This topic gives you reference information about the Amazon Aurora PostgreSQL-Compatible Edition (csb-aws-aurora-postgresql) service. It details the plans, configuration parameters, and binding credentials.

Tanzu Cloud Service Broker for AWS v1.3.0 and later does not support unsecured connections to Amazon Aurora PostgreSQL-Compatible Edition instances when binding or unbinding. For secure connections to work, you must install the AWS certificate bundle in Ops Manager.

Plan Configuration Parameters

When configuring Cloud Service Broker for AWS you can add additional plans. For how to configure plans, see Configure Services with Cloud Service Broker for AWS.

The following table lists parameters which can only be configured for additional plans:

Parameter Name Values Default Required
name The plan name. n/a Yes
id A unique GUID. n/a Yes
description Description of the new plan. n/a Yes
free When false, service instances of this service plan have a cost. true No
bindable Specifies whether service instances of the service plan can bind to applications. true No
plan_updateable Whether the Plan supports upgrading, downgrading, or sidegrading to another version. true No
metadata.displayName Name to use when displaying the plan in Marketplace n/a No
metadata.bullets List of bullet points to display in Apps Manager n/a No

You can also add any of the parameters listed in the Configuration Parameters section to your plan.

Note

If you set a parameter at plan level, developers cannot change the value when creating or updating service instances.

Configuration Parameters

You can provision a service by running:

cf create-service csb-aws-aurora-postgres PLAN-NAME SERVICE-INSTANCE-NAME -c '{"PARAMETER-NAME": "PARAMETER-VALUE"}

You can update the configuration parameters for a service instance by running:

cf update-service SERVICE-INSTANCE-NAME -c '{"PARAMETER-NAME": "PARAMETER-VALUE"}'

The following table lists the parameters that you can configure, by using the -c flag, when provisioning or updating a csb-aws-aurora-postgresql service. The Operation column displays whether a parameter is supported for both provision and update, or for provision only:

Parameter Name Type Description Default Operation
engine_version String This parameter is required. The Aurora PostgreSQL engine version, such as 14.4. Some versions do not support some features. For more information, see the AWS Documentation. None provision and update
instance_name String The name of the AWS instance to create. csb-aurorapg-INSTANCE-ID provision
cluster_instances Integer The number of Aurora instances in the Aurora cluster. 3 provision and update
db_name String The name of the database. csbdb provision
region String The AWS region to deploy the service in. For more information about available regions, see the AWS Documentation. us-west-2 provision
serverless_min_capacity Number The minimum capacity for the cluster. Must be less than or equal to serverless_max_capacity. Valid capacity values are in a range of 0.5 up to 128, in steps of 0.5. The serverless_min_capacity and serverless_max_capacity properties are ineffective without setting the instance_class property to a valid value for Aurora Serverless v2. For information about restrictions associated with the different types of instances accepted by Aurora, see the AWS Documentation. In this release, db.serverless is the special database instance class that Aurora Serverless v2 uses. null provision and update
serverless_max_capacity Number The maximum capacity for the cluster. Must be greater than or equal to serverless_min_capacity. Valid capacity values are in a range of 0.5 up to 128, in steps of 0.5. The serverless_min_capacity and serverless_max_capacity properties are ineffective without setting the instance_class property to a valid value for Aurora Serverless v2. For information about restrictions associated with the different types of instances accepted by Aurora, see the AWS Documentation. In this release, db.serverless is the special database instance class that Aurora Serverless v2 uses. null provision and update
rds_subnet_group String The name of the subnet to attach the database instance to. None provision
rds_vpc_security_group_ids Comma-separated String Security group IDs to assign to the database instance. None provision
allow_major_version_upgrade Boolean Indicates that major version upgrades are allowed. Changing this parameter does not cause an outage and the change is asynchronously applied as soon as possible. true provision and update
auto_minor_version_upgrade Boolean Indicates that minor engine upgrades are applied automatically to the database instance during the maintenance window. true provision and update
deletion_protection Boolean Whether deletion protection is enabled. You cannot delete the database cluster when this value is set, but you can delete database instances within the cluster. For more information about deleting Aurora database cluster and database instances, see the AWS Documentation. For more information about storage reliability, see the AWS Documentation.

Caution If the protection is active and a deprovision operation is performed, all instances associated with the cluster are erased. This leaves the system without computing capacity, and the service stops. The data remains safe because it is associated with the virtual volume associated with the cluster. To recover the computing capacity after an accidental deprovision operation, set the number of instances that you want for the cluster through the property cluster_instances.

false provision and update
db_cluster_parameter_group_name String The Aurora PostgreSQL database cluster parameter group name for the service. By default, a database cluster parameter group is created and used to apply security settings. If you set a custom database cluster parameter group, it might override other settings, including security settings. "" provision and update
require_ssl Boolean Set to true to only allow secure database connections. If you specify db_cluster_parameter_group_name, the require_ssl parameter does not take effect. true provision and update
monitoring_interval Integer The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the database instance. To stop collecting Enhanced Monitoring metrics, enter 0. Valid values: 0, 1, 5, 10, 15, 30, 60. A monitoring_role_arn value is required if you enter a monitoring_interval value other than 0. 0 provision and update
monitoring_role_arn String Enhanced Monitoring requires permission to act on your behalf to send OS metric information to CloudWatch Logs. This property represents the Amazon Resource Names (ARN) for the Identity and Access Management (IAM) role that permits RDS to send Enhanced Monitoring metrics to CloudWatch Logs. "" provision and update
performance_insights_enabled Boolean Specifies whether Performance Insights are enabled. Performance Insights expand on existing Amazon RDS monitoring features to illustrate your database performance and help you analyze it. From the Performance Insights dashboard you can visualize the database load on your Amazon RDS database instance load and filter the load by wait types, SQL statements, hosts, or users. false provision and update
performance_insights_kms_key_id String The ARN for the KMS key to encrypt Performance Insights data. When specifying performance_insights_kms_key_id, set performance_insights_enabled as true. After the KMS key is set, it can never be changed. "" provision and update
performance_insights_retention_period Integer The number of days for which to retain Performance Insights data.

The value must be 7, NUMBER-OF-MONTHS * 31 (where NUMBER-OF-MONTHS is 1-23), or 731.
For example, the following values are valid: 93 (because it's 3 months * 31), 341 (because it's 11 months * 31), 589 (because it's 19 months * 31), and 731.

If you specify an invalid retention period, such as 94, RDS issues an error.
7 provision and update
instance_class String This parameter is required. The database instance class determines the computation and memory capacity of an Amazon Aurora database instance. For information about the restrictions associated with the different types of instances accepted by Aurora, see the AWS Documentation. None provision and update
preferred_maintenance_day String The preferred maintenance day: Sun, Mon, Tue, Wed, Thu, Fri, or Sat. It can only be updated to a non-null value.

After you set a property related to the preferred maintenance window preferred_maintenance_*, you must set all preferred maintenance window properties.

Uses AWS default value for the region if all preferred_maintenance_* properties are null when creating the instance. provision and update
preferred_maintenance_start_hour String The preferred maintenance start hour. Valid values are 00 through 23. It can only be updated to a non-null value.

After you set a property related to the preferred maintenance window preferred_maintenance_*, you must set all preferred maintenance window properties.

Uses AWS default value for the region if all preferred_maintenance_* properties are null when creating the instance. provision and update
preferred_maintenance_start_min String The preferred maintenance start minute. Valid values are 00, 15, 30, 45. It can only be updated to a non-null value.

After you set a property related to the preferred maintenance window preferred_maintenance_*, you must set all preferred maintenance window properties.

Uses AWS default value for the region if all preferred_maintenance_* properties are null when creating the instance. provision and update
preferred_maintenance_end_hour String The preferred maintenance end hour. Valid values are 00 through 23. It can only be updated to a non-null value.

After you set a property related to the preferred maintenance window preferred_maintenance_*, you must set all preferred maintenance window properties.

Uses AWS default value for the region if all preferred_maintenance_* properties are null when creating the instance. provision and update
preferred_maintenance_end_min String The preferred maintenance end minute. Valid values are 00, 15, 30, 45. It can only be updated to a non-null value.

After you set a property related to the preferred maintenance window preferred_maintenance_*, you must set all preferred maintenance window properties.

Uses AWS default value for the region if all preferred_maintenance_* properties are null when creating the instance. provision and update
storage_encrypted Boolean Specifies whether a database cluster is encrypted. For more information about database cluster encryption, see the AWS Documentation. true provision
kms_key_id String The ARN for the user-managed KMS encryption key. When setting this value, storage_encrypted must be enabled. When not set, the AWS-managed key is used for encrypting the database. "" provision
aws_vpc_id String The Virtual Private Cloud (VPC) to connect the instance to The default VPC provision and update
copy_tags_to_snapshot Boolean Copy all instance tags to snapshots true provision and update
preferred_backup_window String The daily time range in UTC during which automated backups are created. For example, 09:46-10:16. It must not overlap with the maintenance window. If not set, it uses the default for the region. For more information, see the AWS Documentation. null provision and update
backup_retention_period Integer The number of days for which automatic backups are kept. Set the value to 0 to deactivate automated backups. An outage occurs if you change the backup retention period from 0 to a nonzero value or the reverse. 1 provision and update
aws_access_key_id String The AWS Access Key to use for an instance. The value the operator entered for AWS Access Key in Ops Manager. provision and update
aws_secret_access_key String The corresponding secret for the AWS Access Key to use for an instance. The value the operator entered for AWS Secret Access Key in Ops Manager. provision and update

Binding

You can bind a service by running:

cf bind-service APP-NAME SERVICE-INSTANCE-NAME --binding-name BINDING-NAME

The following table lists the parameters that you can configure, by using the -c flag, when binding a csb-aws-aurora-postgresql service:

Parameter Name Type Description Default
reader_endpoint Boolean Whether to return the Aurora reader endpoint, which is balanced across Reader and Writer instances. By default the writer endpoint is returned, which maps only to the Writer instance. false

Binding Credentials

The format for binding credentials for Amazon Aurora PostgreSQL-Compatible Edition is as follows:

{
    "name" : "DATABASE-NAME",
    "hostname" : "DATABASE-SERVER-HOST",
    "port" : "DATABASE-SERVER-PORT",
    "username" : "AUTHENTICATION-USERNAME",
    "password" : "AUTHENTICATION-PASSWORD",
    "uri" : "DATABASE-CONNECTION-URI",
    "jdbcUrl" : "JDBC-FORMAT-CONNECTION-URL"
}
check-circle-line exclamation-circle-line close-line
Scroll to top icon