAZ != nil { - return false, errMultiAZ - } else if !isVerfied || !isVerfiedforMultiAZ { - return false, nil - } else { - return true, nil - } - - } else { - if err != nil { - return false, err - } else { - return isVerfied, nil - } - } - -} - func (r *DatabaseClaimReconciler) getClientForExistingDB(ctx context.Context, logr logr.Logger, dbClaim *persistancev1.DatabaseClaim, connInfo *persistancev1.DatabaseClaimConnectionInfo) (dbclient.Client, error) { @@ -1175,22 +883,6 @@ func (r *DatabaseClaimReconciler) getReclaimPolicy(fragmentKey string) string { } } -func (r *DatabaseClaimReconciler) canTagResources(ctx context.Context, dbClaim *persistancev1.DatabaseClaim) (bool, error) { - - if dbClaim.Spec.InstanceLabel == "" { - return true, nil - } - var dbClaimList persistancev1.DatabaseClaimList - if err := r.List(ctx, &dbClaimList, client.MatchingFields{instanceLableKey: dbClaim.Spec.InstanceLabel}); err != nil { - return false, err - } - - if len(dbClaimList.Items) == 1 { - return true, nil - } - return false, nil -} - func (r *DatabaseClaimReconciler) deleteExternalResources(ctx context.Context, dbClaim *persistancev1.DatabaseClaim) error { // delete any external resources associated with the dbClaim // Only RDS Instance are managed for now @@ -2617,8 +2309,6 @@ func (r *DatabaseClaimReconciler) manageSuccess(ctx context.Context, dbClaim *pe //if object is getting deleted then call requeue immediately if !dbClaim.ObjectMeta.DeletionTimestamp.IsZero() { return ctrl.Result{Requeue: true}, nil - } else if dbClaim.Status.OldDB.DbState == persistancev1.PostMigrationInProgress { - return ctrl.Result{RequeueAfter: time.Minute}, nil } else { return ctrl.Result{RequeueAfter: r.getPasswordRotationTime()}, nil } diff --git a/controllers/databaseclaim_controller_integ_test.go b/controllers/databaseclaim_controller_integ_test.go index 1b3d1200..31aa8c95 100644 --- a/controllers/databaseclaim_controller_integ_test.go +++ b/controllers/databaseclaim_controller_integ_test.go @@ -2,16 +2,10 @@ package controllers import ( "context" - "fmt" - crossplanerds "github.com/crossplane-contrib/provider-aws/apis/rds/v1alpha1" - "github.com/go-logr/logr" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/spf13/viper" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" persistancev1 "github.com/infobloxopen/db-controller/api/v1" ) @@ -49,431 +43,3 @@ var _ = Describe("db-controller", func() { }) }) }) - -var _ = Describe("manageOperationalTagging", Ordered, func() { - - // define and create objects in the test cluster - - dbCluster := &crossplanerds.DBCluster{} - dbClusterParam := &crossplanerds.DBClusterParameterGroup{} - dbParam := &crossplanerds.DBParameterGroup{} - dnInstance1 := &crossplanerds.DBInstance{} - dnInstance2 := &crossplanerds.DBInstance{} - dnInstance3 := &crossplanerds.DBInstance{} - - BeforeAll(func() { - By("Creating objects beforehand of DBClsuerParameterGroup, DBCluser, DBParameterGroup and DBInstance") - testString := "test" - ctx := context.Background() - dbCluster = &crossplanerds.DBCluster{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBCluster", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "db", - Namespace: "default", - }, - Spec: crossplanerds.DBClusterSpec{ - ForProvider: crossplanerds.DBClusterParameters{ - Engine: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dbCluster)).Should(Succeed()) - ctx = context.Background() - dbClusterParam = &crossplanerds.DBClusterParameterGroup{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBClusterParameterGroup", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbparam", - Namespace: "default", - }, - Spec: crossplanerds.DBClusterParameterGroupSpec{ - ForProvider: crossplanerds.DBClusterParameterGroupParameters{ - Description: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dbClusterParam)).Should(Succeed()) - - dbParam = &crossplanerds.DBParameterGroup{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBParameterGroup", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbparam", - Namespace: "default", - }, - Spec: crossplanerds.DBParameterGroupSpec{ - ForProvider: crossplanerds.DBParameterGroupParameters{ - Description: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dbParam)).Should(Succeed()) - - ctx = context.Background() - dnInstance1 = &crossplanerds.DBInstance{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBInstance", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "db", - Namespace: "default", - }, - Spec: crossplanerds.DBInstanceSpec{ - ForProvider: crossplanerds.DBInstanceParameters{ - Engine: &testString, - DBInstanceClass: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dnInstance1)).Should(Succeed()) - - ctx = context.Background() - dnInstance2 = &crossplanerds.DBInstance{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBInstance", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "db-2", - Namespace: "default", - }, - Spec: crossplanerds.DBInstanceSpec{ - ForProvider: crossplanerds.DBInstanceParameters{ - Engine: &testString, - DBInstanceClass: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dnInstance2)).Should(Succeed()) - - ctx = context.Background() - dnInstance3 = &crossplanerds.DBInstance{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "rds.aws.crossplane.io/v1alpha1", - Kind: "DBInstance", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "db3", - Namespace: "default", - }, - Spec: crossplanerds.DBInstanceSpec{ - ForProvider: crossplanerds.DBInstanceParameters{ - Engine: &testString, - DBInstanceClass: &testString, - }, - }, - } - Expect(k8sClient.Create(ctx, dnInstance3)).Should(Succeed()) - }) - - Context("Now, try adding tags to resources which does not exists, while multiAZ is enabled", func() { - It("Should not add tags to any other already existing resources", func() { - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - mockReconciler.Config = viper.New() - mockReconciler.Config.Set("dbMultiAZEnabled", true) - // providing names of non-existing resources below - check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "dbb", "dbparamm") - Expect(err).Should(HaveOccurred()) // This should create error - Expect(check).To(BeFalse()) - - By("Lets get all objects again to check whether tags have not been added to any resource, as we provied wrong names above") - - dbCluster = &crossplanerds.DBCluster{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dbCluster)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbCluster.Spec.ForProvider.Tags)).To(Equal(false)) - - dbClusterParam = &crossplanerds.DBClusterParameterGroup{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "dbparam", - }, dbClusterParam)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbClusterParam.Spec.ForProvider.Tags)).To(Equal(false)) - - dbParam = &crossplanerds.DBParameterGroup{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "dbparam", - }, dbParam)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbParam.Spec.ForProvider.Tags)).To(Equal(false)) - - dnInstance1 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dnInstance1)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(false)) - - dnInstance2 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db-2", - }, dnInstance2)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(false)) - - dnInstance3 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db3", - }, dnInstance3)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) - }) - }) - - Context("Now, try Adding tags to resources, with multiAZ disabled", func() { - It("Should add tags to all valid resources. Should skip instance-2 as multiAZ is disabled", func() { - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - mockReconciler.Config = viper.New() - mockReconciler.Config.Set("dbMultiAZEnabled", false) - check, err := mockReconciler.manageOperationalTagging(context.Background(), logr.Logger{}, "db", "dbparam") - Expect(err).ShouldNot(HaveOccurred()) - Expect(check).To(BeFalse()) - - By("Lets get all objects again to check whether tags can be found at .spec.ForProvider") - - dbCluster = &crossplanerds.DBCluster{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dbCluster)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbCluster.Spec.ForProvider.Tags)).To(Equal(true)) - - dbClusterParam = &crossplanerds.DBClusterParameterGroup{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "dbparam", - }, dbClusterParam)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbClusterParam.Spec.ForProvider.Tags)).To(Equal(true)) - - dbParam = &crossplanerds.DBParameterGroup{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "dbparam", - }, dbParam)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dbParam.Spec.ForProvider.Tags)).To(Equal(true)) - - dnInstance1 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dnInstance1)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(true)) - - // tag should not be found at spec for dbInstance2 as multiAZ is disabled - dnInstance2 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db-2", - }, dnInstance2)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(false)) - - // tag should not be found at spec for dbInstance3 as we had not requested this resource to be tagged - dnInstance3 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db3", - }, dnInstance3)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) - }) - }) - - Context("Adding tags to resources, while multiAZ is enabled", func() { - It("Should add tags to all valid resources if exists. Should NOT skip instance-2 as multiAZ is enabled", func() { - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - mockReconciler.Config = viper.New() - mockReconciler.Config.Set("dbMultiAZEnabled", true) - check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "db", "dbparam") - Expect(err).ShouldNot(HaveOccurred()) - Expect(check).To(BeFalse()) - - By("Lets get all DBinstance objects again to check whether tags can be found at .spec.ForProvider for all instances in multiAZ") - - dnInstance1 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dnInstance1)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(true)) - - // tag should be found at spec for dbInstancw2 as multiAZ is enabled now - dnInstance2 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db-2", - }, dnInstance2)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(true)) - - // tag should not be found at spec for dbInstancr3 as we had not requested this resource to be tagged - dnInstance3 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db3", - }, dnInstance3)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) - }) - }) - - Context("When tags get successfully updated, They are reflected at .status.AtProvider for DBInstance", func() { - It("manageOperationalTagging() Should return true without any error", func() { - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - mockReconciler.Config = viper.New() - mockReconciler.Config.Set("dbMultiAZEnabled", true) - - By("adding tags beforehand to .status.AtProvier.TagList. As in reality, if tags gets successfully added. It will reflect at the said path") - - operationalStatusTagKeyPtr := operationalStatusTagKey - operationalStatusInactiveValuePtr := operationalStatusInactiveValue - ctx := context.Background() - - dnInstance1.Status.AtProvider.TagList = []*crossplanerds.Tag{ - { - Key: &operationalStatusTagKeyPtr, - Value: &operationalStatusInactiveValuePtr, - }, - } - dnInstance2.Status.AtProvider.TagList = []*crossplanerds.Tag{ - { - Key: &operationalStatusTagKeyPtr, - Value: &operationalStatusInactiveValuePtr, - }, - } - - Expect(k8sClient.Status().Update(ctx, dnInstance1)).Should(Succeed()) - Expect(k8sClient.Status().Update(ctx, dnInstance2)).Should(Succeed()) - - check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "db", "dbparam") - Expect(err).ShouldNot(HaveOccurred()) - Expect(check).To(BeTrue()) - - // Lets also check the tags at status - dnInstance1 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db", - }, dnInstance1)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance1.Status.AtProvider.TagList)).To(Equal(true)) - - dnInstance2 = &crossplanerds.DBInstance{} - Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ - Name: "db-2", - }, dnInstance2)).ShouldNot(HaveOccurred()) - Expect(hasOperationalTag(dnInstance2.Status.AtProvider.TagList)).To(Equal(true)) - - }) - }) - -}) - -func hasOperationalTag(tags []*crossplanerds.Tag) bool { - - for _, tag := range tags { - fmt.Println("==") - - fmt.Println(tag) - if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { - return true - } - } - return false - -} - -var _ = Describe("canTagResources", Ordered, func() { - - // Creating resources required to do tests beforehand - BeforeAll(func() { - ctx := context.Background() - dbClaim := &persistancev1.DatabaseClaim{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "persistance.atlas.infoblox.com/v1", - Kind: "DatabaseClaim", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbclaim", - Namespace: "default", - }, - Spec: persistancev1.DatabaseClaimSpec{ - AppID: "sample-app", - DatabaseName: "sample_app", - InstanceLabel: "sample-connection-3", - SecretName: "sample-secret", - Username: "sample_user", - }, - } - Expect(k8sClient.Create(ctx, dbClaim)).Should(Succeed()) - ctx2 := context.Background() - dbClaim2 := &persistancev1.DatabaseClaim{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "persistance.atlas.infoblox.com/v1", - Kind: "DatabaseClaim", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbclaim-2", - Namespace: "default", - }, - Spec: persistancev1.DatabaseClaimSpec{ - AppID: "sample-app", - DatabaseName: "sample_app", - InstanceLabel: "sample-connection-3", - SecretName: "sample-secret", - Username: "sample_user", - }, - } - Expect(k8sClient.Create(ctx2, dbClaim2)).Should(Succeed()) - }) - - Context("Adding tags to DBClaim with empty InstanceLabel", func() { - It("Should permite adding tags", func() { - ctx2 := context.Background() - dbClaim2 := &persistancev1.DatabaseClaim{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "persistance.atlas.infoblox.com/v1", - Kind: "DatabaseClaim", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbclaim-2", - Namespace: "default", - }, - Spec: persistancev1.DatabaseClaimSpec{ - AppID: "sample-app", - DatabaseName: "sample_app", - InstanceLabel: "", - SecretName: "sample-secret", - Username: "sample_user", - }, - } - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - check, err2 := mockReconciler.canTagResources(ctx2, dbClaim2) - Expect(err2).ShouldNot(HaveOccurred()) - Expect(check).To(BeTrue()) - }) - }) - - Context("Adding tags to DBClaim, When There are already more than one DBClaim exists with similar InstanceLabel", func() { - It("Should not permite adding tags", func() { - ctx2 := context.Background() - dbClaim2 := &persistancev1.DatabaseClaim{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "persistance.atlas.infoblox.com/v1", - Kind: "DatabaseClaim", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "dbclaim-2", - Namespace: "default", - }, - Spec: persistancev1.DatabaseClaimSpec{ - AppID: "sample-app", - DatabaseName: "sample_app", - InstanceLabel: "sample-connection-3", - SecretName: "sample-secret", - Username: "sample_user", - }, - } - mockReconciler := &DatabaseClaimReconciler{} - mockReconciler.Client = k8sClient - check, err2 := mockReconciler.canTagResources(ctx2, dbClaim2) - Expect(err2).Should(HaveOccurred()) - Expect(check).To(BeFalse()) - }) - }) - -}) diff --git a/controllers/databaseclaim_controller_test.go b/controllers/databaseclaim_controller_test.go index b39c18aa..80f0f58f 100644 --- a/controllers/databaseclaim_controller_test.go +++ b/controllers/databaseclaim_controller_test.go @@ -1699,203 +1699,6 @@ func TestDatabaseClaimReconciler_getMode(t *testing.T) { }, M_UseNewDB, }, - { - "postMigrationActions-positive", - fields{ - Log: zap.New(zap.UseFlagOptions(&opts)), - Input: &input{ - HostParams: hostparams.HostParams{ - Engine: "aurora-postgres", - Shape: "db.t4g.medium", - MinStorageGB: 20, - EngineVersion: "12.11", - }, - SharedDBHost: false, - }, - }, - - args{ - dbClaim: &persistancev1.DatabaseClaim{ - ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", - Namespace: "unitest"}, - - Spec: persistancev1.DatabaseClaimSpec{ - UseExistingSource: &flse, - }, - Status: persistancev1.DatabaseClaimStatus{ - ActiveDB: persistancev1.Status{ - DbState: persistancev1.Ready, - }, - OldDB: persistancev1.Status{ - DbState: persistancev1.PostMigrationInProgress, - Type: "aurora-postgres", - DBVersion: "13.11", - Shape: "db.t4g.medium", - MinStorageGB: 20, - ConnectionInfo: &persistancev1.DatabaseClaimConnectionInfo{}, - }, - }, - }, - }, - M_PostMigrationInProgress, - }, - { - "postMigrationActions-negative-without-connectionInfo-in-oldDB", - fields{ - Log: zap.New(zap.UseFlagOptions(&opts)), - Input: &input{ - HostParams: hostparams.HostParams{ - Engine: "aurora-postgres", - Shape: "db.t4g.medium", - MinStorageGB: 20, - EngineVersion: "12.11", - }, - SharedDBHost: false, - }, - }, - - args{ - dbClaim: &persistancev1.DatabaseClaim{ - ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", - Namespace: "unitest"}, - - Spec: persistancev1.DatabaseClaimSpec{ - UseExistingSource: &flse, - }, - Status: persistancev1.DatabaseClaimStatus{ - ActiveDB: persistancev1.Status{ - DbState: persistancev1.Ready, - }, - OldDB: persistancev1.Status{ - DbState: persistancev1.PostMigrationInProgress, - Type: "aurora-postgres", - DBVersion: "13.11", - Shape: "db.t4g.medium", - MinStorageGB: 20, - }, - }, - }, - }, - M_NotSupported, - }, - { - "postMigrationActions-negative-wit-userExistingSource", - fields{ - Log: zap.New(zap.UseFlagOptions(&opts)), - Input: &input{ - HostParams: hostparams.HostParams{ - Engine: "aurora-postgres", - Shape: "db.t4g.medium", - MinStorageGB: 20, - EngineVersion: "12.11", - }, - SharedDBHost: false, - }, - }, - - args{ - dbClaim: &persistancev1.DatabaseClaim{ - ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", - Namespace: "unitest"}, - - Spec: persistancev1.DatabaseClaimSpec{ - UseExistingSource: &tru, - }, - Status: persistancev1.DatabaseClaimStatus{ - ActiveDB: persistancev1.Status{ - DbState: persistancev1.Ready, - }, - OldDB: persistancev1.Status{ - DbState: persistancev1.PostMigrationInProgress, - Type: "aurora-postgres", - DBVersion: "13.11", - Shape: "db.t4g.medium", - MinStorageGB: 20, - }, - }, - }, - }, - M_NotSupported, - }, - { - "postMigrationActions-negative-with-sourceData", - fields{ - Log: zap.New(zap.UseFlagOptions(&opts)), - Input: &input{ - HostParams: hostparams.HostParams{ - Engine: "aurora-postgres", - Shape: "db.t4g.medium", - MinStorageGB: 20, - EngineVersion: "12.11", - }, - SharedDBHost: false, - }, - }, - - args{ - dbClaim: &persistancev1.DatabaseClaim{ - ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", - Namespace: "unitest"}, - - Spec: persistancev1.DatabaseClaimSpec{ - UseExistingSource: &flse, - SourceDataFrom: &persistancev1.SourceDataFrom{}, - }, - Status: persistancev1.DatabaseClaimStatus{ - ActiveDB: persistancev1.Status{ - DbState: persistancev1.Ready, - }, - OldDB: persistancev1.Status{ - DbState: persistancev1.PostMigrationInProgress, - Type: "aurora-postgres", - DBVersion: "13.11", - Shape: "db.t4g.medium", - MinStorageGB: 20, - }, - }, - }, - }, - M_NotSupported, - }, - { - "postMigrationActions-negative-with-sharedDB", - fields{ - Log: zap.New(zap.UseFlagOptions(&opts)), - Input: &input{ - HostParams: hostparams.HostParams{ - Engine: "aurora-postgres", - Shape: "db.t4g.medium", - MinStorageGB: 20, - EngineVersion: "12.11", - }, - SharedDBHost: true, - }, - }, - - args{ - dbClaim: &persistancev1.DatabaseClaim{ - ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", - Namespace: "unitest"}, - - Spec: persistancev1.DatabaseClaimSpec{ - UseExistingSource: &flse, - }, - Status: persistancev1.DatabaseClaimStatus{ - ActiveDB: persistancev1.Status{ - DbState: persistancev1.Ready, - }, - OldDB: persistancev1.Status{ - DbState: persistancev1.PostMigrationInProgress, - Type: "aurora-postgres", - DBVersion: "13.11", - Shape: "db.t4g.medium", - MinStorageGB: 20, - }, - }, - }, - }, - M_NotSupported, - }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/controllers/suite_test.go b/controllers/suite_test.go index 6563edfe..a006d595 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -36,8 +36,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" persistancev1 "github.com/infobloxopen/db-controller/api/v1" - - crossplanerds "github.com/crossplane-contrib/provider-aws/apis/rds/v1alpha1" // +kubebuilder:scaffold:imports ) @@ -84,7 +82,7 @@ var _ = BeforeSuite(func() { By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases"), filepath.Join("..", "testutils", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, } var err error @@ -95,9 +93,6 @@ var _ = BeforeSuite(func() { err = persistancev1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) - err = crossplanerds.AddToScheme(scheme.Scheme) - Expect(err).NotTo(HaveOccurred()) - // +kubebuilder:scaffold:scheme k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) diff --git a/go.mod b/go.mod index 5dd6254f..bd19111a 100644 --- a/go.mod +++ b/go.mod @@ -34,7 +34,10 @@ require ( sigs.k8s.io/yaml v1.3.0 ) -require github.com/pmezard/go-difflib v1.0.0 // indirect +require ( + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/stretchr/objx v0.5.0 // indirect +) require ( github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect diff --git a/go.sum b/go.sum index a2d398c1..0d3ae3f2 100644 --- a/go.sum +++ b/go.sum @@ -17,7 +17,6 @@ cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHOb cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= -cloud.google.com/go v0.100.2 h1:t9Iw5QH5v4XtlEQaCtUY7x6sCABps8sW0acw7e2WQ6Y= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -56,6 +55,8 @@ github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEV github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= @@ -110,9 +111,11 @@ github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghf github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -123,14 +126,18 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/continuity v0.4.1 h1:wQnVrjIyQ8vhU2sgOiL5T07jo+ouqc2bnKsv5/EqGhU= github.com/containerd/continuity v0.4.1/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= +github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/crossplane-contrib/provider-aws v0.42.0 h1:8VEgiOX2egHKxE56ZiH9ZNaJHFEU7bhDt6yIzbvDZ34= github.com/crossplane-contrib/provider-aws v0.42.0/go.mod h1:fZETI7E2sOa/1GO4giTS9Ohgk1jwnEPDSwfjNImdy60= github.com/crossplane/crossplane-runtime v0.20.0-rc.0.0.20230320143010-c424c4aca5b0 h1:CeOwmlDuq0MU62YguasLJ1j/W58uW/FVeSlPOvOK5xM= github.com/crossplane/crossplane-runtime v0.20.0-rc.0.0.20230320143010-c424c4aca5b0/go.mod h1:OJQ1NxtQK2ZTRmvtnQPoy8LsXsARTnVydRVDQEgIuz4= +github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -196,6 +203,7 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= +github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -356,6 +364,7 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -365,6 +374,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= @@ -381,6 +391,8 @@ github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrB github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v1.1.7 h1:y2EZDS8sNng4Ksf0GUYNhKbTShZJPJg1FiXJNH/uoCk= github.com/opencontainers/runc v1.1.7/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50= +github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/ory/dockertest/v3 v3.10.0 h1:4K3z2VMe8Woe++invjaTB7VRyQXQy5UY+loujO4aNE4= github.com/ory/dockertest/v3 v3.10.0/go.mod h1:nr57ZbRWMqfsdGdFNLHz5jjNdDb7VVFnzAeW1n5N1Lg= @@ -423,8 +435,11 @@ github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5 github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/sethvargo/go-password v0.2.0 h1:BTDl4CC/gjf/axHMaDQtw507ogrXLci6XRiLc7i/UHI= github.com/sethvargo/go-password v0.2.0/go.mod h1:Ym4Mr9JXLBycr02MFuVQ/0JHidNetSgbzutTr3zsYXE= +github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= @@ -446,6 +461,9 @@ github.com/spf13/viper v1.11.0/go.mod h1:djo0X/bA5+tYVoCn+C7cAYJGcVn/qYLFTG8gdUs github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -453,10 +471,16 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= +github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= +github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= diff --git a/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml b/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml index 7160c0b6..44ffcac7 100644 --- a/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml +++ b/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml @@ -276,10 +276,6 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string shape: description: The optional Shape values are arbitrary and help drive instance selection @@ -417,144 +413,6 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string - shape: - description: The optional Shape values are arbitrary and help - drive instance selection - type: string - sourceDataFrom: - description: SourceDataFrom specifies an existing database or - backup to use when initially provisioning the database. if the - dbclaim has already provisioned a database, this field is ignored - This field used when claim is use-existing-db and attempting - to migrate to newdb - properties: - database: - description: Database defines the connection information to - an existing db - properties: - dsn: - description: 'DSN is the connection string used to reach - the postgres database must have protocol specifier at - beginning (example: mysql:// postgres:// )' - type: string - secretRef: - description: 'SecretRef specifies a secret to use for - connecting to the postgresdb (should be master/root) - TODO: document/validate the secret format required' - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - required: - - dsn - type: object - s3: - description: S3 defines the location of a DB backup in an - S3 bucket - properties: - bucket: - type: string - prefix: - description: Prefix is the path prefix of the S3 bucket - within which the backup to restore is located. - type: string - region: - type: string - secretRef: - description: 'SecretRef specifies a secret to use for - connecting to the s3 bucket via AWS client TODO: document/validate - the secret format required' - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - sourceEngine: - description: SourceEngine is the engine used to create - the backup. - type: string - sourceEngineVersion: - description: 'SourceEngineVersion is the version of the - engine used to create the backup. Example: "5.7.30"' - type: string - required: - - bucket - - region - - sourceEngine - - sourceEngineVersion - type: object - type: - description: Type specifies the type of source - type: string - required: - - type - type: object - type: - description: Specifies the type of database to provision. Only - postgres is supported. - type: string - userUpdatedAt: - description: Time the user/password was updated/created - format: date-time - type: string - required: - - connectionInfo - type: object - oldDB: - description: tracks the DB which is migrated and not more operational - properties: - DbState: - description: DbState of the DB. inprogress, "", ready - type: string - connectionInfo: - properties: - databaseName: - type: string - hostName: - type: string - password: - type: string - port: - type: string - sslMode: - type: string - userName: - type: string - type: object - connectionUpdatedAt: - description: Time the connection info was updated/created. - format: date-time - type: string - dbCreateAt: - description: Time the database was created - format: date-time - type: string - dbversion: - description: Version of the provisioned Database - type: string - matchLabel: - description: The name of the label that was successfully matched - against the fragment key names in the db-controller configMap - type: string - minStorageGB: - description: The optional MinStorageGB value requests the minimum - database host storage capacity in GBytes - type: integer - postMigrationActionStartedAt: - description: Time at the process of post migration actions initiated - format: date-time - type: string shape: description: The optional Shape values are arbitrary and help drive instance selection diff --git a/testutils/crds/DBCluster.yaml b/testutils/crds/DBCluster.yaml deleted file mode 100644 index 7565df74..00000000 --- a/testutils/crds/DBCluster.yaml +++ /dev/null @@ -1,1675 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: "2023-10-03T17:31:23Z" - generation: 1 - name: dbclusters.rds.aws.crossplane.io - ownerReferences: - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: true - kind: ProviderRevision - name: bloxinabox-provider-877b9fccf7ca - uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: false - kind: Provider - name: bloxinabox-provider - uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 - uid: 6408ca27-a149-4f0d-9370-63b3a68a9585 -spec: - conversion: - strategy: None - group: rds.aws.crossplane.io - names: - categories: - - crossplane - - managed - - aws - kind: DBCluster - listKind: DBClusterList - plural: dbclusters - singular: dbcluster - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNCED - type: string - - jsonPath: .metadata.annotations.crossplane\.io/external-name - name: EXTERNAL-NAME - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: DBCluster is the Schema for the DBClusters API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DBClusterSpec defines the desired state of DBCluster - properties: - deletionPolicy: - default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. - enum: - - Orphan - - Delete - type: string - forProvider: - description: DBClusterParameters defines the desired state of DBCluster - properties: - allocatedStorage: - description: "The amount of storage in gibibytes (GiB) to allocate - to each DB instance in the Multi-AZ DB cluster. \n This setting - is required to create a Multi-AZ DB cluster. \n Valid for: Multi-AZ - DB clusters only" - format: int64 - type: integer - allowMajorVersionUpgrade: - description: "A value that indicates whether major version upgrades - are allowed. \n Constraints: You must allow major version upgrades - when specifying a value for the EngineVersion parameter that - is a different major version than the DB cluster's current version. - \n Valid for: Aurora DB clusters only" - type: boolean - applyImmediately: - description: "A value that indicates whether the modifications - in this request and any pending modifications are asynchronously - applied as soon as possible, regardless of the PreferredMaintenanceWindow - setting for the DB cluster. If this parameter is disabled, changes - to the DB cluster are applied during the next maintenance window. - \n The ApplyImmediately parameter only affects the EnableIAMDatabaseAuthentication, - MasterUserPassword values. If the ApplyImmediately parameter - is disabled, then changes to the EnableIAMDatabaseAuthentication, - MasterUserPassword values are applied during the next maintenance - window. All other changes are applied immediately, regardless - of the value of the ApplyImmediately parameter. \n By default, - this parameter is disabled." - type: boolean - autoMinorVersionUpgrade: - description: "A value that indicates whether minor engine upgrades - are applied automatically to the DB cluster during the maintenance - window. By default, minor engine upgrades are applied automatically. - \n Valid for: Multi-AZ DB clusters only" - type: boolean - autogeneratePassword: - description: "AutogeneratePassword indicates whether the controller - should generate a random password for the master user if one - is not provided via MasterUserPasswordSecretRef. \n If a password - is generated, it will be stored as a secret at the location - specified by MasterUserPasswordSecretRef." - type: boolean - availabilityZones: - description: "A list of Availability Zones (AZs) where DB instances - in the DB cluster can be created. \n For information on Amazon - Web Services Regions and Availability Zones, see Choosing the - Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - only" - items: - type: string - type: array - backtrackWindow: - description: "The target backtrack window, in seconds. To disable - backtracking, set this value to 0. \n Default: 0 \n Constraints: - \n * If specified, this value must be set to a number from 0 - to 259,200 (72 hours). \n Valid for: Aurora MySQL DB clusters - only" - format: int64 - type: integer - backupRetentionPeriod: - description: "The number of days for which automated backups are - retained. \n Default: 1 \n Constraints: \n * Must be a value - from 1 to 35 \n Valid for: Aurora DB clusters and Multi-AZ DB - clusters" - format: int64 - type: integer - characterSetName: - description: "A value that indicates that the DB cluster should - be associated with the specified CharacterSet. \n Valid for: - Aurora DB clusters only" - type: string - copyTagsToSnapshot: - description: "A value that indicates whether to copy all tags - from the DB cluster to snapshots of the DB cluster. The default - is not to copy them. \n Valid for: Aurora DB clusters and Multi-AZ - DB clusters" - type: boolean - databaseName: - description: "The name for your database of up to 64 alphanumeric - characters. If you do not provide a name, Amazon RDS doesn't - create a database in the DB cluster you are creating. \n Valid - for: Aurora DB clusters and Multi-AZ DB clusters" - type: string - dbClusterInstanceClass: - description: "The compute and memory capacity of each DB instance - in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not - all DB instance classes are available in all Amazon Web Services - Regions, or for all database engines. \n For the full list of - DB instance classes and availability for your engine, see DB - instance class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) - in the Amazon RDS User Guide. \n This setting is required to - create a Multi-AZ DB cluster. \n Valid for: Multi-AZ DB clusters - only" - type: string - dbClusterParameterGroupName: - description: "The name of the DB cluster parameter group to associate - with this DB cluster. If you do not specify a value, then the - default DB cluster parameter group for the specified DB engine - and version is used. \n Constraints: \n * If supplied, must - match the name of an existing DB cluster parameter group. \n - Valid for: Aurora DB clusters and Multi-AZ DB clusters" - type: string - dbClusterParameterGroupNameRef: - description: DBClusterParameterGroupNameRef is a reference to - a DBClusterParameterGroup used to set DBClusterParameterGroupName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - dbClusterParameterGroupNameSelector: - description: DBClusterParameterGroupNameSelector selects a reference - to a DBClusterParameterGroup used to set DBClusterParameterGroupName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - dbSubnetGroupName: - description: "A DB subnet group to associate with this DB cluster. - \n This setting is required to create a Multi-AZ DB cluster. - \n Constraints: Must match the name of an existing DBSubnetGroup. - Must not be default. \n Example: mydbsubnetgroup \n Valid for: - Aurora DB clusters and Multi-AZ DB clusters" - type: string - dbSubnetGroupNameRef: - description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup - used to set DBSubnetGroupName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - dbSubnetGroupNameSelector: - description: DBSubnetGroupNameSelector selects a reference to - a DBSubnetGroup used to set DBSubnetGroupName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - dbSystemID: - description: Reserved for future use. - type: string - deletionProtection: - description: "A value that indicates whether the DB cluster has - deletion protection enabled. The database can't be deleted when - deletion protection is enabled. By default, deletion protection - isn't enabled. \n Valid for: Aurora DB clusters and Multi-AZ - DB clusters" - type: boolean - destinationRegion: - description: DestinationRegion is used for presigning the request - to a given region. - type: string - domain: - description: "The Active Directory directory ID to create the - DB cluster in. \n For Amazon Aurora DB clusters, Amazon RDS - can use Kerberos authentication to authenticate users that connect - to the DB cluster. \n For more information, see Kerberos authentication - (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - only" - type: string - domainIAMRoleName: - description: "Specify the name of the IAM role to be used when - making API calls to the Directory Service. \n Valid for: Aurora - DB clusters only" - type: string - domainIAMRoleNameRef: - description: DomainIAMRoleNameRef is a reference to an IAMRole - used to set DomainIAMRoleName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - domainIAMRoleNameSelector: - description: DomainIAMRoleNameSelector selects a reference to - an IAMRole used to set DomainIAMRoleName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - enableCloudwatchLogsExports: - description: "The list of log types that need to be enabled for - exporting to CloudWatch Logs. The values in the list depend - on the DB engine being used. \n RDS for MySQL \n Possible values - are error, general, and slowquery. \n RDS for PostgreSQL \n - Possible values are postgresql and upgrade. \n Aurora MySQL - \n Possible values are audit, error, general, and slowquery. - \n Aurora PostgreSQL \n Possible value is postgresql. \n For - more information about exporting CloudWatch Logs for Amazon - RDS, see Publishing Database Logs to Amazon CloudWatch Logs - (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) - in the Amazon RDS User Guide. \n For more information about - exporting CloudWatch Logs for Amazon Aurora, see Publishing - Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - and Multi-AZ DB clusters" - items: - type: string - type: array - enableGlobalWriteForwarding: - description: "A value that indicates whether to enable this DB - cluster to forward write operations to the primary cluster of - an Aurora global database (GlobalCluster). By default, write - operations are not allowed on Aurora DB clusters that are secondary - clusters in an Aurora global database. \n You can set this value - only on Aurora DB clusters that are members of an Aurora global - database. With this parameter enabled, a secondary cluster can - forward writes to the current primary cluster and the resulting - changes are replicated back to this cluster. For the primary - DB cluster of an Aurora global database, this value is used - immediately if the primary is demoted by the FailoverGlobalCluster - API operation, but it does nothing until then. \n Valid for: - Aurora DB clusters only" - type: boolean - enableHTTPEndpoint: - description: "A value that indicates whether to enable the HTTP - endpoint for an Aurora Serverless v1 DB cluster. By default, - the HTTP endpoint is disabled. \n When enabled, the HTTP endpoint - provides a connectionless web service API for running SQL queries - on the Aurora Serverless v1 DB cluster. You can also query your - database from inside the RDS console with the query editor. - \n For more information, see Using the Data API for Aurora Serverless - v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - only" - type: boolean - enableIAMDatabaseAuthentication: - description: "A value that indicates whether to enable mapping - of Amazon Web Services Identity and Access Management (IAM) - accounts to database accounts. By default, mapping isn't enabled. - \n For more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - only" - type: boolean - enablePerformanceInsights: - description: "A value that indicates whether to turn on Performance - Insights for the DB cluster. \n For more information, see Using - Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) - in the Amazon RDS User Guide. \n Valid for: Multi-AZ DB clusters - only" - type: boolean - engine: - description: "The name of the database engine to be used for this - DB cluster. \n Valid Values: \n * aurora (for MySQL 5.6-compatible - Aurora) \n * aurora-mysql (for MySQL 5.7-compatible and MySQL - 8.0-compatible Aurora) \n * aurora-postgresql \n * mysql \n - * postgres \n Valid for: Aurora DB clusters and Multi-AZ DB - clusters" - type: string - engineMode: - description: "The DB engine mode of the DB cluster, either provisioned, - serverless, parallelquery, global, or multimaster. \n The parallelquery - engine mode isn't required for Aurora MySQL version 1.23 and - higher 1.x versions, and version 2.09 and higher 2.x versions. - \n The global engine mode isn't required for Aurora MySQL version - 1.22 and higher 1.x versions, and global engine mode isn't required - for any 2.x versions. \n The multimaster engine mode only applies - for DB clusters created with Aurora MySQL version 5.6.10a. \n - The serverless engine mode only applies for Aurora Serverless - v1 DB clusters. \n For Aurora PostgreSQL, the global engine - mode isn't required, and both the parallelquery and the multimaster - engine modes currently aren't supported. \n Limitations and - requirements apply to some DB engine modes. For more information, - see the following sections in the Amazon Aurora User Guide: - \n * Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) - \n * Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) - \n * Limitations of Parallel Query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations) - \n * Limitations of Aurora Global Databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations) - \n * Limitations of Multi-Master Clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations) - \n Valid for: Aurora DB clusters only" - type: string - engineVersion: - description: "The version number of the database engine to use. - \n To list all of the available engine versions for MySQL 5.6-compatible - Aurora, use the following command: \n aws rds describe-db-engine-versions - --engine aurora --query \"DBEngineVersions[].EngineVersion\" - \n To list all of the available engine versions for MySQL 5.7-compatible - and MySQL 8.0-compatible Aurora, use the following command: - \n aws rds describe-db-engine-versions --engine aurora-mysql - --query \"DBEngineVersions[].EngineVersion\" \n To list all - of the available engine versions for Aurora PostgreSQL, use - the following command: \n aws rds describe-db-engine-versions - --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\" - \n To list all of the available engine versions for RDS for - MySQL, use the following command: \n aws rds describe-db-engine-versions - --engine mysql --query \"DBEngineVersions[].EngineVersion\" - \n To list all of the available engine versions for RDS for - PostgreSQL, use the following command: \n aws rds describe-db-engine-versions - --engine postgres --query \"DBEngineVersions[].EngineVersion\" - \n Aurora MySQL \n For information, see MySQL on Amazon RDS - Versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) - in the Amazon Aurora User Guide. \n Aurora PostgreSQL \n For - information, see Amazon Aurora PostgreSQL releases and engine - versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) - in the Amazon Aurora User Guide. \n MySQL \n For information, - see MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) - in the Amazon RDS User Guide. \n PostgreSQL \n For information, - see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) - in the Amazon RDS User Guide. \n Note: Downgrades are not allowed - by AWS and attempts to set a lower version will be ignored. - \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" - type: string - finalDBSnapshotIdentifier: - description: "The DB cluster snapshot identifier of the new DB - cluster snapshot created when SkipFinalSnapshot is disabled. - \n Specifying this parameter and also skipping the creation - of a final DB cluster snapshot with the SkipFinalShapshot parameter - results in an error. \n Constraints: \n * Must be 1 to 255 letters, - numbers, or hyphens. \n * First character must be a letter \n - * Can't end with a hyphen or contain two consecutive hyphens" - type: string - globalClusterIdentifier: - description: "The global cluster ID of an Aurora cluster that - becomes the primary cluster in the new global database cluster. - \n Valid for: Aurora DB clusters only" - type: string - iops: - description: "The amount of Provisioned IOPS (input/output operations - per second) to be initially allocated for each DB instance in - the Multi-AZ DB cluster. \n For information about valid IOPS - values, see Amazon RDS Provisioned IOPS storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) - in the Amazon RDS User Guide. \n This setting is required to - create a Multi-AZ DB cluster. \n Constraints: Must be a multiple - between .5 and 50 of the storage amount for the DB cluster. - \n Valid for: Multi-AZ DB clusters only" - format: int64 - type: integer - kmsKeyID: - description: "The Amazon Web Services KMS key identifier for an - encrypted DB cluster. \n The Amazon Web Services KMS key identifier - is the key ARN, key ID, alias ARN, or alias name for the KMS - key. To use a KMS key in a different Amazon Web Services account, - specify the key ARN or alias ARN. \n When a KMS key isn't specified - in KmsKeyId: \n * If ReplicationSourceIdentifier identifies - an encrypted source, then Amazon RDS will use the KMS key used - to encrypt the source. Otherwise, Amazon RDS will use your default - KMS key. \n * If the StorageEncrypted parameter is enabled and - ReplicationSourceIdentifier isn't specified, then Amazon RDS - will use your default KMS key. \n There is a default KMS key - for your Amazon Web Services account. Your Amazon Web Services - account has a different default KMS key for each Amazon Web - Services Region. \n If you create a read replica of an encrypted - DB cluster in another Amazon Web Services Region, you must set - KmsKeyId to a KMS key identifier that is valid in the destination - Amazon Web Services Region. This KMS key is used to encrypt - the read replica in that Amazon Web Services Region. \n Valid - for: Aurora DB clusters and Multi-AZ DB clusters" - type: string - kmsKeyIDRef: - description: KMSKeyIDRef is a reference to a KMS Key used to set - KMSKeyID. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - kmsKeyIDSelector: - description: KMSKeyIDSelector selects a reference to a KMS Key - used to set KMSKeyID. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - manageMasterUserPassword: - description: "A value that indicates whether to manage the master - user password with Amazon Web Services Secrets Manager. \n For - more information, see Password management with Amazon Web Services - Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) - in the Amazon RDS User Guide and Password management with Amazon - Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) - in the Amazon Aurora User Guide. \n Constraints: \n * Can't - manage the master user password with Amazon Web Services Secrets - Manager if MasterUserPassword is specified. \n Valid for: Aurora - DB clusters and Multi-AZ DB clusters" - type: boolean - masterUserPasswordSecretRef: - description: "The password for the master database user. This - password can contain any printable ASCII character except \"/\", - \"\"\", or \"@\". \n This parameter will be required in the - following scenarios: - The first cluster for a global Aurora - cluster - Any cluster as long as it doesn't belong to a global - Aurora cluster \n This parameter is required for creation of - a primary cluster. However, it is not required when attaching - a secondary regional cluster to an existing global cluster. - \n Constraints: Must contain from 8 to 41 characters." - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - masterUserSecretKMSKeyID: - description: "The Amazon Web Services KMS key identifier to encrypt - a secret that is automatically generated and managed in Amazon - Web Services Secrets Manager. \n This setting is valid only - if the master user password is managed by RDS in Amazon Web - Services Secrets Manager for the DB cluster. \n The Amazon Web - Services KMS key identifier is the key ARN, key ID, alias ARN, - or alias name for the KMS key. To use a KMS key in a different - Amazon Web Services account, specify the key ARN or alias ARN. - \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager - KMS key is used to encrypt the secret. If the secret is in a - different Amazon Web Services account, then you can't use the - aws/secretsmanager KMS key to encrypt the secret, and you must - use a customer managed KMS key. \n There is a default KMS key - for your Amazon Web Services account. Your Amazon Web Services - account has a different default KMS key for each Amazon Web - Services Region. \n Valid for: Aurora DB clusters and Multi-AZ - DB clusters" - type: string - masterUsername: - description: "The name of the master user for the DB cluster. - \n Constraints: \n * Must be 1 to 16 letters or numbers. \n - * First character must be a letter. \n * Can't be a reserved - word for the chosen database engine. \n Valid for: Aurora DB - clusters and Multi-AZ DB clusters" - type: string - monitoringInterval: - description: "The interval, in seconds, between points when Enhanced - Monitoring metrics are collected for the DB cluster. To turn - off collecting Enhanced Monitoring metrics, specify 0. The default - is 0. \n If MonitoringRoleArn is specified, also set MonitoringInterval - to a value other than 0. \n Valid Values: 0, 1, 5, 10, 15, 30, - 60 \n Valid for: Multi-AZ DB clusters only" - format: int64 - type: integer - monitoringRoleARN: - description: "The Amazon Resource Name (ARN) for the IAM role - that permits RDS to send Enhanced Monitoring metrics to Amazon - CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess. - For information on creating a monitoring role, see Setting up - and enabling Enhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) - in the Amazon RDS User Guide. \n If MonitoringInterval is set - to a value other than 0, supply a MonitoringRoleArn value. \n - Valid for: Multi-AZ DB clusters only" - type: string - networkType: - description: "The network type of the DB cluster. \n Valid values: - \n * IPV4 \n * DUAL \n The network type is determined by the - DBSubnetGroup specified for the DB cluster. A DBSubnetGroup - can support only the IPv4 protocol or the IPv4 and the IPv6 - protocols (DUAL). \n For more information, see Working with - a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) - in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters - only" - type: string - optionGroupName: - description: "A value that indicates that the DB cluster should - be associated with the specified option group. \n DB clusters - are associated with a default option group that can't be modified." - type: string - performanceInsightsKMSKeyID: - description: "The Amazon Web Services KMS key identifier for encryption - of Performance Insights data. \n The Amazon Web Services KMS - key identifier is the key ARN, key ID, alias ARN, or alias name - for the KMS key. \n If you don't specify a value for PerformanceInsightsKMSKeyId, - then Amazon RDS uses your default KMS key. There is a default - KMS key for your Amazon Web Services account. Your Amazon Web - Services account has a different default KMS key for each Amazon - Web Services Region. \n Valid for: Multi-AZ DB clusters only" - type: string - performanceInsightsRetentionPeriod: - description: "The number of days to retain Performance Insights - data. The default is 7 days. The following values are valid: - \n * 7 \n * month * 31, where month is a number of months from - 1-23 \n * 731 \n For example, the following values are valid: - \n * 93 (3 months * 31) \n * 341 (11 months * 31) \n * 589 (19 - months * 31) \n * 731 \n If you specify a retention period such - as 94, which isn't a valid value, RDS issues an error. \n Valid - for: Multi-AZ DB clusters only" - format: int64 - type: integer - port: - description: "The port number on which the instances in the DB - cluster accept connections. \n RDS for MySQL and Aurora MySQL - \n Default: 3306 \n Valid values: 1150-65535 \n RDS for PostgreSQL - and Aurora PostgreSQL \n Default: 5432 \n Valid values: 1150-65535 - \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" - format: int64 - type: integer - preSignedURL: - description: "When you are replicating a DB cluster from one Amazon - Web Services GovCloud (US) Region to another, an URL that contains - a Signature Version 4 signed request for the CreateDBCluster - operation to be called in the source Amazon Web Services Region - where the DB cluster is replicated from. Specify PreSignedUrl - only when you are performing cross-Region replication from an - encrypted DB cluster. \n The presigned URL must be a valid request - for the CreateDBCluster API operation that can run in the source - Amazon Web Services Region that contains the encrypted DB cluster - to copy. \n The presigned URL request must contain the following - parameter values: \n * KmsKeyId - The KMS key identifier for - the KMS key to use to encrypt the copy of the DB cluster in - the destination Amazon Web Services Region. This should refer - to the same KMS key for both the CreateDBCluster operation that - is called in the destination Amazon Web Services Region, and - the operation contained in the presigned URL. \n * DestinationRegion - - The name of the Amazon Web Services Region that Aurora read - replica will be created in. \n * ReplicationSourceIdentifier - - The DB cluster identifier for the encrypted DB cluster to - be copied. This identifier must be in the Amazon Resource Name - (ARN) format for the source Amazon Web Services Region. For - example, if you are copying an encrypted DB cluster from the - us-west-2 Amazon Web Services Region, then your ReplicationSourceIdentifier - would look like Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1. - \n To learn how to generate a Signature Version 4 signed request, - see Authenticating Requests: Using Query Parameters (Amazon - Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) - and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). - \n If you are using an Amazon Web Services SDK tool or the CLI, - you can specify SourceRegion (or --source-region for the CLI) - instead of specifying PreSignedUrl manually. Specifying SourceRegion - autogenerates a presigned URL that is a valid request for the - operation that can run in the source Amazon Web Services Region. - \n Valid for: Aurora DB clusters only" - type: string - preferredBackupWindow: - description: "The daily time range during which automated backups - are created if automated backups are enabled using the BackupRetentionPeriod - parameter. \n The default is a 30-minute window selected at - random from an 8-hour block of time for each Amazon Web Services - Region. To view the time blocks available, see Backup window - (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) - in the Amazon Aurora User Guide. \n Constraints: \n * Must be - in the format hh24:mi-hh24:mi. \n * Must be in Universal Coordinated - Time (UTC). \n * Must not conflict with the preferred maintenance - window. \n * Must be at least 30 minutes. \n Valid for: Aurora - DB clusters and Multi-AZ DB clusters" - type: string - preferredMaintenanceWindow: - description: "The weekly time range during which system maintenance - can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi - \n The default is a 30-minute window selected at random from - an 8-hour block of time for each Amazon Web Services Region, - occurring on a random day of the week. To see the time blocks - available, see Adjusting the Preferred DB Cluster Maintenance - Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) - in the Amazon Aurora User Guide. \n Valid Days: Mon, Tue, Wed, - Thu, Fri, Sat, Sun. \n Constraints: Minimum 30-minute window. - \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" - type: string - publiclyAccessible: - description: "A value that indicates whether the DB cluster is - publicly accessible. \n When the DB cluster is publicly accessible, - its Domain Name System (DNS) endpoint resolves to the private - IP address from within the DB cluster's virtual private cloud - (VPC). It resolves to the public IP address from outside of - the DB cluster's VPC. Access to the DB cluster is ultimately - controlled by the security group it uses. That public access - isn't permitted if the security group assigned to the DB cluster - doesn't permit it. \n When the DB cluster isn't publicly accessible, - it is an internal DB cluster with a DNS name that resolves to - a private IP address. \n Default: The default behavior varies - depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName - isn't specified, and PubliclyAccessible isn't specified, the - following applies: \n * If the default VPC in the target Region - doesn’t have an internet gateway attached to it, the DB cluster - is private. \n * If the default VPC in the target Region has - an internet gateway attached to it, the DB cluster is public. - \n If DBSubnetGroupName is specified, and PubliclyAccessible - isn't specified, the following applies: \n * If the subnets - are part of a VPC that doesn’t have an internet gateway attached - to it, the DB cluster is private. \n * If the subnets are part - of a VPC that has an internet gateway attached to it, the DB - cluster is public. \n Valid for: Multi-AZ DB clusters only" - type: boolean - region: - description: Region is which region the DBCluster will be created. - type: string - replicationSourceIdentifier: - description: "The Amazon Resource Name (ARN) of the source DB - instance or DB cluster if this DB cluster is created as a read - replica. \n Valid for: Aurora DB clusters only" - type: string - restoreFrom: - description: RestoreFrom specifies the details of the backup to - restore when creating a new DBCluster. - properties: - pointInTime: - description: PointInTime specifies the details of the point - in time restore. - properties: - restoreTime: - description: 'RestoreTime is the date and time (UTC) to - restore from. Must be before the latest restorable time - for the DB instance. Can''t be specified if the useLatestRestorableTime - parameter is enabled. Example: 2011-09-07T23:45:00Z' - format: date-time - type: string - restoreType: - description: "The type of restore to be performed. You - can specify one of the following values: \n * full-copy - - The new DB cluster is restored as a full copy of the - source DB cluster. \n * copy-on-write - The new DB cluster - is restored as a clone of the source DB cluster. \n - Constraints: You can't specify copy-on-write if the - engine version of the source DB cluster is earlier than - 1.11. \n If you don't specify a RestoreType value, then - the new DB cluster is restored as a full copy of the - source DB cluster. \n Valid for: Aurora DB clusters - and Multi-AZ DB clusters" - enum: - - full-copy - - copy-on-write - type: string - sourceDBClusterIdentifier: - description: 'SourceDBClusterIdentifier specifies the - identifier of the source DB cluster from which to restore. - Constraints: Must match the identifier of an existing - DB instance.' - type: string - sourceDBInstanceAutomatedBackupsArn: - description: 'SourceDBInstanceAutomatedBackupsArn specifies - the Amazon Resource Name (ARN) of the replicated automated - backups from which to restore. Example: arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE' - type: string - sourceDbiResourceId: - description: SourceDbiResourceID specifies the resource - ID of the source DB instance from which to restore. - type: string - useLatestRestorableTime: - description: UseLatestRestorableTime indicates that the - DB instance is restored from the latest backup Can't - be specified if the restoreTime parameter is provided. - type: boolean - type: object - s3: - description: S3 specifies the details of the S3 backup to - restore from. - properties: - bucketName: - description: BucketName is the name of the S3 bucket containing - the backup to restore. - type: string - ingestionRoleARN: - description: IngestionRoleARN is the IAM role RDS can - assume that will allow it to access the contents of - the S3 bucket. - type: string - prefix: - description: Prefix is the path prefix of the S3 bucket - within which the backup to restore is located. - type: string - sourceEngine: - description: SourceEngine is the engine used to create - the backup. Must be "mysql". - type: string - sourceEngineVersion: - description: 'SourceEngineVersion is the version of the - engine used to create the backup. Example: "5.7.30"' - type: string - required: - - bucketName - - ingestionRoleARN - - sourceEngine - - sourceEngineVersion - type: object - snapshot: - description: Snapshot specifies the details of the snapshot - to restore from. - properties: - snapshotIdentifier: - description: SnapshotIdentifier is the identifier of the - snapshot to restore. - type: string - required: - - snapshotIdentifier - type: object - source: - description: Source is the type of the backup to restore when - creating a new DBCluster or DBInstance. S3, Snapshot and - PointInTime are supported. - enum: - - S3 - - Snapshot - - PointInTime - type: string - required: - - source - type: object - scalingConfiguration: - description: "For DB clusters in serverless DB engine mode, the - scaling properties of the DB cluster. \n Valid for: Aurora DB - clusters only" - properties: - autoPause: - type: boolean - maxCapacity: - format: int64 - type: integer - minCapacity: - format: int64 - type: integer - secondsBeforeTimeout: - format: int64 - type: integer - secondsUntilAutoPause: - format: int64 - type: integer - timeoutAction: - type: string - type: object - serverlessV2ScalingConfiguration: - properties: - maxCapacity: - type: number - minCapacity: - type: number - type: object - skipFinalSnapshot: - description: "A value that indicates whether to skip the creation - of a final DB cluster snapshot before the DB cluster is deleted. - If skip is specified, no DB cluster snapshot is created. If - skip isn't specified, a DB cluster snapshot is created before - the DB cluster is deleted. By default, skip isn't specified, - and the DB cluster snapshot is created. By default, this parameter - is disabled. \n You must specify a FinalDBSnapshotIdentifier - parameter if SkipFinalSnapshot is disabled." - type: boolean - sourceRegion: - description: SourceRegion is the source region where the resource - exists. This is not sent over the wire and is only used for - presigning. This value should always have the same region as - the source ARN. - type: string - storageEncrypted: - description: "A value that indicates whether the DB cluster is - encrypted. \n Valid for: Aurora DB clusters and Multi-AZ DB - clusters" - type: boolean - storageType: - description: "Specifies the storage type to be associated with - the DB cluster. \n This setting is required to create a Multi-AZ - DB cluster. \n Valid values: io1 \n When specified, a value - for the Iops parameter is required. \n Default: io1 \n Valid - for: Multi-AZ DB clusters only" - type: string - tags: - description: "Tags to assign to the DB cluster. \n Valid for: - Aurora DB clusters and Multi-AZ DB clusters" - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - vpcSecurityGroupIDRefs: - description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups - used to set the VPCSecurityGroupIDs. - items: - description: A Reference to a named object. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which - will attempt to resolve the reference only when the - corresponding field is not present. Use 'Always' to - resolve the reference on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - type: array - vpcSecurityGroupIDSelector: - description: VPCSecurityGroupIDSelector selects references to - VPCSecurityGroups used to set the VPCSecurityGroupIDs. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - vpcSecurityGroupIDs: - description: "A list of VPC security groups that the DB cluster - will belong to. \n Valid for: Aurora DB clusters and Multi-AZ - DB clusters" - items: - type: string - type: array - required: - - engine - - region - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - metadata: - description: Metadata is the metadata for connection secret. - properties: - annotations: - additionalProperties: - type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. - type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. - type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string - type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: DBClusterStatus defines the observed state of DBCluster. - properties: - atProvider: - description: DBClusterObservation defines the observed state of DBCluster - properties: - activityStreamKMSKeyID: - description: "The Amazon Web Services KMS key identifier used - for encrypting messages in the database activity stream. \n - The Amazon Web Services KMS key identifier is the key ARN, key - ID, alias ARN, or alias name for the KMS key." - type: string - activityStreamKinesisStreamName: - description: The name of the Amazon Kinesis data stream used for - the database activity stream. - type: string - activityStreamMode: - description: The mode of the database activity stream. Database - events such as a change or access generate an activity stream - event. The database session can handle these events either synchronously - or asynchronously. - type: string - activityStreamStatus: - description: The status of the database activity stream. - type: string - associatedRoles: - description: Provides a list of the Amazon Web Services Identity - and Access Management (IAM) roles that are associated with the - DB cluster. IAM roles that are associated with a DB cluster - grant permission for the DB cluster to access other Amazon Web - Services on your behalf. - items: - properties: - featureName: - type: string - roleARN: - type: string - status: - type: string - type: object - type: array - automaticRestartTime: - description: The time when a stopped DB cluster is restarted automatically. - format: date-time - type: string - backtrackConsumedChangeRecords: - description: The number of change records stored for Backtrack. - format: int64 - type: integer - capacity: - description: "The current capacity of an Aurora Serverless v1 - DB cluster. The capacity is 0 (zero) when the cluster is paused. - \n For more information about Aurora Serverless v1, see Using - Amazon Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) - in the Amazon Aurora User Guide." - format: int64 - type: integer - cloneGroupID: - description: Identifies the clone group to which the DB cluster - is associated. - type: string - clusterCreateTime: - description: Specifies the time when the DB cluster was created, - in Universal Coordinated Time (UTC). - format: date-time - type: string - crossAccountClone: - description: Specifies whether the DB cluster is a clone of a - DB cluster owned by a different Amazon Web Services account. - type: boolean - customEndpoints: - description: Identifies all custom endpoints associated with the - cluster. - items: - type: string - type: array - dbClusterARN: - description: The Amazon Resource Name (ARN) for the DB cluster. - type: string - dbClusterIdentifier: - description: Contains a user-supplied DB cluster identifier. This - identifier is the unique key that identifies a DB cluster. - type: string - dbClusterMembers: - description: Provides the list of instances that make up the DB - cluster. - items: - properties: - dbClusterParameterGroupStatus: - type: string - dbInstanceIdentifier: - type: string - isClusterWriter: - type: boolean - promotionTier: - format: int64 - type: integer - type: object - type: array - dbClusterOptionGroupMemberships: - description: Provides the list of option group memberships for - this DB cluster. - items: - properties: - dbClusterOptionGroupName: - type: string - status: - type: string - type: object - type: array - dbClusterParameterGroup: - description: Specifies the name of the DB cluster parameter group - for the DB cluster. - type: string - dbClusterResourceID: - description: The Amazon Web Services Region-unique, immutable - identifier for the DB cluster. This identifier is found in Amazon - Web Services CloudTrail log entries whenever the KMS key for - the DB cluster is accessed. - type: string - dbSubnetGroup: - description: Specifies information on the subnet group associated - with the DB cluster, including the name, description, and subnets - in the subnet group. - type: string - domainMemberships: - description: The Active Directory Domain membership records associated - with the DB cluster. - items: - properties: - domain: - type: string - fQDN: - type: string - iamRoleName: - type: string - status: - type: string - type: object - type: array - earliestBacktrackTime: - description: The earliest time to which a DB cluster can be backtracked. - format: date-time - type: string - earliestRestorableTime: - description: The earliest time to which a database can be restored - with point-in-time restore. - format: date-time - type: string - enabledCloudwatchLogsExports: - description: "A list of log types that this DB cluster is configured - to export to CloudWatch Logs. \n Log types vary by DB engine. - For information about the log types for each DB engine, see - Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html) - in the Amazon Aurora User Guide." - items: - type: string - type: array - endpoint: - description: Specifies the connection endpoint for the primary - instance of the DB cluster. - type: string - engineVersion: - description: Indicates the database engine version. - type: string - globalWriteForwardingRequested: - description: Specifies whether you have requested to enable write - forwarding for a secondary cluster in an Aurora global database. - Because write forwarding takes time to enable, check the value - of GlobalWriteForwardingStatus to confirm that the request has - completed before using the write forwarding feature for this - cluster. - type: boolean - globalWriteForwardingStatus: - description: Specifies whether a secondary cluster in an Aurora - global database has write forwarding enabled, not enabled, or - is in the process of enabling it. - type: string - hostedZoneID: - description: Specifies the ID that Amazon Route 53 assigns when - you create a hosted zone. - type: string - httpEndpointEnabled: - description: "A value that indicates whether the HTTP endpoint - for an Aurora Serverless v1 DB cluster is enabled. \n When enabled, - the HTTP endpoint provides a connectionless web service API - for running SQL queries on the Aurora Serverless v1 DB cluster. - You can also query your database from inside the RDS console - with the query editor. \n For more information, see Using the - Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) - in the Amazon Aurora User Guide." - type: boolean - iamDatabaseAuthenticationEnabled: - description: A value that indicates whether the mapping of Amazon - Web Services Identity and Access Management (IAM) accounts to - database accounts is enabled. - type: boolean - latestRestorableTime: - description: Specifies the latest time to which a database can - be restored with point-in-time restore. - format: date-time - type: string - masterUserSecret: - description: "Contains the secret managed by RDS in Amazon Web - Services Secrets Manager for the master user password. \n For - more information, see Password management with Amazon Web Services - Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) - in the Amazon RDS User Guide and Password management with Amazon - Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) - in the Amazon Aurora User Guide." - properties: - kmsKeyID: - type: string - secretARN: - type: string - secretStatus: - type: string - type: object - multiAZ: - description: Specifies whether the DB cluster has instances in - multiple Availability Zones. - type: boolean - percentProgress: - description: Specifies the progress of the operation as a percentage. - type: string - performanceInsightsEnabled: - description: "True if Performance Insights is enabled for the - DB cluster, and otherwise false. \n This setting is only for - non-Aurora Multi-AZ DB clusters." - type: boolean - readReplicaIdentifiers: - description: Contains one or more identifiers of the read replicas - associated with this DB cluster. - items: - type: string - type: array - readerEndpoint: - description: "The reader endpoint for the DB cluster. The reader - endpoint for a DB cluster load-balances connections across the - Aurora Replicas that are available in a DB cluster. As clients - request new connections to the reader endpoint, Aurora distributes - the connection requests among the Aurora Replicas in the DB - cluster. This functionality can help balance your read workload - across multiple Aurora Replicas in your DB cluster. \n If a - failover occurs, and the Aurora Replica that you are connected - to is promoted to be the primary instance, your connection is - dropped. To continue sending your read workload to other Aurora - Replicas in the cluster, you can then reconnect to the reader - endpoint." - type: string - scalingConfigurationInfo: - properties: - autoPause: - type: boolean - maxCapacity: - format: int64 - type: integer - minCapacity: - format: int64 - type: integer - secondsBeforeTimeout: - format: int64 - type: integer - secondsUntilAutoPause: - format: int64 - type: integer - timeoutAction: - type: string - type: object - status: - description: Specifies the current state of this DB cluster. - type: string - tagList: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - vpcSecurityGroups: - description: Provides a list of VPC security groups that the DB - cluster belongs to. - items: - properties: - status: - type: string - vpcSecurityGroupID: - type: string - type: object - type: array - type: object - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} \ No newline at end of file diff --git a/testutils/crds/DBClusterParameterGroup.yaml b/testutils/crds/DBClusterParameterGroup.yaml deleted file mode 100644 index a7259504..00000000 --- a/testutils/crds/DBClusterParameterGroup.yaml +++ /dev/null @@ -1,404 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: "2023-10-03T17:31:23Z" - generation: 1 - name: dbclusterparametergroups.rds.aws.crossplane.io - ownerReferences: - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: true - kind: ProviderRevision - name: bloxinabox-provider-877b9fccf7ca - uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: false - kind: Provider - name: bloxinabox-provider - uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 - uid: 6f0deed4-6089-4406-abf8-1e9e4f660732 -spec: - conversion: - strategy: None - group: rds.aws.crossplane.io - names: - categories: - - crossplane - - managed - - aws - kind: DBClusterParameterGroup - listKind: DBClusterParameterGroupList - plural: dbclusterparametergroups - singular: dbclusterparametergroup - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNCED - type: string - - jsonPath: .metadata.annotations.crossplane\.io/external-name - name: EXTERNAL-NAME - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: DBClusterParameterGroup is the Schema for the DBClusterParameterGroups - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DBClusterParameterGroupSpec defines the desired state of - DBClusterParameterGroup - properties: - deletionPolicy: - default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. - enum: - - Orphan - - Delete - type: string - forProvider: - description: DBClusterParameterGroupParameters defines the desired - state of DBClusterParameterGroup - properties: - dbParameterGroupFamily: - description: "The DB cluster parameter group family name. A DB - cluster parameter group can be associated with one and only - one DB cluster parameter group family, and can be applied only - to a DB cluster running a database engine and engine version - compatible with that DB cluster parameter group family. \n Aurora - MySQL \n Example: aurora5.6, aurora-mysql5.7 \n Aurora PostgreSQL - \n Example: aurora-postgresql9.6 \n To list all of the available - parameter group families for a DB engine, use the following - command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" - --engine \n For example, to list all of the available - parameter group families for the Aurora PostgreSQL DB engine, - use the following command: \n aws rds describe-db-engine-versions - --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine - aurora-postgresql \n The output contains duplicates. \n The - following are the valid DB engine values: \n * aurora (for MySQL - 5.6-compatible Aurora) \n * aurora-mysql (for MySQL 5.7-compatible - Aurora) \n * aurora-postgresql \n One of DBParameterGroupFamily - or DBParameterGroupFamilySelector is required." - type: string - dbParameterGroupFamilySelector: - description: "DBParameterGroupFamilySelector determines DBParameterGroupFamily - from the engine and engine version. \n One of DBParameterGroupFamily - or DBParameterGroupFamilySelector is required. \n Will not be - used if DBParameterGroupFamily is already set." - properties: - engine: - description: Engine is the name of the database engine. - type: string - engineVersion: - description: EngineVersion is the version of the database - engine. If it is nil, the default engine version given by - AWS will be used. - type: string - required: - - engine - type: object - description: - description: The description for the DB cluster parameter group. - type: string - parameters: - description: 'A list of parameters to associate with this DB cluster - parameter group. The fields ApplyMethod, ParameterName and ParameterValue - are required for every parameter. Note: AWS actually only modifies - the ApplyMethod of a parameter, if the ParameterValue changes - too.' - items: - description: CustomParameter are custom parameters for the Parameter - properties: - applyMethod: - description: The apply method of the parameter. AWS actually - only modifies to value set here, if the parameter value - changes too. - enum: - - immediate - - pending-reboot - type: string - parameterName: - description: The name of the parameter. - type: string - parameterValue: - description: The value of the parameter. - type: string - required: - - applyMethod - - parameterName - - parameterValue - type: object - type: array - region: - description: Region is which region the DBClusterParameterGroup - will be created. - type: string - tags: - description: Tags to assign to the DB cluster parameter group. - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - required: - - description - - region - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - metadata: - description: Metadata is the metadata for connection secret. - properties: - annotations: - additionalProperties: - type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. - type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. - type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string - type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: DBClusterParameterGroupStatus defines the observed state - of DBClusterParameterGroup. - properties: - atProvider: - description: DBClusterParameterGroupObservation defines the observed - state of DBClusterParameterGroup - properties: - dbClusterParameterGroupARN: - description: The Amazon Resource Name (ARN) for the DB cluster - parameter group. - type: string - dbClusterParameterGroupName: - description: The name of the DB cluster parameter group. - type: string - dbParameterGroupFamily: - description: The name of the DB parameter group family that this - DB cluster parameter group is compatible with. - type: string - type: object - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} \ No newline at end of file diff --git a/testutils/crds/DBInstance.yaml b/testutils/crds/DBInstance.yaml deleted file mode 100644 index 803e1641..00000000 --- a/testutils/crds/DBInstance.yaml +++ /dev/null @@ -1,2044 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: "2023-10-03T17:31:23Z" - generation: 1 - name: dbinstances.rds.aws.crossplane.io - ownerReferences: - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: true - kind: ProviderRevision - name: bloxinabox-provider-877b9fccf7ca - uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: false - kind: Provider - name: bloxinabox-provider - uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 - uid: 4c767e2a-e760-4ac9-bd52-eb07d1636100 -spec: - conversion: - strategy: None - group: rds.aws.crossplane.io - names: - categories: - - crossplane - - managed - - aws - kind: DBInstance - listKind: DBInstanceList - plural: dbinstances - singular: dbinstance - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNCED - type: string - - jsonPath: .metadata.annotations.crossplane\.io/external-name - name: EXTERNAL-NAME - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: DBInstance is the Schema for the DBInstances API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DBInstanceSpec defines the desired state of DBInstance - properties: - deletionPolicy: - default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. - enum: - - Orphan - - Delete - type: string - forProvider: - description: DBInstanceParameters defines the desired state of DBInstance - properties: - allocatedStorage: - description: "The amount of storage in gibibytes (GiB) to allocate - for the DB instance. \n Type: Integer \n Amazon Aurora \n Not - applicable. Aurora cluster volumes automatically grow as the - amount of data in your database increases, though you are only - charged for the space that you use in an Aurora cluster volume. - \n Amazon RDS Custom \n Constraints to the amount of storage - for each storage type are the following: \n * General Purpose - (SSD) storage (gp2, gp3): Must be an integer from 40 to 65536 - for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. - \n * Provisioned IOPS storage (io1): Must be an integer from - 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom - for SQL Server. \n MySQL \n Constraints to the amount of storage - for each storage type are the following: \n * General Purpose - (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. - \n * Provisioned IOPS storage (io1): Must be an integer from - 100 to 65536. \n * Magnetic storage (standard): Must be an integer - from 5 to 3072. \n MariaDB \n Constraints to the amount of storage - for each storage type are the following: \n * General Purpose - (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. - \n * Provisioned IOPS storage (io1): Must be an integer from - 100 to 65536. \n * Magnetic storage (standard): Must be an integer - from 5 to 3072. \n PostgreSQL \n Constraints to the amount of - storage for each storage type are the following: \n * General - Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 - to 65536. \n * Provisioned IOPS storage (io1): Must be an integer - from 100 to 65536. \n * Magnetic storage (standard): Must be - an integer from 5 to 3072. \n Oracle \n Constraints to the amount - of storage for each storage type are the following: \n * General - Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 - to 65536. \n * Provisioned IOPS storage (io1): Must be an integer - from 100 to 65536. \n * Magnetic storage (standard): Must be - an integer from 10 to 3072. \n SQL Server \n Constraints to - the amount of storage for each storage type are the following: - \n * General Purpose (SSD) storage (gp2, gp3): Enterprise and - Standard editions: Must be an integer from 20 to 16384. Web - and Express editions: Must be an integer from 20 to 16384. \n - * Provisioned IOPS storage (io1): Enterprise and Standard editions: - Must be an integer from 100 to 16384. Web and Express editions: - Must be an integer from 100 to 16384. \n * Magnetic storage - (standard): Enterprise and Standard editions: Must be an integer - from 20 to 1024. Web and Express editions: Must be an integer - from 20 to 1024." - format: int64 - type: integer - allowMajorVersionUpgrade: - description: "A value that indicates whether major version upgrades - are allowed. Changing this parameter doesn't result in an outage - and the change is asynchronously applied as soon as possible. - \n This setting doesn't apply to RDS Custom. \n Constraints: - Major version upgrades must be allowed when specifying a value - for the EngineVersion parameter that is a different major version - than the DB instance's current version." - type: boolean - applyImmediately: - description: "A value that indicates whether the modifications - in this request and any pending modifications are asynchronously - applied as soon as possible, regardless of the PreferredMaintenanceWindow - setting for the DB instance. By default, this parameter is disabled. - \n If this parameter is disabled, changes to the DB instance - are applied during the next maintenance window. Some parameter - changes can cause an outage and are applied on the next call - to RebootDBInstance, or the next failure reboot. Review the - table of parameters in Modifying a DB Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) - in the Amazon RDS User Guide. to see the impact of enabling - or disabling ApplyImmediately for each modified parameter and - to determine when the changes are applied." - type: boolean - autoMinorVersionUpgrade: - description: "A value that indicates whether minor engine upgrades - are applied automatically to the DB instance during the maintenance - window. By default, minor engine upgrades are applied automatically. - \n If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade - to false." - type: boolean - autogeneratePassword: - description: "AutogeneratePassword indicates whether the controller - should generate a random password for the master user if one - is not provided via MasterUserPasswordSecretRef. \n If a password - is generated, it will be stored as a secret at the location - specified by MasterUserPasswordSecretRef." - type: boolean - availabilityZone: - description: "The Availability Zone (AZ) where the database will - be created. For information on Amazon Web Services Regions and - Availability Zones, see Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). - \n Amazon Aurora \n Each Aurora DB cluster hosts copies of its - storage in three separate Availability Zones. Specify one of - these Availability Zones. Aurora automatically chooses an appropriate - Availability Zone if you don't specify one. \n Default: A random, - system-chosen Availability Zone in the endpoint's Amazon Web - Services Region. \n Example: us-east-1d \n Constraint: The AvailabilityZone - parameter can't be specified if the DB instance is a Multi-AZ - deployment. The specified Availability Zone must be in the same - Amazon Web Services Region as the current endpoint." - type: string - backupRetentionPeriod: - description: "The number of days for which automated backups are - retained. Setting this parameter to a positive number enables - backups. Setting this parameter to 0 disables automated backups. - \n Amazon Aurora \n Not applicable. The retention period for - automated backups is managed by the DB cluster. \n Default: - 1 \n Constraints: \n * Must be a value from 0 to 35 \n * Can't - be set to 0 if the DB instance is a source to read replicas - \n * Can't be set to 0 for an RDS Custom for Oracle DB instance" - format: int64 - type: integer - backupTarget: - description: "Specifies where automated backups and manual snapshots - are stored. \n Possible values are outposts (Amazon Web Services - Outposts) and region (Amazon Web Services Region). The default - is region. \n For more information, see Working with Amazon - RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) - in the Amazon RDS User Guide." - type: string - caCertificateIdentifier: - description: "Specifies the CA certificate identifier to use for - the DB instance’s server certificate. \n This setting doesn't - apply to RDS Custom. \n For more information, see Using SSL/TLS - to encrypt a connection to a DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) - in the Amazon RDS User Guide and Using SSL/TLS to encrypt a - connection to a DB cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) - in the Amazon Aurora User Guide." - type: string - characterSetName: - description: "For supported engines, this value indicates that - the DB instance should be associated with the specified CharacterSet. - \n This setting doesn't apply to RDS Custom. However, if you - need to change the character set, you can change it on the database - itself. \n Amazon Aurora \n Not applicable. The character set - is managed by the DB cluster. For more information, see CreateDBCluster." - type: string - copyTagsToSnapshot: - description: "A value that indicates whether to copy tags from - the DB instance to snapshots of the DB instance. By default, - tags are not copied. \n Amazon Aurora \n Not applicable. Copying - tags to snapshots is managed by the DB cluster. Setting this - value for an Aurora DB instance has no effect on the DB cluster - setting." - type: boolean - customIAMInstanceProfile: - description: "The instance profile associated with the underlying - Amazon EC2 instance of an RDS Custom DB instance. The instance - profile must meet the following requirements: \n * The profile - must exist in your account. \n * The profile must have an IAM - role that Amazon EC2 has permissions to assume. \n * The instance - profile name and the associated IAM role name must start with - the prefix AWSRDSCustom. \n For the list of permissions required - for the IAM role, see Configure IAM and your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) - in the Amazon RDS User Guide. \n This setting is required for - RDS Custom." - type: string - dbClusterIdentifier: - description: "The identifier of the DB cluster that the instance - will belong to. \n This setting doesn't apply to RDS Custom." - type: string - dbClusterIdentifierRef: - description: DBClusterIdentifierRef is a reference to a DBCluster - used to set DBClusterIdentifier. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - dbClusterIdentifierSelector: - description: DBClusterIdentifierSelector selects a reference to - a DBCluster used to set DBClusterIdentifier. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - dbInstanceClass: - description: The compute and memory capacity of the DB instance, - for example db.m5.large. Not all DB instance classes are available - in all Amazon Web Services Regions, or for all database engines. - For the full list of DB instance classes, and availability for - your engine, see DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) - in the Amazon RDS User Guide or Aurora DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) - in the Amazon Aurora User Guide. - type: string - dbName: - description: "The meaning of this parameter differs according - to the database engine you use. \n MySQL \n The name of the - database to create when the DB instance is created. If this - parameter isn't specified, no database is created in the DB - instance. \n Constraints: \n * Must contain 1 to 64 letters - or numbers. \n * Must begin with a letter. Subsequent characters - can be letters, underscores, or digits (0-9). \n * Can't be - a word reserved by the specified database engine \n MariaDB - \n The name of the database to create when the DB instance is - created. If this parameter isn't specified, no database is created - in the DB instance. \n Constraints: \n * Must contain 1 to 64 - letters or numbers. \n * Must begin with a letter. Subsequent - characters can be letters, underscores, or digits (0-9). \n - * Can't be a word reserved by the specified database engine - \n PostgreSQL \n The name of the database to create when the - DB instance is created. If this parameter isn't specified, a - database named postgres is created in the DB instance. \n Constraints: - \n * Must contain 1 to 63 letters, numbers, or underscores. - \n * Must begin with a letter. Subsequent characters can be - letters, underscores, or digits (0-9). \n * Can't be a word - reserved by the specified database engine \n Oracle \n The Oracle - System ID (SID) of the created DB instance. If you specify null, - the default value ORCL is used. You can't specify the string - NULL, or any other reserved word, for DBName. \n Default: ORCL - \n Constraints: \n * Can't be longer than 8 characters \n Amazon - RDS Custom for Oracle \n The Oracle System ID (SID) of the created - RDS Custom DB instance. If you don't specify a value, the default - value is ORCL. \n Default: ORCL \n Constraints: \n * It must - contain 1 to 8 alphanumeric characters. \n * It must contain - a letter. \n * It can't be a word reserved by the database engine. - \n Amazon RDS Custom for SQL Server \n Not applicable. Must - be null. \n SQL Server \n Not applicable. Must be null. \n Amazon - Aurora MySQL \n The name of the database to create when the - primary DB instance of the Aurora MySQL DB cluster is created. - If this parameter isn't specified for an Aurora MySQL DB cluster, - no database is created in the DB cluster. \n Constraints: \n - * It must contain 1 to 64 alphanumeric characters. \n * It can't - be a word reserved by the database engine. \n Amazon Aurora - PostgreSQL \n The name of the database to create when the primary - DB instance of the Aurora PostgreSQL DB cluster is created. - If this parameter isn't specified for an Aurora PostgreSQL DB - cluster, a database named postgres is created in the DB cluster. - \n Constraints: \n * It must contain 1 to 63 alphanumeric characters. - \n * It must begin with a letter. Subsequent characters can - be letters, underscores, or digits (0 to 9). \n * It can't be - a word reserved by the database engine." - type: string - dbParameterGroupName: - description: "The name of the DB parameter group to associate - with this DB instance. If you do not specify a value, then the - default DB parameter group for the specified DB engine and version - is used. \n This setting doesn't apply to RDS Custom. \n Constraints: - \n * It must be 1 to 255 letters, numbers, or hyphens. \n * - The first character must be a letter. \n * It can't end with - a hyphen or contain two consecutive hyphens." - type: string - dbParameterGroupNameRef: - description: DBParameterGroupNameRef is a reference to a DBParameterGroup - used to set DBParameterGroupName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - dbParameterGroupNameSelector: - description: DBParameterGroupNameSelector selects a reference - to a DBParameterGroup used to set DBParameterGroupName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - dbSecurityGroups: - description: A list of database security groups to associate with - this DB instance - items: - type: string - type: array - dbSubnetGroupName: - description: "A DB subnet group to associate with this DB instance. - \n Constraints: Must match the name of an existing DBSubnetGroup. - Must not be default. \n Example: mydbsubnetgroup" - type: string - dbSubnetGroupNameRef: - description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup - used to set DBSubnetGroupName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - dbSubnetGroupNameSelector: - description: DBSubnetGroupNameSelector selects a reference to - a DBSubnetGroup used to set DBSubnetGroupName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - deleteAutomatedBackups: - description: DeleteAutomatedBackups indicates whether to remove - automated backups immediately after the DB instance is deleted. - The default is to remove automated backups immediately after - the DB instance is deleted. - type: boolean - deletionProtection: - description: "A value that indicates whether the DB instance has - deletion protection enabled. The database can't be deleted when - deletion protection is enabled. By default, deletion protection - isn't enabled. For more information, see Deleting a DB Instance - (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). - \n Amazon Aurora \n Not applicable. You can enable or disable - deletion protection for the DB cluster. For more information, - see CreateDBCluster. DB instances in a DB cluster can be deleted - even when deletion protection is enabled for the DB cluster." - type: boolean - domain: - description: "The Active Directory directory ID to create the - DB instance in. Currently, only MySQL, Microsoft SQL Server, - Oracle, and PostgreSQL DB instances can be created in an Active - Directory Domain. \n For more information, see Kerberos Authentication - (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) - in the Amazon RDS User Guide. \n This setting doesn't apply - to RDS Custom. \n Amazon Aurora \n Not applicable. The domain - is managed by the DB cluster." - type: string - domainIAMRoleName: - description: "Specify the name of the IAM role to be used when - making API calls to the Directory Service. \n This setting doesn't - apply to RDS Custom. \n Amazon Aurora \n Not applicable. The - domain is managed by the DB cluster." - type: string - domainIAMRoleNameRef: - description: DomainIAMRoleNameRef is a reference to an IAMRole - used to set DomainIAMRoleName. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - domainIAMRoleNameSelector: - description: DomainIAMRoleNameSelector selects a reference to - an IAMRole used to set DomainIAMRoleName. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - enableCloudwatchLogsExports: - description: "The list of log types that need to be enabled for - exporting to CloudWatch Logs. The values in the list depend - on the DB engine. For more information, see Publishing Database - Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) - in the Amazon RDS User Guide. \n Amazon Aurora \n Not applicable. - CloudWatch Logs exports are managed by the DB cluster. \n RDS - Custom \n Not applicable. \n MariaDB \n Possible values are - audit, error, general, and slowquery. \n Microsoft SQL Server - \n Possible values are agent and error. \n MySQL \n Possible - values are audit, error, general, and slowquery. \n Oracle \n - Possible values are alert, audit, listener, trace, and oemagent. - \n PostgreSQL \n Possible values are postgresql and upgrade." - items: - type: string - type: array - enableCustomerOwnedIP: - description: "A value that indicates whether to enable a customer-owned - IP address (CoIP) for an RDS on Outposts DB instance. \n A CoIP - provides local or external connectivity to resources in your - Outpost subnets through your on-premises network. For some use - cases, a CoIP can provide lower latency for connections to the - DB instance from outside of its virtual private cloud (VPC) - on your local network. \n For more information about RDS on - Outposts, see Working with Amazon RDS on Amazon Web Services - Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) - in the Amazon RDS User Guide. \n For more information about - CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) - in the Amazon Web Services Outposts User Guide." - type: boolean - enableIAMDatabaseAuthentication: - description: "A value that indicates whether to enable mapping - of Amazon Web Services Identity and Access Management (IAM) - accounts to database accounts. By default, mapping isn't enabled. - \n For more information, see IAM Database Authentication for - MySQL and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) - in the Amazon RDS User Guide. \n This setting doesn't apply - to RDS Custom. \n Amazon Aurora \n Not applicable. Mapping Amazon - Web Services IAM accounts to database accounts is managed by - the DB cluster." - type: boolean - enablePerformanceInsights: - description: "A value that indicates whether to enable Performance - Insights for the DB instance. For more information, see Using - Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) - in the Amazon RDS User Guide. \n This setting doesn't apply - to RDS Custom." - type: boolean - engine: - description: "The name of the database engine to be used for this - instance. \n Not every database engine is available for every - Amazon Web Services Region. \n Valid Values: \n * aurora (for - MySQL 5.6-compatible Aurora) \n * aurora-mysql (for MySQL 5.7-compatible - and MySQL 8.0-compatible Aurora) \n * aurora-postgresql \n * - custom-oracle-ee (for RDS Custom for Oracle instances) \n * - custom-sqlserver-ee (for RDS Custom for SQL Server instances) - \n * custom-sqlserver-se (for RDS Custom for SQL Server instances) - \n * custom-sqlserver-web (for RDS Custom for SQL Server instances) - \n * mariadb \n * mysql \n * oracle-ee \n * oracle-ee-cdb \n - * oracle-se2 \n * oracle-se2-cdb \n * postgres \n * sqlserver-ee - \n * sqlserver-se \n * sqlserver-ex \n * sqlserver-web" - type: string - engineVersion: - description: "The version number of the database engine to use. - \n For a list of valid engine versions, use the DescribeDBEngineVersions - operation. \n The following are the database engines and links - to information about the major and minor versions that are available - with Amazon RDS. Not every database engine is available for - every Amazon Web Services Region. \n Amazon Aurora \n Not applicable. - The version number of the database engine to be used by the - DB instance is managed by the DB cluster. \n Amazon RDS Custom - for Oracle \n A custom engine version (CEV) that you have previously - created. This setting is required for RDS Custom for Oracle. - The CEV name has the following format: 19.customized_string. - A valid CEV name is 19.my_cev1. For more information, see Creating - an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create) - in the Amazon RDS User Guide. \n Amazon RDS Custom for SQL Server - \n See RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html) - in the Amazon RDS User Guide. \n MariaDB \n For information, - see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) - in the Amazon RDS User Guide. \n Microsoft SQL Server \n For - information, see Microsoft SQL Server Versions on Amazon RDS - (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) - in the Amazon RDS User Guide. \n MySQL \n For information, see - MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) - in the Amazon RDS User Guide. \n Oracle \n For information, - see Oracle Database Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) - in the Amazon RDS User Guide. \n PostgreSQL \n For information, - see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) - in the Amazon RDS User Guide. \n Note: Downgrades are not allowed - by AWS and attempts to set a lower version will be ignored." - type: string - finalDBSnapshotIdentifier: - description: "The DB instance snapshot identifier of the new DB - instance snapshot created when SkipFinalSnapshot is disabled. - \n Specifying this parameter and also skipping the creation - of a final DB instance snapshot with the SkipFinalShapshot parameter - results in an error. \n Constraints: \n * Must be 1 to 255 letters, - numbers, or hyphens. \n * First character must be a letter \n - * Can't end with a hyphen or contain two consecutive hyphens" - type: string - iops: - description: "The amount of Provisioned IOPS (input/output operations - per second) to be initially allocated for the DB instance. For - information about valid IOPS values, see Amazon RDS DB instance - storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) - in the Amazon RDS User Guide. \n Constraints: For MariaDB, MySQL, - Oracle, and PostgreSQL DB instances, must be a multiple between - .5 and 50 of the storage amount for the DB instance. For SQL - Server DB instances, must be a multiple between 1 and 50 of - the storage amount for the DB instance. \n Amazon Aurora \n - Not applicable. Storage is managed by the DB cluster." - format: int64 - type: integer - kmsKeyID: - description: "The Amazon Web Services KMS key identifier for an - encrypted DB instance. \n The Amazon Web Services KMS key identifier - is the key ARN, key ID, alias ARN, or alias name for the KMS - key. To use a KMS key in a different Amazon Web Services account, - specify the key ARN or alias ARN. \n Amazon Aurora \n Not applicable. - The Amazon Web Services KMS key identifier is managed by the - DB cluster. For more information, see CreateDBCluster. \n If - StorageEncrypted is enabled, and you do not specify a value - for the KmsKeyId parameter, then Amazon RDS uses your default - KMS key. There is a default KMS key for your Amazon Web Services - account. Your Amazon Web Services account has a different default - KMS key for each Amazon Web Services Region. \n Amazon RDS Custom - \n A KMS key is required for RDS Custom instances. For most - RDS engines, if you leave this parameter empty while enabling - StorageEncrypted, the engine uses the default KMS key. However, - RDS Custom doesn't use the default key when this parameter is - empty. You must explicitly specify a key." - type: string - kmsKeyIDRef: - description: KMSKeyIDRef is a reference to a KMS Key used to set - KMSKeyID. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - kmsKeyIDSelector: - description: KMSKeyIDSelector selects a reference to a KMS Key - used to set KMSKeyID. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - licenseModel: - description: "License model information for this DB instance. - \n Valid values: license-included | bring-your-own-license | - general-public-license \n This setting doesn't apply to RDS - Custom. \n Amazon Aurora \n Not applicable." - type: string - manageMasterUserPassword: - description: "A value that indicates whether to manage the master - user password with Amazon Web Services Secrets Manager. \n For - more information, see Password management with Amazon Web Services - Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) - in the Amazon RDS User Guide. \n Constraints: \n * Can't manage - the master user password with Amazon Web Services Secrets Manager - if MasterUserPassword is specified." - type: boolean - masterUserPasswordSecretRef: - description: "The password for the master database user. This - password can contain any printable ASCII character except \"/\", - \"\"\", or \"@\". \n Constraints: Must contain from 8 to 41 - characters." - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - masterUserSecretKMSKeyID: - description: "The Amazon Web Services KMS key identifier to encrypt - a secret that is automatically generated and managed in Amazon - Web Services Secrets Manager. \n This setting is valid only - if the master user password is managed by RDS in Amazon Web - Services Secrets Manager for the DB instance. \n The Amazon - Web Services KMS key identifier is the key ARN, key ID, alias - ARN, or alias name for the KMS key. To use a KMS key in a different - Amazon Web Services account, specify the key ARN or alias ARN. - \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager - KMS key is used to encrypt the secret. If the secret is in a - different Amazon Web Services account, then you can't use the - aws/secretsmanager KMS key to encrypt the secret, and you must - use a customer managed KMS key. \n There is a default KMS key - for your Amazon Web Services account. Your Amazon Web Services - account has a different default KMS key for each Amazon Web - Services Region." - type: string - masterUsername: - description: "The name for the master user. \n Amazon Aurora \n - Not applicable. The name for the master user is managed by the - DB cluster. \n Amazon RDS \n Constraints: \n * Required. \n - * Must be 1 to 16 letters, numbers, or underscores. \n * First - character must be a letter. \n * Can't be a reserved word for - the chosen database engine." - type: string - maxAllocatedStorage: - description: "The upper limit in gibibytes (GiB) to which Amazon - RDS can automatically scale the storage of the DB instance. - \n For more information about this setting, including limitations - that apply to it, see Managing capacity automatically with Amazon - RDS storage autoscaling (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) - in the Amazon RDS User Guide. \n This setting doesn't apply - to RDS Custom. \n Amazon Aurora \n Not applicable. Storage is - managed by the DB cluster." - format: int64 - type: integer - monitoringInterval: - description: "The interval, in seconds, between points when Enhanced - Monitoring metrics are collected for the DB instance. To disable - collection of Enhanced Monitoring metrics, specify 0. The default - is 0. \n If MonitoringRoleArn is specified, then you must set - MonitoringInterval to a value other than 0. \n This setting - doesn't apply to RDS Custom. \n Valid Values: 0, 1, 5, 10, 15, - 30, 60" - format: int64 - type: integer - monitoringRoleARN: - description: "The ARN for the IAM role that permits RDS to send - enhanced monitoring metrics to Amazon CloudWatch Logs. For example, - arn:aws:iam:123456789012:role/emaccess. For information on creating - a monitoring role, see Setting Up and Enabling Enhanced Monitoring - (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) - in the Amazon RDS User Guide. \n If MonitoringInterval is set - to a value other than 0, then you must supply a MonitoringRoleArn - value. \n This setting doesn't apply to RDS Custom." - type: string - monitoringRoleArnRef: - description: MonitoringRoleARNRef is a reference to an IAMRole - used to set MonitoringRoleARN. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - monitoringRoleArnSelector: - description: MonitoringRoleARNSelector selects a reference to - an IAMRole used to set MonitoringRoleARN. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - multiAZ: - description: "A value that indicates whether the DB instance is - a Multi-AZ deployment. You can't set the AvailabilityZone parameter - if the DB instance is a Multi-AZ deployment. \n This setting - doesn't apply to RDS Custom. \n Amazon Aurora \n Not applicable. - DB instance Availability Zones (AZs) are managed by the DB cluster." - type: boolean - ncharCharacterSetName: - description: "The name of the NCHAR character set for the Oracle - DB instance. \n This parameter doesn't apply to RDS Custom." - type: string - networkType: - description: "The network type of the DB instance. \n Valid values: - \n * IPV4 \n * DUAL \n The network type is determined by the - DBSubnetGroup specified for the DB instance. A DBSubnetGroup - can support only the IPv4 protocol or the IPv4 and the IPv6 - protocols (DUAL). \n For more information, see Working with - a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) - in the Amazon RDS User Guide." - type: string - optionGroupName: - description: "A value that indicates that the DB instance should - be associated with the specified option group. \n Permanent - options, such as the TDE option for Oracle Advanced Security - TDE, can't be removed from an option group. Also, that option - group can't be removed from a DB instance after it is associated - with a DB instance. \n This setting doesn't apply to RDS Custom. - \n Amazon Aurora \n Not applicable." - type: string - performanceInsightsKMSKeyID: - description: "The Amazon Web Services KMS key identifier for encryption - of Performance Insights data. \n The Amazon Web Services KMS - key identifier is the key ARN, key ID, alias ARN, or alias name - for the KMS key. \n If you do not specify a value for PerformanceInsightsKMSKeyId, - then Amazon RDS uses your default KMS key. There is a default - KMS key for your Amazon Web Services account. Your Amazon Web - Services account has a different default KMS key for each Amazon - Web Services Region. \n This setting doesn't apply to RDS Custom." - type: string - performanceInsightsRetentionPeriod: - description: "The number of days to retain Performance Insights - data. The default is 7 days. The following values are valid: - \n * 7 \n * month * 31, where month is a number of months from - 1-23 \n * 731 \n For example, the following values are valid: - \n * 93 (3 months * 31) \n * 341 (11 months * 31) \n * 589 (19 - months * 31) \n * 731 \n If you specify a retention period such - as 94, which isn't a valid value, RDS issues an error. \n This - setting doesn't apply to RDS Custom." - format: int64 - type: integer - port: - description: "The port number on which the database accepts connections. - \n MySQL \n Default: 3306 \n Valid values: 1150-65535 \n Type: - Integer \n MariaDB \n Default: 3306 \n Valid values: 1150-65535 - \n Type: Integer \n PostgreSQL \n Default: 5432 \n Valid values: - 1150-65535 \n Type: Integer \n Oracle \n Default: 1521 \n Valid - values: 1150-65535 \n SQL Server \n Default: 1433 \n Valid values: - 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156. - \n Amazon Aurora \n Default: 3306 \n Valid values: 1150-65535 - \n Type: Integer" - format: int64 - type: integer - preferredBackupWindow: - description: "The daily time range during which automated backups - are created if automated backups are enabled, using the BackupRetentionPeriod - parameter. The default is a 30-minute window selected at random - from an 8-hour block of time for each Amazon Web Services Region. - For more information, see Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) - in the Amazon RDS User Guide. \n Amazon Aurora \n Not applicable. - The daily time range for creating automated backups is managed - by the DB cluster. \n Constraints: \n * Must be in the format - hh24:mi-hh24:mi. \n * Must be in Universal Coordinated Time - (UTC). \n * Must not conflict with the preferred maintenance - window. \n * Must be at least 30 minutes." - type: string - preferredMaintenanceWindow: - description: "The time range each week during which system maintenance - can occur, in Universal Coordinated Time (UTC). For more information, - see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance). - \n Format: ddd:hh24:mi-ddd:hh24:mi \n The default is a 30-minute - window selected at random from an 8-hour block of time for each - Amazon Web Services Region, occurring on a random day of the - week. \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. \n Constraints: - Minimum 30-minute window." - type: string - processorFeatures: - description: "The number of CPU cores and the number of threads - per core for the DB instance class of the DB instance. \n This - setting doesn't apply to RDS Custom. \n Amazon Aurora \n Not - applicable." - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - promotionTier: - description: "A value that specifies the order in which an Aurora - Replica is promoted to the primary instance after a failure - of the existing primary instance. For more information, see - Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) - in the Amazon Aurora User Guide. \n This setting doesn't apply - to RDS Custom. \n Default: 1 \n Valid Values: 0 - 15" - format: int64 - type: integer - publiclyAccessible: - description: "A value that indicates whether the DB instance is - publicly accessible. \n When the DB instance is publicly accessible, - its Domain Name System (DNS) endpoint resolves to the private - IP address from within the DB instance's virtual private cloud - (VPC). It resolves to the public IP address from outside of - the DB instance's VPC. Access to the DB instance is ultimately - controlled by the security group it uses. That public access - is not permitted if the security group assigned to the DB instance - doesn't permit it. \n When the DB instance isn't publicly accessible, - it is an internal DB instance with a DNS name that resolves - to a private IP address. \n Default: The default behavior varies - depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName - isn't specified, and PubliclyAccessible isn't specified, the - following applies: \n * If the default VPC in the target Region - doesn’t have an internet gateway attached to it, the DB instance - is private. \n * If the default VPC in the target Region has - an internet gateway attached to it, the DB instance is public. - \n If DBSubnetGroupName is specified, and PubliclyAccessible - isn't specified, the following applies: \n * If the subnets - are part of a VPC that doesn’t have an internet gateway attached - to it, the DB instance is private. \n * If the subnets are part - of a VPC that has an internet gateway attached to it, the DB - instance is public." - type: boolean - region: - description: Region is which region the DBInstance will be created. - type: string - restoreFrom: - description: RestoreFrom specifies the details of the backup to - restore when creating a new DBInstance. - properties: - pointInTime: - description: PointInTime specifies the details of the point - in time restore. - properties: - restoreTime: - description: 'RestoreTime is the date and time (UTC) to - restore from. Must be before the latest restorable time - for the DB instance. Can''t be specified if the useLatestRestorableTime - parameter is enabled. Example: 2011-09-07T23:45:00Z' - format: date-time - type: string - sourceDBInstanceAutomatedBackupsArn: - description: 'SourceDBInstanceAutomatedBackupsArn specifies - the Amazon Resource Name (ARN) of the replicated automated - backups from which to restore. Example: arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE' - type: string - sourceDBInstanceIdentifier: - description: 'SourceDBInstanceIdentifier specifies the - identifier of the source DB instance from which to restore. - Constraints: Must match the identifier of an existing - DB instance.' - type: string - sourceDbiResourceId: - description: SourceDbiResourceID specifies the resource - ID of the source DB instance from which to restore. - type: string - useLatestRestorableTime: - description: UseLatestRestorableTime indicates that the - DB instance is restored from the latest backup Can't - be specified if the restoreTime parameter is provided. - type: boolean - type: object - s3: - description: S3 specifies the details of the S3 backup to - restore from. - properties: - bucketName: - description: BucketName is the name of the S3 bucket containing - the backup to restore. - type: string - ingestionRoleARN: - description: IngestionRoleARN is the IAM role RDS can - assume that will allow it to access the contents of - the S3 bucket. - type: string - prefix: - description: Prefix is the path prefix of the S3 bucket - within which the backup to restore is located. - type: string - sourceEngine: - description: SourceEngine is the engine used to create - the backup. Must be "mysql". - type: string - sourceEngineVersion: - description: 'SourceEngineVersion is the version of the - engine used to create the backup. Example: "5.7.30"' - type: string - required: - - bucketName - - ingestionRoleARN - - sourceEngine - - sourceEngineVersion - type: object - snapshot: - description: Snapshot specifies the details of the snapshot - to restore from. - properties: - snapshotIdentifier: - description: SnapshotIdentifier is the identifier of the - snapshot to restore. - type: string - required: - - snapshotIdentifier - type: object - source: - description: Source is the type of the backup to restore when - creating a new DBCluster or DBInstance. S3, Snapshot and - PointInTime are supported. - enum: - - S3 - - Snapshot - - PointInTime - type: string - required: - - source - type: object - skipFinalSnapshot: - description: "A value that indicates whether to skip the creation - of a final DB instance snapshot before the DB instance is deleted. - If skip is specified, no DB instance snapshot is created. If - skip isn't specified, a DB instance snapshot is created before - the DB instance is deleted. By default, skip isn't specified, - and the DB instance snapshot is created. By default, this parameter - is disabled. \n You must specify a FinalDBSnapshotIdentifier - parameter if SkipFinalSnapshot is disabled." - type: boolean - storageEncrypted: - description: "A value that indicates whether the DB instance is - encrypted. By default, it isn't encrypted. \n For RDS Custom - instances, either set this parameter to true or leave it unset. - If you set this parameter to false, RDS reports an error. \n - Amazon Aurora \n Not applicable. The encryption for DB instances - is managed by the DB cluster." - type: boolean - storageThroughput: - description: "Specifies the storage throughput value for the DB - instance. \n This setting applies only to the gp3 storage type. - \n This setting doesn't apply to RDS Custom or Amazon Aurora." - format: int64 - type: integer - storageType: - description: "Specifies the storage type to be associated with - the DB instance. \n Valid values: gp2 | gp3 | io1 | standard - \n If you specify io1 or gp3, you must also include a value - for the Iops parameter. \n Default: io1 if the Iops parameter - is specified, otherwise gp2 \n Amazon Aurora \n Not applicable. - Storage is managed by the DB cluster." - type: string - tags: - description: Tags to assign to the DB instance. - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - tdeCredentialARN: - description: "The ARN from the key store with which to associate - the instance for TDE encryption. \n This setting doesn't apply - to RDS Custom. \n Amazon Aurora \n Not applicable." - type: string - tdeCredentialPassword: - description: "The password for the given ARN from the key store - in order to access the device. \n This setting doesn't apply - to RDS Custom." - type: string - timezone: - description: The time zone of the DB instance. The time zone parameter - is currently supported only by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone). - type: string - vpcSecurityGroupIDRefs: - description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups - used to set the VPCSecurityGroupIDs. - items: - description: A Reference to a named object. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which - will attempt to resolve the reference only when the - corresponding field is not present. Use 'Always' to - resolve the reference on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - type: array - vpcSecurityGroupIDSelector: - description: VPCSecurityGroupIDSelector selects references to - VPCSecurityGroups used to set the VPCSecurityGroupIDs. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - vpcSecurityGroupIDs: - description: "A list of Amazon EC2 VPC security groups to authorize - on this DB instance. This change is asynchronously applied as - soon as possible. \n This setting doesn't apply to RDS Custom. - \n Amazon Aurora Not applicable. The associated list of EC2 - VPC security groups is managed by the DB cluster. For more information, - see ModifyDBCluster. \n Constraints: * If supplied, must match - existing VpcSecurityGroupIds." - items: - type: string - type: array - required: - - dbInstanceClass - - engine - - region - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - metadata: - description: Metadata is the metadata for connection secret. - properties: - annotations: - additionalProperties: - type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. - type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. - type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string - type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: DBInstanceStatus defines the observed state of DBInstance. - properties: - atProvider: - description: DBInstanceObservation defines the observed state of DBInstance - properties: - activityStreamEngineNativeAuditFieldsIncluded: - description: Indicates whether engine-native audit fields are - included in the database activity stream. - type: boolean - activityStreamKMSKeyID: - description: The Amazon Web Services KMS key identifier used for - encrypting messages in the database activity stream. The Amazon - Web Services KMS key identifier is the key ARN, key ID, alias - ARN, or alias name for the KMS key. - type: string - activityStreamKinesisStreamName: - description: The name of the Amazon Kinesis data stream used for - the database activity stream. - type: string - activityStreamMode: - description: The mode of the database activity stream. Database - events such as a change or access generate an activity stream - event. RDS for Oracle always handles these events asynchronously. - type: string - activityStreamPolicyStatus: - description: The status of the policy state of the activity stream. - type: string - activityStreamStatus: - description: The status of the database activity stream. - type: string - associatedRoles: - description: The Amazon Web Services Identity and Access Management - (IAM) roles associated with the DB instance. - items: - properties: - featureName: - type: string - roleARN: - type: string - status: - type: string - type: object - type: array - automaticRestartTime: - description: The time when a stopped DB instance is restarted - automatically. - format: date-time - type: string - automationMode: - description: 'The automation mode of the RDS Custom DB instance: - full or all paused. If full, the DB instance automates monitoring - and instance recovery. If all paused, the instance pauses automation - for the duration set by --resume-full-automation-mode-minutes.' - type: string - awsBackupRecoveryPointARN: - description: The Amazon Resource Name (ARN) of the recovery point - in Amazon Web Services Backup. - type: string - certificateDetails: - description: The details of the DB instance's server certificate. - properties: - cAIdentifier: - type: string - validTill: - format: date-time - type: string - type: object - customerOwnedIPEnabled: - description: "Specifies whether a customer-owned IP address (CoIP) - is enabled for an RDS on Outposts DB instance. \n A CoIP provides - local or external connectivity to resources in your Outpost - subnets through your on-premises network. For some use cases, - a CoIP can provide lower latency for connections to the DB instance - from outside of its virtual private cloud (VPC) on your local - network. \n For more information about RDS on Outposts, see - Working with Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) - in the Amazon RDS User Guide. \n For more information about - CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) - in the Amazon Web Services Outposts User Guide." - type: boolean - dbInstanceARN: - description: The Amazon Resource Name (ARN) for the DB instance. - type: string - dbInstanceAutomatedBackupsReplications: - description: The list of replicated automated backups associated - with the DB instance. - items: - properties: - dbInstanceAutomatedBackupsARN: - type: string - type: object - type: array - dbInstanceIdentifier: - description: Contains a user-supplied database identifier. This - identifier is the unique key that identifies a DB instance. - type: string - dbInstancePort: - description: Specifies the port that the DB instance listens on. - If the DB instance is part of a DB cluster, this can be a different - port than the DB cluster port. - format: int64 - type: integer - dbInstanceStatus: - description: "Specifies the current state of this database. \n - For information about DB instance statuses, see Viewing DB instance - status (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status) - in the Amazon RDS User Guide." - type: string - dbParameterGroups: - description: Provides the list of DB parameter groups applied - to this DB instance. - items: - properties: - dbParameterGroupName: - type: string - parameterApplyStatus: - type: string - type: object - type: array - dbSecurityGroups: - description: A list of DB security group elements containing DBSecurityGroup.Name - and DBSecurityGroup.Status subelements. - items: - properties: - dbSecurityGroupName: - type: string - status: - type: string - type: object - type: array - dbSubnetGroup: - description: Specifies information on the subnet group associated - with the DB instance, including the name, description, and subnets - in the subnet group. - properties: - dbSubnetGroupARN: - type: string - dbSubnetGroupDescription: - type: string - dbSubnetGroupName: - type: string - subnetGroupStatus: - type: string - subnets: - items: - properties: - subnetAvailabilityZone: - description: "Contains Availability Zone information. - \n This data type is used as an element in the OrderableDBInstanceOption - data type." - properties: - name: - type: string - type: object - subnetIdentifier: - type: string - subnetOutpost: - description: "A data type that represents an Outpost. - \n For more information about RDS on Outposts, see - Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) - in the Amazon RDS User Guide." - properties: - arn: - type: string - type: object - subnetStatus: - type: string - type: object - type: array - supportedNetworkTypes: - items: - type: string - type: array - vpcID: - type: string - type: object - dbSystemID: - description: The Oracle system ID (Oracle SID) for a container - database (CDB). The Oracle SID is also the name of the CDB. - This setting is valid for RDS Custom only. - type: string - dbiResourceID: - description: The Amazon Web Services Region-unique, immutable - identifier for the DB instance. This identifier is found in - Amazon Web Services CloudTrail log entries whenever the Amazon - Web Services KMS key for the DB instance is accessed. - type: string - domainMemberships: - description: The Active Directory Domain membership records associated - with the DB instance. - items: - properties: - domain: - type: string - fQDN: - type: string - iamRoleName: - type: string - status: - type: string - type: object - type: array - enabledCloudwatchLogsExports: - description: "A list of log types that this DB instance is configured - to export to CloudWatch Logs. \n Log types vary by DB engine. - For information about the log types for each DB engine, see - Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html) - in the Amazon RDS User Guide." - items: - type: string - type: array - endpoint: - description: "Specifies the connection endpoint. \n The endpoint - might not be shown for instances whose status is creating." - properties: - address: - type: string - hostedZoneID: - type: string - port: - format: int64 - type: integer - type: object - engineVersion: - description: Indicates the database engine version. - type: string - enhancedMonitoringResourceARN: - description: The Amazon Resource Name (ARN) of the Amazon CloudWatch - Logs log stream that receives the Enhanced Monitoring metrics - data for the DB instance. - type: string - iamDatabaseAuthenticationEnabled: - description: "True if mapping of Amazon Web Services Identity - and Access Management (IAM) accounts to database accounts is - enabled, and otherwise false. \n IAM database authentication - can be enabled for the following database engines \n * For MySQL - 5.6, minor version 5.6.34 or higher \n * For MySQL 5.7, minor - version 5.7.16 or higher \n * Aurora 5.6 or higher. To enable - IAM database authentication for Aurora, see DBCluster Type." - type: boolean - instanceCreateTime: - description: Provides the date and time the DB instance was created. - format: date-time - type: string - latestRestorableTime: - description: Specifies the latest time to which a database can - be restored with point-in-time restore. - format: date-time - type: string - listenerEndpoint: - description: Specifies the listener connection endpoint for SQL - Server Always On. - properties: - address: - type: string - hostedZoneID: - type: string - port: - format: int64 - type: integer - type: object - masterUserSecret: - description: "Contains the secret managed by RDS in Amazon Web - Services Secrets Manager for the master user password. \n For - more information, see Password management with Amazon Web Services - Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) - in the Amazon RDS User Guide." - properties: - kmsKeyID: - type: string - secretARN: - type: string - secretStatus: - type: string - type: object - optionGroupMemberships: - description: Provides the list of option group memberships for - this DB instance. - items: - properties: - optionGroupName: - type: string - status: - type: string - type: object - type: array - pendingModifiedValues: - description: A value that specifies that changes to the DB instance - are pending. This element is only included when changes are - pending. Specific changes are identified by subelements. - properties: - allocatedStorage: - format: int64 - type: integer - automationMode: - type: string - backupRetentionPeriod: - format: int64 - type: integer - caCertificateIdentifier: - type: string - dbInstanceClass: - type: string - dbInstanceIdentifier: - type: string - dbSubnetGroupName: - type: string - engineVersion: - type: string - iamDatabaseAuthenticationEnabled: - type: boolean - iops: - format: int64 - type: integer - licenseModel: - type: string - masterUserPassword: - type: string - multiAZ: - type: boolean - pendingCloudwatchLogsExports: - description: A list of the log types whose configuration is - still pending. In other words, these log types are in the - process of being activated or deactivated. - properties: - logTypesToDisable: - items: - type: string - type: array - logTypesToEnable: - items: - type: string - type: array - type: object - port: - format: int64 - type: integer - processorFeatures: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - resumeFullAutomationModeTime: - format: date-time - type: string - storageThroughput: - format: int64 - type: integer - storageType: - type: string - type: object - performanceInsightsEnabled: - description: True if Performance Insights is enabled for the DB - instance, and otherwise false. - type: boolean - readReplicaDBClusterIdentifiers: - description: "Contains one or more identifiers of Aurora DB clusters - to which the RDS DB instance is replicated as a read replica. - For example, when you create an Aurora read replica of an RDS - for MySQL DB instance, the Aurora MySQL DB cluster for the Aurora - read replica is shown. This output doesn't contain information - about cross-Region Aurora read replicas. \n Currently, each - RDS DB instance can have only one Aurora read replica." - items: - type: string - type: array - readReplicaDBInstanceIdentifiers: - description: Contains one or more identifiers of the read replicas - associated with this DB instance. - items: - type: string - type: array - readReplicaSourceDBInstanceIdentifier: - description: Contains the identifier of the source DB instance - if this DB instance is a read replica. - type: string - replicaMode: - description: "The open mode of an Oracle read replica. The default - is open-read-only. For more information, see Working with Oracle - Read Replicas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) - in the Amazon RDS User Guide. \n This attribute is only supported - in RDS for Oracle." - type: string - resumeFullAutomationModeTime: - description: The number of minutes to pause the automation. When - the time period ends, RDS Custom resumes full automation. The - minimum value is 60 (default). The maximum value is 1,440. - format: date-time - type: string - secondaryAvailabilityZone: - description: If present, specifies the name of the secondary Availability - Zone for a DB instance with multi-AZ support. - type: string - statusInfos: - description: The status of a read replica. If the instance isn't - a read replica, this is blank. - items: - properties: - message: - type: string - normal: - type: boolean - status: - type: string - statusType: - type: string - type: object - type: array - tagList: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - vpcSecurityGroups: - description: Provides a list of VPC security group elements that - the DB instance belongs to. - items: - properties: - status: - type: string - vpcSecurityGroupID: - type: string - type: object - type: array - type: object - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} \ No newline at end of file diff --git a/testutils/crds/DBParameterGroup.yaml b/testutils/crds/DBParameterGroup.yaml deleted file mode 100644 index 6ca41a4a..00000000 --- a/testutils/crds/DBParameterGroup.yaml +++ /dev/null @@ -1,401 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: "2023-10-03T17:31:23Z" - generation: 1 - name: dbparametergroups.rds.aws.crossplane.io - ownerReferences: - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: true - kind: ProviderRevision - name: bloxinabox-provider-877b9fccf7ca - uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 - - apiVersion: pkg.crossplane.io/v1 - blockOwnerDeletion: true - controller: false - kind: Provider - name: bloxinabox-provider - uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 - uid: 7d5a4408-5865-411a-a74a-e6bbc3a732eb -spec: - conversion: - strategy: None - group: rds.aws.crossplane.io - names: - categories: - - crossplane - - managed - - aws - kind: DBParameterGroup - listKind: DBParameterGroupList - plural: dbparametergroups - singular: dbparametergroup - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNCED - type: string - - jsonPath: .metadata.annotations.crossplane\.io/external-name - name: EXTERNAL-NAME - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: DBParameterGroup is the Schema for the DBParameterGroups API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DBParameterGroupSpec defines the desired state of DBParameterGroup - properties: - deletionPolicy: - default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. - enum: - - Orphan - - Delete - type: string - forProvider: - description: DBParameterGroupParameters defines the desired state - of DBParameterGroup - properties: - dbParameterGroupFamily: - description: "The DB parameter group family name. A DB parameter - group can be associated with one and only one DB parameter group - family, and can be applied only to a DB instance running a database - engine and engine version compatible with that DB parameter - group family. \n To list all of the available parameter group - families for a DB engine, use the following command: \n aws - rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" - --engine \n For example, to list all of the available - parameter group families for the MySQL DB engine, use the following - command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" - --engine mysql \n The output contains duplicates. \n The following - are the valid DB engine values: \n * aurora (for MySQL 5.6-compatible - Aurora) \n * aurora-mysql (for MySQL 5.7-compatible Aurora) - \n * aurora-postgresql \n * mariadb \n * mysql \n * oracle-ee - \n * oracle-ee-cdb \n * oracle-se2 \n * oracle-se2-cdb \n * - postgres \n * sqlserver-ee \n * sqlserver-se \n * sqlserver-ex - \n * sqlserver-web \n One of DBParameterGroupFamily or DBParameterGroupFamilySelector - is required." - type: string - dbParameterGroupFamilySelector: - description: "DBParameterGroupFamilySelector determines DBParameterGroupFamily - from the engine and engine version. \n One of DBParameterGroupFamily - or DBParameterGroupFamilySelector is required. \n Will not be - used if DBParameterGroupFamily is already set." - properties: - engine: - description: Engine is the name of the database engine. - type: string - engineVersion: - description: EngineVersion is the version of the database - engine. If it is nil, the default engine version given by - AWS will be used. - type: string - required: - - engine - type: object - description: - description: The description for the DB parameter group. - type: string - parameters: - description: 'A list of parameters to associate with this DB parameter - group. The fields ApplyMethod, ParameterName and ParameterValue - are required for every parameter. Note: AWS actually only modifies - the ApplyMethod of a parameter, if the ParameterValue changes - too.' - items: - description: CustomParameter are custom parameters for the Parameter - properties: - applyMethod: - description: The apply method of the parameter. AWS actually - only modifies to value set here, if the parameter value - changes too. - enum: - - immediate - - pending-reboot - type: string - parameterName: - description: The name of the parameter. - type: string - parameterValue: - description: The value of the parameter. - type: string - required: - - applyMethod - - parameterName - - parameterValue - type: object - type: array - region: - description: Region is which region the DBParameterGroup will - be created. - type: string - tags: - description: Tags to assign to the DB parameter group. - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - required: - - description - - region - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - metadata: - description: Metadata is the metadata for connection secret. - properties: - annotations: - additionalProperties: - type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. - type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. - type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string - type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: DBParameterGroupStatus defines the observed state of DBParameterGroup. - properties: - atProvider: - description: DBParameterGroupObservation defines the observed state - of DBParameterGroup - properties: - dbParameterGroupARN: - description: The Amazon Resource Name (ARN) for the DB parameter - group. - type: string - dbParameterGroupFamily: - description: The name of the DB parameter group family that this - DB parameter group is compatible with. - type: string - dbParameterGroupName: - description: The name of the DB parameter group. - type: string - type: object - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} \ No newline at end of file