rds – create, delete, or modify Amazon rds instances, rds snapshots, and related facts

Synopsis

• Creates, deletes, or modifies rds resources.
• When creating an instance it can be either a new instance or a read-only replica of an existing instance.
• This module has a dependency on python-boto >= 2.5 and will soon be deprecated.
• The ‘promote’ command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0).
• Please use boto3 based rds_instance instead.

Requirements

The below requirements are needed on the host that executes this module.

• boto
• python >= 2.6

Parameters

Parameter	Choices/Defaults	Comments
apply_immediately boolean	Choices: no ← yes	Used only when command=modify. If enabled, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
aws_access_key string		AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used. aliases: ec2_access_key, access_key
aws_secret_key string		AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used. aliases: ec2_secret_key, secret_key
backup_retention -		Number of days backups are retained. Set to 0 to disable backups. Default is 1 day. Valid range: 0-35. Used only when command=create or command=modify.
backup_window -		Backup window in format of hh24:mi-hh24:mi. If not specified then a random backup window is assigned. Used only when command=create or command=modify.
character_set_name -		Associate the DB instance with a specified character set. Used with command=create.
command - / required	Choices: create replicate delete facts modify promote snapshot reboot restore	Specifies the action to take. The 'reboot' option is available starting at version 2.0
db_engine -	Choices: mariadb MySQL oracle-se1 oracle-se2 oracle-se oracle-ee sqlserver-ee sqlserver-se sqlserver-ex sqlserver-web postgres aurora	The type of database. Used only when command=create. mariadb was added in version 2.2
db_name -		Name of a database to create within the instance. If not specified then no database is created. Used only when command=create.
debug_botocore_endpoint_logs boolean added in 2.8	Choices: no ← yes	Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
ec2_url string		Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
engine_version -		Version number of the database engine to use. Used only when command=create. If not specified then the current Amazon RDS default engine version is used
force_failover boolean	Choices: no ← yes	Used only when command=reboot. If enabled, the reboot is done using a MultiAZ failover.
instance_name -		Database instance identifier. Required except when using command=facts or command=delete on just a snapshot
instance_type -		The instance type of the database. Must be specified when command=create. Optional when command=replicate, command=modify or command=restore. If not specified then the replica inherits the same instance type as the source instance.
iops -		Specifies the number of IOPS for the instance. Used only when command=create or command=modify. Must be an integer greater than 1000.
license_model -	Choices: license-included bring-your-own-license general-public-license postgresql-license	The license model for this DB instance. Used only when command=create or command=restore.
maint_window -		Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15) If not specified then a random maintenance window is assigned. Used only when command=create or command=modify.
multi_zone boolean	Choices: no yes	Specifies if this is a Multi-availability-zone deployment. Can not be used in conjunction with zone parameter. Used only when command=create or command=modify.
new_instance_name -		Name to rename an instance to. Used only when command=modify.
option_group -		The name of the option group to use. If not specified then the default option group is used. Used only when command=create.
parameter_group -		Name of the DB parameter group to associate with this instance. If omitted then the RDS default DBParameterGroup will be used. Used only when command=create or command=modify.
password -		Password for the master database username. Used only when command=create or command=modify.
port -	Default: "3306 for mysql, 1521 for Oracle, 1433 for SQL Server, 5432 for PostgreSQL."	Port number that the DB instance uses for connections. Used only when command=create or command=replicate. Prior to 2.0 it always defaults to null and the API would use 3306, it had to be set to other DB default values when not using MySql. Starting at 2.0 it automatically defaults to what is expected for each db_engine.
profile string		Uses a boto profile. Only works with boto >= 2.24.0.
publicly_accessible -		explicitly set whether the resource should be publicly accessible or not. Used with command=create, command=replicate. Requires boto >= 2.26.0
region string / required		The AWS region to use. If not specified then the value of the EC2_REGION environment variable, if any, is used. aliases: aws_region, ec2_region
security_groups -		Comma separated list of one or more security groups. Used only when command=create or command=modify.
security_token string		AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used. aliases: access_token
size -		Size in gigabytes of the initial storage for the DB instance. Used only when command=create or command=modify.
snapshot -		Name of snapshot to take. When command=delete, if no snapshot name is provided then no snapshot is taken. If used with command=delete with no instance_name, the snapshot is deleted. Used with command=facts, command=delete or command=snapshot.
source_instance -		Name of the database to replicate. Used only when command=replicate.
subnet -		VPC subnet group. If specified then a VPC instance is created. Used only when command=create.
tags -		tags dict to apply to a resource. Used with command=create, command=replicate, command=restore. Requires boto >= 2.26.0
upgrade boolean	Choices: no ← yes	Indicates that minor version upgrades should be applied automatically. Used only when command=create or command=modify or command=restore or command=replicate.
username -		Master database username. Used only when command=create.
validate_certs boolean	Choices: no yes ←	When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
vpc_security_groups -		Comma separated list of one or more vpc security group ids. Also requires `subnet` to be specified. Used only when command=create or command=modify.
wait boolean	Choices: no ← yes	When command=create, replicate, modify or restore then wait for the database to enter the 'available' state. When command=delete wait for the database to be terminated.
wait_timeout -	Default: 300	how long before wait gives up, in seconds
zone -		availability zone in which to launch the instance. Used only when command=create, command=replicate or command=restore. aliases: aws_zone, ec2_zone

Notes

Note

• If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence AWS_URL or EC2_URL, AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY or EC2_ACCESS_KEY, AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY or EC2_SECRET_KEY, AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN, AWS_REGION or EC2_REGION
• Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
• AWS_REGION or EC2_REGION can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file

Examples

# Basic mysql provisioning example
- rds:
    command: create
    instance_name: new-database
    db_engine: MySQL
    size: 10
    instance_type: db.m1.small
    username: mysql_admin
    password: 1nsecure
    tags:
      Environment: testing
      Application: cms

# Create a read-only replica and wait for it to become available
- rds:
    command: replicate
    instance_name: new-database-replica
    source_instance: new_database
    wait: yes
    wait_timeout: 600

# Delete an instance, but create a snapshot before doing so
- rds:
    command: delete
    instance_name: new-database
    snapshot: new_database_snapshot

# Get facts about an instance
- rds:
    command: facts
    instance_name: new-database
  register: new_database_facts

# Rename an instance and wait for the change to take effect
- rds:
    command: modify
    instance_name: new-database
    new_instance_name: renamed-database
    wait: yes

# Reboot an instance and wait for it to become available again
- rds:
    command: reboot
    instance_name: database
    wait: yes

# Restore a Postgres db instance from a snapshot, wait for it to become available again, and
#  then modify it to add your security group. Also, display the new endpoint.
#  Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI
- local_action:
     module: rds
     command: restore
     snapshot: mypostgres-snapshot
     instance_name: MyNewInstanceName
     region: us-west-2
     zone: us-west-2b
     subnet: default-vpc-xx441xxx
     publicly_accessible: yes
     wait: yes
     wait_timeout: 600
     tags:
         Name: pg1_test_name_tag
  register: rds

- local_action:
     module: rds
     command: modify
     instance_name: MyNewInstanceName
     region: us-west-2
     vpc_security_groups: sg-xxx945xx

- debug:
    msg: "The new db endpoint is {{ rds.instance.endpoint }}"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key					Returned	Description
instance complex					always	the rds instance
	allocated_storage string				when RDS instance exists	the allocated storage size in gigabytes (GB) Sample: 100
	auto_minor_version_upgrade boolean				when RDS instance exists	indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window Sample: true
	backup_window string				when RDS instance exists and automated backups are enabled	the daily time range during which automated backups are created if automated backups are enabled Sample: 03:00-03:30
	character_set_name string				when RDS instance exists	the name of the character set that this instance is associated with Sample: AL32UTF8
	db_name string				when RDS instance exists	the name of the database to create when the DB instance is created Sample: ASERTG
	db_subnet_groups complex				when RDS instance exists	information on the subnet group associated with this RDS instance
		description string			when RDS instance exists	the subnet group associated with the DB instance Sample: Subnets for the UAT RDS SQL DB Instance
		name string			when RDS instance exists	the name of the DB subnet group Sample: samplesubnetgrouprds-j6paiqkxqp4z
		status string			when RDS instance exists	the status of the DB subnet group Sample: complete
		subnets complex			when RDS instance exists	the description of the DB subnet group
			availability_zone complex		when RDS instance exists	subnet availability zone information
				name string	when RDS instance exists	availability zone Sample: eu-west-1b
				provisioned_iops_capable boolean	when RDS instance exists	whether provisioned iops are available in AZ subnet Sample: false
			identifier string		when RDS instance exists	the identifier of the subnet Sample: subnet-3fdba63e
			status string		when RDS instance exists	the status of the subnet Sample: active
	endpoint string				when RDS instance exists	the endpoint uri of the database instance Sample: my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
	engine string				when RDS instance exists	the name of the database engine Sample: oracle-se
	engine_version string				when RDS instance exists	the version of the database engine Sample: 11.2.0.4.v6
	latest_restorable_time string				when RDS instance exists	the latest time to which a database can be restored with point-in-time restore Sample: 1489707802.0
	license_model string				when RDS instance exists	the license model information Sample: bring-your-own-license
	option_groups complex				when RDS instance exists	the list of option group memberships for this RDS instance
		option_group_name string			when RDS instance exists	the option group name for this RDS instance Sample: default:oracle-se-11-2
		status string			when RDS instance exists	the status of the RDS instance's option group membership Sample: in-sync
	parameter_groups complex				when RDS instance exists and parameter groups are defined	the list of DB parameter groups applied to this RDS instance
		parameter_apply_status string			when RDS instance exists	the status of parameter updates Sample: in-sync
		parameter_group_name string			when RDS instance exists	the name of the DP parameter group Sample: testawsrpprodb01spfile-1ujg7nrs7sgyz
	pending_modified_values complex				when RDS instance exists	a dictionary of changes to the RDS instance that are pending
		allocated_storage string			when RDS instance exists	the new allocated storage size for this RDS instance that will be applied or is in progress Sample: null
		backup_retention_period string			when RDS instance exists	the pending number of days for which automated backups are retained Sample: null
		db_instance_class string			when RDS instance exists	the new DB instance class for this RDS instance that will be applied or is in progress Sample: null
		db_instance_identifier string			when RDS instance exists	the new DB instance identifier this RDS instance that will be applied or is in progress Sample: null
		engine_version string			when RDS instance exists	indicates the database engine version Sample: null
		iops string			when RDS instance exists	the new provisioned IOPS value for this RDS instance that will be applied or is being applied Sample: null
		master_user_password string			when RDS instance exists	the pending or in-progress change of the master credentials for this RDS instance Sample: null
		multi_az string			when RDS instance exists	indicates that the single-AZ RDS instance is to change to a multi-AZ deployment Sample: null
		port string			when RDS instance exists	specifies the pending port for this RDS instance Sample: null
	port integer				when RDS instance exists	the listening port of the database instance Sample: 3306
	publicly_accessible boolean				when RDS instance exists	the accessibility options for the DB instance Sample: true
	read_replica_source_dbinstance_identifier string				when read replica RDS instance exists	the identifier of the source DB instance if this RDS instance is a read replica Sample: null
	secondary_availability_zone string				when RDS instance exists and is multy-AZ	the name of the secondary AZ for a DB instance with multi-AZ support Sample: eu-west-1b

Status

• This module is guaranteed to have backward compatible interface changes going forward. [stableinterface]
• This module is maintained by the Ansible Community. [community]

Authors

• Bruce Pennypacker (@bpennypacker)
• Will Thames (@willthames)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.