From a99652d667178f7a4f79068ed8d3f29b6b4f619b Mon Sep 17 00:00:00 2001 From: Abhishek Date: Mon, 30 Oct 2023 12:27:29 +0530 Subject: [PATCH] unit and integration tests added --- api/v1/zz_generated.deepcopy.go | 5 + ...nce.atlas.infoblox.com_databaseclaims.yaml | 145 +- controllers/databaseclaim_controller.go | 2 +- .../databaseclaim_controller_integ_test.go | 434 ++++ controllers/databaseclaim_controller_test.go | 197 ++ controllers/suite_test.go | 7 +- ...nce.atlas.infoblox.com_databaseclaims.yaml | 145 +- testutils/crds/DBCluster.yaml | 1675 ++++++++++++++ testutils/crds/DBClusterParameterGroup.yaml | 404 ++++ testutils/crds/DBInstance.yaml | 2044 +++++++++++++++++ testutils/crds/DBParameterGroup.yaml | 401 ++++ 11 files changed, 5421 insertions(+), 38 deletions(-) create mode 100644 testutils/crds/DBCluster.yaml create mode 100644 testutils/crds/DBClusterParameterGroup.yaml create mode 100644 testutils/crds/DBInstance.yaml create mode 100644 testutils/crds/DBParameterGroup.yaml diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 1c6b8c84..67a28a81 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -169,6 +169,7 @@ func (in *DatabaseClaimStatus) DeepCopyInto(out *DatabaseClaimStatus) { *out = *in in.NewDB.DeepCopyInto(&out.NewDB) in.ActiveDB.DeepCopyInto(&out.ActiveDB) + in.OldDB.DeepCopyInto(&out.OldDB) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseClaimStatus. @@ -403,6 +404,10 @@ func (in *Status) DeepCopyInto(out *Status) { *out = new(SourceDataFrom) (*in).DeepCopyInto(*out) } + if in.PostMigrationActionStartedAt != nil { + in, out := &in.PostMigrationActionStartedAt, &out.PostMigrationActionStartedAt + *out = (*in).DeepCopy() + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Status. diff --git a/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml b/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml index 2031b889..7160c0b6 100644 --- a/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml +++ b/config/crd/bases/persistance.atlas.infoblox.com_databaseclaims.yaml @@ -236,8 +236,8 @@ spec: status: description: DatabaseClaimStatus defines the observed state of DatabaseClaim properties: - oldDB: - description: track the status of the old db which is migrated and non operational + activeDB: + description: track the status of the active db being used by the application properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -257,20 +257,128 @@ spec: userName: type: string type: object - type: - description: Specifies the type of database to provision. Only - postgres is supported. + connectionUpdatedAt: + description: Time the connection info was updated/created. + format: date-time type: string - postMigrationActionStartedAt: - description: Time the process of post migration actions have started + dbCreateAt: + description: Time the database was created format: date-time type: string dbversion: description: Version of the provisioned Database type: string + matchLabel: + description: The name of the label that was successfully matched + against the fragment key names in the db-controller configMap + type: string + minStorageGB: + description: The optional MinStorageGB value requests the minimum + database host storage capacity in GBytes + type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string + shape: + description: The optional Shape values are arbitrary and help + drive instance selection + type: string + sourceDataFrom: + description: SourceDataFrom specifies an existing database or + backup to use when initially provisioning the database. if the + dbclaim has already provisioned a database, this field is ignored + This field used when claim is use-existing-db and attempting + to migrate to newdb + properties: + database: + description: Database defines the connection information to + an existing db + properties: + dsn: + description: 'DSN is the connection string used to reach + the postgres database must have protocol specifier at + beginning (example: mysql:// postgres:// )' + type: string + secretRef: + description: 'SecretRef specifies a secret to use for + connecting to the postgresdb (should be master/root) + TODO: document/validate the secret format required' + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + required: + - dsn + type: object + s3: + description: S3 defines the location of a DB backup in an + S3 bucket + properties: + bucket: + type: string + prefix: + description: Prefix is the path prefix of the S3 bucket + within which the backup to restore is located. + type: string + region: + type: string + secretRef: + description: 'SecretRef specifies a secret to use for + connecting to the s3 bucket via AWS client TODO: document/validate + the secret format required' + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + sourceEngine: + description: SourceEngine is the engine used to create + the backup. + type: string + sourceEngineVersion: + description: 'SourceEngineVersion is the version of the + engine used to create the backup. Example: "5.7.30"' + type: string + required: + - bucket + - region + - sourceEngine + - sourceEngineVersion + type: object + type: + description: Type specifies the type of source + type: string + required: + - type + type: object + type: + description: Specifies the type of database to provision. Only + postgres is supported. + type: string + userUpdatedAt: + description: Time the user/password was updated/created + format: date-time + type: string + required: + - connectionInfo type: object - activeDB: - description: track the status of the active db being used by the application + error: + description: Any errors related to provisioning this claim. + type: string + migrationState: + description: tracks status of DB migration. if empty, not started. + non empty denotes migration in progress, unless it is S_Completed + type: string + newDB: + description: track the status of new db in the process of being created properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -309,6 +417,10 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string shape: description: The optional Shape values are arbitrary and help drive instance selection @@ -399,15 +511,8 @@ spec: required: - connectionInfo type: object - error: - description: Any errors related to provisioning this claim. - type: string - migrationState: - description: tracks status of DB migration. if empty, not started. - non empty denotes migration in progress, unless it is S_Completed - type: string - newDB: - description: track the status of new db in the process of being created + oldDB: + description: tracks the DB which is migrated and not more operational properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -446,6 +551,10 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string shape: description: The optional Shape values are arbitrary and help drive instance selection diff --git a/controllers/databaseclaim_controller.go b/controllers/databaseclaim_controller.go index a6ed5262..e4866bcc 100644 --- a/controllers/databaseclaim_controller.go +++ b/controllers/databaseclaim_controller.go @@ -151,7 +151,7 @@ func (r *DatabaseClaimReconciler) getMode(dbClaim *persistancev1.DatabaseClaim) //default mode is M_UseNewDB. any non supported combination needs to be identfied and set to M_NotSupported if dbClaim.Status.OldDB.DbState == persistancev1.PostMigrationInProgress { - if dbClaim.Status.OldDB.ConnectionInfo == nil || dbClaim.Status.ActiveDB.DbState != persistancev1.Ready || *dbClaim.Status.NewDB.ConnectionInfo != (persistancev1.DatabaseClaimConnectionInfo{}) || + if dbClaim.Status.OldDB.ConnectionInfo == nil || dbClaim.Status.ActiveDB.DbState != persistancev1.Ready || r.Input.SharedDBHost || *dbClaim.Spec.UseExistingSource || dbClaim.Spec.SourceDataFrom != nil { return M_NotSupported } diff --git a/controllers/databaseclaim_controller_integ_test.go b/controllers/databaseclaim_controller_integ_test.go index 31aa8c95..1b3d1200 100644 --- a/controllers/databaseclaim_controller_integ_test.go +++ b/controllers/databaseclaim_controller_integ_test.go @@ -2,10 +2,16 @@ package controllers import ( "context" + "fmt" + crossplanerds "github.com/crossplane-contrib/provider-aws/apis/rds/v1alpha1" + "github.com/go-logr/logr" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/spf13/viper" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" persistancev1 "github.com/infobloxopen/db-controller/api/v1" ) @@ -43,3 +49,431 @@ var _ = Describe("db-controller", func() { }) }) }) + +var _ = Describe("manageOperationalTagging", Ordered, func() { + + // define and create objects in the test cluster + + dbCluster := &crossplanerds.DBCluster{} + dbClusterParam := &crossplanerds.DBClusterParameterGroup{} + dbParam := &crossplanerds.DBParameterGroup{} + dnInstance1 := &crossplanerds.DBInstance{} + dnInstance2 := &crossplanerds.DBInstance{} + dnInstance3 := &crossplanerds.DBInstance{} + + BeforeAll(func() { + By("Creating objects beforehand of DBClsuerParameterGroup, DBCluser, DBParameterGroup and DBInstance") + testString := "test" + ctx := context.Background() + dbCluster = &crossplanerds.DBCluster{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBCluster", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "db", + Namespace: "default", + }, + Spec: crossplanerds.DBClusterSpec{ + ForProvider: crossplanerds.DBClusterParameters{ + Engine: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dbCluster)).Should(Succeed()) + ctx = context.Background() + dbClusterParam = &crossplanerds.DBClusterParameterGroup{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBClusterParameterGroup", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbparam", + Namespace: "default", + }, + Spec: crossplanerds.DBClusterParameterGroupSpec{ + ForProvider: crossplanerds.DBClusterParameterGroupParameters{ + Description: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dbClusterParam)).Should(Succeed()) + + dbParam = &crossplanerds.DBParameterGroup{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBParameterGroup", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbparam", + Namespace: "default", + }, + Spec: crossplanerds.DBParameterGroupSpec{ + ForProvider: crossplanerds.DBParameterGroupParameters{ + Description: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dbParam)).Should(Succeed()) + + ctx = context.Background() + dnInstance1 = &crossplanerds.DBInstance{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBInstance", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "db", + Namespace: "default", + }, + Spec: crossplanerds.DBInstanceSpec{ + ForProvider: crossplanerds.DBInstanceParameters{ + Engine: &testString, + DBInstanceClass: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dnInstance1)).Should(Succeed()) + + ctx = context.Background() + dnInstance2 = &crossplanerds.DBInstance{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBInstance", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "db-2", + Namespace: "default", + }, + Spec: crossplanerds.DBInstanceSpec{ + ForProvider: crossplanerds.DBInstanceParameters{ + Engine: &testString, + DBInstanceClass: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dnInstance2)).Should(Succeed()) + + ctx = context.Background() + dnInstance3 = &crossplanerds.DBInstance{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "rds.aws.crossplane.io/v1alpha1", + Kind: "DBInstance", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "db3", + Namespace: "default", + }, + Spec: crossplanerds.DBInstanceSpec{ + ForProvider: crossplanerds.DBInstanceParameters{ + Engine: &testString, + DBInstanceClass: &testString, + }, + }, + } + Expect(k8sClient.Create(ctx, dnInstance3)).Should(Succeed()) + }) + + Context("Now, try adding tags to resources which does not exists, while multiAZ is enabled", func() { + It("Should not add tags to any other already existing resources", func() { + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + mockReconciler.Config = viper.New() + mockReconciler.Config.Set("dbMultiAZEnabled", true) + // providing names of non-existing resources below + check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "dbb", "dbparamm") + Expect(err).Should(HaveOccurred()) // This should create error + Expect(check).To(BeFalse()) + + By("Lets get all objects again to check whether tags have not been added to any resource, as we provied wrong names above") + + dbCluster = &crossplanerds.DBCluster{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dbCluster)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbCluster.Spec.ForProvider.Tags)).To(Equal(false)) + + dbClusterParam = &crossplanerds.DBClusterParameterGroup{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "dbparam", + }, dbClusterParam)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbClusterParam.Spec.ForProvider.Tags)).To(Equal(false)) + + dbParam = &crossplanerds.DBParameterGroup{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "dbparam", + }, dbParam)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbParam.Spec.ForProvider.Tags)).To(Equal(false)) + + dnInstance1 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dnInstance1)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(false)) + + dnInstance2 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db-2", + }, dnInstance2)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(false)) + + dnInstance3 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db3", + }, dnInstance3)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) + }) + }) + + Context("Now, try Adding tags to resources, with multiAZ disabled", func() { + It("Should add tags to all valid resources. Should skip instance-2 as multiAZ is disabled", func() { + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + mockReconciler.Config = viper.New() + mockReconciler.Config.Set("dbMultiAZEnabled", false) + check, err := mockReconciler.manageOperationalTagging(context.Background(), logr.Logger{}, "db", "dbparam") + Expect(err).ShouldNot(HaveOccurred()) + Expect(check).To(BeFalse()) + + By("Lets get all objects again to check whether tags can be found at .spec.ForProvider") + + dbCluster = &crossplanerds.DBCluster{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dbCluster)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbCluster.Spec.ForProvider.Tags)).To(Equal(true)) + + dbClusterParam = &crossplanerds.DBClusterParameterGroup{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "dbparam", + }, dbClusterParam)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbClusterParam.Spec.ForProvider.Tags)).To(Equal(true)) + + dbParam = &crossplanerds.DBParameterGroup{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "dbparam", + }, dbParam)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dbParam.Spec.ForProvider.Tags)).To(Equal(true)) + + dnInstance1 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dnInstance1)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(true)) + + // tag should not be found at spec for dbInstance2 as multiAZ is disabled + dnInstance2 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db-2", + }, dnInstance2)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(false)) + + // tag should not be found at spec for dbInstance3 as we had not requested this resource to be tagged + dnInstance3 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db3", + }, dnInstance3)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) + }) + }) + + Context("Adding tags to resources, while multiAZ is enabled", func() { + It("Should add tags to all valid resources if exists. Should NOT skip instance-2 as multiAZ is enabled", func() { + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + mockReconciler.Config = viper.New() + mockReconciler.Config.Set("dbMultiAZEnabled", true) + check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "db", "dbparam") + Expect(err).ShouldNot(HaveOccurred()) + Expect(check).To(BeFalse()) + + By("Lets get all DBinstance objects again to check whether tags can be found at .spec.ForProvider for all instances in multiAZ") + + dnInstance1 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dnInstance1)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance1.Spec.ForProvider.Tags)).To(Equal(true)) + + // tag should be found at spec for dbInstancw2 as multiAZ is enabled now + dnInstance2 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db-2", + }, dnInstance2)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance2.Spec.ForProvider.Tags)).To(Equal(true)) + + // tag should not be found at spec for dbInstancr3 as we had not requested this resource to be tagged + dnInstance3 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db3", + }, dnInstance3)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance3.Spec.ForProvider.Tags)).To(Equal(false)) + }) + }) + + Context("When tags get successfully updated, They are reflected at .status.AtProvider for DBInstance", func() { + It("manageOperationalTagging() Should return true without any error", func() { + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + mockReconciler.Config = viper.New() + mockReconciler.Config.Set("dbMultiAZEnabled", true) + + By("adding tags beforehand to .status.AtProvier.TagList. As in reality, if tags gets successfully added. It will reflect at the said path") + + operationalStatusTagKeyPtr := operationalStatusTagKey + operationalStatusInactiveValuePtr := operationalStatusInactiveValue + ctx := context.Background() + + dnInstance1.Status.AtProvider.TagList = []*crossplanerds.Tag{ + { + Key: &operationalStatusTagKeyPtr, + Value: &operationalStatusInactiveValuePtr, + }, + } + dnInstance2.Status.AtProvider.TagList = []*crossplanerds.Tag{ + { + Key: &operationalStatusTagKeyPtr, + Value: &operationalStatusInactiveValuePtr, + }, + } + + Expect(k8sClient.Status().Update(ctx, dnInstance1)).Should(Succeed()) + Expect(k8sClient.Status().Update(ctx, dnInstance2)).Should(Succeed()) + + check, err := mockReconciler.manageOperationalTagging(context.Background(), ctrl.Log.WithName("controllers"), "db", "dbparam") + Expect(err).ShouldNot(HaveOccurred()) + Expect(check).To(BeTrue()) + + // Lets also check the tags at status + dnInstance1 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db", + }, dnInstance1)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance1.Status.AtProvider.TagList)).To(Equal(true)) + + dnInstance2 = &crossplanerds.DBInstance{} + Expect(mockReconciler.Client.Get(context.Background(), client.ObjectKey{ + Name: "db-2", + }, dnInstance2)).ShouldNot(HaveOccurred()) + Expect(hasOperationalTag(dnInstance2.Status.AtProvider.TagList)).To(Equal(true)) + + }) + }) + +}) + +func hasOperationalTag(tags []*crossplanerds.Tag) bool { + + for _, tag := range tags { + fmt.Println("==") + + fmt.Println(tag) + if *tag.Key == operationalStatusTagKey && *tag.Value == operationalStatusInactiveValue { + return true + } + } + return false + +} + +var _ = Describe("canTagResources", Ordered, func() { + + // Creating resources required to do tests beforehand + BeforeAll(func() { + ctx := context.Background() + dbClaim := &persistancev1.DatabaseClaim{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "persistance.atlas.infoblox.com/v1", + Kind: "DatabaseClaim", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbclaim", + Namespace: "default", + }, + Spec: persistancev1.DatabaseClaimSpec{ + AppID: "sample-app", + DatabaseName: "sample_app", + InstanceLabel: "sample-connection-3", + SecretName: "sample-secret", + Username: "sample_user", + }, + } + Expect(k8sClient.Create(ctx, dbClaim)).Should(Succeed()) + ctx2 := context.Background() + dbClaim2 := &persistancev1.DatabaseClaim{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "persistance.atlas.infoblox.com/v1", + Kind: "DatabaseClaim", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbclaim-2", + Namespace: "default", + }, + Spec: persistancev1.DatabaseClaimSpec{ + AppID: "sample-app", + DatabaseName: "sample_app", + InstanceLabel: "sample-connection-3", + SecretName: "sample-secret", + Username: "sample_user", + }, + } + Expect(k8sClient.Create(ctx2, dbClaim2)).Should(Succeed()) + }) + + Context("Adding tags to DBClaim with empty InstanceLabel", func() { + It("Should permite adding tags", func() { + ctx2 := context.Background() + dbClaim2 := &persistancev1.DatabaseClaim{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "persistance.atlas.infoblox.com/v1", + Kind: "DatabaseClaim", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbclaim-2", + Namespace: "default", + }, + Spec: persistancev1.DatabaseClaimSpec{ + AppID: "sample-app", + DatabaseName: "sample_app", + InstanceLabel: "", + SecretName: "sample-secret", + Username: "sample_user", + }, + } + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + check, err2 := mockReconciler.canTagResources(ctx2, dbClaim2) + Expect(err2).ShouldNot(HaveOccurred()) + Expect(check).To(BeTrue()) + }) + }) + + Context("Adding tags to DBClaim, When There are already more than one DBClaim exists with similar InstanceLabel", func() { + It("Should not permite adding tags", func() { + ctx2 := context.Background() + dbClaim2 := &persistancev1.DatabaseClaim{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "persistance.atlas.infoblox.com/v1", + Kind: "DatabaseClaim", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "dbclaim-2", + Namespace: "default", + }, + Spec: persistancev1.DatabaseClaimSpec{ + AppID: "sample-app", + DatabaseName: "sample_app", + InstanceLabel: "sample-connection-3", + SecretName: "sample-secret", + Username: "sample_user", + }, + } + mockReconciler := &DatabaseClaimReconciler{} + mockReconciler.Client = k8sClient + check, err2 := mockReconciler.canTagResources(ctx2, dbClaim2) + Expect(err2).Should(HaveOccurred()) + Expect(check).To(BeFalse()) + }) + }) + +}) diff --git a/controllers/databaseclaim_controller_test.go b/controllers/databaseclaim_controller_test.go index 80f0f58f..b39c18aa 100644 --- a/controllers/databaseclaim_controller_test.go +++ b/controllers/databaseclaim_controller_test.go @@ -1699,6 +1699,203 @@ func TestDatabaseClaimReconciler_getMode(t *testing.T) { }, M_UseNewDB, }, + { + "postMigrationActions-positive", + fields{ + Log: zap.New(zap.UseFlagOptions(&opts)), + Input: &input{ + HostParams: hostparams.HostParams{ + Engine: "aurora-postgres", + Shape: "db.t4g.medium", + MinStorageGB: 20, + EngineVersion: "12.11", + }, + SharedDBHost: false, + }, + }, + + args{ + dbClaim: &persistancev1.DatabaseClaim{ + ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", + Namespace: "unitest"}, + + Spec: persistancev1.DatabaseClaimSpec{ + UseExistingSource: &flse, + }, + Status: persistancev1.DatabaseClaimStatus{ + ActiveDB: persistancev1.Status{ + DbState: persistancev1.Ready, + }, + OldDB: persistancev1.Status{ + DbState: persistancev1.PostMigrationInProgress, + Type: "aurora-postgres", + DBVersion: "13.11", + Shape: "db.t4g.medium", + MinStorageGB: 20, + ConnectionInfo: &persistancev1.DatabaseClaimConnectionInfo{}, + }, + }, + }, + }, + M_PostMigrationInProgress, + }, + { + "postMigrationActions-negative-without-connectionInfo-in-oldDB", + fields{ + Log: zap.New(zap.UseFlagOptions(&opts)), + Input: &input{ + HostParams: hostparams.HostParams{ + Engine: "aurora-postgres", + Shape: "db.t4g.medium", + MinStorageGB: 20, + EngineVersion: "12.11", + }, + SharedDBHost: false, + }, + }, + + args{ + dbClaim: &persistancev1.DatabaseClaim{ + ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", + Namespace: "unitest"}, + + Spec: persistancev1.DatabaseClaimSpec{ + UseExistingSource: &flse, + }, + Status: persistancev1.DatabaseClaimStatus{ + ActiveDB: persistancev1.Status{ + DbState: persistancev1.Ready, + }, + OldDB: persistancev1.Status{ + DbState: persistancev1.PostMigrationInProgress, + Type: "aurora-postgres", + DBVersion: "13.11", + Shape: "db.t4g.medium", + MinStorageGB: 20, + }, + }, + }, + }, + M_NotSupported, + }, + { + "postMigrationActions-negative-wit-userExistingSource", + fields{ + Log: zap.New(zap.UseFlagOptions(&opts)), + Input: &input{ + HostParams: hostparams.HostParams{ + Engine: "aurora-postgres", + Shape: "db.t4g.medium", + MinStorageGB: 20, + EngineVersion: "12.11", + }, + SharedDBHost: false, + }, + }, + + args{ + dbClaim: &persistancev1.DatabaseClaim{ + ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", + Namespace: "unitest"}, + + Spec: persistancev1.DatabaseClaimSpec{ + UseExistingSource: &tru, + }, + Status: persistancev1.DatabaseClaimStatus{ + ActiveDB: persistancev1.Status{ + DbState: persistancev1.Ready, + }, + OldDB: persistancev1.Status{ + DbState: persistancev1.PostMigrationInProgress, + Type: "aurora-postgres", + DBVersion: "13.11", + Shape: "db.t4g.medium", + MinStorageGB: 20, + }, + }, + }, + }, + M_NotSupported, + }, + { + "postMigrationActions-negative-with-sourceData", + fields{ + Log: zap.New(zap.UseFlagOptions(&opts)), + Input: &input{ + HostParams: hostparams.HostParams{ + Engine: "aurora-postgres", + Shape: "db.t4g.medium", + MinStorageGB: 20, + EngineVersion: "12.11", + }, + SharedDBHost: false, + }, + }, + + args{ + dbClaim: &persistancev1.DatabaseClaim{ + ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", + Namespace: "unitest"}, + + Spec: persistancev1.DatabaseClaimSpec{ + UseExistingSource: &flse, + SourceDataFrom: &persistancev1.SourceDataFrom{}, + }, + Status: persistancev1.DatabaseClaimStatus{ + ActiveDB: persistancev1.Status{ + DbState: persistancev1.Ready, + }, + OldDB: persistancev1.Status{ + DbState: persistancev1.PostMigrationInProgress, + Type: "aurora-postgres", + DBVersion: "13.11", + Shape: "db.t4g.medium", + MinStorageGB: 20, + }, + }, + }, + }, + M_NotSupported, + }, + { + "postMigrationActions-negative-with-sharedDB", + fields{ + Log: zap.New(zap.UseFlagOptions(&opts)), + Input: &input{ + HostParams: hostparams.HostParams{ + Engine: "aurora-postgres", + Shape: "db.t4g.medium", + MinStorageGB: 20, + EngineVersion: "12.11", + }, + SharedDBHost: true, + }, + }, + + args{ + dbClaim: &persistancev1.DatabaseClaim{ + ObjectMeta: v1.ObjectMeta{Name: "identity-dbclaim-name", + Namespace: "unitest"}, + + Spec: persistancev1.DatabaseClaimSpec{ + UseExistingSource: &flse, + }, + Status: persistancev1.DatabaseClaimStatus{ + ActiveDB: persistancev1.Status{ + DbState: persistancev1.Ready, + }, + OldDB: persistancev1.Status{ + DbState: persistancev1.PostMigrationInProgress, + Type: "aurora-postgres", + DBVersion: "13.11", + Shape: "db.t4g.medium", + MinStorageGB: 20, + }, + }, + }, + }, + M_NotSupported, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/controllers/suite_test.go b/controllers/suite_test.go index a006d595..6563edfe 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -36,6 +36,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" persistancev1 "github.com/infobloxopen/db-controller/api/v1" + + crossplanerds "github.com/crossplane-contrib/provider-aws/apis/rds/v1alpha1" // +kubebuilder:scaffold:imports ) @@ -82,7 +84,7 @@ var _ = BeforeSuite(func() { By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, + CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases"), filepath.Join("..", "testutils", "crds")}, } var err error @@ -93,6 +95,9 @@ var _ = BeforeSuite(func() { err = persistancev1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) + err = crossplanerds.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + // +kubebuilder:scaffold:scheme k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) diff --git a/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml b/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml index 2031b889..7160c0b6 100644 --- a/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml +++ b/helm/db-controller-crds/crd/persistance.atlas.infoblox.com_databaseclaims.yaml @@ -236,8 +236,8 @@ spec: status: description: DatabaseClaimStatus defines the observed state of DatabaseClaim properties: - oldDB: - description: track the status of the old db which is migrated and non operational + activeDB: + description: track the status of the active db being used by the application properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -257,20 +257,128 @@ spec: userName: type: string type: object - type: - description: Specifies the type of database to provision. Only - postgres is supported. + connectionUpdatedAt: + description: Time the connection info was updated/created. + format: date-time type: string - postMigrationActionStartedAt: - description: Time the process of post migration actions have started + dbCreateAt: + description: Time the database was created format: date-time type: string dbversion: description: Version of the provisioned Database type: string + matchLabel: + description: The name of the label that was successfully matched + against the fragment key names in the db-controller configMap + type: string + minStorageGB: + description: The optional MinStorageGB value requests the minimum + database host storage capacity in GBytes + type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string + shape: + description: The optional Shape values are arbitrary and help + drive instance selection + type: string + sourceDataFrom: + description: SourceDataFrom specifies an existing database or + backup to use when initially provisioning the database. if the + dbclaim has already provisioned a database, this field is ignored + This field used when claim is use-existing-db and attempting + to migrate to newdb + properties: + database: + description: Database defines the connection information to + an existing db + properties: + dsn: + description: 'DSN is the connection string used to reach + the postgres database must have protocol specifier at + beginning (example: mysql:// postgres:// )' + type: string + secretRef: + description: 'SecretRef specifies a secret to use for + connecting to the postgresdb (should be master/root) + TODO: document/validate the secret format required' + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + required: + - dsn + type: object + s3: + description: S3 defines the location of a DB backup in an + S3 bucket + properties: + bucket: + type: string + prefix: + description: Prefix is the path prefix of the S3 bucket + within which the backup to restore is located. + type: string + region: + type: string + secretRef: + description: 'SecretRef specifies a secret to use for + connecting to the s3 bucket via AWS client TODO: document/validate + the secret format required' + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + sourceEngine: + description: SourceEngine is the engine used to create + the backup. + type: string + sourceEngineVersion: + description: 'SourceEngineVersion is the version of the + engine used to create the backup. Example: "5.7.30"' + type: string + required: + - bucket + - region + - sourceEngine + - sourceEngineVersion + type: object + type: + description: Type specifies the type of source + type: string + required: + - type + type: object + type: + description: Specifies the type of database to provision. Only + postgres is supported. + type: string + userUpdatedAt: + description: Time the user/password was updated/created + format: date-time + type: string + required: + - connectionInfo type: object - activeDB: - description: track the status of the active db being used by the application + error: + description: Any errors related to provisioning this claim. + type: string + migrationState: + description: tracks status of DB migration. if empty, not started. + non empty denotes migration in progress, unless it is S_Completed + type: string + newDB: + description: track the status of new db in the process of being created properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -309,6 +417,10 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string shape: description: The optional Shape values are arbitrary and help drive instance selection @@ -399,15 +511,8 @@ spec: required: - connectionInfo type: object - error: - description: Any errors related to provisioning this claim. - type: string - migrationState: - description: tracks status of DB migration. if empty, not started. - non empty denotes migration in progress, unless it is S_Completed - type: string - newDB: - description: track the status of new db in the process of being created + oldDB: + description: tracks the DB which is migrated and not more operational properties: DbState: description: DbState of the DB. inprogress, "", ready @@ -446,6 +551,10 @@ spec: description: The optional MinStorageGB value requests the minimum database host storage capacity in GBytes type: integer + postMigrationActionStartedAt: + description: Time at the process of post migration actions initiated + format: date-time + type: string shape: description: The optional Shape values are arbitrary and help drive instance selection diff --git a/testutils/crds/DBCluster.yaml b/testutils/crds/DBCluster.yaml new file mode 100644 index 00000000..7565df74 --- /dev/null +++ b/testutils/crds/DBCluster.yaml @@ -0,0 +1,1675 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: "2023-10-03T17:31:23Z" + generation: 1 + name: dbclusters.rds.aws.crossplane.io + ownerReferences: + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: true + kind: ProviderRevision + name: bloxinabox-provider-877b9fccf7ca + uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: false + kind: Provider + name: bloxinabox-provider + uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 + uid: 6408ca27-a149-4f0d-9370-63b3a68a9585 +spec: + conversion: + strategy: None + group: rds.aws.crossplane.io + names: + categories: + - crossplane + - managed + - aws + kind: DBCluster + listKind: DBClusterList + plural: dbclusters + singular: dbcluster + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DBCluster is the Schema for the DBClusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBClusterSpec defines the desired state of DBCluster + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + description: DBClusterParameters defines the desired state of DBCluster + properties: + allocatedStorage: + description: "The amount of storage in gibibytes (GiB) to allocate + to each DB instance in the Multi-AZ DB cluster. \n This setting + is required to create a Multi-AZ DB cluster. \n Valid for: Multi-AZ + DB clusters only" + format: int64 + type: integer + allowMajorVersionUpgrade: + description: "A value that indicates whether major version upgrades + are allowed. \n Constraints: You must allow major version upgrades + when specifying a value for the EngineVersion parameter that + is a different major version than the DB cluster's current version. + \n Valid for: Aurora DB clusters only" + type: boolean + applyImmediately: + description: "A value that indicates whether the modifications + in this request and any pending modifications are asynchronously + applied as soon as possible, regardless of the PreferredMaintenanceWindow + setting for the DB cluster. If this parameter is disabled, changes + to the DB cluster are applied during the next maintenance window. + \n The ApplyImmediately parameter only affects the EnableIAMDatabaseAuthentication, + MasterUserPassword values. If the ApplyImmediately parameter + is disabled, then changes to the EnableIAMDatabaseAuthentication, + MasterUserPassword values are applied during the next maintenance + window. All other changes are applied immediately, regardless + of the value of the ApplyImmediately parameter. \n By default, + this parameter is disabled." + type: boolean + autoMinorVersionUpgrade: + description: "A value that indicates whether minor engine upgrades + are applied automatically to the DB cluster during the maintenance + window. By default, minor engine upgrades are applied automatically. + \n Valid for: Multi-AZ DB clusters only" + type: boolean + autogeneratePassword: + description: "AutogeneratePassword indicates whether the controller + should generate a random password for the master user if one + is not provided via MasterUserPasswordSecretRef. \n If a password + is generated, it will be stored as a secret at the location + specified by MasterUserPasswordSecretRef." + type: boolean + availabilityZones: + description: "A list of Availability Zones (AZs) where DB instances + in the DB cluster can be created. \n For information on Amazon + Web Services Regions and Availability Zones, see Choosing the + Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + only" + items: + type: string + type: array + backtrackWindow: + description: "The target backtrack window, in seconds. To disable + backtracking, set this value to 0. \n Default: 0 \n Constraints: + \n * If specified, this value must be set to a number from 0 + to 259,200 (72 hours). \n Valid for: Aurora MySQL DB clusters + only" + format: int64 + type: integer + backupRetentionPeriod: + description: "The number of days for which automated backups are + retained. \n Default: 1 \n Constraints: \n * Must be a value + from 1 to 35 \n Valid for: Aurora DB clusters and Multi-AZ DB + clusters" + format: int64 + type: integer + characterSetName: + description: "A value that indicates that the DB cluster should + be associated with the specified CharacterSet. \n Valid for: + Aurora DB clusters only" + type: string + copyTagsToSnapshot: + description: "A value that indicates whether to copy all tags + from the DB cluster to snapshots of the DB cluster. The default + is not to copy them. \n Valid for: Aurora DB clusters and Multi-AZ + DB clusters" + type: boolean + databaseName: + description: "The name for your database of up to 64 alphanumeric + characters. If you do not provide a name, Amazon RDS doesn't + create a database in the DB cluster you are creating. \n Valid + for: Aurora DB clusters and Multi-AZ DB clusters" + type: string + dbClusterInstanceClass: + description: "The compute and memory capacity of each DB instance + in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not + all DB instance classes are available in all Amazon Web Services + Regions, or for all database engines. \n For the full list of + DB instance classes and availability for your engine, see DB + instance class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) + in the Amazon RDS User Guide. \n This setting is required to + create a Multi-AZ DB cluster. \n Valid for: Multi-AZ DB clusters + only" + type: string + dbClusterParameterGroupName: + description: "The name of the DB cluster parameter group to associate + with this DB cluster. If you do not specify a value, then the + default DB cluster parameter group for the specified DB engine + and version is used. \n Constraints: \n * If supplied, must + match the name of an existing DB cluster parameter group. \n + Valid for: Aurora DB clusters and Multi-AZ DB clusters" + type: string + dbClusterParameterGroupNameRef: + description: DBClusterParameterGroupNameRef is a reference to + a DBClusterParameterGroup used to set DBClusterParameterGroupName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + dbClusterParameterGroupNameSelector: + description: DBClusterParameterGroupNameSelector selects a reference + to a DBClusterParameterGroup used to set DBClusterParameterGroupName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + dbSubnetGroupName: + description: "A DB subnet group to associate with this DB cluster. + \n This setting is required to create a Multi-AZ DB cluster. + \n Constraints: Must match the name of an existing DBSubnetGroup. + Must not be default. \n Example: mydbsubnetgroup \n Valid for: + Aurora DB clusters and Multi-AZ DB clusters" + type: string + dbSubnetGroupNameRef: + description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup + used to set DBSubnetGroupName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + dbSubnetGroupNameSelector: + description: DBSubnetGroupNameSelector selects a reference to + a DBSubnetGroup used to set DBSubnetGroupName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + dbSystemID: + description: Reserved for future use. + type: string + deletionProtection: + description: "A value that indicates whether the DB cluster has + deletion protection enabled. The database can't be deleted when + deletion protection is enabled. By default, deletion protection + isn't enabled. \n Valid for: Aurora DB clusters and Multi-AZ + DB clusters" + type: boolean + destinationRegion: + description: DestinationRegion is used for presigning the request + to a given region. + type: string + domain: + description: "The Active Directory directory ID to create the + DB cluster in. \n For Amazon Aurora DB clusters, Amazon RDS + can use Kerberos authentication to authenticate users that connect + to the DB cluster. \n For more information, see Kerberos authentication + (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + only" + type: string + domainIAMRoleName: + description: "Specify the name of the IAM role to be used when + making API calls to the Directory Service. \n Valid for: Aurora + DB clusters only" + type: string + domainIAMRoleNameRef: + description: DomainIAMRoleNameRef is a reference to an IAMRole + used to set DomainIAMRoleName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + domainIAMRoleNameSelector: + description: DomainIAMRoleNameSelector selects a reference to + an IAMRole used to set DomainIAMRoleName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + enableCloudwatchLogsExports: + description: "The list of log types that need to be enabled for + exporting to CloudWatch Logs. The values in the list depend + on the DB engine being used. \n RDS for MySQL \n Possible values + are error, general, and slowquery. \n RDS for PostgreSQL \n + Possible values are postgresql and upgrade. \n Aurora MySQL + \n Possible values are audit, error, general, and slowquery. + \n Aurora PostgreSQL \n Possible value is postgresql. \n For + more information about exporting CloudWatch Logs for Amazon + RDS, see Publishing Database Logs to Amazon CloudWatch Logs + (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) + in the Amazon RDS User Guide. \n For more information about + exporting CloudWatch Logs for Amazon Aurora, see Publishing + Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + and Multi-AZ DB clusters" + items: + type: string + type: array + enableGlobalWriteForwarding: + description: "A value that indicates whether to enable this DB + cluster to forward write operations to the primary cluster of + an Aurora global database (GlobalCluster). By default, write + operations are not allowed on Aurora DB clusters that are secondary + clusters in an Aurora global database. \n You can set this value + only on Aurora DB clusters that are members of an Aurora global + database. With this parameter enabled, a secondary cluster can + forward writes to the current primary cluster and the resulting + changes are replicated back to this cluster. For the primary + DB cluster of an Aurora global database, this value is used + immediately if the primary is demoted by the FailoverGlobalCluster + API operation, but it does nothing until then. \n Valid for: + Aurora DB clusters only" + type: boolean + enableHTTPEndpoint: + description: "A value that indicates whether to enable the HTTP + endpoint for an Aurora Serverless v1 DB cluster. By default, + the HTTP endpoint is disabled. \n When enabled, the HTTP endpoint + provides a connectionless web service API for running SQL queries + on the Aurora Serverless v1 DB cluster. You can also query your + database from inside the RDS console with the query editor. + \n For more information, see Using the Data API for Aurora Serverless + v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + only" + type: boolean + enableIAMDatabaseAuthentication: + description: "A value that indicates whether to enable mapping + of Amazon Web Services Identity and Access Management (IAM) + accounts to database accounts. By default, mapping isn't enabled. + \n For more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + only" + type: boolean + enablePerformanceInsights: + description: "A value that indicates whether to turn on Performance + Insights for the DB cluster. \n For more information, see Using + Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) + in the Amazon RDS User Guide. \n Valid for: Multi-AZ DB clusters + only" + type: boolean + engine: + description: "The name of the database engine to be used for this + DB cluster. \n Valid Values: \n * aurora (for MySQL 5.6-compatible + Aurora) \n * aurora-mysql (for MySQL 5.7-compatible and MySQL + 8.0-compatible Aurora) \n * aurora-postgresql \n * mysql \n + * postgres \n Valid for: Aurora DB clusters and Multi-AZ DB + clusters" + type: string + engineMode: + description: "The DB engine mode of the DB cluster, either provisioned, + serverless, parallelquery, global, or multimaster. \n The parallelquery + engine mode isn't required for Aurora MySQL version 1.23 and + higher 1.x versions, and version 2.09 and higher 2.x versions. + \n The global engine mode isn't required for Aurora MySQL version + 1.22 and higher 1.x versions, and global engine mode isn't required + for any 2.x versions. \n The multimaster engine mode only applies + for DB clusters created with Aurora MySQL version 5.6.10a. \n + The serverless engine mode only applies for Aurora Serverless + v1 DB clusters. \n For Aurora PostgreSQL, the global engine + mode isn't required, and both the parallelquery and the multimaster + engine modes currently aren't supported. \n Limitations and + requirements apply to some DB engine modes. For more information, + see the following sections in the Amazon Aurora User Guide: + \n * Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) + \n * Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) + \n * Limitations of Parallel Query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations) + \n * Limitations of Aurora Global Databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations) + \n * Limitations of Multi-Master Clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations) + \n Valid for: Aurora DB clusters only" + type: string + engineVersion: + description: "The version number of the database engine to use. + \n To list all of the available engine versions for MySQL 5.6-compatible + Aurora, use the following command: \n aws rds describe-db-engine-versions + --engine aurora --query \"DBEngineVersions[].EngineVersion\" + \n To list all of the available engine versions for MySQL 5.7-compatible + and MySQL 8.0-compatible Aurora, use the following command: + \n aws rds describe-db-engine-versions --engine aurora-mysql + --query \"DBEngineVersions[].EngineVersion\" \n To list all + of the available engine versions for Aurora PostgreSQL, use + the following command: \n aws rds describe-db-engine-versions + --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\" + \n To list all of the available engine versions for RDS for + MySQL, use the following command: \n aws rds describe-db-engine-versions + --engine mysql --query \"DBEngineVersions[].EngineVersion\" + \n To list all of the available engine versions for RDS for + PostgreSQL, use the following command: \n aws rds describe-db-engine-versions + --engine postgres --query \"DBEngineVersions[].EngineVersion\" + \n Aurora MySQL \n For information, see MySQL on Amazon RDS + Versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) + in the Amazon Aurora User Guide. \n Aurora PostgreSQL \n For + information, see Amazon Aurora PostgreSQL releases and engine + versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) + in the Amazon Aurora User Guide. \n MySQL \n For information, + see MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) + in the Amazon RDS User Guide. \n PostgreSQL \n For information, + see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) + in the Amazon RDS User Guide. \n Note: Downgrades are not allowed + by AWS and attempts to set a lower version will be ignored. + \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + type: string + finalDBSnapshotIdentifier: + description: "The DB cluster snapshot identifier of the new DB + cluster snapshot created when SkipFinalSnapshot is disabled. + \n Specifying this parameter and also skipping the creation + of a final DB cluster snapshot with the SkipFinalShapshot parameter + results in an error. \n Constraints: \n * Must be 1 to 255 letters, + numbers, or hyphens. \n * First character must be a letter \n + * Can't end with a hyphen or contain two consecutive hyphens" + type: string + globalClusterIdentifier: + description: "The global cluster ID of an Aurora cluster that + becomes the primary cluster in the new global database cluster. + \n Valid for: Aurora DB clusters only" + type: string + iops: + description: "The amount of Provisioned IOPS (input/output operations + per second) to be initially allocated for each DB instance in + the Multi-AZ DB cluster. \n For information about valid IOPS + values, see Amazon RDS Provisioned IOPS storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) + in the Amazon RDS User Guide. \n This setting is required to + create a Multi-AZ DB cluster. \n Constraints: Must be a multiple + between .5 and 50 of the storage amount for the DB cluster. + \n Valid for: Multi-AZ DB clusters only" + format: int64 + type: integer + kmsKeyID: + description: "The Amazon Web Services KMS key identifier for an + encrypted DB cluster. \n The Amazon Web Services KMS key identifier + is the key ARN, key ID, alias ARN, or alias name for the KMS + key. To use a KMS key in a different Amazon Web Services account, + specify the key ARN or alias ARN. \n When a KMS key isn't specified + in KmsKeyId: \n * If ReplicationSourceIdentifier identifies + an encrypted source, then Amazon RDS will use the KMS key used + to encrypt the source. Otherwise, Amazon RDS will use your default + KMS key. \n * If the StorageEncrypted parameter is enabled and + ReplicationSourceIdentifier isn't specified, then Amazon RDS + will use your default KMS key. \n There is a default KMS key + for your Amazon Web Services account. Your Amazon Web Services + account has a different default KMS key for each Amazon Web + Services Region. \n If you create a read replica of an encrypted + DB cluster in another Amazon Web Services Region, you must set + KmsKeyId to a KMS key identifier that is valid in the destination + Amazon Web Services Region. This KMS key is used to encrypt + the read replica in that Amazon Web Services Region. \n Valid + for: Aurora DB clusters and Multi-AZ DB clusters" + type: string + kmsKeyIDRef: + description: KMSKeyIDRef is a reference to a KMS Key used to set + KMSKeyID. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + kmsKeyIDSelector: + description: KMSKeyIDSelector selects a reference to a KMS Key + used to set KMSKeyID. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + manageMasterUserPassword: + description: "A value that indicates whether to manage the master + user password with Amazon Web Services Secrets Manager. \n For + more information, see Password management with Amazon Web Services + Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) + in the Amazon RDS User Guide and Password management with Amazon + Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) + in the Amazon Aurora User Guide. \n Constraints: \n * Can't + manage the master user password with Amazon Web Services Secrets + Manager if MasterUserPassword is specified. \n Valid for: Aurora + DB clusters and Multi-AZ DB clusters" + type: boolean + masterUserPasswordSecretRef: + description: "The password for the master database user. This + password can contain any printable ASCII character except \"/\", + \"\"\", or \"@\". \n This parameter will be required in the + following scenarios: - The first cluster for a global Aurora + cluster - Any cluster as long as it doesn't belong to a global + Aurora cluster \n This parameter is required for creation of + a primary cluster. However, it is not required when attaching + a secondary regional cluster to an existing global cluster. + \n Constraints: Must contain from 8 to 41 characters." + properties: + key: + description: The key to select. + type: string + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - key + - name + - namespace + type: object + masterUserSecretKMSKeyID: + description: "The Amazon Web Services KMS key identifier to encrypt + a secret that is automatically generated and managed in Amazon + Web Services Secrets Manager. \n This setting is valid only + if the master user password is managed by RDS in Amazon Web + Services Secrets Manager for the DB cluster. \n The Amazon Web + Services KMS key identifier is the key ARN, key ID, alias ARN, + or alias name for the KMS key. To use a KMS key in a different + Amazon Web Services account, specify the key ARN or alias ARN. + \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager + KMS key is used to encrypt the secret. If the secret is in a + different Amazon Web Services account, then you can't use the + aws/secretsmanager KMS key to encrypt the secret, and you must + use a customer managed KMS key. \n There is a default KMS key + for your Amazon Web Services account. Your Amazon Web Services + account has a different default KMS key for each Amazon Web + Services Region. \n Valid for: Aurora DB clusters and Multi-AZ + DB clusters" + type: string + masterUsername: + description: "The name of the master user for the DB cluster. + \n Constraints: \n * Must be 1 to 16 letters or numbers. \n + * First character must be a letter. \n * Can't be a reserved + word for the chosen database engine. \n Valid for: Aurora DB + clusters and Multi-AZ DB clusters" + type: string + monitoringInterval: + description: "The interval, in seconds, between points when Enhanced + Monitoring metrics are collected for the DB cluster. To turn + off collecting Enhanced Monitoring metrics, specify 0. The default + is 0. \n If MonitoringRoleArn is specified, also set MonitoringInterval + to a value other than 0. \n Valid Values: 0, 1, 5, 10, 15, 30, + 60 \n Valid for: Multi-AZ DB clusters only" + format: int64 + type: integer + monitoringRoleARN: + description: "The Amazon Resource Name (ARN) for the IAM role + that permits RDS to send Enhanced Monitoring metrics to Amazon + CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess. + For information on creating a monitoring role, see Setting up + and enabling Enhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) + in the Amazon RDS User Guide. \n If MonitoringInterval is set + to a value other than 0, supply a MonitoringRoleArn value. \n + Valid for: Multi-AZ DB clusters only" + type: string + networkType: + description: "The network type of the DB cluster. \n Valid values: + \n * IPV4 \n * DUAL \n The network type is determined by the + DBSubnetGroup specified for the DB cluster. A DBSubnetGroup + can support only the IPv4 protocol or the IPv4 and the IPv6 + protocols (DUAL). \n For more information, see Working with + a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) + in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters + only" + type: string + optionGroupName: + description: "A value that indicates that the DB cluster should + be associated with the specified option group. \n DB clusters + are associated with a default option group that can't be modified." + type: string + performanceInsightsKMSKeyID: + description: "The Amazon Web Services KMS key identifier for encryption + of Performance Insights data. \n The Amazon Web Services KMS + key identifier is the key ARN, key ID, alias ARN, or alias name + for the KMS key. \n If you don't specify a value for PerformanceInsightsKMSKeyId, + then Amazon RDS uses your default KMS key. There is a default + KMS key for your Amazon Web Services account. Your Amazon Web + Services account has a different default KMS key for each Amazon + Web Services Region. \n Valid for: Multi-AZ DB clusters only" + type: string + performanceInsightsRetentionPeriod: + description: "The number of days to retain Performance Insights + data. The default is 7 days. The following values are valid: + \n * 7 \n * month * 31, where month is a number of months from + 1-23 \n * 731 \n For example, the following values are valid: + \n * 93 (3 months * 31) \n * 341 (11 months * 31) \n * 589 (19 + months * 31) \n * 731 \n If you specify a retention period such + as 94, which isn't a valid value, RDS issues an error. \n Valid + for: Multi-AZ DB clusters only" + format: int64 + type: integer + port: + description: "The port number on which the instances in the DB + cluster accept connections. \n RDS for MySQL and Aurora MySQL + \n Default: 3306 \n Valid values: 1150-65535 \n RDS for PostgreSQL + and Aurora PostgreSQL \n Default: 5432 \n Valid values: 1150-65535 + \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + format: int64 + type: integer + preSignedURL: + description: "When you are replicating a DB cluster from one Amazon + Web Services GovCloud (US) Region to another, an URL that contains + a Signature Version 4 signed request for the CreateDBCluster + operation to be called in the source Amazon Web Services Region + where the DB cluster is replicated from. Specify PreSignedUrl + only when you are performing cross-Region replication from an + encrypted DB cluster. \n The presigned URL must be a valid request + for the CreateDBCluster API operation that can run in the source + Amazon Web Services Region that contains the encrypted DB cluster + to copy. \n The presigned URL request must contain the following + parameter values: \n * KmsKeyId - The KMS key identifier for + the KMS key to use to encrypt the copy of the DB cluster in + the destination Amazon Web Services Region. This should refer + to the same KMS key for both the CreateDBCluster operation that + is called in the destination Amazon Web Services Region, and + the operation contained in the presigned URL. \n * DestinationRegion + - The name of the Amazon Web Services Region that Aurora read + replica will be created in. \n * ReplicationSourceIdentifier + - The DB cluster identifier for the encrypted DB cluster to + be copied. This identifier must be in the Amazon Resource Name + (ARN) format for the source Amazon Web Services Region. For + example, if you are copying an encrypted DB cluster from the + us-west-2 Amazon Web Services Region, then your ReplicationSourceIdentifier + would look like Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1. + \n To learn how to generate a Signature Version 4 signed request, + see Authenticating Requests: Using Query Parameters (Amazon + Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) + and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + \n If you are using an Amazon Web Services SDK tool or the CLI, + you can specify SourceRegion (or --source-region for the CLI) + instead of specifying PreSignedUrl manually. Specifying SourceRegion + autogenerates a presigned URL that is a valid request for the + operation that can run in the source Amazon Web Services Region. + \n Valid for: Aurora DB clusters only" + type: string + preferredBackupWindow: + description: "The daily time range during which automated backups + are created if automated backups are enabled using the BackupRetentionPeriod + parameter. \n The default is a 30-minute window selected at + random from an 8-hour block of time for each Amazon Web Services + Region. To view the time blocks available, see Backup window + (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) + in the Amazon Aurora User Guide. \n Constraints: \n * Must be + in the format hh24:mi-hh24:mi. \n * Must be in Universal Coordinated + Time (UTC). \n * Must not conflict with the preferred maintenance + window. \n * Must be at least 30 minutes. \n Valid for: Aurora + DB clusters and Multi-AZ DB clusters" + type: string + preferredMaintenanceWindow: + description: "The weekly time range during which system maintenance + can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi + \n The default is a 30-minute window selected at random from + an 8-hour block of time for each Amazon Web Services Region, + occurring on a random day of the week. To see the time blocks + available, see Adjusting the Preferred DB Cluster Maintenance + Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) + in the Amazon Aurora User Guide. \n Valid Days: Mon, Tue, Wed, + Thu, Fri, Sat, Sun. \n Constraints: Minimum 30-minute window. + \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + type: string + publiclyAccessible: + description: "A value that indicates whether the DB cluster is + publicly accessible. \n When the DB cluster is publicly accessible, + its Domain Name System (DNS) endpoint resolves to the private + IP address from within the DB cluster's virtual private cloud + (VPC). It resolves to the public IP address from outside of + the DB cluster's VPC. Access to the DB cluster is ultimately + controlled by the security group it uses. That public access + isn't permitted if the security group assigned to the DB cluster + doesn't permit it. \n When the DB cluster isn't publicly accessible, + it is an internal DB cluster with a DNS name that resolves to + a private IP address. \n Default: The default behavior varies + depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName + isn't specified, and PubliclyAccessible isn't specified, the + following applies: \n * If the default VPC in the target Region + doesn’t have an internet gateway attached to it, the DB cluster + is private. \n * If the default VPC in the target Region has + an internet gateway attached to it, the DB cluster is public. + \n If DBSubnetGroupName is specified, and PubliclyAccessible + isn't specified, the following applies: \n * If the subnets + are part of a VPC that doesn’t have an internet gateway attached + to it, the DB cluster is private. \n * If the subnets are part + of a VPC that has an internet gateway attached to it, the DB + cluster is public. \n Valid for: Multi-AZ DB clusters only" + type: boolean + region: + description: Region is which region the DBCluster will be created. + type: string + replicationSourceIdentifier: + description: "The Amazon Resource Name (ARN) of the source DB + instance or DB cluster if this DB cluster is created as a read + replica. \n Valid for: Aurora DB clusters only" + type: string + restoreFrom: + description: RestoreFrom specifies the details of the backup to + restore when creating a new DBCluster. + properties: + pointInTime: + description: PointInTime specifies the details of the point + in time restore. + properties: + restoreTime: + description: 'RestoreTime is the date and time (UTC) to + restore from. Must be before the latest restorable time + for the DB instance. Can''t be specified if the useLatestRestorableTime + parameter is enabled. Example: 2011-09-07T23:45:00Z' + format: date-time + type: string + restoreType: + description: "The type of restore to be performed. You + can specify one of the following values: \n * full-copy + - The new DB cluster is restored as a full copy of the + source DB cluster. \n * copy-on-write - The new DB cluster + is restored as a clone of the source DB cluster. \n + Constraints: You can't specify copy-on-write if the + engine version of the source DB cluster is earlier than + 1.11. \n If you don't specify a RestoreType value, then + the new DB cluster is restored as a full copy of the + source DB cluster. \n Valid for: Aurora DB clusters + and Multi-AZ DB clusters" + enum: + - full-copy + - copy-on-write + type: string + sourceDBClusterIdentifier: + description: 'SourceDBClusterIdentifier specifies the + identifier of the source DB cluster from which to restore. + Constraints: Must match the identifier of an existing + DB instance.' + type: string + sourceDBInstanceAutomatedBackupsArn: + description: 'SourceDBInstanceAutomatedBackupsArn specifies + the Amazon Resource Name (ARN) of the replicated automated + backups from which to restore. Example: arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE' + type: string + sourceDbiResourceId: + description: SourceDbiResourceID specifies the resource + ID of the source DB instance from which to restore. + type: string + useLatestRestorableTime: + description: UseLatestRestorableTime indicates that the + DB instance is restored from the latest backup Can't + be specified if the restoreTime parameter is provided. + type: boolean + type: object + s3: + description: S3 specifies the details of the S3 backup to + restore from. + properties: + bucketName: + description: BucketName is the name of the S3 bucket containing + the backup to restore. + type: string + ingestionRoleARN: + description: IngestionRoleARN is the IAM role RDS can + assume that will allow it to access the contents of + the S3 bucket. + type: string + prefix: + description: Prefix is the path prefix of the S3 bucket + within which the backup to restore is located. + type: string + sourceEngine: + description: SourceEngine is the engine used to create + the backup. Must be "mysql". + type: string + sourceEngineVersion: + description: 'SourceEngineVersion is the version of the + engine used to create the backup. Example: "5.7.30"' + type: string + required: + - bucketName + - ingestionRoleARN + - sourceEngine + - sourceEngineVersion + type: object + snapshot: + description: Snapshot specifies the details of the snapshot + to restore from. + properties: + snapshotIdentifier: + description: SnapshotIdentifier is the identifier of the + snapshot to restore. + type: string + required: + - snapshotIdentifier + type: object + source: + description: Source is the type of the backup to restore when + creating a new DBCluster or DBInstance. S3, Snapshot and + PointInTime are supported. + enum: + - S3 + - Snapshot + - PointInTime + type: string + required: + - source + type: object + scalingConfiguration: + description: "For DB clusters in serverless DB engine mode, the + scaling properties of the DB cluster. \n Valid for: Aurora DB + clusters only" + properties: + autoPause: + type: boolean + maxCapacity: + format: int64 + type: integer + minCapacity: + format: int64 + type: integer + secondsBeforeTimeout: + format: int64 + type: integer + secondsUntilAutoPause: + format: int64 + type: integer + timeoutAction: + type: string + type: object + serverlessV2ScalingConfiguration: + properties: + maxCapacity: + type: number + minCapacity: + type: number + type: object + skipFinalSnapshot: + description: "A value that indicates whether to skip the creation + of a final DB cluster snapshot before the DB cluster is deleted. + If skip is specified, no DB cluster snapshot is created. If + skip isn't specified, a DB cluster snapshot is created before + the DB cluster is deleted. By default, skip isn't specified, + and the DB cluster snapshot is created. By default, this parameter + is disabled. \n You must specify a FinalDBSnapshotIdentifier + parameter if SkipFinalSnapshot is disabled." + type: boolean + sourceRegion: + description: SourceRegion is the source region where the resource + exists. This is not sent over the wire and is only used for + presigning. This value should always have the same region as + the source ARN. + type: string + storageEncrypted: + description: "A value that indicates whether the DB cluster is + encrypted. \n Valid for: Aurora DB clusters and Multi-AZ DB + clusters" + type: boolean + storageType: + description: "Specifies the storage type to be associated with + the DB cluster. \n This setting is required to create a Multi-AZ + DB cluster. \n Valid values: io1 \n When specified, a value + for the Iops parameter is required. \n Default: io1 \n Valid + for: Multi-AZ DB clusters only" + type: string + tags: + description: "Tags to assign to the DB cluster. \n Valid for: + Aurora DB clusters and Multi-AZ DB clusters" + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcSecurityGroupIDRefs: + description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups + used to set the VPCSecurityGroupIDs. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution + of this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which + will attempt to resolve the reference only when the + corresponding field is not present. Use 'Always' to + resolve the reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + vpcSecurityGroupIDSelector: + description: VPCSecurityGroupIDSelector selects references to + VPCSecurityGroups used to set the VPCSecurityGroupIDs. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + vpcSecurityGroupIDs: + description: "A list of VPC security groups that the DB cluster + will belong to. \n Valid for: Aurora DB clusters and Multi-AZ + DB clusters" + items: + type: string + type: array + required: + - engine + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DBClusterStatus defines the observed state of DBCluster. + properties: + atProvider: + description: DBClusterObservation defines the observed state of DBCluster + properties: + activityStreamKMSKeyID: + description: "The Amazon Web Services KMS key identifier used + for encrypting messages in the database activity stream. \n + The Amazon Web Services KMS key identifier is the key ARN, key + ID, alias ARN, or alias name for the KMS key." + type: string + activityStreamKinesisStreamName: + description: The name of the Amazon Kinesis data stream used for + the database activity stream. + type: string + activityStreamMode: + description: The mode of the database activity stream. Database + events such as a change or access generate an activity stream + event. The database session can handle these events either synchronously + or asynchronously. + type: string + activityStreamStatus: + description: The status of the database activity stream. + type: string + associatedRoles: + description: Provides a list of the Amazon Web Services Identity + and Access Management (IAM) roles that are associated with the + DB cluster. IAM roles that are associated with a DB cluster + grant permission for the DB cluster to access other Amazon Web + Services on your behalf. + items: + properties: + featureName: + type: string + roleARN: + type: string + status: + type: string + type: object + type: array + automaticRestartTime: + description: The time when a stopped DB cluster is restarted automatically. + format: date-time + type: string + backtrackConsumedChangeRecords: + description: The number of change records stored for Backtrack. + format: int64 + type: integer + capacity: + description: "The current capacity of an Aurora Serverless v1 + DB cluster. The capacity is 0 (zero) when the cluster is paused. + \n For more information about Aurora Serverless v1, see Using + Amazon Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) + in the Amazon Aurora User Guide." + format: int64 + type: integer + cloneGroupID: + description: Identifies the clone group to which the DB cluster + is associated. + type: string + clusterCreateTime: + description: Specifies the time when the DB cluster was created, + in Universal Coordinated Time (UTC). + format: date-time + type: string + crossAccountClone: + description: Specifies whether the DB cluster is a clone of a + DB cluster owned by a different Amazon Web Services account. + type: boolean + customEndpoints: + description: Identifies all custom endpoints associated with the + cluster. + items: + type: string + type: array + dbClusterARN: + description: The Amazon Resource Name (ARN) for the DB cluster. + type: string + dbClusterIdentifier: + description: Contains a user-supplied DB cluster identifier. This + identifier is the unique key that identifies a DB cluster. + type: string + dbClusterMembers: + description: Provides the list of instances that make up the DB + cluster. + items: + properties: + dbClusterParameterGroupStatus: + type: string + dbInstanceIdentifier: + type: string + isClusterWriter: + type: boolean + promotionTier: + format: int64 + type: integer + type: object + type: array + dbClusterOptionGroupMemberships: + description: Provides the list of option group memberships for + this DB cluster. + items: + properties: + dbClusterOptionGroupName: + type: string + status: + type: string + type: object + type: array + dbClusterParameterGroup: + description: Specifies the name of the DB cluster parameter group + for the DB cluster. + type: string + dbClusterResourceID: + description: The Amazon Web Services Region-unique, immutable + identifier for the DB cluster. This identifier is found in Amazon + Web Services CloudTrail log entries whenever the KMS key for + the DB cluster is accessed. + type: string + dbSubnetGroup: + description: Specifies information on the subnet group associated + with the DB cluster, including the name, description, and subnets + in the subnet group. + type: string + domainMemberships: + description: The Active Directory Domain membership records associated + with the DB cluster. + items: + properties: + domain: + type: string + fQDN: + type: string + iamRoleName: + type: string + status: + type: string + type: object + type: array + earliestBacktrackTime: + description: The earliest time to which a DB cluster can be backtracked. + format: date-time + type: string + earliestRestorableTime: + description: The earliest time to which a database can be restored + with point-in-time restore. + format: date-time + type: string + enabledCloudwatchLogsExports: + description: "A list of log types that this DB cluster is configured + to export to CloudWatch Logs. \n Log types vary by DB engine. + For information about the log types for each DB engine, see + Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html) + in the Amazon Aurora User Guide." + items: + type: string + type: array + endpoint: + description: Specifies the connection endpoint for the primary + instance of the DB cluster. + type: string + engineVersion: + description: Indicates the database engine version. + type: string + globalWriteForwardingRequested: + description: Specifies whether you have requested to enable write + forwarding for a secondary cluster in an Aurora global database. + Because write forwarding takes time to enable, check the value + of GlobalWriteForwardingStatus to confirm that the request has + completed before using the write forwarding feature for this + cluster. + type: boolean + globalWriteForwardingStatus: + description: Specifies whether a secondary cluster in an Aurora + global database has write forwarding enabled, not enabled, or + is in the process of enabling it. + type: string + hostedZoneID: + description: Specifies the ID that Amazon Route 53 assigns when + you create a hosted zone. + type: string + httpEndpointEnabled: + description: "A value that indicates whether the HTTP endpoint + for an Aurora Serverless v1 DB cluster is enabled. \n When enabled, + the HTTP endpoint provides a connectionless web service API + for running SQL queries on the Aurora Serverless v1 DB cluster. + You can also query your database from inside the RDS console + with the query editor. \n For more information, see Using the + Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) + in the Amazon Aurora User Guide." + type: boolean + iamDatabaseAuthenticationEnabled: + description: A value that indicates whether the mapping of Amazon + Web Services Identity and Access Management (IAM) accounts to + database accounts is enabled. + type: boolean + latestRestorableTime: + description: Specifies the latest time to which a database can + be restored with point-in-time restore. + format: date-time + type: string + masterUserSecret: + description: "Contains the secret managed by RDS in Amazon Web + Services Secrets Manager for the master user password. \n For + more information, see Password management with Amazon Web Services + Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) + in the Amazon RDS User Guide and Password management with Amazon + Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) + in the Amazon Aurora User Guide." + properties: + kmsKeyID: + type: string + secretARN: + type: string + secretStatus: + type: string + type: object + multiAZ: + description: Specifies whether the DB cluster has instances in + multiple Availability Zones. + type: boolean + percentProgress: + description: Specifies the progress of the operation as a percentage. + type: string + performanceInsightsEnabled: + description: "True if Performance Insights is enabled for the + DB cluster, and otherwise false. \n This setting is only for + non-Aurora Multi-AZ DB clusters." + type: boolean + readReplicaIdentifiers: + description: Contains one or more identifiers of the read replicas + associated with this DB cluster. + items: + type: string + type: array + readerEndpoint: + description: "The reader endpoint for the DB cluster. The reader + endpoint for a DB cluster load-balances connections across the + Aurora Replicas that are available in a DB cluster. As clients + request new connections to the reader endpoint, Aurora distributes + the connection requests among the Aurora Replicas in the DB + cluster. This functionality can help balance your read workload + across multiple Aurora Replicas in your DB cluster. \n If a + failover occurs, and the Aurora Replica that you are connected + to is promoted to be the primary instance, your connection is + dropped. To continue sending your read workload to other Aurora + Replicas in the cluster, you can then reconnect to the reader + endpoint." + type: string + scalingConfigurationInfo: + properties: + autoPause: + type: boolean + maxCapacity: + format: int64 + type: integer + minCapacity: + format: int64 + type: integer + secondsBeforeTimeout: + format: int64 + type: integer + secondsUntilAutoPause: + format: int64 + type: integer + timeoutAction: + type: string + type: object + status: + description: Specifies the current state of this DB cluster. + type: string + tagList: + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcSecurityGroups: + description: Provides a list of VPC security groups that the DB + cluster belongs to. + items: + properties: + status: + type: string + vpcSecurityGroupID: + type: string + type: object + type: array + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} \ No newline at end of file diff --git a/testutils/crds/DBClusterParameterGroup.yaml b/testutils/crds/DBClusterParameterGroup.yaml new file mode 100644 index 00000000..a7259504 --- /dev/null +++ b/testutils/crds/DBClusterParameterGroup.yaml @@ -0,0 +1,404 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: "2023-10-03T17:31:23Z" + generation: 1 + name: dbclusterparametergroups.rds.aws.crossplane.io + ownerReferences: + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: true + kind: ProviderRevision + name: bloxinabox-provider-877b9fccf7ca + uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: false + kind: Provider + name: bloxinabox-provider + uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 + uid: 6f0deed4-6089-4406-abf8-1e9e4f660732 +spec: + conversion: + strategy: None + group: rds.aws.crossplane.io + names: + categories: + - crossplane + - managed + - aws + kind: DBClusterParameterGroup + listKind: DBClusterParameterGroupList + plural: dbclusterparametergroups + singular: dbclusterparametergroup + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DBClusterParameterGroup is the Schema for the DBClusterParameterGroups + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBClusterParameterGroupSpec defines the desired state of + DBClusterParameterGroup + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + description: DBClusterParameterGroupParameters defines the desired + state of DBClusterParameterGroup + properties: + dbParameterGroupFamily: + description: "The DB cluster parameter group family name. A DB + cluster parameter group can be associated with one and only + one DB cluster parameter group family, and can be applied only + to a DB cluster running a database engine and engine version + compatible with that DB cluster parameter group family. \n Aurora + MySQL \n Example: aurora5.6, aurora-mysql5.7 \n Aurora PostgreSQL + \n Example: aurora-postgresql9.6 \n To list all of the available + parameter group families for a DB engine, use the following + command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" + --engine \n For example, to list all of the available + parameter group families for the Aurora PostgreSQL DB engine, + use the following command: \n aws rds describe-db-engine-versions + --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine + aurora-postgresql \n The output contains duplicates. \n The + following are the valid DB engine values: \n * aurora (for MySQL + 5.6-compatible Aurora) \n * aurora-mysql (for MySQL 5.7-compatible + Aurora) \n * aurora-postgresql \n One of DBParameterGroupFamily + or DBParameterGroupFamilySelector is required." + type: string + dbParameterGroupFamilySelector: + description: "DBParameterGroupFamilySelector determines DBParameterGroupFamily + from the engine and engine version. \n One of DBParameterGroupFamily + or DBParameterGroupFamilySelector is required. \n Will not be + used if DBParameterGroupFamily is already set." + properties: + engine: + description: Engine is the name of the database engine. + type: string + engineVersion: + description: EngineVersion is the version of the database + engine. If it is nil, the default engine version given by + AWS will be used. + type: string + required: + - engine + type: object + description: + description: The description for the DB cluster parameter group. + type: string + parameters: + description: 'A list of parameters to associate with this DB cluster + parameter group. The fields ApplyMethod, ParameterName and ParameterValue + are required for every parameter. Note: AWS actually only modifies + the ApplyMethod of a parameter, if the ParameterValue changes + too.' + items: + description: CustomParameter are custom parameters for the Parameter + properties: + applyMethod: + description: The apply method of the parameter. AWS actually + only modifies to value set here, if the parameter value + changes too. + enum: + - immediate + - pending-reboot + type: string + parameterName: + description: The name of the parameter. + type: string + parameterValue: + description: The value of the parameter. + type: string + required: + - applyMethod + - parameterName + - parameterValue + type: object + type: array + region: + description: Region is which region the DBClusterParameterGroup + will be created. + type: string + tags: + description: Tags to assign to the DB cluster parameter group. + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + required: + - description + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DBClusterParameterGroupStatus defines the observed state + of DBClusterParameterGroup. + properties: + atProvider: + description: DBClusterParameterGroupObservation defines the observed + state of DBClusterParameterGroup + properties: + dbClusterParameterGroupARN: + description: The Amazon Resource Name (ARN) for the DB cluster + parameter group. + type: string + dbClusterParameterGroupName: + description: The name of the DB cluster parameter group. + type: string + dbParameterGroupFamily: + description: The name of the DB parameter group family that this + DB cluster parameter group is compatible with. + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} \ No newline at end of file diff --git a/testutils/crds/DBInstance.yaml b/testutils/crds/DBInstance.yaml new file mode 100644 index 00000000..803e1641 --- /dev/null +++ b/testutils/crds/DBInstance.yaml @@ -0,0 +1,2044 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: "2023-10-03T17:31:23Z" + generation: 1 + name: dbinstances.rds.aws.crossplane.io + ownerReferences: + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: true + kind: ProviderRevision + name: bloxinabox-provider-877b9fccf7ca + uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: false + kind: Provider + name: bloxinabox-provider + uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 + uid: 4c767e2a-e760-4ac9-bd52-eb07d1636100 +spec: + conversion: + strategy: None + group: rds.aws.crossplane.io + names: + categories: + - crossplane + - managed + - aws + kind: DBInstance + listKind: DBInstanceList + plural: dbinstances + singular: dbinstance + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DBInstance is the Schema for the DBInstances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBInstanceSpec defines the desired state of DBInstance + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + description: DBInstanceParameters defines the desired state of DBInstance + properties: + allocatedStorage: + description: "The amount of storage in gibibytes (GiB) to allocate + for the DB instance. \n Type: Integer \n Amazon Aurora \n Not + applicable. Aurora cluster volumes automatically grow as the + amount of data in your database increases, though you are only + charged for the space that you use in an Aurora cluster volume. + \n Amazon RDS Custom \n Constraints to the amount of storage + for each storage type are the following: \n * General Purpose + (SSD) storage (gp2, gp3): Must be an integer from 40 to 65536 + for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. + \n * Provisioned IOPS storage (io1): Must be an integer from + 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom + for SQL Server. \n MySQL \n Constraints to the amount of storage + for each storage type are the following: \n * General Purpose + (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. + \n * Provisioned IOPS storage (io1): Must be an integer from + 100 to 65536. \n * Magnetic storage (standard): Must be an integer + from 5 to 3072. \n MariaDB \n Constraints to the amount of storage + for each storage type are the following: \n * General Purpose + (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. + \n * Provisioned IOPS storage (io1): Must be an integer from + 100 to 65536. \n * Magnetic storage (standard): Must be an integer + from 5 to 3072. \n PostgreSQL \n Constraints to the amount of + storage for each storage type are the following: \n * General + Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 + to 65536. \n * Provisioned IOPS storage (io1): Must be an integer + from 100 to 65536. \n * Magnetic storage (standard): Must be + an integer from 5 to 3072. \n Oracle \n Constraints to the amount + of storage for each storage type are the following: \n * General + Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 + to 65536. \n * Provisioned IOPS storage (io1): Must be an integer + from 100 to 65536. \n * Magnetic storage (standard): Must be + an integer from 10 to 3072. \n SQL Server \n Constraints to + the amount of storage for each storage type are the following: + \n * General Purpose (SSD) storage (gp2, gp3): Enterprise and + Standard editions: Must be an integer from 20 to 16384. Web + and Express editions: Must be an integer from 20 to 16384. \n + * Provisioned IOPS storage (io1): Enterprise and Standard editions: + Must be an integer from 100 to 16384. Web and Express editions: + Must be an integer from 100 to 16384. \n * Magnetic storage + (standard): Enterprise and Standard editions: Must be an integer + from 20 to 1024. Web and Express editions: Must be an integer + from 20 to 1024." + format: int64 + type: integer + allowMajorVersionUpgrade: + description: "A value that indicates whether major version upgrades + are allowed. Changing this parameter doesn't result in an outage + and the change is asynchronously applied as soon as possible. + \n This setting doesn't apply to RDS Custom. \n Constraints: + Major version upgrades must be allowed when specifying a value + for the EngineVersion parameter that is a different major version + than the DB instance's current version." + type: boolean + applyImmediately: + description: "A value that indicates whether the modifications + in this request and any pending modifications are asynchronously + applied as soon as possible, regardless of the PreferredMaintenanceWindow + setting for the DB instance. By default, this parameter is disabled. + \n If this parameter is disabled, changes to the DB instance + are applied during the next maintenance window. Some parameter + changes can cause an outage and are applied on the next call + to RebootDBInstance, or the next failure reboot. Review the + table of parameters in Modifying a DB Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) + in the Amazon RDS User Guide. to see the impact of enabling + or disabling ApplyImmediately for each modified parameter and + to determine when the changes are applied." + type: boolean + autoMinorVersionUpgrade: + description: "A value that indicates whether minor engine upgrades + are applied automatically to the DB instance during the maintenance + window. By default, minor engine upgrades are applied automatically. + \n If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade + to false." + type: boolean + autogeneratePassword: + description: "AutogeneratePassword indicates whether the controller + should generate a random password for the master user if one + is not provided via MasterUserPasswordSecretRef. \n If a password + is generated, it will be stored as a secret at the location + specified by MasterUserPasswordSecretRef." + type: boolean + availabilityZone: + description: "The Availability Zone (AZ) where the database will + be created. For information on Amazon Web Services Regions and + Availability Zones, see Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). + \n Amazon Aurora \n Each Aurora DB cluster hosts copies of its + storage in three separate Availability Zones. Specify one of + these Availability Zones. Aurora automatically chooses an appropriate + Availability Zone if you don't specify one. \n Default: A random, + system-chosen Availability Zone in the endpoint's Amazon Web + Services Region. \n Example: us-east-1d \n Constraint: The AvailabilityZone + parameter can't be specified if the DB instance is a Multi-AZ + deployment. The specified Availability Zone must be in the same + Amazon Web Services Region as the current endpoint." + type: string + backupRetentionPeriod: + description: "The number of days for which automated backups are + retained. Setting this parameter to a positive number enables + backups. Setting this parameter to 0 disables automated backups. + \n Amazon Aurora \n Not applicable. The retention period for + automated backups is managed by the DB cluster. \n Default: + 1 \n Constraints: \n * Must be a value from 0 to 35 \n * Can't + be set to 0 if the DB instance is a source to read replicas + \n * Can't be set to 0 for an RDS Custom for Oracle DB instance" + format: int64 + type: integer + backupTarget: + description: "Specifies where automated backups and manual snapshots + are stored. \n Possible values are outposts (Amazon Web Services + Outposts) and region (Amazon Web Services Region). The default + is region. \n For more information, see Working with Amazon + RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) + in the Amazon RDS User Guide." + type: string + caCertificateIdentifier: + description: "Specifies the CA certificate identifier to use for + the DB instance’s server certificate. \n This setting doesn't + apply to RDS Custom. \n For more information, see Using SSL/TLS + to encrypt a connection to a DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) + in the Amazon RDS User Guide and Using SSL/TLS to encrypt a + connection to a DB cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) + in the Amazon Aurora User Guide." + type: string + characterSetName: + description: "For supported engines, this value indicates that + the DB instance should be associated with the specified CharacterSet. + \n This setting doesn't apply to RDS Custom. However, if you + need to change the character set, you can change it on the database + itself. \n Amazon Aurora \n Not applicable. The character set + is managed by the DB cluster. For more information, see CreateDBCluster." + type: string + copyTagsToSnapshot: + description: "A value that indicates whether to copy tags from + the DB instance to snapshots of the DB instance. By default, + tags are not copied. \n Amazon Aurora \n Not applicable. Copying + tags to snapshots is managed by the DB cluster. Setting this + value for an Aurora DB instance has no effect on the DB cluster + setting." + type: boolean + customIAMInstanceProfile: + description: "The instance profile associated with the underlying + Amazon EC2 instance of an RDS Custom DB instance. The instance + profile must meet the following requirements: \n * The profile + must exist in your account. \n * The profile must have an IAM + role that Amazon EC2 has permissions to assume. \n * The instance + profile name and the associated IAM role name must start with + the prefix AWSRDSCustom. \n For the list of permissions required + for the IAM role, see Configure IAM and your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) + in the Amazon RDS User Guide. \n This setting is required for + RDS Custom." + type: string + dbClusterIdentifier: + description: "The identifier of the DB cluster that the instance + will belong to. \n This setting doesn't apply to RDS Custom." + type: string + dbClusterIdentifierRef: + description: DBClusterIdentifierRef is a reference to a DBCluster + used to set DBClusterIdentifier. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + dbClusterIdentifierSelector: + description: DBClusterIdentifierSelector selects a reference to + a DBCluster used to set DBClusterIdentifier. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + dbInstanceClass: + description: The compute and memory capacity of the DB instance, + for example db.m5.large. Not all DB instance classes are available + in all Amazon Web Services Regions, or for all database engines. + For the full list of DB instance classes, and availability for + your engine, see DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) + in the Amazon RDS User Guide or Aurora DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) + in the Amazon Aurora User Guide. + type: string + dbName: + description: "The meaning of this parameter differs according + to the database engine you use. \n MySQL \n The name of the + database to create when the DB instance is created. If this + parameter isn't specified, no database is created in the DB + instance. \n Constraints: \n * Must contain 1 to 64 letters + or numbers. \n * Must begin with a letter. Subsequent characters + can be letters, underscores, or digits (0-9). \n * Can't be + a word reserved by the specified database engine \n MariaDB + \n The name of the database to create when the DB instance is + created. If this parameter isn't specified, no database is created + in the DB instance. \n Constraints: \n * Must contain 1 to 64 + letters or numbers. \n * Must begin with a letter. Subsequent + characters can be letters, underscores, or digits (0-9). \n + * Can't be a word reserved by the specified database engine + \n PostgreSQL \n The name of the database to create when the + DB instance is created. If this parameter isn't specified, a + database named postgres is created in the DB instance. \n Constraints: + \n * Must contain 1 to 63 letters, numbers, or underscores. + \n * Must begin with a letter. Subsequent characters can be + letters, underscores, or digits (0-9). \n * Can't be a word + reserved by the specified database engine \n Oracle \n The Oracle + System ID (SID) of the created DB instance. If you specify null, + the default value ORCL is used. You can't specify the string + NULL, or any other reserved word, for DBName. \n Default: ORCL + \n Constraints: \n * Can't be longer than 8 characters \n Amazon + RDS Custom for Oracle \n The Oracle System ID (SID) of the created + RDS Custom DB instance. If you don't specify a value, the default + value is ORCL. \n Default: ORCL \n Constraints: \n * It must + contain 1 to 8 alphanumeric characters. \n * It must contain + a letter. \n * It can't be a word reserved by the database engine. + \n Amazon RDS Custom for SQL Server \n Not applicable. Must + be null. \n SQL Server \n Not applicable. Must be null. \n Amazon + Aurora MySQL \n The name of the database to create when the + primary DB instance of the Aurora MySQL DB cluster is created. + If this parameter isn't specified for an Aurora MySQL DB cluster, + no database is created in the DB cluster. \n Constraints: \n + * It must contain 1 to 64 alphanumeric characters. \n * It can't + be a word reserved by the database engine. \n Amazon Aurora + PostgreSQL \n The name of the database to create when the primary + DB instance of the Aurora PostgreSQL DB cluster is created. + If this parameter isn't specified for an Aurora PostgreSQL DB + cluster, a database named postgres is created in the DB cluster. + \n Constraints: \n * It must contain 1 to 63 alphanumeric characters. + \n * It must begin with a letter. Subsequent characters can + be letters, underscores, or digits (0 to 9). \n * It can't be + a word reserved by the database engine." + type: string + dbParameterGroupName: + description: "The name of the DB parameter group to associate + with this DB instance. If you do not specify a value, then the + default DB parameter group for the specified DB engine and version + is used. \n This setting doesn't apply to RDS Custom. \n Constraints: + \n * It must be 1 to 255 letters, numbers, or hyphens. \n * + The first character must be a letter. \n * It can't end with + a hyphen or contain two consecutive hyphens." + type: string + dbParameterGroupNameRef: + description: DBParameterGroupNameRef is a reference to a DBParameterGroup + used to set DBParameterGroupName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + dbParameterGroupNameSelector: + description: DBParameterGroupNameSelector selects a reference + to a DBParameterGroup used to set DBParameterGroupName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + dbSecurityGroups: + description: A list of database security groups to associate with + this DB instance + items: + type: string + type: array + dbSubnetGroupName: + description: "A DB subnet group to associate with this DB instance. + \n Constraints: Must match the name of an existing DBSubnetGroup. + Must not be default. \n Example: mydbsubnetgroup" + type: string + dbSubnetGroupNameRef: + description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup + used to set DBSubnetGroupName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + dbSubnetGroupNameSelector: + description: DBSubnetGroupNameSelector selects a reference to + a DBSubnetGroup used to set DBSubnetGroupName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + deleteAutomatedBackups: + description: DeleteAutomatedBackups indicates whether to remove + automated backups immediately after the DB instance is deleted. + The default is to remove automated backups immediately after + the DB instance is deleted. + type: boolean + deletionProtection: + description: "A value that indicates whether the DB instance has + deletion protection enabled. The database can't be deleted when + deletion protection is enabled. By default, deletion protection + isn't enabled. For more information, see Deleting a DB Instance + (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). + \n Amazon Aurora \n Not applicable. You can enable or disable + deletion protection for the DB cluster. For more information, + see CreateDBCluster. DB instances in a DB cluster can be deleted + even when deletion protection is enabled for the DB cluster." + type: boolean + domain: + description: "The Active Directory directory ID to create the + DB instance in. Currently, only MySQL, Microsoft SQL Server, + Oracle, and PostgreSQL DB instances can be created in an Active + Directory Domain. \n For more information, see Kerberos Authentication + (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) + in the Amazon RDS User Guide. \n This setting doesn't apply + to RDS Custom. \n Amazon Aurora \n Not applicable. The domain + is managed by the DB cluster." + type: string + domainIAMRoleName: + description: "Specify the name of the IAM role to be used when + making API calls to the Directory Service. \n This setting doesn't + apply to RDS Custom. \n Amazon Aurora \n Not applicable. The + domain is managed by the DB cluster." + type: string + domainIAMRoleNameRef: + description: DomainIAMRoleNameRef is a reference to an IAMRole + used to set DomainIAMRoleName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + domainIAMRoleNameSelector: + description: DomainIAMRoleNameSelector selects a reference to + an IAMRole used to set DomainIAMRoleName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + enableCloudwatchLogsExports: + description: "The list of log types that need to be enabled for + exporting to CloudWatch Logs. The values in the list depend + on the DB engine. For more information, see Publishing Database + Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) + in the Amazon RDS User Guide. \n Amazon Aurora \n Not applicable. + CloudWatch Logs exports are managed by the DB cluster. \n RDS + Custom \n Not applicable. \n MariaDB \n Possible values are + audit, error, general, and slowquery. \n Microsoft SQL Server + \n Possible values are agent and error. \n MySQL \n Possible + values are audit, error, general, and slowquery. \n Oracle \n + Possible values are alert, audit, listener, trace, and oemagent. + \n PostgreSQL \n Possible values are postgresql and upgrade." + items: + type: string + type: array + enableCustomerOwnedIP: + description: "A value that indicates whether to enable a customer-owned + IP address (CoIP) for an RDS on Outposts DB instance. \n A CoIP + provides local or external connectivity to resources in your + Outpost subnets through your on-premises network. For some use + cases, a CoIP can provide lower latency for connections to the + DB instance from outside of its virtual private cloud (VPC) + on your local network. \n For more information about RDS on + Outposts, see Working with Amazon RDS on Amazon Web Services + Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) + in the Amazon RDS User Guide. \n For more information about + CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) + in the Amazon Web Services Outposts User Guide." + type: boolean + enableIAMDatabaseAuthentication: + description: "A value that indicates whether to enable mapping + of Amazon Web Services Identity and Access Management (IAM) + accounts to database accounts. By default, mapping isn't enabled. + \n For more information, see IAM Database Authentication for + MySQL and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) + in the Amazon RDS User Guide. \n This setting doesn't apply + to RDS Custom. \n Amazon Aurora \n Not applicable. Mapping Amazon + Web Services IAM accounts to database accounts is managed by + the DB cluster." + type: boolean + enablePerformanceInsights: + description: "A value that indicates whether to enable Performance + Insights for the DB instance. For more information, see Using + Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) + in the Amazon RDS User Guide. \n This setting doesn't apply + to RDS Custom." + type: boolean + engine: + description: "The name of the database engine to be used for this + instance. \n Not every database engine is available for every + Amazon Web Services Region. \n Valid Values: \n * aurora (for + MySQL 5.6-compatible Aurora) \n * aurora-mysql (for MySQL 5.7-compatible + and MySQL 8.0-compatible Aurora) \n * aurora-postgresql \n * + custom-oracle-ee (for RDS Custom for Oracle instances) \n * + custom-sqlserver-ee (for RDS Custom for SQL Server instances) + \n * custom-sqlserver-se (for RDS Custom for SQL Server instances) + \n * custom-sqlserver-web (for RDS Custom for SQL Server instances) + \n * mariadb \n * mysql \n * oracle-ee \n * oracle-ee-cdb \n + * oracle-se2 \n * oracle-se2-cdb \n * postgres \n * sqlserver-ee + \n * sqlserver-se \n * sqlserver-ex \n * sqlserver-web" + type: string + engineVersion: + description: "The version number of the database engine to use. + \n For a list of valid engine versions, use the DescribeDBEngineVersions + operation. \n The following are the database engines and links + to information about the major and minor versions that are available + with Amazon RDS. Not every database engine is available for + every Amazon Web Services Region. \n Amazon Aurora \n Not applicable. + The version number of the database engine to be used by the + DB instance is managed by the DB cluster. \n Amazon RDS Custom + for Oracle \n A custom engine version (CEV) that you have previously + created. This setting is required for RDS Custom for Oracle. + The CEV name has the following format: 19.customized_string. + A valid CEV name is 19.my_cev1. For more information, see Creating + an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create) + in the Amazon RDS User Guide. \n Amazon RDS Custom for SQL Server + \n See RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html) + in the Amazon RDS User Guide. \n MariaDB \n For information, + see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) + in the Amazon RDS User Guide. \n Microsoft SQL Server \n For + information, see Microsoft SQL Server Versions on Amazon RDS + (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) + in the Amazon RDS User Guide. \n MySQL \n For information, see + MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) + in the Amazon RDS User Guide. \n Oracle \n For information, + see Oracle Database Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) + in the Amazon RDS User Guide. \n PostgreSQL \n For information, + see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) + in the Amazon RDS User Guide. \n Note: Downgrades are not allowed + by AWS and attempts to set a lower version will be ignored." + type: string + finalDBSnapshotIdentifier: + description: "The DB instance snapshot identifier of the new DB + instance snapshot created when SkipFinalSnapshot is disabled. + \n Specifying this parameter and also skipping the creation + of a final DB instance snapshot with the SkipFinalShapshot parameter + results in an error. \n Constraints: \n * Must be 1 to 255 letters, + numbers, or hyphens. \n * First character must be a letter \n + * Can't end with a hyphen or contain two consecutive hyphens" + type: string + iops: + description: "The amount of Provisioned IOPS (input/output operations + per second) to be initially allocated for the DB instance. For + information about valid IOPS values, see Amazon RDS DB instance + storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) + in the Amazon RDS User Guide. \n Constraints: For MariaDB, MySQL, + Oracle, and PostgreSQL DB instances, must be a multiple between + .5 and 50 of the storage amount for the DB instance. For SQL + Server DB instances, must be a multiple between 1 and 50 of + the storage amount for the DB instance. \n Amazon Aurora \n + Not applicable. Storage is managed by the DB cluster." + format: int64 + type: integer + kmsKeyID: + description: "The Amazon Web Services KMS key identifier for an + encrypted DB instance. \n The Amazon Web Services KMS key identifier + is the key ARN, key ID, alias ARN, or alias name for the KMS + key. To use a KMS key in a different Amazon Web Services account, + specify the key ARN or alias ARN. \n Amazon Aurora \n Not applicable. + The Amazon Web Services KMS key identifier is managed by the + DB cluster. For more information, see CreateDBCluster. \n If + StorageEncrypted is enabled, and you do not specify a value + for the KmsKeyId parameter, then Amazon RDS uses your default + KMS key. There is a default KMS key for your Amazon Web Services + account. Your Amazon Web Services account has a different default + KMS key for each Amazon Web Services Region. \n Amazon RDS Custom + \n A KMS key is required for RDS Custom instances. For most + RDS engines, if you leave this parameter empty while enabling + StorageEncrypted, the engine uses the default KMS key. However, + RDS Custom doesn't use the default key when this parameter is + empty. You must explicitly specify a key." + type: string + kmsKeyIDRef: + description: KMSKeyIDRef is a reference to a KMS Key used to set + KMSKeyID. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + kmsKeyIDSelector: + description: KMSKeyIDSelector selects a reference to a KMS Key + used to set KMSKeyID. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + licenseModel: + description: "License model information for this DB instance. + \n Valid values: license-included | bring-your-own-license | + general-public-license \n This setting doesn't apply to RDS + Custom. \n Amazon Aurora \n Not applicable." + type: string + manageMasterUserPassword: + description: "A value that indicates whether to manage the master + user password with Amazon Web Services Secrets Manager. \n For + more information, see Password management with Amazon Web Services + Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) + in the Amazon RDS User Guide. \n Constraints: \n * Can't manage + the master user password with Amazon Web Services Secrets Manager + if MasterUserPassword is specified." + type: boolean + masterUserPasswordSecretRef: + description: "The password for the master database user. This + password can contain any printable ASCII character except \"/\", + \"\"\", or \"@\". \n Constraints: Must contain from 8 to 41 + characters." + properties: + key: + description: The key to select. + type: string + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - key + - name + - namespace + type: object + masterUserSecretKMSKeyID: + description: "The Amazon Web Services KMS key identifier to encrypt + a secret that is automatically generated and managed in Amazon + Web Services Secrets Manager. \n This setting is valid only + if the master user password is managed by RDS in Amazon Web + Services Secrets Manager for the DB instance. \n The Amazon + Web Services KMS key identifier is the key ARN, key ID, alias + ARN, or alias name for the KMS key. To use a KMS key in a different + Amazon Web Services account, specify the key ARN or alias ARN. + \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager + KMS key is used to encrypt the secret. If the secret is in a + different Amazon Web Services account, then you can't use the + aws/secretsmanager KMS key to encrypt the secret, and you must + use a customer managed KMS key. \n There is a default KMS key + for your Amazon Web Services account. Your Amazon Web Services + account has a different default KMS key for each Amazon Web + Services Region." + type: string + masterUsername: + description: "The name for the master user. \n Amazon Aurora \n + Not applicable. The name for the master user is managed by the + DB cluster. \n Amazon RDS \n Constraints: \n * Required. \n + * Must be 1 to 16 letters, numbers, or underscores. \n * First + character must be a letter. \n * Can't be a reserved word for + the chosen database engine." + type: string + maxAllocatedStorage: + description: "The upper limit in gibibytes (GiB) to which Amazon + RDS can automatically scale the storage of the DB instance. + \n For more information about this setting, including limitations + that apply to it, see Managing capacity automatically with Amazon + RDS storage autoscaling (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) + in the Amazon RDS User Guide. \n This setting doesn't apply + to RDS Custom. \n Amazon Aurora \n Not applicable. Storage is + managed by the DB cluster." + format: int64 + type: integer + monitoringInterval: + description: "The interval, in seconds, between points when Enhanced + Monitoring metrics are collected for the DB instance. To disable + collection of Enhanced Monitoring metrics, specify 0. The default + is 0. \n If MonitoringRoleArn is specified, then you must set + MonitoringInterval to a value other than 0. \n This setting + doesn't apply to RDS Custom. \n Valid Values: 0, 1, 5, 10, 15, + 30, 60" + format: int64 + type: integer + monitoringRoleARN: + description: "The ARN for the IAM role that permits RDS to send + enhanced monitoring metrics to Amazon CloudWatch Logs. For example, + arn:aws:iam:123456789012:role/emaccess. For information on creating + a monitoring role, see Setting Up and Enabling Enhanced Monitoring + (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) + in the Amazon RDS User Guide. \n If MonitoringInterval is set + to a value other than 0, then you must supply a MonitoringRoleArn + value. \n This setting doesn't apply to RDS Custom." + type: string + monitoringRoleArnRef: + description: MonitoringRoleARNRef is a reference to an IAMRole + used to set MonitoringRoleARN. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + monitoringRoleArnSelector: + description: MonitoringRoleARNSelector selects a reference to + an IAMRole used to set MonitoringRoleARN. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + multiAZ: + description: "A value that indicates whether the DB instance is + a Multi-AZ deployment. You can't set the AvailabilityZone parameter + if the DB instance is a Multi-AZ deployment. \n This setting + doesn't apply to RDS Custom. \n Amazon Aurora \n Not applicable. + DB instance Availability Zones (AZs) are managed by the DB cluster." + type: boolean + ncharCharacterSetName: + description: "The name of the NCHAR character set for the Oracle + DB instance. \n This parameter doesn't apply to RDS Custom." + type: string + networkType: + description: "The network type of the DB instance. \n Valid values: + \n * IPV4 \n * DUAL \n The network type is determined by the + DBSubnetGroup specified for the DB instance. A DBSubnetGroup + can support only the IPv4 protocol or the IPv4 and the IPv6 + protocols (DUAL). \n For more information, see Working with + a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) + in the Amazon RDS User Guide." + type: string + optionGroupName: + description: "A value that indicates that the DB instance should + be associated with the specified option group. \n Permanent + options, such as the TDE option for Oracle Advanced Security + TDE, can't be removed from an option group. Also, that option + group can't be removed from a DB instance after it is associated + with a DB instance. \n This setting doesn't apply to RDS Custom. + \n Amazon Aurora \n Not applicable." + type: string + performanceInsightsKMSKeyID: + description: "The Amazon Web Services KMS key identifier for encryption + of Performance Insights data. \n The Amazon Web Services KMS + key identifier is the key ARN, key ID, alias ARN, or alias name + for the KMS key. \n If you do not specify a value for PerformanceInsightsKMSKeyId, + then Amazon RDS uses your default KMS key. There is a default + KMS key for your Amazon Web Services account. Your Amazon Web + Services account has a different default KMS key for each Amazon + Web Services Region. \n This setting doesn't apply to RDS Custom." + type: string + performanceInsightsRetentionPeriod: + description: "The number of days to retain Performance Insights + data. The default is 7 days. The following values are valid: + \n * 7 \n * month * 31, where month is a number of months from + 1-23 \n * 731 \n For example, the following values are valid: + \n * 93 (3 months * 31) \n * 341 (11 months * 31) \n * 589 (19 + months * 31) \n * 731 \n If you specify a retention period such + as 94, which isn't a valid value, RDS issues an error. \n This + setting doesn't apply to RDS Custom." + format: int64 + type: integer + port: + description: "The port number on which the database accepts connections. + \n MySQL \n Default: 3306 \n Valid values: 1150-65535 \n Type: + Integer \n MariaDB \n Default: 3306 \n Valid values: 1150-65535 + \n Type: Integer \n PostgreSQL \n Default: 5432 \n Valid values: + 1150-65535 \n Type: Integer \n Oracle \n Default: 1521 \n Valid + values: 1150-65535 \n SQL Server \n Default: 1433 \n Valid values: + 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156. + \n Amazon Aurora \n Default: 3306 \n Valid values: 1150-65535 + \n Type: Integer" + format: int64 + type: integer + preferredBackupWindow: + description: "The daily time range during which automated backups + are created if automated backups are enabled, using the BackupRetentionPeriod + parameter. The default is a 30-minute window selected at random + from an 8-hour block of time for each Amazon Web Services Region. + For more information, see Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) + in the Amazon RDS User Guide. \n Amazon Aurora \n Not applicable. + The daily time range for creating automated backups is managed + by the DB cluster. \n Constraints: \n * Must be in the format + hh24:mi-hh24:mi. \n * Must be in Universal Coordinated Time + (UTC). \n * Must not conflict with the preferred maintenance + window. \n * Must be at least 30 minutes." + type: string + preferredMaintenanceWindow: + description: "The time range each week during which system maintenance + can occur, in Universal Coordinated Time (UTC). For more information, + see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance). + \n Format: ddd:hh24:mi-ddd:hh24:mi \n The default is a 30-minute + window selected at random from an 8-hour block of time for each + Amazon Web Services Region, occurring on a random day of the + week. \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. \n Constraints: + Minimum 30-minute window." + type: string + processorFeatures: + description: "The number of CPU cores and the number of threads + per core for the DB instance class of the DB instance. \n This + setting doesn't apply to RDS Custom. \n Amazon Aurora \n Not + applicable." + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + promotionTier: + description: "A value that specifies the order in which an Aurora + Replica is promoted to the primary instance after a failure + of the existing primary instance. For more information, see + Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) + in the Amazon Aurora User Guide. \n This setting doesn't apply + to RDS Custom. \n Default: 1 \n Valid Values: 0 - 15" + format: int64 + type: integer + publiclyAccessible: + description: "A value that indicates whether the DB instance is + publicly accessible. \n When the DB instance is publicly accessible, + its Domain Name System (DNS) endpoint resolves to the private + IP address from within the DB instance's virtual private cloud + (VPC). It resolves to the public IP address from outside of + the DB instance's VPC. Access to the DB instance is ultimately + controlled by the security group it uses. That public access + is not permitted if the security group assigned to the DB instance + doesn't permit it. \n When the DB instance isn't publicly accessible, + it is an internal DB instance with a DNS name that resolves + to a private IP address. \n Default: The default behavior varies + depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName + isn't specified, and PubliclyAccessible isn't specified, the + following applies: \n * If the default VPC in the target Region + doesn’t have an internet gateway attached to it, the DB instance + is private. \n * If the default VPC in the target Region has + an internet gateway attached to it, the DB instance is public. + \n If DBSubnetGroupName is specified, and PubliclyAccessible + isn't specified, the following applies: \n * If the subnets + are part of a VPC that doesn’t have an internet gateway attached + to it, the DB instance is private. \n * If the subnets are part + of a VPC that has an internet gateway attached to it, the DB + instance is public." + type: boolean + region: + description: Region is which region the DBInstance will be created. + type: string + restoreFrom: + description: RestoreFrom specifies the details of the backup to + restore when creating a new DBInstance. + properties: + pointInTime: + description: PointInTime specifies the details of the point + in time restore. + properties: + restoreTime: + description: 'RestoreTime is the date and time (UTC) to + restore from. Must be before the latest restorable time + for the DB instance. Can''t be specified if the useLatestRestorableTime + parameter is enabled. Example: 2011-09-07T23:45:00Z' + format: date-time + type: string + sourceDBInstanceAutomatedBackupsArn: + description: 'SourceDBInstanceAutomatedBackupsArn specifies + the Amazon Resource Name (ARN) of the replicated automated + backups from which to restore. Example: arn:aws:rds:useast-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE' + type: string + sourceDBInstanceIdentifier: + description: 'SourceDBInstanceIdentifier specifies the + identifier of the source DB instance from which to restore. + Constraints: Must match the identifier of an existing + DB instance.' + type: string + sourceDbiResourceId: + description: SourceDbiResourceID specifies the resource + ID of the source DB instance from which to restore. + type: string + useLatestRestorableTime: + description: UseLatestRestorableTime indicates that the + DB instance is restored from the latest backup Can't + be specified if the restoreTime parameter is provided. + type: boolean + type: object + s3: + description: S3 specifies the details of the S3 backup to + restore from. + properties: + bucketName: + description: BucketName is the name of the S3 bucket containing + the backup to restore. + type: string + ingestionRoleARN: + description: IngestionRoleARN is the IAM role RDS can + assume that will allow it to access the contents of + the S3 bucket. + type: string + prefix: + description: Prefix is the path prefix of the S3 bucket + within which the backup to restore is located. + type: string + sourceEngine: + description: SourceEngine is the engine used to create + the backup. Must be "mysql". + type: string + sourceEngineVersion: + description: 'SourceEngineVersion is the version of the + engine used to create the backup. Example: "5.7.30"' + type: string + required: + - bucketName + - ingestionRoleARN + - sourceEngine + - sourceEngineVersion + type: object + snapshot: + description: Snapshot specifies the details of the snapshot + to restore from. + properties: + snapshotIdentifier: + description: SnapshotIdentifier is the identifier of the + snapshot to restore. + type: string + required: + - snapshotIdentifier + type: object + source: + description: Source is the type of the backup to restore when + creating a new DBCluster or DBInstance. S3, Snapshot and + PointInTime are supported. + enum: + - S3 + - Snapshot + - PointInTime + type: string + required: + - source + type: object + skipFinalSnapshot: + description: "A value that indicates whether to skip the creation + of a final DB instance snapshot before the DB instance is deleted. + If skip is specified, no DB instance snapshot is created. If + skip isn't specified, a DB instance snapshot is created before + the DB instance is deleted. By default, skip isn't specified, + and the DB instance snapshot is created. By default, this parameter + is disabled. \n You must specify a FinalDBSnapshotIdentifier + parameter if SkipFinalSnapshot is disabled." + type: boolean + storageEncrypted: + description: "A value that indicates whether the DB instance is + encrypted. By default, it isn't encrypted. \n For RDS Custom + instances, either set this parameter to true or leave it unset. + If you set this parameter to false, RDS reports an error. \n + Amazon Aurora \n Not applicable. The encryption for DB instances + is managed by the DB cluster." + type: boolean + storageThroughput: + description: "Specifies the storage throughput value for the DB + instance. \n This setting applies only to the gp3 storage type. + \n This setting doesn't apply to RDS Custom or Amazon Aurora." + format: int64 + type: integer + storageType: + description: "Specifies the storage type to be associated with + the DB instance. \n Valid values: gp2 | gp3 | io1 | standard + \n If you specify io1 or gp3, you must also include a value + for the Iops parameter. \n Default: io1 if the Iops parameter + is specified, otherwise gp2 \n Amazon Aurora \n Not applicable. + Storage is managed by the DB cluster." + type: string + tags: + description: Tags to assign to the DB instance. + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + tdeCredentialARN: + description: "The ARN from the key store with which to associate + the instance for TDE encryption. \n This setting doesn't apply + to RDS Custom. \n Amazon Aurora \n Not applicable." + type: string + tdeCredentialPassword: + description: "The password for the given ARN from the key store + in order to access the device. \n This setting doesn't apply + to RDS Custom." + type: string + timezone: + description: The time zone of the DB instance. The time zone parameter + is currently supported only by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone). + type: string + vpcSecurityGroupIDRefs: + description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups + used to set the VPCSecurityGroupIDs. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution + of this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which + will attempt to resolve the reference only when the + corresponding field is not present. Use 'Always' to + resolve the reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + vpcSecurityGroupIDSelector: + description: VPCSecurityGroupIDSelector selects references to + VPCSecurityGroups used to set the VPCSecurityGroupIDs. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + vpcSecurityGroupIDs: + description: "A list of Amazon EC2 VPC security groups to authorize + on this DB instance. This change is asynchronously applied as + soon as possible. \n This setting doesn't apply to RDS Custom. + \n Amazon Aurora Not applicable. The associated list of EC2 + VPC security groups is managed by the DB cluster. For more information, + see ModifyDBCluster. \n Constraints: * If supplied, must match + existing VpcSecurityGroupIds." + items: + type: string + type: array + required: + - dbInstanceClass + - engine + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DBInstanceStatus defines the observed state of DBInstance. + properties: + atProvider: + description: DBInstanceObservation defines the observed state of DBInstance + properties: + activityStreamEngineNativeAuditFieldsIncluded: + description: Indicates whether engine-native audit fields are + included in the database activity stream. + type: boolean + activityStreamKMSKeyID: + description: The Amazon Web Services KMS key identifier used for + encrypting messages in the database activity stream. The Amazon + Web Services KMS key identifier is the key ARN, key ID, alias + ARN, or alias name for the KMS key. + type: string + activityStreamKinesisStreamName: + description: The name of the Amazon Kinesis data stream used for + the database activity stream. + type: string + activityStreamMode: + description: The mode of the database activity stream. Database + events such as a change or access generate an activity stream + event. RDS for Oracle always handles these events asynchronously. + type: string + activityStreamPolicyStatus: + description: The status of the policy state of the activity stream. + type: string + activityStreamStatus: + description: The status of the database activity stream. + type: string + associatedRoles: + description: The Amazon Web Services Identity and Access Management + (IAM) roles associated with the DB instance. + items: + properties: + featureName: + type: string + roleARN: + type: string + status: + type: string + type: object + type: array + automaticRestartTime: + description: The time when a stopped DB instance is restarted + automatically. + format: date-time + type: string + automationMode: + description: 'The automation mode of the RDS Custom DB instance: + full or all paused. If full, the DB instance automates monitoring + and instance recovery. If all paused, the instance pauses automation + for the duration set by --resume-full-automation-mode-minutes.' + type: string + awsBackupRecoveryPointARN: + description: The Amazon Resource Name (ARN) of the recovery point + in Amazon Web Services Backup. + type: string + certificateDetails: + description: The details of the DB instance's server certificate. + properties: + cAIdentifier: + type: string + validTill: + format: date-time + type: string + type: object + customerOwnedIPEnabled: + description: "Specifies whether a customer-owned IP address (CoIP) + is enabled for an RDS on Outposts DB instance. \n A CoIP provides + local or external connectivity to resources in your Outpost + subnets through your on-premises network. For some use cases, + a CoIP can provide lower latency for connections to the DB instance + from outside of its virtual private cloud (VPC) on your local + network. \n For more information about RDS on Outposts, see + Working with Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) + in the Amazon RDS User Guide. \n For more information about + CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) + in the Amazon Web Services Outposts User Guide." + type: boolean + dbInstanceARN: + description: The Amazon Resource Name (ARN) for the DB instance. + type: string + dbInstanceAutomatedBackupsReplications: + description: The list of replicated automated backups associated + with the DB instance. + items: + properties: + dbInstanceAutomatedBackupsARN: + type: string + type: object + type: array + dbInstanceIdentifier: + description: Contains a user-supplied database identifier. This + identifier is the unique key that identifies a DB instance. + type: string + dbInstancePort: + description: Specifies the port that the DB instance listens on. + If the DB instance is part of a DB cluster, this can be a different + port than the DB cluster port. + format: int64 + type: integer + dbInstanceStatus: + description: "Specifies the current state of this database. \n + For information about DB instance statuses, see Viewing DB instance + status (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status) + in the Amazon RDS User Guide." + type: string + dbParameterGroups: + description: Provides the list of DB parameter groups applied + to this DB instance. + items: + properties: + dbParameterGroupName: + type: string + parameterApplyStatus: + type: string + type: object + type: array + dbSecurityGroups: + description: A list of DB security group elements containing DBSecurityGroup.Name + and DBSecurityGroup.Status subelements. + items: + properties: + dbSecurityGroupName: + type: string + status: + type: string + type: object + type: array + dbSubnetGroup: + description: Specifies information on the subnet group associated + with the DB instance, including the name, description, and subnets + in the subnet group. + properties: + dbSubnetGroupARN: + type: string + dbSubnetGroupDescription: + type: string + dbSubnetGroupName: + type: string + subnetGroupStatus: + type: string + subnets: + items: + properties: + subnetAvailabilityZone: + description: "Contains Availability Zone information. + \n This data type is used as an element in the OrderableDBInstanceOption + data type." + properties: + name: + type: string + type: object + subnetIdentifier: + type: string + subnetOutpost: + description: "A data type that represents an Outpost. + \n For more information about RDS on Outposts, see + Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) + in the Amazon RDS User Guide." + properties: + arn: + type: string + type: object + subnetStatus: + type: string + type: object + type: array + supportedNetworkTypes: + items: + type: string + type: array + vpcID: + type: string + type: object + dbSystemID: + description: The Oracle system ID (Oracle SID) for a container + database (CDB). The Oracle SID is also the name of the CDB. + This setting is valid for RDS Custom only. + type: string + dbiResourceID: + description: The Amazon Web Services Region-unique, immutable + identifier for the DB instance. This identifier is found in + Amazon Web Services CloudTrail log entries whenever the Amazon + Web Services KMS key for the DB instance is accessed. + type: string + domainMemberships: + description: The Active Directory Domain membership records associated + with the DB instance. + items: + properties: + domain: + type: string + fQDN: + type: string + iamRoleName: + type: string + status: + type: string + type: object + type: array + enabledCloudwatchLogsExports: + description: "A list of log types that this DB instance is configured + to export to CloudWatch Logs. \n Log types vary by DB engine. + For information about the log types for each DB engine, see + Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html) + in the Amazon RDS User Guide." + items: + type: string + type: array + endpoint: + description: "Specifies the connection endpoint. \n The endpoint + might not be shown for instances whose status is creating." + properties: + address: + type: string + hostedZoneID: + type: string + port: + format: int64 + type: integer + type: object + engineVersion: + description: Indicates the database engine version. + type: string + enhancedMonitoringResourceARN: + description: The Amazon Resource Name (ARN) of the Amazon CloudWatch + Logs log stream that receives the Enhanced Monitoring metrics + data for the DB instance. + type: string + iamDatabaseAuthenticationEnabled: + description: "True if mapping of Amazon Web Services Identity + and Access Management (IAM) accounts to database accounts is + enabled, and otherwise false. \n IAM database authentication + can be enabled for the following database engines \n * For MySQL + 5.6, minor version 5.6.34 or higher \n * For MySQL 5.7, minor + version 5.7.16 or higher \n * Aurora 5.6 or higher. To enable + IAM database authentication for Aurora, see DBCluster Type." + type: boolean + instanceCreateTime: + description: Provides the date and time the DB instance was created. + format: date-time + type: string + latestRestorableTime: + description: Specifies the latest time to which a database can + be restored with point-in-time restore. + format: date-time + type: string + listenerEndpoint: + description: Specifies the listener connection endpoint for SQL + Server Always On. + properties: + address: + type: string + hostedZoneID: + type: string + port: + format: int64 + type: integer + type: object + masterUserSecret: + description: "Contains the secret managed by RDS in Amazon Web + Services Secrets Manager for the master user password. \n For + more information, see Password management with Amazon Web Services + Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) + in the Amazon RDS User Guide." + properties: + kmsKeyID: + type: string + secretARN: + type: string + secretStatus: + type: string + type: object + optionGroupMemberships: + description: Provides the list of option group memberships for + this DB instance. + items: + properties: + optionGroupName: + type: string + status: + type: string + type: object + type: array + pendingModifiedValues: + description: A value that specifies that changes to the DB instance + are pending. This element is only included when changes are + pending. Specific changes are identified by subelements. + properties: + allocatedStorage: + format: int64 + type: integer + automationMode: + type: string + backupRetentionPeriod: + format: int64 + type: integer + caCertificateIdentifier: + type: string + dbInstanceClass: + type: string + dbInstanceIdentifier: + type: string + dbSubnetGroupName: + type: string + engineVersion: + type: string + iamDatabaseAuthenticationEnabled: + type: boolean + iops: + format: int64 + type: integer + licenseModel: + type: string + masterUserPassword: + type: string + multiAZ: + type: boolean + pendingCloudwatchLogsExports: + description: A list of the log types whose configuration is + still pending. In other words, these log types are in the + process of being activated or deactivated. + properties: + logTypesToDisable: + items: + type: string + type: array + logTypesToEnable: + items: + type: string + type: array + type: object + port: + format: int64 + type: integer + processorFeatures: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + resumeFullAutomationModeTime: + format: date-time + type: string + storageThroughput: + format: int64 + type: integer + storageType: + type: string + type: object + performanceInsightsEnabled: + description: True if Performance Insights is enabled for the DB + instance, and otherwise false. + type: boolean + readReplicaDBClusterIdentifiers: + description: "Contains one or more identifiers of Aurora DB clusters + to which the RDS DB instance is replicated as a read replica. + For example, when you create an Aurora read replica of an RDS + for MySQL DB instance, the Aurora MySQL DB cluster for the Aurora + read replica is shown. This output doesn't contain information + about cross-Region Aurora read replicas. \n Currently, each + RDS DB instance can have only one Aurora read replica." + items: + type: string + type: array + readReplicaDBInstanceIdentifiers: + description: Contains one or more identifiers of the read replicas + associated with this DB instance. + items: + type: string + type: array + readReplicaSourceDBInstanceIdentifier: + description: Contains the identifier of the source DB instance + if this DB instance is a read replica. + type: string + replicaMode: + description: "The open mode of an Oracle read replica. The default + is open-read-only. For more information, see Working with Oracle + Read Replicas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) + in the Amazon RDS User Guide. \n This attribute is only supported + in RDS for Oracle." + type: string + resumeFullAutomationModeTime: + description: The number of minutes to pause the automation. When + the time period ends, RDS Custom resumes full automation. The + minimum value is 60 (default). The maximum value is 1,440. + format: date-time + type: string + secondaryAvailabilityZone: + description: If present, specifies the name of the secondary Availability + Zone for a DB instance with multi-AZ support. + type: string + statusInfos: + description: The status of a read replica. If the instance isn't + a read replica, this is blank. + items: + properties: + message: + type: string + normal: + type: boolean + status: + type: string + statusType: + type: string + type: object + type: array + tagList: + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcSecurityGroups: + description: Provides a list of VPC security group elements that + the DB instance belongs to. + items: + properties: + status: + type: string + vpcSecurityGroupID: + type: string + type: object + type: array + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} \ No newline at end of file diff --git a/testutils/crds/DBParameterGroup.yaml b/testutils/crds/DBParameterGroup.yaml new file mode 100644 index 00000000..6ca41a4a --- /dev/null +++ b/testutils/crds/DBParameterGroup.yaml @@ -0,0 +1,401 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: "2023-10-03T17:31:23Z" + generation: 1 + name: dbparametergroups.rds.aws.crossplane.io + ownerReferences: + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: true + kind: ProviderRevision + name: bloxinabox-provider-877b9fccf7ca + uid: f42ec1bf-0547-43c9-a29d-1dc6c06c0286 + - apiVersion: pkg.crossplane.io/v1 + blockOwnerDeletion: true + controller: false + kind: Provider + name: bloxinabox-provider + uid: 273f9682-ede8-4b8f-82ba-5c85cf731d51 + uid: 7d5a4408-5865-411a-a74a-e6bbc3a732eb +spec: + conversion: + strategy: None + group: rds.aws.crossplane.io + names: + categories: + - crossplane + - managed + - aws + kind: DBParameterGroup + listKind: DBParameterGroupList + plural: dbparametergroups + singular: dbparametergroup + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DBParameterGroup is the Schema for the DBParameterGroups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBParameterGroupSpec defines the desired state of DBParameterGroup + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + description: DBParameterGroupParameters defines the desired state + of DBParameterGroup + properties: + dbParameterGroupFamily: + description: "The DB parameter group family name. A DB parameter + group can be associated with one and only one DB parameter group + family, and can be applied only to a DB instance running a database + engine and engine version compatible with that DB parameter + group family. \n To list all of the available parameter group + families for a DB engine, use the following command: \n aws + rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" + --engine \n For example, to list all of the available + parameter group families for the MySQL DB engine, use the following + command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" + --engine mysql \n The output contains duplicates. \n The following + are the valid DB engine values: \n * aurora (for MySQL 5.6-compatible + Aurora) \n * aurora-mysql (for MySQL 5.7-compatible Aurora) + \n * aurora-postgresql \n * mariadb \n * mysql \n * oracle-ee + \n * oracle-ee-cdb \n * oracle-se2 \n * oracle-se2-cdb \n * + postgres \n * sqlserver-ee \n * sqlserver-se \n * sqlserver-ex + \n * sqlserver-web \n One of DBParameterGroupFamily or DBParameterGroupFamilySelector + is required." + type: string + dbParameterGroupFamilySelector: + description: "DBParameterGroupFamilySelector determines DBParameterGroupFamily + from the engine and engine version. \n One of DBParameterGroupFamily + or DBParameterGroupFamilySelector is required. \n Will not be + used if DBParameterGroupFamily is already set." + properties: + engine: + description: Engine is the name of the database engine. + type: string + engineVersion: + description: EngineVersion is the version of the database + engine. If it is nil, the default engine version given by + AWS will be used. + type: string + required: + - engine + type: object + description: + description: The description for the DB parameter group. + type: string + parameters: + description: 'A list of parameters to associate with this DB parameter + group. The fields ApplyMethod, ParameterName and ParameterValue + are required for every parameter. Note: AWS actually only modifies + the ApplyMethod of a parameter, if the ParameterValue changes + too.' + items: + description: CustomParameter are custom parameters for the Parameter + properties: + applyMethod: + description: The apply method of the parameter. AWS actually + only modifies to value set here, if the parameter value + changes too. + enum: + - immediate + - pending-reboot + type: string + parameterName: + description: The name of the parameter. + type: string + parameterValue: + description: The value of the parameter. + type: string + required: + - applyMethod + - parameterName + - parameterValue + type: object + type: array + region: + description: Region is which region the DBParameterGroup will + be created. + type: string + tags: + description: Tags to assign to the DB parameter group. + items: + properties: + key: + type: string + value: + type: string + type: object + type: array + required: + - description + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DBParameterGroupStatus defines the observed state of DBParameterGroup. + properties: + atProvider: + description: DBParameterGroupObservation defines the observed state + of DBParameterGroup + properties: + dbParameterGroupARN: + description: The Amazon Resource Name (ARN) for the DB parameter + group. + type: string + dbParameterGroupFamily: + description: The name of the DB parameter group family that this + DB parameter group is compatible with. + type: string + dbParameterGroupName: + description: The name of the DB parameter group. + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} \ No newline at end of file