This topic gives you reference information about the Amazon RDS for MySQL (csb-aws-mysql) service. It details the plans, configuration parameters, and binding credentials.
NoteRelease v1.3.0 removes brokerpak pre-configured plans for Amazon RDS for MySQL. All plans must be configured through the tile. If you have instances of the RDS for MySQL that were created in previous versions that you want to maintain, see Previously Provided Pre-configured Plans. For more information about upgrade steps, see Upgrading.
Tanzu Cloud Service Broker for AWS v1.3.0 and later doesn’t support unsecured connections to RDS MySQL instances. For secure connections to work, you must install the AWS certificate bundle in Ops Manager.
Plan Configuration Parameters
When configuring Cloud Service Broker for AWS you can add additional plans. For how to configure plans, see Configure Services with Cloud Service Broker for AWS.
The following table lists parameters which can only be configured for additional plans:
| Parameter Name | Description | Default | Required |
|---|---|---|---|
name |
The plan name. | n/a | Yes |
id |
A unique GUID. | n/a | Yes |
description |
Description of the new plan. | n/a | Yes |
display_name |
Name to use when displaying plan in Marketplace. | n/a | No |
free |
When false, service instances of this service plan have a cost. | true | No |
bindable |
Specifies whether service instances of the service plan can bind to applications. | true | No |
plan_updateable |
Whether the Plan supports upgrading, downgrading, or sidegrading to another version. | true | No |
cores |
Deprecated - Minimum number of cores for the service instance. 2–64, multiples of 2. Use instance_class instead. |
n/a | No |
mysql_version |
The version of the MySQL instance. Either major version, for example, 8.0, or full version, for example, 8.0.30. |
n/a | Yes |
storage_gb |
Size of storage volume for service instance. 5–4096. | n/a | Yes |
You can also add any of the parameters listed in the Configuration Parameters section to your plan.
To create plans with specific size and versions, set instance_class, storage_gb, and mysql_version properties.
NoteIf you set a parameter at plan level, developers cannot change the value when creating or updating service instances.
Configuration Parameters
You can provision a service by running:
cf create-service csb-aws-mysql PLAN-NAME SERVICE-INSTANCE-NAME -c '{"PARAMETER-NAME": "PARAMETER-VALUE"}
You can update the configuration parameters for a service instance by running:
cf update-service SERVICE-INSTANCE-NAME -c '{"PARAMETER-NAME": "PARAMETER-VALUE"}'
The following table lists the parameters that you can configure, by using the -c flag, when provisioning or updating a csb-aws-mysql service. The Operation column displays whether a parameter is supported for both provision and update, or for provision only:
| Parameter Name | Type | Description | Default | Operation |
|---|---|---|---|---|
instance_name |
String | The name of the AWS instance to create. | csb-mysql-INSTANCE-ID |
provision |
db_name |
String | The name of the database. | vsbdb |
provision |
region |
String | The AWS region to deploy the service in. For more information about available regions, see the AWS documentation. | us-west-2 |
provision |
deletion_protection |
Boolean | Whether deletion protection is enabled. The database cannot be deleted when this value is set. | false |
provision and update |
backup_retention_period |
Integer | The number of days for which automatic backups are kept. Set the value to 0 to deactivate automated backups. An outage occurs if you change the backup retention period from 0 to a nonzero value or the reverse. This applies to both Single-AZ and Multi-AZ database instances. |
7 |
provision and update |
backup_window |
String | The daily time range in UTC during which automated backups are created. For example, 09:46-10:16. It must not overlap with the maintenance window. It can only be updated to a non-null value. For more information, see the AWS documentation. |
Uses AWS default value for the region | provision and update |
delete_automated_backups |
Boolean | Specifies whether to remove automated backups immediately after the database instance is deleted | true |
provision and update |
copy_tags_to_snapshot |
Boolean | Copy all instance tags to snapshots | true |
provision and update |
aws_vpc_id |
String | The Virtual Private Cloud (VPC) to connect the instance to. | The default VPC | provision and update |
rds_subnet_group |
String | The name of the subnet to attach the database instance to. This overrides aws_vpc_id. |
None | provision and update |
rds_vpc_security_group_ids |
Comma-separated String | Security group IDs to assign to the database instance. | None | provision |
aws_access_key_id |
String | The AWS Access Key to use for an instance. | The value the operator entered for AWS Access Key in Ops Manager. | provision and update |
aws_secret_access_key |
String | The corresponding secret for the AWS Access Key to use for an instance. | The value the operator entered for AWS Secret Access Key in Ops Manager. | provision and update |
instance_class |
String | Specifying the instance class overrides the conversion of cores to instance classes that is described in the Core to Instance Class Mapping table in the Plans for MySQL section earlier. For more information about database instance classes, see the AWS documentation. |
n/a | provision and update |
storage_type |
String | Type of storage to be used. One of standard (magnetic), gp2 (general purpose SSD), or io1 (provisioned IOPS SSD). |
io1 |
provision and update |
iops |
Integer | The amount of provisioned IOPS. For this property to take effect, storage_type must be set to io1. |
3000 |
provision and update |
multi_az |
Boolean | If true, it enables Multi-AZ DB instance deployment. For more information about Multi-AZ deployments, see the AWS documentation. |
true |
provision and update |
publicly_accessible |
Boolean | If true, make instance available to public connections. |
false |
provision and update |
allow_major_version_upgrade |
Boolean | Indicates that major version upgrades are allowed. Changing this parameter does not cause an outage and the change is asynchronously applied as soon as possible. | true |
provision and update |
auto_minor_version_upgrade |
Boolean | (Optional) Indicates that minor engine upgrades are applied automatically to the database instance during the maintenance window. | true |
provision and update |
maintenance_day |
String | The preferred maintenance day: Sun, Mon, Tue, Wed, Thu, Fri, or Sat. It can only be updated to a non-null value. |
Uses AWS default value for the region if all maintenance_* properties are null when creating the instance |
provision and update |
maintenance_start_hour |
String | The preferred maintenance start hour. Valid values are 00 through 23. It can only be updated to a non-null value. |
Uses AWS default value for the region if all maintenance_* properties are null when creating the instance |
provision and update |
maintenance_start_min |
String | The preferred maintenance start minute. Valid values are 00, 15, 30, 45. It can only be updated to a non-null value. |
Uses AWS default value for the region if all maintenance_* properties are null when creating the instance |
provision and update |
maintenance_end_hour |
String | The preferred maintenance end hour. Valid values are 00 through 23. It can only be updated to a non-null value. |
Uses AWS default value for the region if all maintenance_* properties are null when creating the instance |
provision and update |
maintenance_end_min |
String | The preferred maintenance end minute. Valid values are 00, 15, 30, 45. It can only be updated to a non-null value. |
Uses AWS default value for the region if all maintenance_* properties are null when creating the instance |
provision and update |
storage_encrypted |
Boolean | Configures database storage encryption. | true |
provision |
kms_key_id |
String | The ARN for the KMS encryption key. Enable the storage_encrypted property if the key is specified. Use the ARN in this field, not the ID as the name might suggest.Amazon RDS-encrypted database instances provide an additional layer of data protection by securing data from unauthorized access to the underlying storage. Amazon RDS uses an AWS KMS key to encrypt these resources. You can use a custom key with the configuration that you want. |
"" |
provision |
parameter_group_name |
String | The MySQL parameter group name for the service instance. Setting parameter_group_name: "" during an update is ignored. If you want to replace the current parameter group with the default one, you need to explicitly specify its name. |
"" |
provision and update |
storage_autoscale |
Boolean | Enable storage autoscaling up to storage_autoscale_limit_gb. |
true |
provision and update |
storage_autoscale_limit_gb |
Number | Maximum storage size if storage_autoscale is enabled. |
250 |
provision and update |
option_group_name |
String | Name of the database option group to associate with. Setting option_group_name: "" during an update is ignored. If you want to replace the current option group with the default one, you need to explicitly specify its name. |
"" |
provision and update |
monitoring_interval |
Integer | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the database instance. To stop collecting Enhanced Monitoring metrics, enter 0. Valid values: 0, 1, 5, 10, 15, 30, 60. A monitoring_role_arn value is required if you enter a monitoring_interval value other than 0. |
0 |
provision and update |
monitoring_role_arn |
String | Enhanced Monitoring requires permission to act on your behalf to send OS metric information to CloudWatch Logs. This property represents the ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to CloudWatch Logs. | "" |
provision and update |
performance_insights_enabled |
Boolean | Specifies whether Performance Insights are enabled. Performance Insights expand on existing Amazon RDS monitoring features to illustrate your database performance and help you analyze it. From the Performance Insights dashboard you can visualize the database load on your Amazon RDS database instance load and filter the load by wait types, SQL statements, hosts, or users. | false |
provision and update |
performance_insights_kms_key_id |
String | The ARN for the KMS key to encrypt Performance Insights data. When specifying performance_insights_kms_key_id, set performance_insights_enabled as true. After the KMS key is set, it can never be changed. |
"" |
provision and update |
performance_insights_retention_period |
Integer | The number of days for which to retain Performance Insights data. The value must be 7, NUMBER-OF-MONTHS * 31 (where NUMBER-OF-MONTHS is 1-23), or 731.For example, the following values are valid: 93 (because it's 3 months * 31), 341 (because it's 11 months * 31), 589 (because it's 19 months * 31), and 731.If you specify an invalid retention period, such as 94, RDS issues an error. |
7 |
provision and update |
enable_audit_logging |
Boolean | If true, it enables the audit cloud_watch_log_export on the RDS instance. It requires setting option_group_name with a pre-created Option Group that fulfils requirements for audit log exports. For config options, see the AWS documentation. When activated, it creates an associated audit CloudWatch log group. When deactivated, the associated audit CloudWatch log group is deleted. |
false |
provision and update |
cloudwatch_log_group_retention_in_days |
Integer | If provided, it sets the retention days for the log group that contains the RDS audit logs. It is used in conjunction with enable_audit_logging |
30 |
provision and update |
cloudwatch_log_group_kms_key_id |
String | If provided, it sets the KSM key to use for encrypting the CloudWatch log group that is created for the RDS audit logs. It is used in conjunction with enable_audit_logging |
"" |
provision and update |
Binding
You can bind a service by running:
cf bind-service APP-NAME SERVICE-INSTANCE-NAME --binding-name BINDING-NAME
Binding Credentials
The format for binding credentials for MySQL is as follows:
{
"name" : "DATABASE-NAME",
"hostname" : "DATABASE-SERVER-HOST",
"port" : "DATABASE-SERVER-PORT",
"username" : "AUTHENTICATION-USERNAME",
"password" : "AUTHENTICATION-PASSWORD",
"uri" : "DATABASE-CONNECTION-URI",
"jdbcUrl" : "JDBC-FORMAT-CONNECTION-URL"
}
NoteThe
jdbcUrlhas server certificate verification always enabled, and requires the use of MySQL Connector for Java v8.0.13 or later.
Previously Provided Pre-configured Plans
The following table lists the previously provided plans for the Amazon RDS for MySQL service:
| Plan | Description |
|---|---|
| small | MySQL 5.7, 2 vCPUs, 4 GB RAM, 5 GB storage |
| medium | MySQL 5.7, 4 vCPUs, 8 GB RAM, 10 GB storage |
| large | MySQL 5.7, 8 vCPUs, 16 GB RAM, 20 GB storage |
To keep these plans in this version of the broker, add them through the tile as custom plans. For how to configure plans through the tile, see Configure Services with Cloud Service Broker for AWS.
Add the following block to keep the small plan:
{
"name": "small",
"id": "2268ce43-7fd7-48dc-be2f-8611e11fb12e",
"description": "MySQL v5.7, minimum 2 cores, minimum 4GB ram, 5GB storage",
"display_name": "small",
"cores": 2,
"storage_gb": 5,
"storage_type": "gp2",
"mysql_version": 5.7,
"storage_encrypted": false,
"multi_az": false,
"storage_autoscale": false
}
Add the following block to keep the medium plan:
{
"name": "medium",
"id": "f2ae0bb7-6921-43b7-bae7-6d1fe1c5d1c6",
"description": "MySQL 5.7, minimum 4 cores, minimum 8GB ram, 10GB storage",
"display_name": "medium",
"cores": 4,
"storage_gb": 10,
"storage_type": "gp2",
"mysql_version": 5.7,
"storage_encrypted": false,
"multi_az": false,
"storage_autoscale": false
}
Add the following block to keep the large plan:
{
"name": "large",
"id": "a5fea013-e87f-488f-969d-1cf038881b57",
"description": "MySQL 5.7, minimum 8 cores, minimum 16GB ram, 20GB storage",
"display_name": "large",
"cores": 8,
"storage_gb": 20,
"storage_type": "gp2",
"mysql_version": 5.7,
"storage_encrypted": false,
"multi_az": false,
"storage_autoscale": false
}
