Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
aws-native.rds.DbProxy
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
Resource schema for AWS::RDS::DBProxy
Create DbProxy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DbProxy(name: string, args: DbProxyArgs, opts?: CustomResourceOptions);@overload
def DbProxy(resource_name: str,
args: DbProxyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DbProxy(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth: Optional[Sequence[DbProxyAuthFormatArgs]] = None,
engine_family: Optional[DbProxyEngineFamily] = None,
role_arn: Optional[str] = None,
vpc_subnet_ids: Optional[Sequence[str]] = None,
db_proxy_name: Optional[str] = None,
debug_logging: Optional[bool] = None,
idle_client_timeout: Optional[int] = None,
require_tls: Optional[bool] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
vpc_security_group_ids: Optional[Sequence[str]] = None)func NewDbProxy(ctx *Context, name string, args DbProxyArgs, opts ...ResourceOption) (*DbProxy, error)public DbProxy(string name, DbProxyArgs args, CustomResourceOptions? opts = null)public DbProxy(String name, DbProxyArgs args)
public DbProxy(String name, DbProxyArgs args, CustomResourceOptions options)
type: aws-native:rds:DbProxy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. DbProxyArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. DbProxyArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. DbProxyArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. DbProxyArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. DbProxyArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
DbProxy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DbProxy resource accepts the following input properties:
- Auth
This property is required. List<Pulumi.Aws Native. Rds. Inputs. Db Proxy Auth Format> - The authorization mechanism that the proxy uses.
- Engine
Family This property is required. Pulumi.Aws Native. Rds. Db Proxy Engine Family - The kinds of databases that the proxy can connect to.
- Role
Arn This property is required. string - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- Vpc
Subnet Ids This property is required. List<string> - VPC subnet IDs to associate with the new proxy.
- Db
Proxy stringName - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- Debug
Logging bool - Whether the proxy includes detailed information about SQL statements in its logs.
- Idle
Client intTimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- Require
Tls bool - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
-
List<Pulumi.
Aws Native. Inputs. Tag> - An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- Vpc
Security List<string>Group Ids - VPC security group IDs to associate with the new proxy.
- Auth
This property is required. []DbProxy Auth Format Args - The authorization mechanism that the proxy uses.
- Engine
Family This property is required. DbProxy Engine Family - The kinds of databases that the proxy can connect to.
- Role
Arn This property is required. string - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- Vpc
Subnet Ids This property is required. []string - VPC subnet IDs to associate with the new proxy.
- Db
Proxy stringName - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- Debug
Logging bool - Whether the proxy includes detailed information about SQL statements in its logs.
- Idle
Client intTimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- Require
Tls bool - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
-
Tag
Args - An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- Vpc
Security []stringGroup Ids - VPC security group IDs to associate with the new proxy.
- auth
This property is required. List<DbProxy Auth Format> - The authorization mechanism that the proxy uses.
- engine
Family This property is required. DbProxy Engine Family - The kinds of databases that the proxy can connect to.
- role
Arn This property is required. String - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- vpc
Subnet Ids This property is required. List<String> - VPC subnet IDs to associate with the new proxy.
- db
Proxy StringName - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- debug
Logging Boolean - Whether the proxy includes detailed information about SQL statements in its logs.
- idle
Client IntegerTimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- require
Tls Boolean - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
- List<Tag>
- An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- vpc
Security List<String>Group Ids - VPC security group IDs to associate with the new proxy.
- auth
This property is required. DbProxy Auth Format[] - The authorization mechanism that the proxy uses.
- engine
Family This property is required. DbProxy Engine Family - The kinds of databases that the proxy can connect to.
- role
Arn This property is required. string - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- vpc
Subnet Ids This property is required. string[] - VPC subnet IDs to associate with the new proxy.
- db
Proxy stringName - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- debug
Logging boolean - Whether the proxy includes detailed information about SQL statements in its logs.
- idle
Client numberTimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- require
Tls boolean - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
- Tag[]
- An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- vpc
Security string[]Group Ids - VPC security group IDs to associate with the new proxy.
- auth
This property is required. Sequence[DbProxy Auth Format Args] - The authorization mechanism that the proxy uses.
- engine_
family This property is required. DbProxy Engine Family - The kinds of databases that the proxy can connect to.
- role_
arn This property is required. str - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- vpc_
subnet_ ids This property is required. Sequence[str] - VPC subnet IDs to associate with the new proxy.
- db_
proxy_ strname - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- debug_
logging bool - Whether the proxy includes detailed information about SQL statements in its logs.
- idle_
client_ inttimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- require_
tls bool - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
-
Sequence[Tag
Args] - An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- vpc_
security_ Sequence[str]group_ ids - VPC security group IDs to associate with the new proxy.
- auth
This property is required. List<Property Map> - The authorization mechanism that the proxy uses.
- engine
Family This property is required. "MYSQL" | "POSTGRESQL" | "SQLSERVER" - The kinds of databases that the proxy can connect to.
- role
Arn This property is required. String - The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
- vpc
Subnet Ids This property is required. List<String> - VPC subnet IDs to associate with the new proxy.
- db
Proxy StringName - The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.
- debug
Logging Boolean - Whether the proxy includes detailed information about SQL statements in its logs.
- idle
Client NumberTimeout - The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
- require
Tls Boolean - A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
- List<Property Map>
- An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
- vpc
Security List<String>Group Ids - VPC security group IDs to associate with the new proxy.
Outputs
All input properties are implicitly available as output properties. Additionally, the DbProxy resource produces the following output properties:
- Db
Proxy stringArn - The Amazon Resource Name (ARN) for the proxy.
- Endpoint string
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- Id string
- The provider-assigned unique ID for this managed resource.
- Vpc
Id string - VPC ID to associate with the new DB proxy.
- Db
Proxy stringArn - The Amazon Resource Name (ARN) for the proxy.
- Endpoint string
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- Id string
- The provider-assigned unique ID for this managed resource.
- Vpc
Id string - VPC ID to associate with the new DB proxy.
- db
Proxy StringArn - The Amazon Resource Name (ARN) for the proxy.
- endpoint String
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- id String
- The provider-assigned unique ID for this managed resource.
- vpc
Id String - VPC ID to associate with the new DB proxy.
- db
Proxy stringArn - The Amazon Resource Name (ARN) for the proxy.
- endpoint string
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- id string
- The provider-assigned unique ID for this managed resource.
- vpc
Id string - VPC ID to associate with the new DB proxy.
- db_
proxy_ strarn - The Amazon Resource Name (ARN) for the proxy.
- endpoint str
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- id str
- The provider-assigned unique ID for this managed resource.
- vpc_
id str - VPC ID to associate with the new DB proxy.
- db
Proxy StringArn - The Amazon Resource Name (ARN) for the proxy.
- endpoint String
- The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
- id String
- The provider-assigned unique ID for this managed resource.
- vpc
Id String - VPC ID to associate with the new DB proxy.
Supporting Types
DbProxyAuthFormat, DbProxyAuthFormatArgs
, DbProxyAuthFormatArgs
- Auth
Scheme Pulumi.Aws Native. Rds. Db Proxy Auth Format Auth Scheme - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- Client
Password Pulumi.Auth Type Aws Native. Rds. Db Proxy Auth Format Client Password Auth Type - The type of authentication the proxy uses for connections from clients.
- Description string
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- Iam
Auth Pulumi.Aws Native. Rds. Db Proxy Auth Format Iam Auth - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- Secret
Arn string - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
- Auth
Scheme DbProxy Auth Format Auth Scheme - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- Client
Password DbAuth Type Proxy Auth Format Client Password Auth Type - The type of authentication the proxy uses for connections from clients.
- Description string
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- Iam
Auth DbProxy Auth Format Iam Auth - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- Secret
Arn string - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
- auth
Scheme DbProxy Auth Format Auth Scheme - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- client
Password DbAuth Type Proxy Auth Format Client Password Auth Type - The type of authentication the proxy uses for connections from clients.
- description String
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- iam
Auth DbProxy Auth Format Iam Auth - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- secret
Arn String - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
- auth
Scheme DbProxy Auth Format Auth Scheme - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- client
Password DbAuth Type Proxy Auth Format Client Password Auth Type - The type of authentication the proxy uses for connections from clients.
- description string
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- iam
Auth DbProxy Auth Format Iam Auth - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- secret
Arn string - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
- auth_
scheme DbProxy Auth Format Auth Scheme - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- client_
password_ Dbauth_ type Proxy Auth Format Client Password Auth Type - The type of authentication the proxy uses for connections from clients.
- description str
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- iam_
auth DbProxy Auth Format Iam Auth - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- secret_
arn str - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
- auth
Scheme "SECRETS" - The type of authentication that the proxy uses for connections from the proxy to the underlying database.
- client
Password "MYSQL_NATIVE_PASSWORD" | "POSTGRES_SCRAM_SHA_256" | "POSTGRES_MD5" | "SQL_SERVER_AUTHENTICATION"Auth Type - The type of authentication the proxy uses for connections from clients.
- description String
- A user-specified description about the authentication used by a proxy to log in as a specific database user.
- iam
Auth "DISABLED" | "REQUIRED" | "ENABLED" - Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server.
- secret
Arn String - The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
DbProxyAuthFormatAuthScheme, DbProxyAuthFormatAuthSchemeArgs
, DbProxyAuthFormatAuthSchemeArgs
- Secrets
- SECRETS
- Db
Proxy Auth Format Auth Scheme Secrets - SECRETS
- Secrets
- SECRETS
- Secrets
- SECRETS
- SECRETS
- SECRETS
- "SECRETS"
- SECRETS
DbProxyAuthFormatClientPasswordAuthType, DbProxyAuthFormatClientPasswordAuthTypeArgs
, DbProxyAuthFormatClientPasswordAuthTypeArgs
- Mysql
Native Password - MYSQL_NATIVE_PASSWORD
- Postgres
Scram Sha256 - POSTGRES_SCRAM_SHA_256
- Postgres
Md5 - POSTGRES_MD5
- Sql
Server Authentication - SQL_SERVER_AUTHENTICATION
- Db
Proxy Auth Format Client Password Auth Type Mysql Native Password - MYSQL_NATIVE_PASSWORD
- Db
Proxy Auth Format Client Password Auth Type Postgres Scram Sha256 - POSTGRES_SCRAM_SHA_256
- Db
Proxy Auth Format Client Password Auth Type Postgres Md5 - POSTGRES_MD5
- Db
Proxy Auth Format Client Password Auth Type Sql Server Authentication - SQL_SERVER_AUTHENTICATION
- Mysql
Native Password - MYSQL_NATIVE_PASSWORD
- Postgres
Scram Sha256 - POSTGRES_SCRAM_SHA_256
- Postgres
Md5 - POSTGRES_MD5
- Sql
Server Authentication - SQL_SERVER_AUTHENTICATION
- Mysql
Native Password - MYSQL_NATIVE_PASSWORD
- Postgres
Scram Sha256 - POSTGRES_SCRAM_SHA_256
- Postgres
Md5 - POSTGRES_MD5
- Sql
Server Authentication - SQL_SERVER_AUTHENTICATION
- MYSQL_NATIVE_PASSWORD
- MYSQL_NATIVE_PASSWORD
- POSTGRES_SCRAM_SHA256
- POSTGRES_SCRAM_SHA_256
- POSTGRES_MD5
- POSTGRES_MD5
- SQL_SERVER_AUTHENTICATION
- SQL_SERVER_AUTHENTICATION
- "MYSQL_NATIVE_PASSWORD"
- MYSQL_NATIVE_PASSWORD
- "POSTGRES_SCRAM_SHA_256"
- POSTGRES_SCRAM_SHA_256
- "POSTGRES_MD5"
- POSTGRES_MD5
- "SQL_SERVER_AUTHENTICATION"
- SQL_SERVER_AUTHENTICATION
DbProxyAuthFormatIamAuth, DbProxyAuthFormatIamAuthArgs
, DbProxyAuthFormatIamAuthArgs
- Disabled
- DISABLED
- Required
- REQUIRED
- Enabled
- ENABLED
- Db
Proxy Auth Format Iam Auth Disabled - DISABLED
- Db
Proxy Auth Format Iam Auth Required - REQUIRED
- Db
Proxy Auth Format Iam Auth Enabled - ENABLED
- Disabled
- DISABLED
- Required
- REQUIRED
- Enabled
- ENABLED
- Disabled
- DISABLED
- Required
- REQUIRED
- Enabled
- ENABLED
- DISABLED
- DISABLED
- REQUIRED
- REQUIRED
- ENABLED
- ENABLED
- "DISABLED"
- DISABLED
- "REQUIRED"
- REQUIRED
- "ENABLED"
- ENABLED
DbProxyEngineFamily, DbProxyEngineFamilyArgs
, DbProxyEngineFamilyArgs
- Mysql
- MYSQL
- Postgresql
- POSTGRESQL
- Sqlserver
- SQLSERVER
- Db
Proxy Engine Family Mysql - MYSQL
- Db
Proxy Engine Family Postgresql - POSTGRESQL
- Db
Proxy Engine Family Sqlserver - SQLSERVER
- Mysql
- MYSQL
- Postgresql
- POSTGRESQL
- Sqlserver
- SQLSERVER
- Mysql
- MYSQL
- Postgresql
- POSTGRESQL
- Sqlserver
- SQLSERVER
- MYSQL
- MYSQL
- POSTGRESQL
- POSTGRESQL
- SQLSERVER
- SQLSERVER
- "MYSQL"
- MYSQL
- "POSTGRESQL"
- POSTGRESQL
- "SQLSERVER"
- SQLSERVER
Tag, TagArgs
, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi