{"id":13505670,"url":"https://github.com/terraform-aws-modules/terraform-aws-rds","last_synced_at":"2026-01-05T04:06:23.084Z","repository":{"id":37396999,"uuid":"103301797","full_name":"terraform-aws-modules/terraform-aws-rds","owner":"terraform-aws-modules","description":"Terraform module to create AWS RDS resources 🇺🇦","archived":false,"fork":false,"pushed_at":"2025-04-21T23:05:46.000Z","size":4581,"stargazers_count":920,"open_issues_count":2,"forks_count":1361,"subscribers_count":34,"default_branch":"master","last_synced_at":"2025-04-22T00:20:11.086Z","etag":null,"topics":["aws","aws-rds","aws-rds-terraform","rds","terraform-module"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/terraform-aws-modules/rds/aws","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/terraform-aws-modules.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["antonbabenko"],"custom":"https://www.paypal.me/antonbabenko"}},"created_at":"2017-09-12T17:34:27.000Z","updated_at":"2025-04-21T23:05:47.000Z","dependencies_parsed_at":"2023-02-01T06:31:02.518Z","dependency_job_id":"f4fe2c00-ad33-448d-9d9e-9cf7f3ace0a5","html_url":"https://github.com/terraform-aws-modules/terraform-aws-rds","commit_stats":{"total_commits":296,"total_committers":74,"mean_commits":4.0,"dds":0.7094594594594594,"last_synced_commit":"1946cb676869ac2b3cb6c212827ca1c12007105d"},"previous_names":[],"tags_count":141,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-rds","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-rds/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-rds/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-rds/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/terraform-aws-modules","download_url":"https://codeload.github.com/terraform-aws-modules/terraform-aws-rds/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254067077,"owners_count":22009073,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-rds","aws-rds-terraform","rds","terraform-module"],"created_at":"2024-08-01T00:01:11.387Z","updated_at":"2026-01-05T04:06:23.078Z","avatar_url":"https://github.com/terraform-aws-modules.png","language":"HCL","funding_links":["https://github.com/sponsors/antonbabenko","https://www.paypal.me/antonbabenko"],"categories":["HCL","Community Modules"],"sub_categories":["Miscellaneous"],"readme":"# AWS RDS Terraform module\n\nTerraform module which creates RDS resources on AWS.\n\n[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)\n\nRoot module calls these modules which can also be used separately to create independent resources:\n\n- [db_instance](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/modules/db_instance) - creates RDS DB instance\n- [db_subnet_group](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/modules/db_subnet_group) - creates RDS DB subnet group\n- [db_parameter_group](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/modules/db_parameter_group) - creates RDS DB parameter group\n- [db_option_group](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/modules/db_option_group) - creates RDS DB option group\n- [db_instance_role_association](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/modules/db_instance_role_association) - creates RDS DB instance role association resources\n\n## Usage\n\n```hcl\nmodule \"db\" {\n  source = \"terraform-aws-modules/rds/aws\"\n\n  identifier = \"demodb\"\n\n  engine            = \"mysql\"\n  engine_version    = \"8.0\"\n  instance_class    = \"db.t3a.large\"\n  allocated_storage = 5\n\n  db_name  = \"demodb\"\n  username = \"user\"\n  port     = \"3306\"\n\n  iam_database_authentication_enabled = true\n\n  vpc_security_group_ids = [\"sg-12345678\"]\n\n  maintenance_window = \"Mon:00:00-Mon:03:00\"\n  backup_window      = \"03:00-06:00\"\n\n  # Enhanced Monitoring - see example for details on how to create the role\n  # by yourself, in case you don't want to create it automatically\n  monitoring_interval    = \"30\"\n  monitoring_role_name   = \"MyRDSMonitoringRole\"\n  create_monitoring_role = true\n\n  tags = {\n    Owner       = \"user\"\n    Environment = \"dev\"\n  }\n\n  # DB subnet group\n  create_db_subnet_group = true\n  subnet_ids             = [\"subnet-12345678\", \"subnet-87654321\"]\n\n  # DB parameter group\n  family = \"mysql8.0\"\n\n  # DB option group\n  major_engine_version = \"8.0\"\n\n  # Database Deletion Protection\n  deletion_protection = true\n\n  parameters = [\n    {\n      name  = \"character_set_client\"\n      value = \"utf8mb4\"\n    },\n    {\n      name  = \"character_set_server\"\n      value = \"utf8mb4\"\n    }\n  ]\n\n  options = [\n    {\n      option_name = \"MARIADB_AUDIT_PLUGIN\"\n\n      option_settings = [\n        {\n          name  = \"SERVER_AUDIT_EVENTS\"\n          value = \"CONNECT\"\n        },\n        {\n          name  = \"SERVER_AUDIT_FILE_ROTATIONS\"\n          value = \"37\"\n        },\n      ]\n    },\n  ]\n}\n```\n\n## Conditional creation\n\nThe following values are provided to toggle on/off creation of the associated resources as desired:\n\n```hcl\nmodule \"db\" {\n  source = \"terraform-aws-modules/rds/aws\"\n\n  # Disable creation of RDS instance(s)\n  create_db_instance = false\n\n  # Disable creation of option group - provide an option group or default AWS default\n  create_db_option_group = false\n\n  # Disable creation of parameter group - provide a parameter group or default to AWS default\n  create_db_parameter_group = false\n\n  # Enable creation of subnet group (disabled by default)\n  create_db_subnet_group = true\n\n  # Enable creation of monitoring IAM role\n  create_monitoring_role = true\n\n  # ... omitted\n}\n```\n\n## Option Groups\n\n[Reference](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithOptionGroups.html)\n\nUsers have the ability to:\n\n- Create an option group with the name provided:\n\n```hcl\n  option_group_name            = \"prod-instance-mysql-8.0\"\n  option_group_use_name_prefix = false\n```\n\n- Create an option group using a unique prefix beginning with the name provided:\n\n```hcl\n  option_group_name = \"prod-instance-mysql-8.0\"\n```\n\n- Pass the name of an option group to use that has been created outside of the module:\n\n```hcl\n  create_db_option_group = false\n  option_group_name      = \"prod-instance-mysql-8.0\" # must already exist in AWS\n```\n\n- Skip creating an option group for PostgreSQL entirely as that is not supported\n\n```hcl\n  engine            = \"postgres\"\n  option_group_name = \"prod-instance-postgresql-11.0\" # this will be ignored, no option group created\n```\n\n- Use a default option group provided by AWS\n\n```hcl\n  create_db_option_group = false\n```\n\n## Parameter Groups\n\n[Reference](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html)\n\nUsers have the ability to:\n\n- Create a parameter group with the name provided:\n\n```hcl\n  parameter_group_name            = \"prod-instance-mysql-8.0\"\n  parameter_group_use_name_prefix = false\n```\n\n- Create a parameter group using a unique prefix beginning with the name provided:\n\n```hcl\n  parameter_group_name = \"prod-instance-mysql-8.0\"\n```\n\n- Pass the name of a parameter group to use that has been created outside of the module:\n\n```hcl\n  create_db_parameter_group = false\n  parameter_group_name   = \"prod-instance-mysql-8.0\" # must already exist in AWS\n```\n\n- Use a default parameter group provided by AWS\n\n```hcl\n  create_db_parameter_group = false\n```\n\n## Examples\n\n- [Complete RDS example for MSSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/complete-mssql)\n- [Complete RDS example for MySQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/complete-mysql)\n- [Complete RDS example for Oracle](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/complete-oracle)\n- [Complete RDS example for PostgreSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/complete-postgres)\n- [Cross Region Replica example for PostgreSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/cross-region-replica-postgres)\n- [Enhanced monitoring example](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/enhanced-monitoring)\n- [Parameter and Option Groups example for MySQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/groups)\n- [Replica RDS example for MySQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/replica-mysql)\n- [Replica RDS example for PostgreSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/replica-postgres)\n- [Role association example for PostgreSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/role-association-postgres)\n- [S3 import example for MySQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/s3-import-mysql)\n- [Blue/Green Deployment example for MySQL and PostgreSQL](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/examples/blue-green-deployment)\n\n## Notes\n\n1. This module does not create RDS security group. Use [terraform-aws-security-group](https://github.com/terraform-aws-modules/terraform-aws-security-group) module for this.\n2. For an RDS instance with `storage_type` using `gp3`, be aware that `iops` and `storage_throughput` cannot be specified if the `allocated_storage` value is below a per-`engine` threshold. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage) for details.\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.11.1 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 6.27 |\n\n## Providers\n\nNo providers.\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_db_instance\"\u003e\u003c/a\u003e [db\\_instance](#module\\_db\\_instance) | ./modules/db_instance | n/a |\n| \u003ca name=\"module_db_instance_role_association\"\u003e\u003c/a\u003e [db\\_instance\\_role\\_association](#module\\_db\\_instance\\_role\\_association) | ./modules/db_instance_role_association | n/a |\n| \u003ca name=\"module_db_option_group\"\u003e\u003c/a\u003e [db\\_option\\_group](#module\\_db\\_option\\_group) | ./modules/db_option_group | n/a |\n| \u003ca name=\"module_db_parameter_group\"\u003e\u003c/a\u003e [db\\_parameter\\_group](#module\\_db\\_parameter\\_group) | ./modules/db_parameter_group | n/a |\n| \u003ca name=\"module_db_subnet_group\"\u003e\u003c/a\u003e [db\\_subnet\\_group](#module\\_db\\_subnet\\_group) | ./modules/db_subnet_group | n/a |\n\n## Resources\n\nNo resources.\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_allocated_storage\"\u003e\u003c/a\u003e [allocated\\_storage](#input\\_allocated\\_storage) | The allocated storage in gigabytes | `number` | `null` | no |\n| \u003ca name=\"input_allow_major_version_upgrade\"\u003e\u003c/a\u003e [allow\\_major\\_version\\_upgrade](#input\\_allow\\_major\\_version\\_upgrade) | Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible | `bool` | `false` | no |\n| \u003ca name=\"input_apply_immediately\"\u003e\u003c/a\u003e [apply\\_immediately](#input\\_apply\\_immediately) | Specifies whether any database modifications are applied immediately, or during the next maintenance window | `bool` | `false` | no |\n| \u003ca name=\"input_auto_minor_version_upgrade\"\u003e\u003c/a\u003e [auto\\_minor\\_version\\_upgrade](#input\\_auto\\_minor\\_version\\_upgrade) | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | `bool` | `true` | no |\n| \u003ca name=\"input_availability_zone\"\u003e\u003c/a\u003e [availability\\_zone](#input\\_availability\\_zone) | The Availability Zone of the RDS instance | `string` | `null` | no |\n| \u003ca name=\"input_backup_retention_period\"\u003e\u003c/a\u003e [backup\\_retention\\_period](#input\\_backup\\_retention\\_period) | The days to retain backups for | `number` | `null` | no |\n| \u003ca name=\"input_backup_window\"\u003e\u003c/a\u003e [backup\\_window](#input\\_backup\\_window) | The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance\\_window | `string` | `null` | no |\n| \u003ca name=\"input_blue_green_update\"\u003e\u003c/a\u003e [blue\\_green\\_update](#input\\_blue\\_green\\_update) | Enables low-downtime updates using RDS Blue/Green deployments. | \u003cpre\u003eobject({\u003cbr/\u003e    enabled = optional(bool)\u003cbr/\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_ca_cert_identifier\"\u003e\u003c/a\u003e [ca\\_cert\\_identifier](#input\\_ca\\_cert\\_identifier) | Specifies the identifier of the CA certificate for the DB instance | `string` | `null` | no |\n| \u003ca name=\"input_character_set_name\"\u003e\u003c/a\u003e [character\\_set\\_name](#input\\_character\\_set\\_name) | The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS and Collations and Character Sets for Microsoft SQL Server for more information. This can only be set on creation | `string` | `null` | no |\n| \u003ca name=\"input_cloudwatch_log_group_class\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_class](#input\\_cloudwatch\\_log\\_group\\_class) | Specified the log class of the log group. Possible values are: STANDARD or INFREQUENT\\_ACCESS | `string` | `null` | no |\n| \u003ca name=\"input_cloudwatch_log_group_kms_key_id\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_kms\\_key\\_id](#input\\_cloudwatch\\_log\\_group\\_kms\\_key\\_id) | The ARN of the KMS Key to use when encrypting log data | `string` | `null` | no |\n| \u003ca name=\"input_cloudwatch_log_group_retention_in_days\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_retention\\_in\\_days](#input\\_cloudwatch\\_log\\_group\\_retention\\_in\\_days) | The number of days to retain CloudWatch logs for the DB instance | `number` | `7` | no |\n| \u003ca name=\"input_cloudwatch_log_group_skip_destroy\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_skip\\_destroy](#input\\_cloudwatch\\_log\\_group\\_skip\\_destroy) | Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time, and instead just remove the log group from the Terraform state | `bool` | `null` | no |\n| \u003ca name=\"input_cloudwatch_log_group_tags\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_tags](#input\\_cloudwatch\\_log\\_group\\_tags) | Additional tags for the CloudWatch log group(s) | `map(string)` | `{}` | no |\n| \u003ca name=\"input_copy_tags_to_snapshot\"\u003e\u003c/a\u003e [copy\\_tags\\_to\\_snapshot](#input\\_copy\\_tags\\_to\\_snapshot) | On delete, copy all Instance tags to the final snapshot | `bool` | `true` | no |\n| \u003ca name=\"input_create_cloudwatch_log_group\"\u003e\u003c/a\u003e [create\\_cloudwatch\\_log\\_group](#input\\_create\\_cloudwatch\\_log\\_group) | Determines whether a CloudWatch log group is created for each `enabled_cloudwatch_logs_exports` | `bool` | `false` | no |\n| \u003ca name=\"input_create_db_instance\"\u003e\u003c/a\u003e [create\\_db\\_instance](#input\\_create\\_db\\_instance) | Whether to create a database instance | `bool` | `true` | no |\n| \u003ca name=\"input_create_db_option_group\"\u003e\u003c/a\u003e [create\\_db\\_option\\_group](#input\\_create\\_db\\_option\\_group) | Create a database option group | `bool` | `true` | no |\n| \u003ca name=\"input_create_db_parameter_group\"\u003e\u003c/a\u003e [create\\_db\\_parameter\\_group](#input\\_create\\_db\\_parameter\\_group) | Whether to create a database parameter group | `bool` | `true` | no |\n| \u003ca name=\"input_create_db_subnet_group\"\u003e\u003c/a\u003e [create\\_db\\_subnet\\_group](#input\\_create\\_db\\_subnet\\_group) | Whether to create a database subnet group | `bool` | `false` | no |\n| \u003ca name=\"input_create_monitoring_role\"\u003e\u003c/a\u003e [create\\_monitoring\\_role](#input\\_create\\_monitoring\\_role) | Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs | `bool` | `false` | no |\n| \u003ca name=\"input_custom_iam_instance_profile\"\u003e\u003c/a\u003e [custom\\_iam\\_instance\\_profile](#input\\_custom\\_iam\\_instance\\_profile) | RDS custom iam instance profile | `string` | `null` | no |\n| \u003ca name=\"input_database_insights_mode\"\u003e\u003c/a\u003e [database\\_insights\\_mode](#input\\_database\\_insights\\_mode) | The mode of Database Insights that is enabled for the instance. Valid values: standard, advanced | `string` | `null` | no |\n| \u003ca name=\"input_db_instance_role_associations\"\u003e\u003c/a\u003e [db\\_instance\\_role\\_associations](#input\\_db\\_instance\\_role\\_associations) | A map of DB instance supported feature name to role association ARNs. | `map(string)` | `{}` | no |\n| \u003ca name=\"input_db_instance_tags\"\u003e\u003c/a\u003e [db\\_instance\\_tags](#input\\_db\\_instance\\_tags) | Additional tags for the DB instance | `map(string)` | `{}` | no |\n| \u003ca name=\"input_db_name\"\u003e\u003c/a\u003e [db\\_name](#input\\_db\\_name) | The DB name to create. If omitted, no database is created initially | `string` | `null` | no |\n| \u003ca name=\"input_db_option_group_tags\"\u003e\u003c/a\u003e [db\\_option\\_group\\_tags](#input\\_db\\_option\\_group\\_tags) | Additional tags for the DB option group | `map(string)` | `{}` | no |\n| \u003ca name=\"input_db_parameter_group_tags\"\u003e\u003c/a\u003e [db\\_parameter\\_group\\_tags](#input\\_db\\_parameter\\_group\\_tags) | Additional tags for the  DB parameter group | `map(string)` | `{}` | no |\n| \u003ca name=\"input_db_subnet_group_description\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_description](#input\\_db\\_subnet\\_group\\_description) | Description of the DB subnet group to create | `string` | `null` | no |\n| \u003ca name=\"input_db_subnet_group_name\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_name](#input\\_db\\_subnet\\_group\\_name) | Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC | `string` | `null` | no |\n| \u003ca name=\"input_db_subnet_group_tags\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_tags](#input\\_db\\_subnet\\_group\\_tags) | Additional tags for the DB subnet group | `map(string)` | `{}` | no |\n| \u003ca name=\"input_db_subnet_group_use_name_prefix\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_use\\_name\\_prefix](#input\\_db\\_subnet\\_group\\_use\\_name\\_prefix) | Determines whether to use `subnet_group_name` as is or create a unique name beginning with the `subnet_group_name` as the prefix | `bool` | `true` | no |\n| \u003ca name=\"input_dedicated_log_volume\"\u003e\u003c/a\u003e [dedicated\\_log\\_volume](#input\\_dedicated\\_log\\_volume) | Use a dedicated log volume (DLV) for the DB instance. Requires Provisioned IOPS. | `bool` | `false` | no |\n| \u003ca name=\"input_delete_automated_backups\"\u003e\u003c/a\u003e [delete\\_automated\\_backups](#input\\_delete\\_automated\\_backups) | Specifies whether to remove automated backups immediately after the DB instance is deleted | `bool` | `true` | no |\n| \u003ca name=\"input_deletion_protection\"\u003e\u003c/a\u003e [deletion\\_protection](#input\\_deletion\\_protection) | The database can't be deleted when this value is set to true | `bool` | `false` | no |\n| \u003ca name=\"input_domain\"\u003e\u003c/a\u003e [domain](#input\\_domain) | The ID of the Directory Service Active Directory domain to create the instance in | `string` | `null` | no |\n| \u003ca name=\"input_domain_auth_secret_arn\"\u003e\u003c/a\u003e [domain\\_auth\\_secret\\_arn](#input\\_domain\\_auth\\_secret\\_arn) | (Optional, but required if domain\\_fqdn is provided) The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain. Conflicts with domain and domain\\_iam\\_role\\_name. | `string` | `null` | no |\n| \u003ca name=\"input_domain_dns_ips\"\u003e\u003c/a\u003e [domain\\_dns\\_ips](#input\\_domain\\_dns\\_ips) | (Optional, but required if domain\\_fqdn is provided) The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers. Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. Conflicts with domain and domain\\_iam\\_role\\_name. | `list(string)` | `null` | no |\n| \u003ca name=\"input_domain_fqdn\"\u003e\u003c/a\u003e [domain\\_fqdn](#input\\_domain\\_fqdn) | The fully qualified domain name (FQDN) of the self managed Active Directory domain. Conflicts with domain and domain\\_iam\\_role\\_name. | `string` | `null` | no |\n| \u003ca name=\"input_domain_iam_role_name\"\u003e\u003c/a\u003e [domain\\_iam\\_role\\_name](#input\\_domain\\_iam\\_role\\_name) | (Required if domain is provided) The name of the IAM role to be used when making API calls to the Directory Service | `string` | `null` | no |\n| \u003ca name=\"input_domain_ou\"\u003e\u003c/a\u003e [domain\\_ou](#input\\_domain\\_ou) | (Optional, but required if domain\\_fqdn is provided) The self managed Active Directory organizational unit for your DB instance to join. Conflicts with domain and domain\\_iam\\_role\\_name. | `string` | `null` | no |\n| \u003ca name=\"input_enabled_cloudwatch_logs_exports\"\u003e\u003c/a\u003e [enabled\\_cloudwatch\\_logs\\_exports](#input\\_enabled\\_cloudwatch\\_logs\\_exports) | List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL) | `list(string)` | `[]` | no |\n| \u003ca name=\"input_engine\"\u003e\u003c/a\u003e [engine](#input\\_engine) | The database engine to use | `string` | `null` | no |\n| \u003ca name=\"input_engine_lifecycle_support\"\u003e\u003c/a\u003e [engine\\_lifecycle\\_support](#input\\_engine\\_lifecycle\\_support) | The life cycle type for this DB instance. This setting applies only to RDS for MySQL and RDS for PostgreSQL. Valid values are `open-source-rds-extended-support`, `open-source-rds-extended-support-disabled`. Default value is `open-source-rds-extended-support`. | `string` | `null` | no |\n| \u003ca name=\"input_engine_version\"\u003e\u003c/a\u003e [engine\\_version](#input\\_engine\\_version) | The engine version to use | `string` | `null` | no |\n| \u003ca name=\"input_family\"\u003e\u003c/a\u003e [family](#input\\_family) | The family of the DB parameter group | `string` | `null` | no |\n| \u003ca name=\"input_final_snapshot_identifier_prefix\"\u003e\u003c/a\u003e [final\\_snapshot\\_identifier\\_prefix](#input\\_final\\_snapshot\\_identifier\\_prefix) | The name which is prefixed to the final snapshot on cluster destroy | `string` | `\"final\"` | no |\n| \u003ca name=\"input_iam_database_authentication_enabled\"\u003e\u003c/a\u003e [iam\\_database\\_authentication\\_enabled](#input\\_iam\\_database\\_authentication\\_enabled) | Specifies whether or not the mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled | `bool` | `false` | no |\n| \u003ca name=\"input_identifier\"\u003e\u003c/a\u003e [identifier](#input\\_identifier) | The name of the RDS instance | `string` | n/a | yes |\n| \u003ca name=\"input_instance_class\"\u003e\u003c/a\u003e [instance\\_class](#input\\_instance\\_class) | The instance type of the RDS instance | `string` | `null` | no |\n| \u003ca name=\"input_instance_use_identifier_prefix\"\u003e\u003c/a\u003e [instance\\_use\\_identifier\\_prefix](#input\\_instance\\_use\\_identifier\\_prefix) | Determines whether to use `identifier` as is or create a unique identifier beginning with `identifier` as the specified prefix | `bool` | `false` | no |\n| \u003ca name=\"input_iops\"\u003e\u003c/a\u003e [iops](#input\\_iops) | The amount of provisioned IOPS. Setting this implies a storage\\_type of 'io1' or `gp3`. See `notes` for limitations regarding this variable for `gp3` | `number` | `null` | no |\n| \u003ca name=\"input_kms_key_id\"\u003e\u003c/a\u003e [kms\\_key\\_id](#input\\_kms\\_key\\_id) | The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage\\_encrypted is set to true and kms\\_key\\_id is not specified the default KMS key created in your account will be used. Be sure to use the full ARN, not a key alias. | `string` | `null` | no |\n| \u003ca name=\"input_license_model\"\u003e\u003c/a\u003e [license\\_model](#input\\_license\\_model) | License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1 | `string` | `null` | no |\n| \u003ca name=\"input_maintenance_window\"\u003e\u003c/a\u003e [maintenance\\_window](#input\\_maintenance\\_window) | The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' | `string` | `null` | no |\n| \u003ca name=\"input_major_engine_version\"\u003e\u003c/a\u003e [major\\_engine\\_version](#input\\_major\\_engine\\_version) | Specifies the major version of the engine that this option group should be associated with | `string` | `null` | no |\n| \u003ca name=\"input_manage_master_user_password\"\u003e\u003c/a\u003e [manage\\_master\\_user\\_password](#input\\_manage\\_master\\_user\\_password) | Set to true to allow RDS to manage the master user password in Secrets Manager | `bool` | `true` | no |\n| \u003ca name=\"input_manage_master_user_password_rotation\"\u003e\u003c/a\u003e [manage\\_master\\_user\\_password\\_rotation](#input\\_manage\\_master\\_user\\_password\\_rotation) | Whether to manage the master user password rotation. By default, false on creation, rotation is managed by RDS. There is not currently a way to disable this on initial creation even when set to false. Setting this value to false after previously having been set to true will disable automatic rotation. | `bool` | `false` | no |\n| \u003ca name=\"input_master_user_password_rotate_immediately\"\u003e\u003c/a\u003e [master\\_user\\_password\\_rotate\\_immediately](#input\\_master\\_user\\_password\\_rotate\\_immediately) | Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. | `bool` | `null` | no |\n| \u003ca name=\"input_master_user_password_rotation_automatically_after_days\"\u003e\u003c/a\u003e [master\\_user\\_password\\_rotation\\_automatically\\_after\\_days](#input\\_master\\_user\\_password\\_rotation\\_automatically\\_after\\_days) | Specifies the number of days between automatic scheduled rotations of the secret. Either automatically\\_after\\_days or schedule\\_expression must be specified. | `number` | `null` | no |\n| \u003ca name=\"input_master_user_password_rotation_duration\"\u003e\u003c/a\u003e [master\\_user\\_password\\_rotation\\_duration](#input\\_master\\_user\\_password\\_rotation\\_duration) | The length of the rotation window in hours. For example, 3h for a three hour window. | `string` | `null` | no |\n| \u003ca name=\"input_master_user_password_rotation_schedule_expression\"\u003e\u003c/a\u003e [master\\_user\\_password\\_rotation\\_schedule\\_expression](#input\\_master\\_user\\_password\\_rotation\\_schedule\\_expression) | A cron() or rate() expression that defines the schedule for rotating your secret. Either automatically\\_after\\_days or schedule\\_expression must be specified. | `string` | `null` | no |\n| \u003ca name=\"input_master_user_secret_kms_key_id\"\u003e\u003c/a\u003e [master\\_user\\_secret\\_kms\\_key\\_id](#input\\_master\\_user\\_secret\\_kms\\_key\\_id) | The key ARN, key ID, alias ARN or alias name for the KMS key to encrypt the master user password secret in Secrets Manager.\u003cbr/\u003e  If not specified, the default KMS key for your Amazon Web Services account is used. | `string` | `null` | no |\n| \u003ca name=\"input_max_allocated_storage\"\u003e\u003c/a\u003e [max\\_allocated\\_storage](#input\\_max\\_allocated\\_storage) | Specifies the value for Storage Autoscaling | `number` | `0` | no |\n| \u003ca name=\"input_monitoring_interval\"\u003e\u003c/a\u003e [monitoring\\_interval](#input\\_monitoring\\_interval) | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60 | `number` | `0` | no |\n| \u003ca name=\"input_monitoring_role_arn\"\u003e\u003c/a\u003e [monitoring\\_role\\_arn](#input\\_monitoring\\_role\\_arn) | The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. Must be specified if monitoring\\_interval is non-zero | `string` | `null` | no |\n| \u003ca name=\"input_monitoring_role_description\"\u003e\u003c/a\u003e [monitoring\\_role\\_description](#input\\_monitoring\\_role\\_description) | Description of the monitoring IAM role | `string` | `null` | no |\n| \u003ca name=\"input_monitoring_role_name\"\u003e\u003c/a\u003e [monitoring\\_role\\_name](#input\\_monitoring\\_role\\_name) | Name of the IAM role which will be created when create\\_monitoring\\_role is enabled | `string` | `\"rds-monitoring-role\"` | no |\n| \u003ca name=\"input_monitoring_role_permissions_boundary\"\u003e\u003c/a\u003e [monitoring\\_role\\_permissions\\_boundary](#input\\_monitoring\\_role\\_permissions\\_boundary) | ARN of the policy that is used to set the permissions boundary for the monitoring IAM role | `string` | `null` | no |\n| \u003ca name=\"input_monitoring_role_use_name_prefix\"\u003e\u003c/a\u003e [monitoring\\_role\\_use\\_name\\_prefix](#input\\_monitoring\\_role\\_use\\_name\\_prefix) | Determines whether to use `monitoring_role_name` as is or create a unique identifier beginning with `monitoring_role_name` as the specified prefix | `bool` | `false` | no |\n| \u003ca name=\"input_multi_az\"\u003e\u003c/a\u003e [multi\\_az](#input\\_multi\\_az) | Specifies if the RDS instance is multi-AZ | `bool` | `false` | no |\n| \u003ca name=\"input_nchar_character_set_name\"\u003e\u003c/a\u003e [nchar\\_character\\_set\\_name](#input\\_nchar\\_character\\_set\\_name) | The national character set is used in the NCHAR, NVARCHAR2, and NCLOB data types for Oracle instances. This can't be changed. | `string` | `null` | no |\n| \u003ca name=\"input_network_type\"\u003e\u003c/a\u003e [network\\_type](#input\\_network\\_type) | The type of network stack to use | `string` | `null` | no |\n| \u003ca name=\"input_option_group_description\"\u003e\u003c/a\u003e [option\\_group\\_description](#input\\_option\\_group\\_description) | The description of the option group | `string` | `null` | no |\n| \u003ca name=\"input_option_group_name\"\u003e\u003c/a\u003e [option\\_group\\_name](#input\\_option\\_group\\_name) | Name of the option group | `string` | `null` | no |\n| \u003ca name=\"input_option_group_skip_destroy\"\u003e\u003c/a\u003e [option\\_group\\_skip\\_destroy](#input\\_option\\_group\\_skip\\_destroy) | Set to true if you do not wish the option group to be deleted at destroy time, and instead just remove the option group from the Terraform state | `bool` | `null` | no |\n| \u003ca name=\"input_option_group_timeouts\"\u003e\u003c/a\u003e [option\\_group\\_timeouts](#input\\_option\\_group\\_timeouts) | Define maximum timeout for deletion of `aws_db_option_group` resource | \u003cpre\u003eobject({\u003cbr/\u003e    delete = optional(string)\u003cbr/\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_option_group_use_name_prefix\"\u003e\u003c/a\u003e [option\\_group\\_use\\_name\\_prefix](#input\\_option\\_group\\_use\\_name\\_prefix) | Determines whether to use `option_group_name` as is or create a unique name beginning with the `option_group_name` as the prefix | `bool` | `true` | no |\n| \u003ca name=\"input_options\"\u003e\u003c/a\u003e [options](#input\\_options) | A list of Options to apply | \u003cpre\u003elist(object({\u003cbr/\u003e    option_name                    = string\u003cbr/\u003e    port                           = optional(number)\u003cbr/\u003e    version                        = optional(string)\u003cbr/\u003e    db_security_group_memberships  = optional(list(string))\u003cbr/\u003e    vpc_security_group_memberships = optional(list(string))\u003cbr/\u003e    option_settings = optional(list(object({\u003cbr/\u003e      name  = string\u003cbr/\u003e      value = string\u003cbr/\u003e    })))\u003cbr/\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_parameter_group_description\"\u003e\u003c/a\u003e [parameter\\_group\\_description](#input\\_parameter\\_group\\_description) | Description of the DB parameter group to create | `string` | `null` | no |\n| \u003ca name=\"input_parameter_group_name\"\u003e\u003c/a\u003e [parameter\\_group\\_name](#input\\_parameter\\_group\\_name) | Name of the DB parameter group to associate or create | `string` | `null` | no |\n| \u003ca name=\"input_parameter_group_skip_destroy\"\u003e\u003c/a\u003e [parameter\\_group\\_skip\\_destroy](#input\\_parameter\\_group\\_skip\\_destroy) | Set to true if you do not wish the parameter group to be deleted at destroy time, and instead just remove the parameter group from the Terraform state | `bool` | `null` | no |\n| \u003ca name=\"input_parameter_group_use_name_prefix\"\u003e\u003c/a\u003e [parameter\\_group\\_use\\_name\\_prefix](#input\\_parameter\\_group\\_use\\_name\\_prefix) | Determines whether to use `parameter_group_name` as is or create a unique name beginning with the `parameter_group_name` as the prefix | `bool` | `true` | no |\n| \u003ca name=\"input_parameters\"\u003e\u003c/a\u003e [parameters](#input\\_parameters) | A list of DB parameters (map) to apply | \u003cpre\u003elist(object({\u003cbr/\u003e    name         = string\u003cbr/\u003e    value        = string\u003cbr/\u003e    apply_method = optional(string)\u003cbr/\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_password_wo\"\u003e\u003c/a\u003e [password\\_wo](#input\\_password\\_wo) | Write-Only required unless `manage_master_user_password` is set to `true`, `snapshot_identifier`, or `replicate_source_db` is provided). Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file | `string` | `null` | no |\n| \u003ca name=\"input_password_wo_version\"\u003e\u003c/a\u003e [password\\_wo\\_version](#input\\_password\\_wo\\_version) | Used together with password\\_wo to trigger an update. Increment this value when an update to password\\_wo is required. | `number` | `null` | no |\n| \u003ca name=\"input_performance_insights_enabled\"\u003e\u003c/a\u003e [performance\\_insights\\_enabled](#input\\_performance\\_insights\\_enabled) | Specifies whether Performance Insights are enabled | `bool` | `false` | no |\n| \u003ca name=\"input_performance_insights_kms_key_id\"\u003e\u003c/a\u003e [performance\\_insights\\_kms\\_key\\_id](#input\\_performance\\_insights\\_kms\\_key\\_id) | The ARN for the KMS key to encrypt Performance Insights data | `string` | `null` | no |\n| \u003ca name=\"input_performance_insights_retention_period\"\u003e\u003c/a\u003e [performance\\_insights\\_retention\\_period](#input\\_performance\\_insights\\_retention\\_period) | The amount of time in days to retain Performance Insights data. Valid values are `7`, `731` (2 years) or a multiple of `31` | `number` | `7` | no |\n| \u003ca name=\"input_port\"\u003e\u003c/a\u003e [port](#input\\_port) | The port on which the DB accepts connections | `string` | `null` | no |\n| \u003ca name=\"input_publicly_accessible\"\u003e\u003c/a\u003e [publicly\\_accessible](#input\\_publicly\\_accessible) | Bool to control if instance is publicly accessible | `bool` | `false` | no |\n| \u003ca name=\"input_putin_khuylo\"\u003e\u003c/a\u003e [putin\\_khuylo](#input\\_putin\\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no |\n| \u003ca name=\"input_region\"\u003e\u003c/a\u003e [region](#input\\_region) | Region where this resource will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |\n| \u003ca name=\"input_replica_mode\"\u003e\u003c/a\u003e [replica\\_mode](#input\\_replica\\_mode) | Specifies whether the replica is in either mounted or open-read-only mode. This attribute is only supported by Oracle instances. Oracle replicas operate in open-read-only mode unless otherwise specified | `string` | `null` | no |\n| \u003ca name=\"input_replicate_source_db\"\u003e\u003c/a\u003e [replicate\\_source\\_db](#input\\_replicate\\_source\\_db) | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate | `string` | `null` | no |\n| \u003ca name=\"input_restore_to_point_in_time\"\u003e\u003c/a\u003e [restore\\_to\\_point\\_in\\_time](#input\\_restore\\_to\\_point\\_in\\_time) | Restore to a point in time (MySQL is NOT supported) | \u003cpre\u003eobject({\u003cbr/\u003e    restore_time                             = optional(string)\u003cbr/\u003e    source_db_instance_automated_backups_arn = optional(string)\u003cbr/\u003e    source_db_instance_identifier            = optional(string)\u003cbr/\u003e    source_dbi_resource_id                   = optional(string)\u003cbr/\u003e    use_latest_restorable_time               = optional(bool)\u003cbr/\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_s3_import\"\u003e\u003c/a\u003e [s3\\_import](#input\\_s3\\_import) | Restore from a Percona Xtrabackup in S3 (only MySQL is supported) | \u003cpre\u003eobject({\u003cbr/\u003e    source_engine_version = string\u003cbr/\u003e    bucket_name           = string\u003cbr/\u003e    bucket_prefix         = optional(string)\u003cbr/\u003e    ingestion_role        = string\u003cbr/\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_skip_final_snapshot\"\u003e\u003c/a\u003e [skip\\_final\\_snapshot](#input\\_skip\\_final\\_snapshot) | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted | `bool` | `false` | no |\n| \u003ca name=\"input_snapshot_identifier\"\u003e\u003c/a\u003e [snapshot\\_identifier](#input\\_snapshot\\_identifier) | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05 | `string` | `null` | no |\n| \u003ca name=\"input_storage_encrypted\"\u003e\u003c/a\u003e [storage\\_encrypted](#input\\_storage\\_encrypted) | Specifies whether the DB instance is encrypted | `bool` | `true` | no |\n| \u003ca name=\"input_storage_throughput\"\u003e\u003c/a\u003e [storage\\_throughput](#input\\_storage\\_throughput) | Storage throughput value for the DB instance. See `notes` for limitations regarding this variable for `gp3` | `number` | `null` | no |\n| \u003ca name=\"input_storage_type\"\u003e\u003c/a\u003e [storage\\_type](#input\\_storage\\_type) | One of 'standard' (magnetic), 'gp2' (general purpose SSD), 'gp3' (new generation of general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not. If you specify 'io1' or 'gp3' , you must also include a value for the 'iops' parameter | `string` | `null` | no |\n| \u003ca name=\"input_subnet_ids\"\u003e\u003c/a\u003e [subnet\\_ids](#input\\_subnet\\_ids) | A list of VPC subnet IDs | `list(string)` | `[]` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | A mapping of tags to assign to all resources | `map(string)` | `{}` | no |\n| \u003ca name=\"input_timeouts\"\u003e\u003c/a\u003e [timeouts](#input\\_timeouts) | Updated Terraform resource management timeouts. Applies to `aws_db_instance` in particular to permit resource management times | \u003cpre\u003eobject({\u003cbr/\u003e    create = optional(string)\u003cbr/\u003e    update = optional(string)\u003cbr/\u003e    delete = optional(string)\u003cbr/\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_timezone\"\u003e\u003c/a\u003e [timezone](#input\\_timezone) | Time zone of the DB instance. timezone is currently only supported by Microsoft SQL Server. The timezone can only be set on creation. See MSSQL User Guide for more information | `string` | `null` | no |\n| \u003ca name=\"input_upgrade_storage_config\"\u003e\u003c/a\u003e [upgrade\\_storage\\_config](#input\\_upgrade\\_storage\\_config) | Whether to upgrade the storage file system configuration on the read replica. Can only be set with replicate\\_source\\_db. | `bool` | `null` | no |\n| \u003ca name=\"input_username\"\u003e\u003c/a\u003e [username](#input\\_username) | Username for the master DB user | `string` | `null` | no |\n| \u003ca name=\"input_vpc_security_group_ids\"\u003e\u003c/a\u003e [vpc\\_security\\_group\\_ids](#input\\_vpc\\_security\\_group\\_ids) | List of VPC security groups to associate | `list(string)` | `[]` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_db_instance_address\"\u003e\u003c/a\u003e [db\\_instance\\_address](#output\\_db\\_instance\\_address) | The address of the RDS instance |\n| \u003ca name=\"output_db_instance_arn\"\u003e\u003c/a\u003e [db\\_instance\\_arn](#output\\_db\\_instance\\_arn) | The ARN of the RDS instance |\n| \u003ca name=\"output_db_instance_availability_zone\"\u003e\u003c/a\u003e [db\\_instance\\_availability\\_zone](#output\\_db\\_instance\\_availability\\_zone) | The availability zone of the RDS instance |\n| \u003ca name=\"output_db_instance_ca_cert_identifier\"\u003e\u003c/a\u003e [db\\_instance\\_ca\\_cert\\_identifier](#output\\_db\\_instance\\_ca\\_cert\\_identifier) | Specifies the identifier of the CA certificate for the DB instance |\n| \u003ca name=\"output_db_instance_cloudwatch_log_groups\"\u003e\u003c/a\u003e [db\\_instance\\_cloudwatch\\_log\\_groups](#output\\_db\\_instance\\_cloudwatch\\_log\\_groups) | Map of CloudWatch log groups created and their attributes |\n| \u003ca name=\"output_db_instance_domain\"\u003e\u003c/a\u003e [db\\_instance\\_domain](#output\\_db\\_instance\\_domain) | The ID of the Directory Service Active Directory domain the instance is joined to |\n| \u003ca name=\"output_db_instance_domain_auth_secret_arn\"\u003e\u003c/a\u003e [db\\_instance\\_domain\\_auth\\_secret\\_arn](#output\\_db\\_instance\\_domain\\_auth\\_secret\\_arn) | The ARN for the Secrets Manager secret with the self managed Active Directory credentials for the user joining the domain |\n| \u003ca name=\"output_db_instance_domain_dns_ips\"\u003e\u003c/a\u003e [db\\_instance\\_domain\\_dns\\_ips](#output\\_db\\_instance\\_domain\\_dns\\_ips) | The IPv4 DNS IP addresses of your primary and secondary self managed Active Directory domain controllers |\n| \u003ca name=\"output_db_instance_domain_fqdn\"\u003e\u003c/a\u003e [db\\_instance\\_domain\\_fqdn](#output\\_db\\_instance\\_domain\\_fqdn) | The fully qualified domain name (FQDN) of an self managed Active Directory domain |\n| \u003ca name=\"output_db_instance_domain_iam_role_name\"\u003e\u003c/a\u003e [db\\_instance\\_domain\\_iam\\_role\\_name](#output\\_db\\_instance\\_domain\\_iam\\_role\\_name) | The name of the IAM role to be used when making API calls to the Directory Service |\n| \u003ca name=\"output_db_instance_domain_ou\"\u003e\u003c/a\u003e [db\\_instance\\_domain\\_ou](#output\\_db\\_instance\\_domain\\_ou) | The self managed Active Directory organizational unit for your DB instance to join |\n| \u003ca name=\"output_db_instance_endpoint\"\u003e\u003c/a\u003e [db\\_instance\\_endpoint](#output\\_db\\_instance\\_endpoint) | The connection endpoint |\n| \u003ca name=\"output_db_instance_engine\"\u003e\u003c/a\u003e [db\\_instance\\_engine](#output\\_db\\_instance\\_engine) | The database engine |\n| \u003ca name=\"output_db_instance_engine_version_actual\"\u003e\u003c/a\u003e [db\\_instance\\_engine\\_version\\_actual](#output\\_db\\_instance\\_engine\\_version\\_actual) | The running version of the database |\n| \u003ca name=\"output_db_instance_hosted_zone_id\"\u003e\u003c/a\u003e [db\\_instance\\_hosted\\_zone\\_id](#output\\_db\\_instance\\_hosted\\_zone\\_id) | The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record) |\n| \u003ca name=\"output_db_instance_identifier\"\u003e\u003c/a\u003e [db\\_instance\\_identifier](#output\\_db\\_instance\\_identifier) | The RDS instance identifier |\n| \u003ca name=\"output_db_instance_master_user_secret_arn\"\u003e\u003c/a\u003e [db\\_instance\\_master\\_user\\_secret\\_arn](#output\\_db\\_instance\\_master\\_user\\_secret\\_arn) | The ARN of the master user secret (Only available when manage\\_master\\_user\\_password is set to true) |\n| \u003ca name=\"output_db_instance_name\"\u003e\u003c/a\u003e [db\\_instance\\_name](#output\\_db\\_instance\\_name) | The database name |\n| \u003ca name=\"output_db_instance_port\"\u003e\u003c/a\u003e [db\\_instance\\_port](#output\\_db\\_instance\\_port) | The database port |\n| \u003ca name=\"output_db_instance_resource_id\"\u003e\u003c/a\u003e [db\\_instance\\_resource\\_id](#output\\_db\\_instance\\_resource\\_id) | The RDS Resource ID of this instance |\n| \u003ca name=\"output_db_instance_role_associations\"\u003e\u003c/a\u003e [db\\_instance\\_role\\_associations](#output\\_db\\_instance\\_role\\_associations) | A map of DB Instance Identifiers and IAM Role ARNs separated by a comma |\n| \u003ca name=\"output_db_instance_secretsmanager_secret_rotation_enabled\"\u003e\u003c/a\u003e [db\\_instance\\_secretsmanager\\_secret\\_rotation\\_enabled](#output\\_db\\_instance\\_secretsmanager\\_secret\\_rotation\\_enabled) | Specifies whether automatic rotation is enabled for the secret |\n| \u003ca name=\"output_db_instance_status\"\u003e\u003c/a\u003e [db\\_instance\\_status](#output\\_db\\_instance\\_status) | The RDS instance status |\n| \u003ca name=\"output_db_instance_upgrade_rollout_order\"\u003e\u003c/a\u003e [db\\_instance\\_upgrade\\_rollout\\_order](#output\\_db\\_instance\\_upgrade\\_rollout\\_order) | Order in which the instances are upgraded (first, second, last) |\n| \u003ca name=\"output_db_instance_username\"\u003e\u003c/a\u003e [db\\_instance\\_username](#output\\_db\\_instance\\_username) | The master username for the database |\n| \u003ca name=\"output_db_listener_endpoint\"\u003e\u003c/a\u003e [db\\_listener\\_endpoint](#output\\_db\\_listener\\_endpoint) | Specifies the listener connection endpoint for SQL Server Always On |\n| \u003ca name=\"output_db_option_group_arn\"\u003e\u003c/a\u003e [db\\_option\\_group\\_arn](#output\\_db\\_option\\_group\\_arn) | The ARN of the db option group |\n| \u003ca name=\"output_db_option_group_id\"\u003e\u003c/a\u003e [db\\_option\\_group\\_id](#output\\_db\\_option\\_group\\_id) | The db option group id |\n| \u003ca name=\"output_db_parameter_group_arn\"\u003e\u003c/a\u003e [db\\_parameter\\_group\\_arn](#output\\_db\\_parameter\\_group\\_arn) | The ARN of the db parameter group |\n| \u003ca name=\"output_db_parameter_group_id\"\u003e\u003c/a\u003e [db\\_parameter\\_group\\_id](#output\\_db\\_parameter\\_group\\_id) | The db parameter group id |\n| \u003ca name=\"output_db_subnet_group_arn\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_arn](#output\\_db\\_subnet\\_group\\_arn) | The ARN of the db subnet group |\n| \u003ca name=\"output_db_subnet_group_id\"\u003e\u003c/a\u003e [db\\_subnet\\_group\\_id](#output\\_db\\_subnet\\_group\\_id) | The db subnet group name |\n| \u003ca name=\"output_enhanced_monitoring_iam_role_arn\"\u003e\u003c/a\u003e [enhanced\\_monitoring\\_iam\\_role\\_arn](#output\\_enhanced\\_monitoring\\_iam\\_role\\_arn) | The Amazon Resource Name (ARN) specifying the monitoring role |\n| \u003ca name=\"output_enhanced_monitoring_iam_role_name\"\u003e\u003c/a\u003e [enhanced\\_monitoring\\_iam\\_role\\_name](#output\\_enhanced\\_monitoring\\_iam\\_role\\_name) | The name of the monitoring role |\n\u003c!-- END_TF_DOCS --\u003e\n\n## Authors\n\nModule is maintained by [Anton Babenko](https://github.com/antonbabenko) with help from [these awesome contributors](https://github.com/terraform-aws-modules/terraform-aws-rds/graphs/contributors).\n\n## License\n\nApache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-aws-rds/tree/master/LICENSE) for full details.\n\n## Additional information for users from Russia and Belarus\n\n* Russia has [illegally annexed Crimea in 2014](https://en.wikipedia.org/wiki/Annexation_of_Crimea_by_the_Russian_Federation) and [brought the war in Donbas](https://en.wikipedia.org/wiki/War_in_Donbas) followed by [full-scale invasion of Ukraine in 2022](https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine).\n* Russia has brought sorrow and devastations to millions of Ukrainians, killed hundreds of innocent people, damaged thousands of buildings, and forced several million people to flee.\n* [Putin khuylo!](https://en.wikipedia.org/wiki/Putin_khuylo!)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-rds","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-rds","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-rds/lists"}