AWS::RDS::DBProxyEndpoint
The AWS::RDS::DBProxyEndpoint
resource creates or updates a DB proxy endpoint. You can use custom proxy endpoints to access a proxy through a different
VPC than the proxy's default VPC.
For more information about RDS Proxy, see AWS::RDS::DBProxy.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::RDS::DBProxyEndpoint", "Properties" : { "DBProxyEndpointName" :
String
, "DBProxyName" :String
, "Tags" :[ TagFormat, ... ]
, "TargetRole" :String
, "VpcSecurityGroupIds" :[ String, ... ]
, "VpcSubnetIds" :[ String, ... ]
} }
YAML
Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName:
String
DBProxyName:String
Tags:- TagFormat
TargetRole:String
VpcSecurityGroupIds:- String
VpcSubnetIds:- String
Properties
DBProxyEndpointName
-
The name of the DB proxy endpoint to create.
Required: Yes
Type: String
Pattern:
[0-z]*
Maximum:
64
Update requires: Replacement
DBProxyName
-
The name of the DB proxy associated with the DB proxy endpoint that you create.
Required: Yes
Type: String
Pattern:
[0-z]*
Maximum:
64
Update requires: Replacement
-
An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
Required: No
Type: Array of TagFormat
Update requires: No interruption
TargetRole
-
A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
Required: No
Type: String
Allowed values:
READ_WRITE | READ_ONLY
Update requires: No interruption
VpcSecurityGroupIds
-
The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
Required: No
Type: Array of String
Minimum:
1
Update requires: No interruption
VpcSubnetIds
-
The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.
Required: Yes
Type: Array of String
Minimum:
2
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the name of the DB proxy endpoint.
For more information about using the Ref
function, see Ref
.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
DBProxyEndpointArn
-
The Amazon Resource Name (ARN) for the DB proxy endpoint.
Endpoint
-
The endpoint that you can use to connect to the DB proxy. You include the endpoint value in the connection string for a database client application.
IsDefault
-
Indicates whether this endpoint is the default endpoint for the associated DB proxy. Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only.
VpcId
-
Provides the VPC ID of the DB proxy endpoint.
Examples
Creating a custom DB proxy endpoint
The following example creates a custom DB proxy endpoint.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "ProxyEndpointName": { "Type": "String", "Default": "exampleProxyEndpoint" }, "ProxyName": { "Type": "String", "Default": "exampleProxy" }, "SecurityGroupIds": { "Type": "String", "Default": "sg-12345678" }, "SubnetIds": { "Type": "String", "Default": "subnet-12345677,subnet-12345678,subnet-12345679" } }, "Resources": { "TestDBProxy": { "Type": "AWS::RDS::DBProxyEndpoint", "Properties": { "DBProxyEndpointName": { "Ref": "ProxyEndpointName" }, "DBProxyName": { "Ref": "ProxyName" }, "VpcSecurityGroupIds": { "Fn::Split": [ ",", { "Ref": "SecurityGroupIds" } ] }, "VpcSubnetIds": { "Fn::Split": [ ",", { "Ref": "SubnetIds" } ] }, "TargetRole": "READ_ONLY" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: ProxyEndpointName: Type: String Default: exampleProxyEndpoint ProxyName: Type: String Default: exampleProxy SubnetIds: Type: String Default: subnet-12345677,subnet-12345678,subnet-12345679 SecurityGroupIds: Type: String Default: sg-12345678 Resources: TestDBProxyEndpoint: Type: AWS::RDS::DBProxyEndpoint Properties: DBProxyEndpointName: !Ref ProxyEndpointName DBProxyName: !Ref ProxyName VpcSubnetIds: Fn::Split: [",", !Ref SubnetIds] VpcSecurityGroupIds: Fn::Split: [",", !Ref SecurityGroupIds] TargetRole: READ_ONLY