DB cluster parameter group settings for Babelfish
When you create an Aurora PostgreSQL DB cluster and choose Turn on Babelfish, a DB cluster parameter group is created for you automatically if you choose Create new. This DB cluster parameter group is based on the Aurora PostgreSQL DB cluster parameter group for the Aurora PostgreSQL version chosen for the install, for example, Aurora PostgreSQL version 14. It's named using the following general pattern:
custom-aurora-postgresql14-babelfish-compat-3You can change the following settings during the cluster creation process but some of these can't be changed once they're stored in the custom parameter group, so choose carefully:
Single database or Multiple databases
Default collation locale
Collation name
DB parameter group
To use an existing Aurora PostgreSQL DB cluster version 13 or higher parameter group, edit the group and set the
babelfish_status parameter to on. Specify any
Babelfish options before creating your Aurora PostgreSQL cluster. To learn more,
see Parameter groups for Amazon Aurora.
The following parameters control Babelfish preferences. Unless otherwise stated in the Description, parameters are modifiable. The default value is included in the description. To see the allowable values for any parameter, do as follows:
Note
When you associate a new DB parameter group with a DB instance, the modified static and dynamic parameters are applied only after the DB instance is rebooted. However, if you modify dynamic parameters in the DB parameter group after you associate it with the DB instance, these changes are applied immediately without a reboot.
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/
. Choose Parameter groups from the navigation menu.
Choose the
default.aurora-postgresql14DB cluster parameter group from the list.Enter the name of a parameter in the search field. For example, enter
babelfishpg_tsql.default_localein the search field to display this parameter and its default value and allowable settings.Note
Babelfish for Aurora PostgreSQL global databases works in secondary regions only if the following parameters are turned on in those regions.
| Parameter | Description | Apply Type | Is Modifiable |
|---|---|---|---|
babelfishpg_tds.tds_default_numeric_scale |
Sets the default scale of numeric type to be sent in the TDS column metadata if the engine doesn't specify one. (Default: 8) (Allowable: 0–38) |
dynamic |
true |
babelfishpg_tds.tds_default_numeric_precision |
An integer that sets the default precision of numeric type to be sent in the TDS column metadata if the engine doesn't specify one. (Default: 38) (Allowable: 1–38) |
dynamic |
true |
babelfishpg_tds.tds_default_packet_size |
An integer that sets the default packet size for connecting SQL Server clients. (Default: 4096) (Allowable: 512–32767) |
dynamic |
true |
babelfishpg_tds.tds_default_protocol_version |
An integer that sets a default TDS protocol version for connecting clients. (Default: DEFAULT) (Allowable: TDSv7.0, TDSv7.1, TDSv7.1.1, TDSv7.2, TDSv7.3A, TDSv7.3B, TDSv7.4, DEFAULT) |
dynamic |
true |
babelfishpg_tds.default_server_name |
A string that identifies the default name of the Babelfish server. (Default: Microsoft SQL Server) (Allowable: null) |
dynamic |
true |
babelfishpg_tds.tds_debug_log_level |
An integer that sets the logging level in TDS; 0 turns off logging. (Default: 1) (Allowable: 0, 1, 2, 3) |
dynamic |
true |
babelfishpg_tds.listen_addresses |
A string that sets the host name or IP address or addresses to listen for TDS on. This parameter can't be modified after the Babelfish DB cluster is created. (Default: * ) (Allowable: null) |
– |
false |
babelfishpg_tds.port |
An integer that specifies the TCP port used for requests in SQL Server syntax. (Default: 1433) (Allowable: 1–65535) |
static |
true |
babelfishpg_tds.tds_ssl_encrypt |
A boolean that turns encryption on (0) or off (1) for data traversing the TDS listener port. For detailed information about using SSL for client connections, see Babelfish SSL settings and client connections. (Default: 0) (Allowable: 0, 1) |
dynamic |
true |
babelfishpg_tds.tds_ssl_max_protocol_version |
A string that specifies the highest SSL/TLS protocol version to use for the TDS session. (Default: 'TLSv1.2') (Allowable: 'TLSv1', 'TLSv1.1', 'TLSv1.2') |
dynamic |
true |
babelfishpg_tds.tds_ssl_min_protocol_version |
A string that specifies the minimum SSL/TLS protocol version to use for the TDS session. (Default: 'TLSv1.2' from Aurora PostgreSQL version 16, 'TLSv1' for versions older than Aurora PostgreSQL version 16) (Allowable: 'TLSv1', 'TLSv1.1', 'TLSv1.2') |
dynamic |
true |
babelfishpg_tds.unix_socket_directories |
A string that identifies the TDS server Unix socket directory. This parameter can't be modified after the Babelfish DB cluster is created. (Default: /tmp) (Allowable: null) |
– |
false |
babelfishpg_tds.unix_socket_group |
A string that identifies the TDS server Unix socket group. This parameter can't be modified after the Babelfish DB cluster is created. (Default: rdsdb) (Allowable: null) |
– |
false |
babelfishpg_tsql.default_locale |
A string that specifies the default locale used for Babelfish collations. The default locale is the locale only and doesn't include any qualifiers. Set this parameter when you provision a Babelfish DB cluster. After the DB cluster is provisioned, changes to this parameter are ignored. (Default: en_US) (Allowable: See tables) |
static |
true |
babelfishpg_tsql.migration_mode |
A non-modifiable list that specifies support for single- or multiple user databases. Set this parameter when you provision a Babelfish DB cluster. After the DB cluster is provisioned, you can't modify this parameter's value. (Default: multi-db from Aurora PostgreSQL version 16, single-db for versions older than Aurora PostgreSQL version 16) (Allowable: single-db, multi-db,null) |
static |
true |
babelfishpg_tsql.server_collation_name |
A string that specifies the name of the collation used for server-level actions. Set this parameter when you provision a Babelfish DB cluster. After the DB cluster is provisioned, don't modify the value of this parameter. (Default: bbf_unicode_general_ci_as) (Allowable: See tables) |
static |
true |
babelfishpg_tsql.version |
A string that sets the output of @@VERSION variable. Don't modify this value for Aurora PostgreSQL DB clusters. (Default: null) (Allowable: default) |
dynamic |
true |
rds.babelfish_status |
A string that sets the state of Babelfish functionality. When this parameter is set to
|
static |
true |
unix_socket_permissions |
An integer that sets the TDS server Unix socket permissions. This parameter can't be modified after the Babelfish DB cluster is created. (Default: 0700) (Allowable: 0–511) |
– |
false |
Babelfish SSL settings and client connections
When a client connects to the TDS port (default 1433), Babelfish compares the Secure
Sockets Layer (SSL) setting sent during the client handshake to the Babelfish
SSL parameter setting (tds_ssl_encrypt). Babelfish then
determines if a connection is allowed. If a connection is allowed, encryption
behavior is either enforced or not, depending on your parameter settings and the
support for encryption offered by the client.
The table following shows how Babelfish behaves for each combination.
| Client SSL setting | Babelfish SSL setting | Connection allowed? | Value returned to client |
|---|---|---|---|
ENCRYPT_OFF |
tds_ssl_encrypt=0 |
Allowed, the login packet is encrypted |
ENCRYPT_OFF |
ENCRYPT_OFF |
tds_ssl_encrypt=1 |
Allowed, the entire connection is encrypted |
ENCRYPT_REQ |
ENCRYPT_ON |
tds_ssl_encrypt=0 |
Allowed, the entire connection is encrypted |
ENCRYPT_ON |
ENCRYPT_ON |
tds_ssl_encrypt=1 |
Allowed, the entire connection is encrypted |
ENCRYPT_ON |
ENCRYPT_NOT_SUP |
tds_ssl_encrypt=0 |
Yes | ENCRYPT_NOT_SUP |
ENCRYPT_NOT_SUP |
tds_ssl_encrypt=1 |
No, connection closed |
ENCRYPT_REQ |
ENCRYPT_REQ |
tds_ssl_encrypt=0 |
Allowed, the entire connection is encrypted |
ENCRYPT_ON |
ENCRYPT_REQ |
tds_ssl_encrypt=1 |
Allowed, the entire connection is encrypted |
ENCRYPT_ON |
ENCRYPT_CLIENT_CERT |
tds_ssl_encrypt=0 |
No, connection closed |
Unsupported |
ENCRYPT_CLIENT_CERT |
tds_ssl_encrypt=1 |
No, connection closed |
Unsupported |
