View Source AWS.DSQL (aws-elixir v1.0.10)
This is an interface reference for Amazon Aurora DSQL.
It contains documentation for one of the programming or command line interfaces you can use to manage Amazon Aurora DSQL.
Amazon Aurora DSQL is a serverless, distributed SQL database suitable for workloads of any size. is available in both single-Region and multi-Region configurations, so your clusters and databases are always available even if an Availability Zone or an Amazon Web Services Region are unavailable. lets you focus on using your data to acquire new insights for your business and customers.
Link to this section Summary
Functions
The CreateCluster API allows you to create both single-Region clusters and multi-Region clusters.
Deletes a cluster in Amazon Aurora DSQL.
Deletes the resource-based policy attached to a cluster.
Retrieves information about a cluster.
Retrieves the resource-based policy document attached to a cluster.
Retrieves the VPC endpoint service name.
Retrieves information about a list of clusters.
Lists all of the tags for a resource.
Attaches a resource-based policy to a cluster.
Tags a resource with a map of key and value pairs.
Removes a tag from a resource.
The UpdateCluster API allows you to modify both single-Region and multi-Region cluster configurations.
Link to this section Functions
The CreateCluster API allows you to create both single-Region clusters and multi-Region clusters.
With the addition of the multiRegionProperties parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation.
Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters, as detailed in the ## Required permissions section below.
required-permissions
Required permissions
definitions
Definitions
dsql-createcluster
dsql:CreateCluster
Required to create a cluster.
Resources: arn:aws:dsql:region:account-id:cluster/*
dsql-tagresource
dsql:TagResource
Permission to add tags to a resource.
Resources: arn:aws:dsql:region:account-id:cluster/*
dsql-putmultiregionproperties
dsql:PutMultiRegionProperties
Permission to configure multi-Region properties for a cluster.
Resources: arn:aws:dsql:region:account-id:cluster/*
dsql-addpeercluster
dsql:AddPeerCluster
When specifying multiRegionProperties.clusters, permission to add peer
clusters.
Resources:
Local cluster: arn:aws:dsql:region:account-id:cluster/*
Each peer cluster: exact ARN of each specified peer cluster
dsql-putwitnessregion
dsql:PutWitnessRegion
When specifying multiRegionProperties.witnessRegion, permission to set a
witness Region. This permission is checked both in the cluster Region and in the
witness Region.
Resources: arn:aws:dsql:region:account-id:cluster/*
Condition Keys: dsql:WitnessRegion (matching the specified witness region)
The witness Region specified in
multiRegionProperties.witnessRegion cannot be the same as the cluster's
Region.
Deletes a cluster in Amazon Aurora DSQL.
Deletes the resource-based policy attached to a cluster.
This removes all access permissions defined by the policy, reverting to default access controls.
Retrieves information about a cluster.
Retrieves the resource-based policy document attached to a cluster.
This policy defines the access permissions and conditions for the cluster.
Retrieves the VPC endpoint service name.
list_clusters(client, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceRetrieves information about a list of clusters.
Lists all of the tags for a resource.
Attaches a resource-based policy to a cluster.
This policy defines access permissions and conditions for the cluster, allowing you to control which principals can perform actions on the cluster.
Tags a resource with a map of key and value pairs.
Removes a tag from a resource.
The UpdateCluster API allows you to modify both single-Region and multi-Region cluster configurations.
With the multiRegionProperties parameter, you can add or modify witness Region support and manage peer relationships with clusters in other Regions.
Note that updating multi-Region clusters requires additional IAM permissions beyond those needed for standard cluster updates, as detailed in the Permissions section.
required-permissions
Required permissions
definitions
Definitions
dsql-updatecluster
dsql:UpdateCluster
Permission to update a DSQL cluster.
Resources: arn:aws:dsql:*region*:*account-id*:cluster/*cluster-id*
definitions-1
Definitions
dsql-putmultiregionproperties
dsql:PutMultiRegionProperties
Permission to configure multi-Region properties for a cluster.
Resources: arn:aws:dsql:*region*:*account-id*:cluster/*cluster-id*
definitions-2
Definitions
dsql-getcluster
dsql:GetCluster
Permission to retrieve cluster information.
Resources: arn:aws:dsql:*region*:*account-id*:cluster/*cluster-id*
dsql-addpeercluster
dsql:AddPeerCluster
Permission to add peer clusters.
Resources:
Local cluster:
arn:aws:dsql:*region*:*account-id*:cluster/*cluster-id*
Each peer cluster: exact ARN of each specified peer cluster
dsql-removepeercluster
dsql:RemovePeerCluster
Permission to remove peer clusters. The dsql:RemovePeerCluster permission uses a wildcard ARN pattern to simplify permission management during updates.
Resources: arn:aws:dsql:*:*account-id*:cluster/*
definitions-3
Definitions
dsql-putwitnessregion
dsql:PutWitnessRegion
Permission to set a witness Region.
Resources: arn:aws:dsql:*region*:*account-id*:cluster/*cluster-id*
Condition Keys: dsql:WitnessRegion (matching the specified witness Region)
this-permission-is-checked-both-in-the-cluster-region-and-in-the-witness
This permission is checked both in the cluster Region and in the witness
Region.
The witness region specified in
multiRegionProperties.witnessRegion cannot be the same as the cluster's
Region.
When updating clusters with peer relationships, permissions are checked for both adding and removing peers.
The dsql:RemovePeerCluster permission uses a wildcard ARN pattern
to simplify permission management during updates.