Modifying an RDS Proxy - Amazon Relational Database Service (original) (raw)
To modify a proxy using the AWS CLI, use the commandsmodify-db-proxy,modify-db-proxy-target-group,deregister-db-proxy-targets, andregister-db-proxy-targets.
With the modify-db-proxy command, you can change properties such as the following:
- The set of Secrets Manager secrets used by the proxy.
- Whether TLS is required.
- The idle client timeout.
- Whether to log additional information from SQL statements for debugging.
- The IAM role used to retrieve Secrets Manager secrets.
- The security groups used by the proxy.
The following example shows how to rename an existing proxy.
aws rds modify-db-proxy --db-proxy-name the-proxy --new-db-proxy-name the_new_nameTo modify connection-related settings or rename the target group, use themodify-db-proxy-target-group command. Currently, all proxies have a single target group named default. When you work with this target group, you specify the name of the proxy and default for the name of the target group. You can't rename the default target group.
The following example shows how to first check the MaxIdleConnectionsPercent setting for a proxy and then change it, using the target group.
aws rds describe-db-proxy-target-groups --db-proxy-name the-proxy
{
"TargetGroups": [
{
"Status": "available",
"UpdatedDate": "2019-11-30T16:49:30.342Z",
"ConnectionPoolConfig": {
"MaxIdleConnectionsPercent": 50,
"ConnectionBorrowTimeout": 120,
"MaxConnectionsPercent": 100,
"SessionPinningFilters": []
},
"TargetGroupName": "default",
"CreatedDate": "2019-11-30T16:49:27.940Z",
"DBProxyName": "the-proxy",
"IsDefault": true
}
]
}
aws rds modify-db-proxy-target-group --db-proxy-name the-proxy --target-group-name default --connection-pool-config '
{ "MaxIdleConnectionsPercent": 75 }'
{
"DBProxyTargetGroup": {
"Status": "available",
"UpdatedDate": "2019-12-02T04:09:50.420Z",
"ConnectionPoolConfig": {
"MaxIdleConnectionsPercent": 75,
"ConnectionBorrowTimeout": 120,
"MaxConnectionsPercent": 100,
"SessionPinningFilters": []
},
"TargetGroupName": "default",
"CreatedDate": "2019-11-30T16:49:27.940Z",
"DBProxyName": "the-proxy",
"IsDefault": true
}
} With the deregister-db-proxy-targets andregister-db-proxy-targets commands, you change which RDS DB instances the proxy is associated with through its target group. Currently, each proxy can connect to one RDS DB instance. The target group tracks the connection details for all the RDS DB instances in a Multi-AZ configuration.
The following example starts with a proxy that is associated with an Aurora MySQL cluster namedcluster-56-2020-02-25-1399. The example shows how to change the proxy so that it can connect to a different cluster named provisioned-cluster.
When you work with an RDS DB instance, you specify the --db-instance-identifier option.
The following example modifies an Aurora MySQL proxy. An Aurora PostgreSQL proxy has port 5432.
aws rds describe-db-proxy-targets --db-proxy-name the-proxy
{
"Targets": [
{
"Endpoint": "instance-9814.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "instance-9814"
},
{
"Endpoint": "instance-8898.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "instance-8898"
},
{
"Endpoint": "instance-1018.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "instance-1018"
},
{
"Type": "TRACKED_CLUSTER",
"Port": 0,
"RdsResourceId": "cluster-56-2020-02-25-1399"
},
{
"Endpoint": "instance-4330.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "instance-4330"
}
]
}
aws rds deregister-db-proxy-targets --db-proxy-name the-proxy --db-cluster-identifier cluster-56-2020-02-25-1399
aws rds describe-db-proxy-targets --db-proxy-name the-proxy
{
"Targets": []
}
aws rds register-db-proxy-targets --db-proxy-name the-proxy --db-cluster-identifier provisioned-cluster
{
"DBProxyTargets": [
{
"Type": "TRACKED_CLUSTER",
"Port": 0,
"RdsResourceId": "provisioned-cluster"
},
{
"Endpoint": "gkldje.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "gkldje"
},
{
"Endpoint": "provisioned-1.demo.us-east-1.rds.amazonaws.com",
"Type": "RDS_INSTANCE",
"Port": 3306,
"RdsResourceId": "provisioned-1"
}
]
}To modify a proxy using the RDS API, you use the operationsModifyDBProxy,ModifyDBProxyTargetGroup,DeregisterDBProxyTargets, andRegisterDBProxyTargets operations.
With ModifyDBProxy, you can change properties such as the following:
- The set of Secrets Manager secrets used by the proxy.
- Whether TLS is required.
- The idle client timeout.
- Whether to log additional information from SQL statements for debugging.
- The IAM role used to retrieve Secrets Manager secrets.
- The security groups used by the proxy.
With ModifyDBProxyTargetGroup, you can modify connection-related settings. Currently, all proxies have a single target group named default. When you work with this target group, you specify the name of the proxy anddefault for the name of the target group. You can't rename the default target group.
With DeregisterDBProxyTargets and RegisterDBProxyTargets, you change which RDS DB instance the proxy is associated with through its target group. Currently, each proxy can connect to one RDS DB instance . The target group tracks the connection details for the RDS DB instances in a Multi-AZ configuration .