aws-cdk-lib.aws_rds.CfnDBProxyProps

interface CfnDBProxyProps

LanguageType name
.NETAmazon.CDK.AWS.RDS.CfnDBProxyProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsrds#CfnDBProxyProps
Javasoftware.amazon.awscdk.services.rds.CfnDBProxyProps
Pythonaws_cdk.aws_rds.CfnDBProxyProps
TypeScript aws-cdk-lib » aws_rds » CfnDBProxyProps

Properties for defining a CfnDBProxy.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_rds as rds } from 'aws-cdk-lib';
const cfnDBProxyProps: rds.CfnDBProxyProps = {
  auth: [{
    authScheme: 'authScheme',
    clientPasswordAuthType: 'clientPasswordAuthType',
    description: 'description',
    iamAuth: 'iamAuth',
    secretArn: 'secretArn',
  }],
  dbProxyName: 'dbProxyName',
  engineFamily: 'engineFamily',
  roleArn: 'roleArn',
  vpcSubnetIds: ['vpcSubnetIds'],

  // the properties below are optional
  debugLogging: false,
  idleClientTimeout: 123,
  requireTls: false,
  tags: [{
    key: 'key',
    value: 'value',
  }],
  vpcSecurityGroupIds: ['vpcSecurityGroupIds'],
};

Properties

NameTypeDescription
authIResolvable | IResolvable | AuthFormatProperty[]The authorization mechanism that the proxy uses.
dbProxyNamestringThe identifier for the proxy.
engineFamilystringThe kinds of databases that the proxy can connect to.
roleArnstringThe Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
vpcSubnetIdsstring[]One or more VPC subnet IDs to associate with the new proxy.
debugLogging?boolean | IResolvableWhether the proxy includes detailed information about SQL statements in its logs.
idleClientTimeout?numberThe number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.
requireTls?boolean | IResolvableA Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.
tags?TagFormatProperty[]An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
vpcSecurityGroupIds?string[]One or more VPC security group IDs to associate with the new proxy.

auth

Type: IResolvable | IResolvable | AuthFormatProperty[]

The authorization mechanism that the proxy uses.


dbProxyName

Type: string

The identifier for the proxy.

This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.


engineFamily

Type: string

The kinds of databases that the proxy can connect to.

This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL . For RDS for Microsoft SQL Server, specify SQLSERVER .

Valid values : MYSQL | POSTGRESQL | SQLSERVER


roleArn

Type: string

The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.


vpcSubnetIds

Type: string[]

One or more VPC subnet IDs to associate with the new proxy.


debugLogging?

Type: boolean | IResolvable (optional)

Whether the proxy includes detailed information about SQL statements in its logs.

This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.


idleClientTimeout?

Type: number (optional)

The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it.

You can set this value higher or lower than the connection timeout limit for the associated database.


requireTls?

Type: boolean | IResolvable (optional)

A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy.

By enabling this setting, you can enforce encrypted TLS connections to the proxy.


tags?

Type: TagFormatProperty[] (optional)

An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.


vpcSecurityGroupIds?

Type: string[] (optional)

One or more VPC security group IDs to associate with the new proxy.

If you plan to update the resource, don't specify VPC security groups in a shared VPC.