AWS Fundamentals Logo
AWS Fundamentals
AWS::RDS::DBCluster

RDS DBCluster

The AWS::RDS::DBCluster resource creates an Amazon Aurora DB cluster or Multi-AZ DB cluster. For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide*. For more information about creating a Multi-AZ DB cluster, see [Creating a Multi-AZ DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html) in the *Amazon RDS User Guide*. You can only create this resource in AWS Regions where Amazon Aurora or Multi-AZ DB clusters are supported. *Updating DB clusters* When properties labeled "*Update requires:*[Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)" are updated, AWS CloudFormation first creates a replacement DB cluster, then changes references from other dependent resources to point to the replacement DB cluster, and finally deletes the old DB cluster. We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB cluster. To preserve your data, perform the following procedure: 1. Deactivate any applications that are using the DB cluster so that there's no activity on the DB instance. 1. Create a snapshot of the DB cluster. For more information, see [Creating a DB cluster snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CreateSnapshotCluster.html). 1. If you want to restore your DB cluster using a DB cluster snapshot, modify the updated template with your DB cluster changes and add the SnapshotIdentifier property with the ID of the DB cluster snapshot that you want to use. After you restore a DB cluster with a SnapshotIdentifier property, you must specify the same SnapshotIdentifier property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the DB cluster snapshot again, and the data in the database is not changed. However, if you don't specify the SnapshotIdentifier property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified SnapshotIdentifier property, and the original DB cluster is deleted. 1. Update the stack. Currently, when you are updating the stack for an Aurora Serverless DB cluster, you can't include changes to any other properties when you specify one of the following properties: PreferredBackupWindow, PreferredMaintenanceWindow, and Port. This limitation doesn't apply to provisioned DB clusters. For more information about updating other properties of this resource, see ModifyDBCluster. For more information about updating stacks, see [CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html). *Deleting DB clusters* The default DeletionPolicy for AWS::RDS::DBCluster resources is Snapshot. For more information about how AWS CloudFormation deletes resources, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).

Properties

61 configurable properties. Click a row to see details.

Filter:
PropertyTypeFlags
AllocatedStorage
integer
AssociatedRoles
Array<DBClusterRole>
AutoMinorVersionUpgrade
boolean
AvailabilityZones
Array<string>
Create-only
BacktrackWindow
integer
BackupRetentionPeriod
integer
ClusterScalabilityType
string
Create-onlyWrite-only
CopyTagsToSnapshot
boolean
DatabaseInsightsMode
string
DatabaseName
string
Create-only
DBClusterIdentifier
string
Create-only
DBClusterInstanceClass
string
DBClusterParameterGroupName
string
DBInstanceParameterGroupName
string
Write-only
DBSubnetGroupName
string
Create-only
DBSystemId
string
Create-only
DeleteAutomatedBackups
boolean
Write-only
DeletionProtection
boolean
Domain
string
DomainIAMRoleName
string
EnableCloudwatchLogsExports
Array<string>
EnableGlobalWriteForwarding
boolean
EnableHttpEndpoint
boolean
EnableIAMDatabaseAuthentication
boolean
EnableLocalWriteForwarding
boolean
Engine
string
EngineLifecycleSupport
string
EngineMode
string
Create-only
EngineVersion
string
GlobalClusterIdentifier
string
Iops
integer
KmsKeyId
string
Create-only
ManageMasterUserPassword
boolean
MasterUserAuthenticationType
string
Write-only
MasterUsername
string
MasterUserPassword
string
Write-only
MasterUserSecret
MasterUserSecret
MonitoringInterval
integer
MonitoringRoleArn
string
NetworkType
string
PerformanceInsightsEnabled
boolean
PerformanceInsightsKmsKeyId
string
PerformanceInsightsRetentionPeriod
integer
Port
integer
PreferredBackupWindow
string
PreferredMaintenanceWindow
string
PubliclyAccessible
boolean
Create-only
ReplicationSourceIdentifier
string
RestoreToTime
string
Create-onlyWrite-only
RestoreType
string
Create-onlyWrite-only
ScalingConfiguration
ScalingConfiguration
ServerlessV2ScalingConfiguration
ServerlessV2ScalingConfiguration
SnapshotIdentifier
string
Create-onlyWrite-only
SourceDBClusterIdentifier
string
Create-onlyWrite-only
SourceDbClusterResourceId
string
Create-onlyWrite-only
SourceRegion
string
Create-onlyWrite-only
StorageEncrypted
boolean
Create-only
StorageType
string
Tags
Array<Tag>
UseLatestRestorableTime
boolean
Create-onlyWrite-only
VpcSecurityGroupIds
Array<string>

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

AttributeTypeDescription
DBClusterArnstring-
DBClusterResourceIdstring-
EndpointEndpoint-
ReadEndpointReadEndpoint-
StorageEncryptionTypestring-
StorageThroughputinteger-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::RDS::DBCluster

Resources:
  MyResource:
    Type: AWS::RDS::DBCluster
    Properties:
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

iam:CreateServiceLinkedRoleiam:PassRolerds:AddRoleToDBClusterrds:AddTagsToResourcerds:CreateDBClusterrds:CreateDBInstancerds:DescribeDBClustersrds:DescribeDBClusterAutomatedBackupsrds:DescribeDBClusterSnapshotsrds:DescribeDBSnapshotsrds:DescribeEventsrds:EnableHttpEndpointrds:ModifyDBClusterrds:RestoreDBClusterFromSnapshotrds:RestoreDBClusterToPointInTimerds:DescribeDBClusterSnapshotssecretsmanager:CreateSecretsecretsmanager:TagResource

read

rds:DescribeDBClusters

update

ec2:DescribeSecurityGroupsiam:PassRolerds:AddRoleToDBClusterrds:AddTagsToResourcerds:DescribeDBClustersrds:DescribeDBSubnetGroupsrds:DescribeEventsrds:DescribeGlobalClustersrds:DisableHttpEndpointrds:EnableHttpEndpointrds:ModifyDBClusterrds:ModifyDBInstancerds:RemoveFromGlobalClusterrds:RemoveRoleFromDBClusterrds:RemoveTagsFromResourcesecretsmanager:CreateSecretsecretsmanager:TagResource

delete

rds:AddTagsToResourcerds:CreateDBClusterSnapshotrds:DeleteDBClusterrds:DeleteDBInstancerds:DescribeDBClustersrds:DescribeGlobalClustersrds:RemoveFromGlobalCluster

list

rds:DescribeDBClusters

Get the RDS Cheat Sheet

Everything you need to know about RDS on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceRDS
Properties67
Required0
TaggingSupported
Primary IDDBClusterIdentifier

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

AvailabilityZonesClusterScalabilityTypeDBClusterIdentifierDBSubnetGroupNameDBSystemIdDatabaseNameEngineModeKmsKeyIdPubliclyAccessibleRestoreToTimeRestoreTypeSnapshotIdentifierSourceDBClusterIdentifierSourceDbClusterResourceIdSourceRegionStorageEncryptedUseLatestRestorableTime

Related Resources

External Links