This is the preferred interface for making RDS Instance resources with Fugue.

If you want to manage and RDS Instance with Fugue, the new function is the right place to start.

Module Members



Create a reference to an externally managed DBInstance.

Example usage:

dbinstance: RDS.DBInstance.external("test-db", AWS.Us-east-1)

Type Signature

 fun (String, Region) -> DBInstance
Argument: name

The name of the target DBInstance.

Type: String

Argument: region

The Region containing the target DBInstance.

Type: Region


A reference to the specified DBInstance.

Type: DBInstance



Create a new DBInstance.

To learn more about how to use this functionality take a look at our hands-on example at http://docs.fugue.co/fugue-by-example-encrypted-password.html

Note: RDS operations, such as starting a new RDS instance, occasionally exceed Fugue’s timeout period. This can result in an error, stating the “Database instance is not in available state”, temporarily reported by the Fugue CLI until the RDS Instance is an appropriate state to continue. If the error persists indefinitely, further troubleshooting may be required.


import Fugue.AWS.EC2 as EC2
import Fugue.AWS.Pattern.Network as Network
import Fugue.AWS.RDS as RDS
import Fugue.Core.AWS.Common as AWS
import Fugue.Core.Vars as Vars

net: Network.new({
  name: "EXAMPLE",
  cidr: "",
  region: AWS.Us-east-1,
  publicSubnets: [
    (AWS.B, ""),
    (AWS.C, "")
  privateSubnets: [
    (AWS.B, ""),
    (AWS.C, "")

dbSubnetGroup: RDS.DBSubnetGroup.new {
  name: "private",
  description: "private subnets",
  subnets: net.privateSubnets,
  tags: None,

dbSecurityGroup: EC2.SecurityGroup.new {
  description: "My Database",
  ipPermissions: [
    # add rules here...
  ipPermissionsEgress: None,
  vpc: net.vpc,
  tags: None

dbInstance: RDS.DBInstance.new {
  dbInstanceIdentifier: "myDB",
  dbInstanceClass: RDS.DB_M1_LARGE,
  engine: RDS.Postgres,
  masterUsername: "master",
  dbName: None,
  allocatedStorage: 2048,
  securityGroups: [dbSecurityGroup],
  availabilityZone: None,
  dbSubnetGroup: dbSubnetGroup,
  multiAZ: True,
  storageType: EC2.Gp2,
  port: None,
  masterUserPassword: Vars.PlainText {password: "12345"},
  tags: None,

The limits on allocatedStorage differ per Engine:

  • MySQL, MariaDB, and Postgres: 5-6144
  • OracleSE, OracleSE, and OracleEE: 10-6144
  • SQLServerEE and SQLServerSE: 200-4096
  • SQLServerEX and SQLServerWeb: 20-4096

The meaning of dbName differs per Engine:

  • MySQL: The initial database to create.
    • No database is created if dbName is not specified.
    • Maximum length of 64 characters.
  • MariaDB: The initial database to create.
    • No database is created if dbName is not specified.
    • Maximum length of 64 characters.
  • Postgres: The initial database to create.
    • No database is created if dbName is not specified.
    • Maximum length of 63 characters.
    • Must begin with a letter or underscore.
  • OracleSE1, OracleSE, OracleEE: The SID of the DB instance.
    • Defaults to ORCL.
    • Maximum length of 8 characters.
  • SQLServerEE, SQLServerSE, SQLServerEX, SQLServerWeb: Must be None.
  • Aurora: The initial database to create.
    • No database is created if dbName is not specified.
    • Maximum length of 64 characters.

Type Signature

 fun { dbInstanceIdentifier: String,
       dbInstanceClass: DBInstanceClass,
       engine: Engine,
       masterUsername: Optional<String>,
       dbName: Optional<String>,
       allocatedStorage: Optional<Int>,
       securityGroups: List<SecurityGroup>,
       availabilityZone: Optional<AvailabilityZone>,
       dbSubnetGroup: DBSubnetGroup,
       multiAZ: Optional<Bool>,
       storageType: Optional<VolumeType>,
       port: Optional<Int>,
       masterUserPassword: Optional<Password>,
       tags: Optional<List<Tag>>,
       optionGroup: Optional<OptionGroup>,
       preferredBackupWindow: Optional<String>,
       backupRetentionPeriod: Optional<Int>,
       preferredMaintenanceWindow: Optional<String>,
       engineVersion: Optional<String>,
       autoMinorVersionUpgrade: Optional<Bool>,
       licenseModel: Optional<LicenseModel>,
       iops: Optional<Int>,
       characterSetName: Optional<String>,
       publiclyAccessible: Optional<Bool>,
       storageEncrypted: Optional<Bool>,
       caCertificateIdentifier: Optional<String>,
       copyTagsToSnapshot: Optional<Bool>,
       monitoringInterval: Optional<Int>,
       promotionTier: Optional<Int>,
       dbCluster: Optional<DBCluster>,
       dbParameterGroup: Optional<DBParameterGroup>,
       domain: Optional<String>,
       domainRole: Optional<Role>,
       monitoringRole: Optional<Role>,
       kmsKey: Optional<Key>,
       allowMajorVersionUpgrade: Optional<Bool>,
       dbSnapshotIdentifier: Optional<String> } -> DBInstance
Argument: dbInstanceIdentifier

Must be a lowercase string of alphanumeric characters and hyphens between 1 and 63 characters in length (limited to 15 characters for SQL Server). Mutable.

Type: String

Argument: dbInstanceClass

The instance type to run the DB on. Mutable.

Type: DBInstanceClass

Argument: engine

The DB engine to run.

Type: Engine

Argument: masterUsername

The name of the database master user.

Type: Optional<String>

Argument: dbName

Engine specific, see above for details.

Type: Optional<String>

Argument: allocatedStorage

The amount of storage to allocate in GB. See Engine specific constraints above. Mutable.

Type: Optional<Int>

Argument: securityGroups

The list of security groups to attach to the instance. This list must not be empty. Mutable.

Type: List<SecurityGroup>

Argument: availabilityZone

The AZ to deploy the instance in. Must be None if multiAZ is True. Mutable.

Type: Optional<AvailabilityZone>

Argument: dbSubnetGroup

The DBSubnetGroup to deploy the instance in. Mutable.

Type: DBSubnetGroup

Argument: multiAZ

Set to True for a Multi-AZ deployment. availabiltyZone must be None if set to True. Do not use with SQLServerEE, SQLServerSE, SQLServerEX, or SQLServerWeb. Mutable.

Type: Optional<Bool>

Argument: storageType

The type of storage to use. Mutable.

Type: Optional<VolumeType>

Argument: port

The port the DB listens on. Valid ports are between 1150 and 65535, except for SQL Server which can use all ports in 1150-65535 except 1434, 3389, 47001, and 49152-49156. Mutable.

Type: Optional<Int>

Argument: masterUserPassword

The password for the master database user. Mutable.

Type: Optional<Password>

Argument: tags

An optional list of tags to attach to the DB instance. Mutable.

Type: Optional<List<Tag>>

Argument: optionGroup

Associate the DBInstance with the provided Fugue.AWS.RDS.OptionGroup. Mutable.

Type: Optional<OptionGroup>

Argument: preferredBackupWindow

The daily window where backups are performed. Window is specified in UTC using the following format: ‘hh24:mi-hh24:mi’. The provided window must be at least 30 minutes. Defaults to a randomly selected 30 minute window appropriate for the region. Mutable.

Type: Optional<String>

Argument: backupRetentionPeriod

The number of days that backups will be retained. Specifying 0 will disable backups. Defaults to 1. Mutable.

Type: Optional<Int>

Argument: preferredMaintenanceWindow

The weekly window where maintenance can be performed by AWS. Window is specified in UTC using the following format: ‘ddd:hh24:mi-ddd:hh24:mi’. The provided window must be at least 30 minutes. Defaults to a randomly selected day and 30 minute window appropriate for the region. Mutable.

Type: Optional<String>

Argument: engineVersion

The version of the database engine to use. See RDS documentation for a list of supported versions. Mutable.

Type: Optional<String>

Argument: autoMinorVersionUpgrade

If True allows AWS to apply minor version upgrades to your database during the monthly maintenance window. Default to True. Mutable.

Type: Optional<Bool>

Argument: licenseModel

The license model used in the DBInstance. Mutable.

Type: Optional<LicenseModel>

Argument: iops

Provisioned IOPS to allocate for the DBInstance. Must be 3-10 times the size of the allocated storage for your DBInstance, rounded up to the nearest 1000. Mutable.

Type: Optional<Int>

Argument: characterSetName

The character set to associate with the DBInstance. Not supported by all engines.

Type: Optional<String>

Argument: publiclyAccessible

If True the DBInstance has a public IP and DNS name. If False the DBInstance will only be accessible from within your VPC. Defaults to False. Mutable.

Type: Optional<Bool>

Argument: storageEncrypted

If True the DBInstance‘s will use encrypted storage. Defaults to False.

Type: Optional<Bool>

Argument: caCertificateIdentifier


Type: Optional<String>

Argument: copyTagsToSnapshot

If True all Tags from the DBInstance will be copied to any snapshots taken of the instance. Defaults to False. Mutable.

Type: Optional<Bool>

Argument: monitoringInterval

Interval in seconds that enhanced monitoring metrics are collected. Set to 0 to disable enhanced monitoring. Must be one of: 0, 1, 5, 10, 15, 30, or 60. Defaults to 0. Mutable.

Type: Optional<Int>

Argument: promotionTier

Aurora only. Specifies the order in which a replica is promoted to primary after a primary failure. Must be between 0 and 15. Defaults to 1. Mutable.

Type: Optional<Int>

Argument: dbCluster

Aurora only. The DBCluster that this DBInstance is a member of.

Type: Optional<DBCluster>

Argument: dbParameterGroup

The DBParameterGroup to associate with this DBInstance. Mutable.

Type: Optional<DBParameterGroup>

Argument: domain

The Active Directory domain to create the DBInstance in. Mutable.

Type: Optional<String>

Argument: domainRole

The Role to use for domain authentication.

Type: Optional<Role>

Argument: monitoringRole

The Role to use when sending enhanced metrics to CloudWatch Logs. Required if enhanced metrics are enabled (monitoringInterval is non-zero). Mutable.

Type: Optional<Role>

Argument: kmsKey

The KMS key to use when encrypting DBInstance storage. Defaults to the default KMS key for your account.

Type: Optional<Key>

Argument: allowMajorVersionUpgrade

Set to True to enable changes to the major version of the engine. If False attempts to change the engine version, it will result in a runtime error. Defaults to False. Mutable.

Type: Optional<Bool>

Argument: dbSnapshotIdentifier

The snapshot to provision the DBInstance from.

Type: Optional<String>


The DBInstance.

Type: DBInstance



type Spec:
  dbInstanceIdentifier: String
  dbInstanceClass: DBInstanceClass
  engine: Engine
  masterUsername: Optional<String>
  dbName: Optional<String>
  allocatedStorage: Optional<Int>
  securityGroups: List<SecurityGroup>
  availabilityZone: Optional<AvailabilityZone>
  dbSubnetGroup: DBSubnetGroup
  multiAZ: Optional<Bool>
  storageType: Optional<VolumeType>
  port: Optional<Int>
  masterUserPassword: Optional<Password>
  tags: Optional<List<Tag>>


See Fugue.AWS.RDS.DbInstance.new for the documentation on the current arguments.

Record {

Field: dbInstanceIdentifier
Type: String
Field: dbInstanceClass
Type: DBInstanceClass
Field: engine
Type: Engine
Field: masterUsername
Type: Optional<String>
Field: dbName
Type: Optional<String>
Field: allocatedStorage
Type: Optional<Int>
Field: securityGroups
Type: List<SecurityGroup>
Field: availabilityZone
Type: Optional<AvailabilityZone>
Field: dbSubnetGroup
Type: DBSubnetGroup
Field: multiAZ
Type: Optional<Bool>
Field: storageType
Type: Optional<VolumeType>
Field: port
Type: Optional<Int>
Field: masterUserPassword
Type: Optional<Password>
Field: tags
Type: Optional<List<Tag>>




  dbName: None
  multiAZ: None
  storageType: None
  port: None
  tags: None

Defaults for RDS DBInstances.

  • dbName: None - see above for what this means for your Engine.
  • multiAZ: None - a single AZ deployment.
  • storageType: None - use the “standard” volume type.
  • port: None - use the default port for your Engine.
  • tags: None - no tags are attached.