# Setting up an Amazon Aurora DB cluster
Setting up an Aurora DB cluster

This section shows how to set up your Aurora DB cluster. Before creating an Aurora DB cluster, decide on the DB instance class that will run the DB cluster. Also, decide where the DB cluster will run by choosing an AWS Region. Next, create the DB cluster. If you have data outside of Aurora, you can migrate the data into an Aurora DB cluster.

**Topics**
+ [

# Creating an Amazon Aurora DB cluster
](Aurora.CreateInstance.md)
+ [

# Creating Amazon Aurora resources with AWS CloudFormation
](creating-resources-with-cloudformation.md)
+ [

# Connecting to an Amazon Aurora DB cluster
](Aurora.Connecting.md)
+ [

# Parameter groups for Amazon Aurora
](USER_WorkingWithParamGroups.md)
+ [

# Migrating data to an Amazon Aurora DB cluster
](Aurora.Migrate.md)
+ [

# Creating an Amazon ElastiCache cache using Aurora DB cluster settings
](creating-elasticache-cluster-with-RDS-settings.md)
+ [

# Auto migrating EC2 databases to Amazon Aurora using AWS Database Migration Service
](USER_DMS_migration.md)
+ [

# Tutorial: Creating a MySQL DB cluster with a custom parameter group
](tutorial-creating-custom-OPG.md)

# Creating an Amazon Aurora DB cluster
Creating a DB cluster<a name="create_cluster"></a>

An Amazon Aurora DB cluster consists of a DB instance, compatible with either MySQL or PostgreSQL, and a cluster volume that holds the data for the DB cluster, copied across three Availability Zones as a single, virtual volume. By default, an Aurora DB cluster contains a primary DB instance that performs reads and writes, and, optionally, up to 15 Aurora Replicas (reader DB instances). For more information about Aurora DB clusters, see [Amazon Aurora DB clusters](Aurora.Overview.md).

Aurora has two main types of DB cluster:
+ Aurora provisioned – You choose the DB instance class for the writer and reader instances based on your expected workload. For more information, see [Amazon AuroraDB instance classes](Concepts.DBInstanceClass.md). Aurora provisioned has several options, including Aurora global databases. For more information, see [Using Amazon Aurora Global Database](aurora-global-database.md).
+ Aurora Serverless – Aurora Serverless v2 is an on-demand automatic scaling configuration for Aurora. Capacity is adjusted automatically based on application demand. You're charged only for the resources that your DB cluster consumes. This automation is especially useful for environments with highly variable and unpredictable workloads. For more information, see [Using Aurora Serverless v2](aurora-serverless-v2.md).

Following, you can find out how to create an Aurora DB cluster. To get started, first see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites).

For instructions on connecting to your Aurora DB cluster, see [Connecting to an Amazon Aurora DB cluster](Aurora.Connecting.md).

**Contents**
+ [

## DB cluster prerequisites
](#Aurora.CreateInstance.Prerequisites)
  + [

### Configure the network for the DB cluster
](#Aurora.CreateInstance.Prerequisites.VPC)
    + [

#### Configure automatic network connectivity with an EC2 instance
](#Aurora.CreateInstance.Prerequisites.VPC.Automatic)
    + [

#### Configure the network manually
](#Aurora.CreateInstance.Prerequisites.VPC.Manual)
  + [

### Additional prerequisites
](#Aurora.CreateInstance.Prerequisites.Additional)
+ [

## Creating a DB cluster
](#Aurora.CreateInstance.Creating)
  + [

### Creating a primary (writer) DB instance
](#aurora-create-writer)
+ [

## Settings for Aurora DB clusters
](#Aurora.CreateInstance.Settings)
+ [

## Settings that don't apply to Amazon Aurora for DB clusters
](#Aurora.CreateDBCluster.SettingsNotApplicableDBClusters)
+ [

## Settings that don't apply to Amazon Aurora DB instances
](#Aurora.CreateInstance.SettingsNotApplicable)

## DB cluster prerequisites
Prerequisites

**Important**  
Before you can create an Aurora DB cluster, you must complete the tasks in [Setting up your environment for Amazon Aurora](CHAP_SettingUp_Aurora.md).

The following are prerequisites to complete before creating a DB cluster.

**Topics**
+ [

### Configure the network for the DB cluster
](#Aurora.CreateInstance.Prerequisites.VPC)
+ [

### Additional prerequisites
](#Aurora.CreateInstance.Prerequisites.Additional)

### Configure the network for the DB cluster


You can create an Amazon Aurora DB cluster only in a virtual private cloud (VPC) based on the Amazon VPC service, in an AWS Region that has at least two Availability Zones. The DB subnet group that you choose for the DB cluster must cover at least two Availability Zones. This configuration ensures that your DB cluster always has at least one DB instance available for failover, in the unlikely event of an Availability Zone failure.

If you plan to set up connectivity between your new DB cluster and an EC2 instance in the same VPC, you can do so during DB cluster creation. If you plan to connect to your DB cluster from resources other than EC2 instances in the same VPC, you can configure the network connections manually.

**Topics**
+ [

#### Configure automatic network connectivity with an EC2 instance
](#Aurora.CreateInstance.Prerequisites.VPC.Automatic)
+ [

#### Configure the network manually
](#Aurora.CreateInstance.Prerequisites.VPC.Manual)

#### Configure automatic network connectivity with an EC2 instance


When you create an Aurora DB cluster, you can use the AWS Management Console to set up connectivity between an Amazon EC2 instance and the new DB cluster. When you do so, RDS configures your VPC and network settings automatically. The DB cluster is created in the same VPC as the EC2 instance so that the EC2 instance can access the DB cluster.

The following are requirements for connecting an EC2 instance with the DB cluster:
+ The EC2 instance must exist in the AWS Region before you create the DB cluster.

  If no EC2 instances exist in the AWS Region, the console provides a link to create one.
+ Currently, the DB cluster can't be an Aurora Serverless DB cluster or part of an Aurora global database.
+ The user who is creating the DB instance must have permissions to perform the following operations:
  + `ec2:AssociateRouteTable` 
  + `ec2:AuthorizeSecurityGroupEgress` 
  + `ec2:AuthorizeSecurityGroupIngress` 
  + `ec2:CreateRouteTable` 
  + `ec2:CreateSubnet` 
  + `ec2:CreateSecurityGroup` 
  + `ec2:DescribeInstances` 
  + `ec2:DescribeNetworkInterfaces` 
  + `ec2:DescribeRouteTables` 
  + `ec2:DescribeSecurityGroups` 
  + `ec2:DescribeSubnets` 
  + `ec2:ModifyNetworkInterfaceAttribute` 
  + `ec2:RevokeSecurityGroupEgress` 

Using this option creates a private DB cluster. The DB cluster uses a DB subnet group with only private subnets to restrict access to resources within the VPC.

To connect an EC2 instance to the DB cluster, choose **Connect to an EC2 compute resource** in the **Connectivity** section on the **Create database** page.

![\[Connect an EC2 instance\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/ec2-set-up-connection-create.png)


When you choose **Connect to an EC2 compute resource**, RDS sets the following options automatically. You can't change these settings unless you choose not to set up connectivity with an EC2 instance by choosing **Don't connect to an EC2 compute resource**.


****  

| Console option | Automatic setting | 
| --- | --- | 
|  **Network type**  |  RDS sets network type to **IPv4**. Currently, dual-stack mode isn't supported when you set up a connection between an EC2 instance and the DB cluster.  | 
|  **Virtual Private Cloud (VPC)**  |  RDS sets the VPC to the one associated with the EC2 instance.  | 
|  **DB subnet group**  | RDS requires a DB subnet group with a private subnet in the same Availability Zone as the EC2 instance. If a DB subnet group that meets this requirement exists, then RDS uses the existing DB subnet group. By default, this option is set to Automatic setup. When you choose **Automatic setup** and there is no DB subnet group that meets this requirement, the following action happens. RDS uses three available private subnets in three Availability Zones where one of the Availability Zones is the same as the EC2 instance. If a private subnet isn’t available in an Availability Zone, RDS creates a private subnet in the Availability Zone. Then RDS creates the DB subnet group.When a private subnet is available, RDS uses the route table associated with the subnet and adds any subnets it creates to this route table. When no private subnet is available, RDS creates a route table without internet gateway access and adds the subnets it creates to the route table.RDS also allows you to use existing DB subnet groups. Select **Choose existing** if you want to use an existing DB subnet group of your choice. | 
|  **Public access**  |  RDS chooses **No** so that the DB cluster isn't publicly accessible. For security, it is a best practice to keep the database private and make sure it isn't accessible from the internet.  | 
|  **VPC security group (firewall)**  |  RDS creates a new security group that is associated with the DB cluster. The security group is named `rds-ec2-n`, where `n` is a number. This security group includes an inbound rule with the EC2 VPC security group (firewall) as the source. This security group that is associated with the DB cluster allows the EC2 instance to access the DB cluster. RDS also creates a new security group that is associated with the EC2 instance. The security group is named `ec2-rds-n`, where `n` is a number. This security group includes an outbound rule with the VPC security group of the DB cluster as the source. This security group allows the EC2 instance to send traffic to the DB cluster. You can add another new security group by choosing **Create new** and typing the name of the new security group. You can add existing security groups by choosing **Choose existing** and selecting security groups to add.  | 
|  **Availability Zone**  |  When you don't create an Aurora Replica in **Availability & durability** during DB cluster creation (Single-AZ deployment), RDS chooses the Availability Zone of the EC2 instance. When you create an Aurora Replica during DB cluster creation (Multi-AZ deployment), RDS chooses the Availability Zone of the EC2 instance for one DB instance in the DB cluster. RDS randomly chooses a different Availability Zone for the other DB instance in the DB cluster. Either the primary DB instance or the Aurora Replica is created in the same Availability Zone as the EC2 instance. There is the possibility of cross Availability Zone costs if the primary DB instance and EC2 instance are in different Availability Zones.  | 

For more information about these settings, see [Settings for Aurora DB clusters](#Aurora.CreateInstance.Settings).

If you make any changes to these settings after the DB cluster is created, the changes might affect the connection between the EC2 instance and the DB cluster.

#### Configure the network manually


If you plan to connect to your DB cluster from resources other than EC2 instances in the same VPC, you can configure the network connections manually. If you use the AWS Management Console to create your DB cluster, you can have Amazon RDS automatically create a VPC for you. Or you can use an existing VPC or create a new VPC for your Aurora DB cluster. Whichever approach you take, your VPC must have at least one subnet in each of at least two Availability Zones for you to use it with an Amazon Aurora DB cluster. 

By default, Amazon RDS creates the primary DB instance and the Aurora Replica in the Availability Zones automatically for you. To choose a specific Availability Zone, you need to change the **Availability & durability** Multi-AZ deployment setting to **Don't create an Aurora Replica**. Doing so exposes an **Availability Zone** setting that lets you choose from among the Availability Zones in your VPC. However, we strongly recommend that you keep the default setting and let Amazon RDS create a Multi-AZ deployment and choose Availability Zones for you. By doing so, your Aurora DB cluster is created with the fast failover and high availability features that are two of Aurora's key benefits. 

If you don't have a default VPC or you haven't created a VPC, you can have Amazon RDS automatically create a VPC for you when you create a DB cluster using the console. Otherwise, you must do the following:
+ Create a VPC with at least one subnet in each of at least two of the Availability Zones in the AWS Region where you want to deploy your DB cluster. For more information, see [Working with a DB cluster in a VPC](USER_VPC.WorkingWithRDSInstanceinaVPC.md#Overview.RDSVPC.Create) and [Tutorial: Create a VPC for use with a DB cluster (IPv4 only)](CHAP_Tutorials.WebServerDB.CreateVPC.md).
+ Specify a VPC security group that authorizes connections to your DB cluster. For more information, see [Provide access to the DB cluster in the VPC by creating a security group](CHAP_SettingUp_Aurora.md#CHAP_SettingUp_Aurora.SecurityGroup) and [Controlling access with security groups](Overview.RDSSecurityGroups.md).
+ Specify an RDS DB subnet group that defines at least two subnets in the VPC that can be used by the DB cluster. For more information, see [Working with DB subnet groups](USER_VPC.WorkingWithRDSInstanceinaVPC.md#USER_VPC.Subnets).

 For information on VPCs, see [Amazon VPC and Amazon Aurora](USER_VPC.md). For a tutorial that configures the network for a private DB cluster, see [Tutorial: Create a VPC for use with a DB cluster (IPv4 only)](CHAP_Tutorials.WebServerDB.CreateVPC.md).

If you want to connect to a resource that isn't in the same VPC as the Aurora DB cluster, see the appropriate scenarios in [Scenarios for accessing a DB cluster in a VPC](USER_VPC.Scenarios.md).

### Additional prerequisites


Before you create your DB cluster, consider the following additional prerequisites:
+ If you are connecting to AWS using AWS Identity and Access Management (IAM) credentials, your AWS account must have IAM policies that grant the permissions required to perform Amazon RDS operations. For more information, see [Identity and access management for Amazon Aurora](UsingWithRDS.IAM.md).

  If you are using IAM to access the Amazon RDS console, you must first sign on to the AWS Management Console with your user credentials. Then go to the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).
+ If you want to tailor the configuration parameters for your DB cluster, you must specify a DB cluster parameter group and DB parameter group with the required parameter settings. For information about creating or modifying a DB cluster parameter group or DB parameter group, see [Parameter groups for Amazon Aurora](USER_WorkingWithParamGroups.md).
+ Determine the TCP/IP port number to specify for your DB cluster. The firewalls at some companies block connections to the default ports (3306 for MySQL, 5432 for PostgreSQL) for Aurora. If your company firewall blocks the default port, choose another port for your DB cluster. All instances in a DB cluster use the same port.
+ If the major engine version for your database has reached the RDS end of standard support date, you must use the Extended Support CLI option or the RDS API parameter. For more information, see RDS Extended Support in [Settings for Aurora DB clusters](#Aurora.CreateInstance.Settings).

## Creating a DB cluster


You can create an Aurora DB cluster using the AWS Management Console, the AWS CLI, or the RDS API.

### Console


You can create a DB cluster using the AWS Management Console with **Easy create** enabled or not enabled. With **Easy create** enabled, you specify only the DB engine type, DB instance size, and DB instance identifier. **Easy create** uses the default setting for other configuration options. With **Easy create** not enabled, you specify more configuration options when you create a database, including ones for availability, security, backups, and maintenance.

**Note**  
For this example, **Standard create** is enabled, and **Easy create** isn't enabled. For information about creating a DB cluster with **Easy create** enabled, see [Getting started with Amazon Aurora](CHAP_GettingStartedAurora.md).

**To create an Aurora DB cluster using the console**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the upper-right corner of the AWS Management Console, choose the AWS Region in which you want to create the DB cluster. 

   Aurora is not available in all AWS Regions. For a list of AWS Regions where Aurora is available, see [Region availability](Concepts.RegionsAndAvailabilityZones.md#Aurora.Overview.Availability).

1. In the navigation pane, choose **Databases**.

1. Choose **Create database**.

1. For **Choose a database creation method**, choose **Standard create**.

1. For **Engine type**, choose one of the following:
   + **Aurora (MySQL Compatible)**
   + **Aurora (PostgreSQL Compatible)**  
![\[Aurora MySQL engine selection interface showing version options and compatibility settings for database creation.\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/aurora-engine-options-mysql.png)

1. Choose the **Engine version**.

   For more information, see [Amazon Aurora versions](Aurora.VersionPolicy.md). You can use the filters to choose versions that are compatible with features that you want, such as Aurora Serverless v2. For more information, see [Using Aurora Serverless v2](aurora-serverless-v2.md).

1. In **Templates**, choose the template that matches your use case.

1. To enter your master password, do the following:

   1. In the **Settings** section, expand **Credential Settings**.

   1. Clear the **Auto generate a password** check box.

   1. (Optional) Change the **Master username** value and enter the same password in **Master password** and **Confirm password**.

   By default, the new DB instance uses an automatically generated password for the master user.

1. In the **Connectivity** section under **VPC security group (firewall)**, if you select **Create new**, a VPC security group is created with an inbound rule that allows your local computer's IP address to access the database. 

1. For **Cluster storage configuration**, choose either **Aurora I/O-Optimized** or **Aurora Standard**. For more information, see [Storage configurations for Amazon Aurora DB clusters](Aurora.Overview.StorageReliability.md#aurora-storage-type).  
![\[Cluster storage configuration showing Aurora I/O-Optimized.\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/cluster-storage-configuration-create.png)

1. (Optional) Set up a connection to a compute resource for this DB cluster.

   You can configure connectivity between an Amazon EC2 instance and the new DB cluster during DB cluster creation. For more information, see [Configure automatic network connectivity with an EC2 instance](#Aurora.CreateInstance.Prerequisites.VPC.Automatic).

1. For the remaining sections, specify your DB cluster settings. For information about each setting, see [Settings for Aurora DB clusters](#Aurora.CreateInstance.Settings). 

1. Choose **Create database**. 

   If you chose to use an automatically generated password, the **View credential details** button appears on the **Databases** page.

   To view the master user name and password for the DB cluster, choose **View credential details**.

   To connect to the DB instance as the master user, use the user name and password that appear.
**Important**  
You can't view the master user password again. If you don't record it, you might have to change it. If you need to change the master user password after the DB instance is available, you can modify the DB instance to do so. For more information about modifying a DB instance, see [Modifying an Amazon Aurora DB cluster](Aurora.Modifying.md).

1. For **Databases**, choose the name of the new Aurora DB cluster.

   On the RDS console, the details for new DB cluster appear. The DB cluster and its DB instance have a status of **creating** until the DB cluster is ready to use.  
![\[Summary during DB cluster creation\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/creating-status-aurora-mysql.png)

   When the state changes to **available** for both, you can connect to the DB cluster. Depending on the DB instance class and the amount of storage, it can take up to 20 minutes before the new DB cluster is available.

   To view the newly created cluster, choose **Databases** from the navigation pane in the Amazon RDS console. Then choose the DB cluster to show the DB cluster details. For more information, see [Viewing an Amazon Aurora DB cluster](accessing-monitoring.md#Aurora.Viewing).  
![\[Amazon Aurora DB Instances List\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/AuroraLaunch04.png)

   On the **Connectivity & security** tab, note the port and the endpoint of the writer DB instance. Use the endpoint and port of the cluster in your JDBC and ODBC connection strings for any application that performs write or read operations.

### AWS CLI


**Note**  
Before you can create an Aurora DB cluster using the AWS CLI, you must fulfill the required prerequisites, such as creating a VPC and an RDS DB subnet group. For more information, see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites).

You can use the AWS CLI to create an Aurora MySQL DB cluster or an Aurora PostgreSQL DB cluster.<a name="Aurora.CreateInstance.Creating.CLI.DBCluster.MySQL"></a>

**To create an Aurora MySQL DB cluster using the AWS CLI**

When you create an Aurora MySQL 8.0-compatible or 5.7-compatible DB cluster or DB instance, you specify `aurora-mysql` for the `--engine` option.

Complete the following steps:

1. Identify the DB subnet group and VPC security group ID for your new DB cluster, and then call the [create-db-cluster](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) AWS CLI command to create the Aurora MySQL DB cluster.

   For example, the following command creates a new MySQL 8.0–compatible DB cluster named `sample-cluster`. The cluster uses the default engine version and the Aurora I/O-Optimized storage type.

   For Linux, macOS, or Unix:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster \
       --engine aurora-mysql --engine-version 8.0 \
       --storage-type aurora-iopt1 \
       --master-username user-name --manage-master-user-password \
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

   For Windows:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster ^
       --engine aurora-mysql --engine-version 8.0 ^
       --storage-type aurora-iopt1 ^
       --master-username user-name --manage-master-user-password ^
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

   The following command creates a new MySQL 5.7–compatible DB cluster named `sample-cluster`. The cluster uses the default engine version and the Aurora Standard storage type.

   For Linux, macOS, or Unix:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster  \
       --engine aurora-mysql --engine-version 5.7 \
       --storage-type aurora \
       --master-username user-name --manage-master-user-password \
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

   For Windows:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster sample-cluster  ^
       --engine aurora-mysql --engine-version 5.7 ^
       --storage-type aurora ^
       --master-username user-name --manage-master-user-password ^
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

1. If you use the console to create a DB cluster, then Amazon RDS automatically creates the primary instance (writer) for your DB cluster. If you use the AWS CLI to create a DB cluster, you must explicitly create the primary instance for your DB cluster. The primary instance is the first instance that is created in a DB cluster. Until you create the primary DB instance, the DB cluster endpoints remain in the `Creating` status.

   Call the [create-db-instance](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) AWS CLI command to create the primary instance for your DB cluster. Include the name of the DB cluster as the `--db-cluster-identifier` option value.
**Note**  
You can't set the `--storage-type` option for DB instances. You can set it only for DB clusters.

   For example, the following command creates a new MySQL 5.7–compatible or MySQL 8.0–compatible DB instance named `sample-instance`.

   For Linux, macOS, or Unix:

   ```
   aws rds create-db-instance --db-instance-identifier sample-instance \
        --db-cluster-identifier sample-cluster --engine aurora-mysql --db-instance-class db.r5.large
   ```

   For Windows:

   ```
   aws rds create-db-instance --db-instance-identifier sample-instance ^
        --db-cluster-identifier sample-cluster --engine aurora-mysql --db-instance-class db.r5.large
   ```<a name="Aurora.CreateInstance.Creating.CLI.DBCluster.PostgreSQL"></a>

**To create an Aurora PostgreSQL DB cluster using the AWS CLI**

1. Identify the DB subnet group and VPC security group ID for your new DB cluster, and then call the [create-db-cluster](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) AWS CLI command to create the Aurora PostgreSQL DB cluster.

   For example, the following command creates a new DB cluster named `sample-cluster`. The cluster uses the default engine version and the Aurora I/O-Optimized storage type.

   For Linux, macOS, or Unix:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster \
       --engine aurora-postgresql \
       --storage-type aurora-iopt1 \
       --master-username user-name --manage-master-user-password \
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

   For Windows:

   ```
   aws rds create-db-cluster --db-cluster-identifier sample-cluster ^
       --engine aurora-postgresql ^
       --storage-type aurora-iopt1 ^
       --master-username user-name --manage-master-user-password ^
       --db-subnet-group-name mysubnetgroup --vpc-security-group-ids sg-c7e5b0d2
   ```

1. If you use the console to create a DB cluster, then Amazon RDS automatically creates the primary instance (writer) for your DB cluster. If you use the AWS CLI to create a DB cluster, you must explicitly create the primary instance for your DB cluster. The primary instance is the first instance that is created in a DB cluster. Until you create the primary DB instance, the DB cluster endpoints remain in the `Creating` status.

   Call the [create-db-instance](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) AWS CLI command to create the primary instance for your DB cluster. Include the name of the DB cluster as the `--db-cluster-identifier` option value.

   For Linux, macOS, or Unix:

   ```
   aws rds create-db-instance --db-instance-identifier sample-instance \
        --db-cluster-identifier sample-cluster --engine aurora-postgresql --db-instance-class db.r5.large
   ```

   For Windows:

   ```
   aws rds create-db-instance --db-instance-identifier sample-instance ^
        --db-cluster-identifier sample-cluster --engine aurora-postgresql --db-instance-class db.r5.large
   ```

These examples specify the `--manage-master-user-password` option to generate the master user password and manage it in Secrets Manager. For more information, see [Password management with Amazon Aurora and AWS Secrets Manager](rds-secrets-manager.md). Alternatively, you can use the `--master-password` option to specify and manage the password yourself. 

### RDS API


**Note**  
Before you can create an Aurora DB cluster using the AWS CLI, you must fulfill the required prerequisites, such as creating a VPC and an RDS DB subnet group. For more information, see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites).

Identify the DB subnet group and VPC security group ID for your new DB cluster, and then call the [CreateDBCluster](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) operation to create the DB cluster.

When you create an Aurora MySQL version 2 or 3 DB cluster or DB instance, specify `aurora-mysql` for the `Engine` parameter.

When you create an Aurora PostgreSQL DB cluster or DB instance, specify `aurora-postgresql` for the `Engine` parameter.

If you use the console to create a DB cluster, then Amazon RDS automatically creates the primary instance (writer) for your DB cluster. If you use the RDS API to create a DB cluster, you must explicitly create the primary instance for your DB cluster using the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). The primary instance is the first instance that is created in a DB cluster. Until you create the primary DB instance, the DB cluster endpoints remain in the `Creating` status.

### Creating a primary (writer) DB instance


If you use the AWS Management Console to create a DB cluster, then Amazon RDS automatically creates the primary instance (writer) for your DB cluster. If you use the AWS CLI or RDS API to create a DB cluster, you must explicitly create the primary instance for your DB cluster. The primary instance is the first instance that is created in a DB cluster. Until you create the primary DB instance, the DB cluster endpoints remain in the `Creating` status.

For more information, see [Creating a DB cluster](#Aurora.CreateInstance.Creating).

**Note**  
If you have a DB cluster without a writer DB instance, also called a *headless* cluster, you can't use the console to create a writer instance. You must use the AWS CLI or RDS API.

The following example uses the [create-db-instance](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) AWS CLI command to create a writer instance for an Aurora PostgreSQL DB cluster named `headless-test`.

```
aws rds create-db-instance \
    --db-instance-identifier no-longer-headless \
    --db-cluster-identifier headless-test \
    --engine aurora-postgresql \
    --db-instance-class db.t4g.medium
```

## Settings for Aurora DB clusters
Available settings

The following table contains details about settings that you choose when you create an Aurora DB cluster. 


| Console setting | Setting description | CLI option and RDS API parameter | 
| --- | --- | --- | 
|   **Auto minor version upgrade**   |  Choose **Enable auto minor version upgrade** if you want to enable your Aurora DB cluster to receive preferred minor version upgrades to the DB engine automatically when they become available. The **Auto minor version upgrade** setting applies to both Aurora PostgreSQL and Aurora MySQL DB clusters. For more information about engine updates for Aurora PostgreSQL, see [Database engine updates for Amazon Aurora PostgreSQL](AuroraPostgreSQL.Updates.md). For more information about engine updates for Aurora MySQL, see [Database engine updates for Amazon Aurora MySQLLong-term support (LTS) and beta releases for Amazon Aurora MySQL](AuroraMySQL.Updates.md).  |   Set this value for every DB instance in your Aurora cluster. If any DB instance in your cluster has this setting turned off, the cluster isn't automatically upgraded.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--auto-minor-version-upgrade\|--no-auto-minor-version-upgrade` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `AutoMinorVersionUpgrade` parameter.  | 
|   **AWS KMS key**   |  Only available if **Encryption** is set to **Enable encryption**. Choose the AWS KMS key to use for encrypting this DB cluster. For more information, see [Encrypting Amazon Aurora resources](Overview.Encryption.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--kms-key-id` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `KmsKeyId` parameter.  | 
|   **Backtrack**   |  Applies only to Aurora MySQL. Choose **Enable Backtrack** to enable backtracking or **Disable Backtrack** to disable backtracking. Using backtracking, you can rewind a DB cluster to a specific time, without creating a new DB cluster. It is disabled by default. If you enable backtracking, also specify the amount of time that you want to be able to backtrack your DB cluster (the target backtrack window). For more information, see [Backtracking an Aurora DB cluster](AuroraMySQL.Managing.Backtrack.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--backtrack-window` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `BacktrackWindow` parameter.  | 
|  **Certificate authority**  |  The certificate authority (CA) for the server certificate used by the DB instances in the DB cluster. For more information, see [Using SSL/TLS to encrypt a connection to a DB cluster](UsingWithRDS.SSL.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--ca-certificate-identifier` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `CACertificateIdentifier` parameter.  | 
|  **Cluster storage configuration**  |  The storage type for the DB cluster: **Aurora I/O-Optimized** or **Aurora Standard**. For more information, see [Storage configurations for Amazon Aurora DB clusters](Aurora.Overview.StorageReliability.md#aurora-storage-type).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--storage-type` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `StorageType` parameter.  | 
|  Copy tags to snapshots  |  Choose this option to copy any DB instance tags to a DB snapshot when you create a snapshot.  For more information, see [Tagging Amazon Aurora andAmazon RDS resources](USER_Tagging.md).   |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--copy-tags-to-snapshot \| --no-copy-tags-to-snapshot` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `CopyTagsToSnapshot` parameter.  | 
|  Database authentication  |  The database authentication you want to use. For MySQL: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) For PostgreSQL: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html)  |  To use IAM database authentication with the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--enable-iam-database-authentication \| --no-enable-iam-database-authentication` option. To use IAM database authentication with the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `EnableIAMDatabaseAuthentication` parameter. To use Kerberos authentication with the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--domain` and `--domain-iam-role-name` options. To use Kerberos authentication with the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `Domain` and `DomainIAMRoleName` parameters.  | 
|   **Database port**   |  Specify the port for applications and utilities to use to access the database. Aurora MySQL DB clusters default to the default MySQL port, 3306, and Aurora PostgreSQL DB clusters default to the default PostgreSQL port, 5432. The firewalls at some companies block connections to these default ports. If your company firewall blocks the default port, choose another port for the new DB cluster.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--port` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `Port` parameter.  | 
|  **DB cluster identifier**  |  Enter a name for your DB cluster that is unique for your account in the AWS Region that you chose. This identifier is used in the cluster endpoint address for your DB cluster. For information on the cluster endpoint, see [Amazon Aurora endpoint connections](Aurora.Overview.Endpoints.md). The DB cluster identifier has the following constraints: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html)  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--db-cluster-identifier` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `DBClusterIdentifier` parameter.  | 
|   **DB cluster parameter group**   |  Choose a DB cluster parameter group. Aurora has a default DB cluster parameter group you can use, or you can create your own DB cluster parameter group. For more information about DB cluster parameter groups, see [Parameter groups for Amazon Aurora](USER_WorkingWithParamGroups.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--db-cluster-parameter-group-name` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `DBClusterParameterGroupName` parameter.  | 
|   **DB instance class**   |  Applies only to the provisioned capacity type. Choose a DB instance class that defines the processing and memory requirements for each instance in the DB cluster. For more information about DB instance classes, see [Amazon AuroraDB instance classes](Concepts.DBInstanceClass.md).  |   Set this value for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--db-instance-class` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `DBInstanceClass` parameter.  | 
|   **DB parameter group**   |  Choose a parameter group. Aurora has a default parameter group you can use, or you can create your own parameter group. For more information about parameter groups, see [Parameter groups for Amazon Aurora](USER_WorkingWithParamGroups.md).  |   Set this value for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--db-parameter-group-name` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `DBParameterGroupName` parameter.  | 
|   **DB subnet group**   | The DB subnet group you want to use for the DB cluster. Select Choose existing to use an existing DB subnet group. Then choose the required subnet group from the Existing DB subnet groups dropdown list.Choose **Automatic setup** to let RDS select a compatible DB subnet group. If none exist, RDS creates a new subnet group for your cluster.For more information, see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites). |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--db-subnet-group-name` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `DBSubnetGroupName` parameter.  | 
| Enable deletion protection | Choose Enable deletion protection to prevent your DB cluster from being deleted. If you create a production DB cluster with the console, deletion protection is enabled by default.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--deletion-protection \| --no-deletion-protection` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `DeletionProtection` parameter.  | 
|   **Enable encryption**   |  Choose `Enable encryption` to enable encryption at rest for this DB cluster. For more information, see [Encrypting Amazon Aurora resources](Overview.Encryption.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--storage-encrypted \| --no-storage-encrypted` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `StorageEncrypted` parameter.  | 
|  **Enable Enhanced Monitoring**  |  Choose **Enable enhanced monitoring** to enable gathering metrics in real time for the operating system that your DB cluster runs on. For more information, see [Monitoring OS metrics with Enhanced Monitoring](USER_Monitoring.OS.md).   |   Set these values for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--monitoring-interval` and `--monitoring-role-arn` options. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `MonitoringInterval` and `MonitoringRoleArn` parameters.  | 
|   **Enable the RDS Data API**   |  Choose **Enable the RDS Data API** to enable RDS Data API (Data API). Data API provides a secure HTTP endpoint for running SQL statements without managing connections. For more information, see [Using the Amazon RDS Data API](data-api.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--enable-http-endpoint \| --no-enable-http-endpoint` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `EnableHttpEndpoint` parameter.  | 
|   **Engine type**   |  Choose the database engine to be used for this DB cluster.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--engine` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `Engine` parameter.  | 
|   **Engine version**   |  Applies only to the provisioned capacity type. Choose the version number of your DB engine.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--engine-version` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `EngineVersion` parameter.  | 
|   **Failover priority**   |  Choose a failover priority for the instance. If you don't choose a value, the default is **tier-1**. This priority determines the order in which Aurora Replicas are promoted when recovering from a primary instance failure. For more information, see [Fault tolerance for an Aurora DB cluster](Concepts.AuroraHighAvailability.md#Aurora.Managing.FaultTolerance).  |   Set this value for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--promotion-tier` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `PromotionTier` parameter.  | 
|   **Initial database name**   |  Enter a name for your default database. If you don't provide a name for an Aurora MySQL DB cluster, Amazon RDS doesn't create a database on the DB cluster you are creating. If you don't provide a name for an Aurora PostgreSQL DB cluster, Amazon RDS creates a database named `postgres`. For Aurora MySQL, the default database name has these constraints: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) For Aurora PostgreSQL, the default database name has these constraints: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) To create additional databases, connect to the DB cluster and use the SQL command CREATE DATABASE. For more information about connecting to the DB cluster, see [Connecting to an Amazon Aurora DB cluster](Aurora.Connecting.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--database-name` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `DatabaseName` parameter.  | 
| **Log exports** | In the Log exports section, choose the logs that you want to start publishing to Amazon CloudWatch Logs. For more information about publishing Aurora MySQL logs to CloudWatch Logs, see [Publishing Amazon Aurora MySQL logs to Amazon CloudWatch Logs](AuroraMySQL.Integrating.CloudWatch.md). For more information about publishing Aurora PostgreSQL logs to CloudWatch Logs, see [Publishing Aurora PostgreSQL logs to Amazon CloudWatch Logs](AuroraPostgreSQL.CloudWatch.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--enable-cloudwatch-logs-exports` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `EnableCloudwatchLogsExports` parameter.  | 
|   **Maintenance window**   |  Choose **Select window** and specify the weekly time range during which system maintenance can occur. Or choose **No preference** for Amazon RDS to assign a period randomly.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--preferred-maintenance-window` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `PreferredMaintenanceWindow` parameter.  | 
|   **Manage master credentials in AWS Secrets Manager**   |  Select **Manage master credentials in AWS Secrets Manager** to manage the master user password in a secret in Secrets Manager. Optionally, choose a KMS key to use to protect the secret. Choose from the KMS keys in your account, or enter the key from a different account. For more information, see [Password management with Amazon Aurora and AWS Secrets Manager](rds-secrets-manager.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--manage-master-user-password \| --no-manage-master-user-password` and `--master-user-secret-kms-key-id` options. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `ManageMasterUserPassword` and `MasterUserSecretKmsKeyId` parameters.  | 
|   **Master password**   |  Enter a password to log on to your DB cluster: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html)  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--master-user-password` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `MasterUserPassword` parameter.  | 
|   **Master username**   |  Enter a name to use as the master user name to log on to your DB cluster: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) You can't change the master user name after the DB cluster is created.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--master-username` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `MasterUsername` parameter.  | 
|   **Multi-AZ deployment**   |  Applies only to the provisioned capacity type. Determine if you want to create Aurora Replicas in other Availability Zones for failover support. If you choose **Create Replica in Different Zone**, then Amazon RDS creates an Aurora Replica for you in your DB cluster in a different Availability Zone than the primary instance for your DB cluster. For more information about multiple Availability Zones, see [Regions and Availability Zones](Concepts.RegionsAndAvailabilityZones.md).   |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--availability-zones` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `AvailabilityZones` parameter.  | 
|   **Network type**   |  The IP addressing protocols supported by the DB cluster. **IPv4** to specify that resources can communicate with the DB cluster only over the IPv4 addressing protocol. **Dual-stack mode** to specify that resources can communicate with the DB cluster over IPv4, IPv6, or both. Use dual-stack mode if you have any resources that must communicate with your DB cluster over the IPv6 addressing protocol. To use dual-stack mode, make sure at least two subnets spanning two Availability Zones that support both the IPv4 and IPv6 network protocol. Also, make sure you associate an IPv6 CIDR block with subnets in the DB subnet group you specify. For more information, see [Amazon Aurora IP addressing](USER_VPC.WorkingWithRDSInstanceinaVPC.md#USER_VPC.IP_addressing).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `-network-type` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `NetworkType` parameter.  | 
|   **Public access**   |  Choose **Publicly accessible** to give the DB cluster a public IP address, or choose **Not publicly accessible**. The instances in your DB cluster can be a mix of both public and private DB instances. For more information about hiding instances from public access, see [Hiding a DB cluster in a VPC from the internet](USER_VPC.WorkingWithRDSInstanceinaVPC.md#USER_VPC.Hiding). To connect to a DB instance from outside of its Amazon VPC, the DB instance must be publicly accessible, access must be granted using the inbound rules of the DB instance's security group, and other requirements must be met. For more information, see [Can't connect to Amazon RDS DB instance](CHAP_Troubleshooting.md#CHAP_Troubleshooting.Connecting). If your DB instance is isn't publicly accessible, you can also use an AWS Site-to-Site VPN connection or an Direct Connect connection to access it from a private network. For more information, see [Internetwork traffic privacy](inter-network-traffic-privacy.md).  |   Set this value for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--publicly-accessible \| --no-publicly-accessible` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `PubliclyAccessible` parameter.  | 
| RDS Extended Support | Select **Enable RDS Extended Support** to allow supported major engine versions to continue running past the Aurora end of standard support date.  When you create a DB cluster, Amazon Aurora defaults to RDS Extended Support. To prevent the creation of a new DB cluster after the Aurora end of standard support date and to avoid charges for RDS Extended Support, disable this setting. Your existing DB clusters won't incur charges until the RDS Extended Support pricing start date. For more information, see [Amazon RDS Extended Support with Amazon Aurora](extended-support.md).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--engine-lifecycle-support` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `EngineLifecycleSupport` parameter.  | 
|   **RDS Proxy**   |  Choose **Create an RDS Proxy** to create a proxy for your DB cluster. Amazon RDS automatically creates an IAM role and a Secrets Manager secret for the proxy. For more information, see [Amazon RDS Proxyfor Aurora](rds-proxy.md).   |  Not available when creating a DB cluster.  | 
|   **Retention period**   |  Choose the length of time, from 1 to 35 days, that Aurora retains backup copies of the database. Backup copies can be used for point-in-time restores (PITR) of your database down to the second.  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--backup-retention-period` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `BackupRetentionPeriod` parameter.  | 
|  **Turn on DevOps Guru**   |  Choose **Turn on DevOps Guru** to turn on Amazon DevOps Guru for your Aurora database. For DevOps Guru for RDS to provide detailed analysis of performance anomalies, Performance Insights must be turned on. For more information, see [Setting up DevOps Guru for RDS](devops-guru-for-rds.md#devops-guru-for-rds.configuring).  |  You can turn on DevOps Guru for RDS from within the RDS console, but not by using the RDS API or CLI. For more information about turning on DevOps Guru, see the [https://docs.aws.amazon.com/devops-guru/latest/userguide/getting-started.html](https://docs.aws.amazon.com/devops-guru/latest/userguide/getting-started.html).  | 
|  **Turn on Performance Insights**   |  Choose **Turn on Performance Insights** to turn on Amazon RDS Performance Insights. For more information, see [Monitoring DB load with Performance Insights on Amazon Aurora](USER_PerfInsights.md).  |   Set these values for every DB instance in your Aurora cluster.  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and set the `--enable-performance-insights \| --no-enable-performance-insights`, `--performance-insights-kms-key-id`, and `--performance-insights-retention-period` options. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) and set the `EnablePerformanceInsights`, `PerformanceInsightsKMSKeyId`, and `PerformanceInsightsRetentionPeriod` parameters.  | 
|   **Virtual Private Cloud (VPC)**   |  Choose the VPC to host the DB cluster. Choose **Create a New VPC** to have Amazon RDS create a VPC for you. For more information, see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites).  |  For the AWS CLI and API, you specify the VPC security group IDs.  | 
|   **VPC security group (firewall)**   |  Choose **Create new** to have Amazon RDS create a VPC security group for you. Or choose **Choose existing** and specify one or more VPC security groups to secure network access to the DB cluster. When you choose **Create new** in the RDS console, a new security group is created with an inbound rule that allows access to the DB instance from the IP address detected in your browser. For more information, see [DB cluster prerequisites](#Aurora.CreateInstance.Prerequisites).  |  Using the AWS CLI, run [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and set the `--vpc-security-group-ids` option. Using the RDS API, call [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) and set the `VpcSecurityGroupIds` parameter.  | 

## Settings that don't apply to Amazon Aurora for DB clusters
Settings that don't apply to Aurora for DB clusters

The following settings in the AWS CLI command [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster.html) and the RDS API operation [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html) don't apply to Amazon Aurora DB clusters.

**Note**  
The AWS Management Console doesn't show these settings for Aurora DB clusters.


****  

| AWS CLI setting | RDS API setting | 
| --- | --- | 
|  `--allocated-storage`  |  `AllocatedStorage`  | 
|  `--auto-minor-version-upgrade \| --no-auto-minor-version-upgrade`  |  `AutoMinorVersionUpgrade`  | 
|  `--db-cluster-instance-class`  |  `DBClusterInstanceClass`  | 
|  `--enable-performance-insights \| --no-enable-performance-insights`  |  `EnablePerformanceInsights`  | 
|  `--iops`  |  `Iops`  | 
|  `--monitoring-interval`  |  `MonitoringInterval`  | 
|  `--monitoring-role-arn`  |  `MonitoringRoleArn`  | 
|  `--option-group-name`  |  `OptionGroupName`  | 
|  `--performance-insights-kms-key-id`  |  `PerformanceInsightsKMSKeyId`  | 
|  `--performance-insights-retention-period`  |  `PerformanceInsightsRetentionPeriod`  | 
|  `--publicly-accessible \| --no-publicly-accessible`  |  `PubliclyAccessible`  | 

## Settings that don't apply to Amazon Aurora DB instances
Settings that don't apply to Aurora DB instances

The following settings in the AWS CLI command [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html) and the RDS API operation [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) don't apply to DB instances Amazon Aurora DB cluster.

**Note**  
The AWS Management Console doesn't show these settings for Aurora DB instances.


****  

| AWS CLI setting | RDS API setting | 
| --- | --- | 
|  `--allocated-storage`  |  `AllocatedStorage`  | 
|  `--availability-zone`  |  `AvailabilityZone`  | 
|  `--backup-retention-period`  |  `BackupRetentionPeriod`  | 
|  `--backup-target`  |  `BackupTarget`  | 
|  `--character-set-name`  |  `CharacterSetName`  | 
|  `--character-set-name`  |  `CharacterSetName`  | 
|  `--custom-iam-instance-profile`  |  `CustomIamInstanceProfile`  | 
|  `--db-security-groups`  |  `DBSecurityGroups`  | 
|  `--deletion-protection \| --no-deletion-protection`  |  `DeletionProtection`  | 
|  `--domain`  |  `Domain`  | 
|  `--domain-iam-role-name`  |  `DomainIAMRoleName`  | 
|  `--enable-cloudwatch-logs-exports`  |  `EnableCloudwatchLogsExports`  | 
|  `--enable-customer-owned-ip \| --no-enable-customer-owned-ip`  |  `EnableCustomerOwnedIp`  | 
|  `--enable-iam-database-authentication \| --no-enable-iam-database-authentication`  |  `EnableIAMDatabaseAuthentication`  | 
|  `--engine-version`  |  `EngineVersion`  | 
|  `--iops`  |  `Iops`  | 
|  `--kms-key-id`  |  `KmsKeyId`  | 
|  `--master-username`  |  `MasterUsername`  | 
|  `--master-user-password`  |  `MasterUserPassword`  | 
|  `--max-allocated-storage`  |  `MaxAllocatedStorage`  | 
|  `--multi-az \| --no-multi-az`  |  `MultiAZ`  | 
|  `--nchar-character-set-name`  |  `NcharCharacterSetName`  | 
|  `--network-type`  |  `NetworkType`  | 
|  `--option-group-name`  |  `OptionGroupName`  | 
|  `--preferred-backup-window`  |  `PreferredBackupWindow`  | 
|  `--processor-features`  |  `ProcessorFeatures`  | 
|  `--storage-encrypted \| --no-storage-encrypted`  |  `StorageEncrypted`  | 
|  `--storage-type`  |  `StorageType`  | 
|  `--tde-credential-arn`  |  `TdeCredentialArn`  | 
|  `--tde-credential-password`  |  `TdeCredentialPassword`  | 
|  `--timezone`  |  `Timezone`  | 
|  `--vpc-security-group-ids`  |  `VpcSecurityGroupIds`  | 

# Creating Amazon Aurora resources with AWS CloudFormation
Creating resources with AWS CloudFormation

Amazon Aurora is integrated with AWS CloudFormation, a service that helps you to model and set up your AWS resources so that you can spend less time creating and managing your resources and infrastructure. You create a template that describes all the AWS resources that you want (such as DB clusters and DB cluster parameter groups), and CloudFormation provisions and configures those resources for you. 

When you use CloudFormation, you can reuse your template to set up your Aurora resources consistently and repeatedly. Describe your resources once, and then provision the same resources over and over in multiple AWS accounts and Regions. 

## Aurora and CloudFormation templates


[CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-guide.html) are formatted text files in JSON or YAML. These templates describe the resources that you want to provision in your CloudFormation stacks. If you're unfamiliar with JSON or YAML, you can use CloudFormation Designer to help you get started with CloudFormation templates. For more information, see [What is CloudFormation Designer?](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/working-with-templates-cfn-designer.html) in the *AWS CloudFormation User Guide*.

Aurora supports creating resources in CloudFormation. For more information, including examples of JSON and YAML templates for these resources, see the [RDS resource type reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_RDS.html) in the *AWS CloudFormation User Guide*.

## Learn more about CloudFormation


To learn more about CloudFormation, see the following resources:
+ [AWS CloudFormation](https://aws.amazon.com/cloudformation/)
+ [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html)
+ [CloudFormation API Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/Welcome.html)
+ [AWS CloudFormation Command Line Interface User Guide](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/what-is-cloudformation-cli.html)

# Connecting to an Amazon Aurora DB cluster
Connecting to a DB cluster<a name="endpoints"></a>

You can connect to an Aurora DB cluster using the same tools that you use to connect to a MySQL or PostgreSQL database. You specify a connection string with any script, utility, or application that connects to a MySQL or PostgreSQL DB instance. You use the same public key for Secure Sockets Layer (SSL) connections. 

In the connection string, you typically use the host and port information from special endpoints associated with the DB cluster. With these endpoints, you can use the same connection parameters regardless of how many DB instances are in the cluster. You also use the host and port information from a specific DB instance in your Aurora DB cluster for specialized tasks, such as troubleshooting. 

**Note**  
For Aurora Serverless DB clusters, you connect to the database endpoint rather than to the DB instance. You can find the database endpoint for an Aurora Serverless DB cluster on the **Connectivity & security** tab of the AWS Management Console. For more information, see [Using Amazon Aurora Serverless v1](aurora-serverless.md). 

Regardless of the Aurora DB engine and specific tools you use to work with the DB cluster or instance, the endpoint must be accessible. An Aurora DB cluster can be created only in a virtual private cloud (VPC) based on the Amazon VPC service. That means that you access the endpoint from either inside the VPC or outside the VPC using one of the following approaches.
+ **Access the Aurora DB cluster inside the VPC** – Enable access to the Aurora DB cluster through the VPC. You do so by editing the Inbound rules on the Security group for the VPC to allow access to your specific Aurora DB cluster. To learn more, including how to configure your VPC for different Aurora DB cluster scenarios, see [Amazon Virtual Private Cloud VPCs and Amazon Aurora](https://docs.aws.amazon.com/en_us/AmazonRDS/latest/AuroraUserGuide/USER_VPC.html). 
+ **Access the Aurora DB cluster outside the VPC** – To access an Aurora DB cluster from outside the VPC, use the public endpoint address of the DB cluster.

For more information, see [Troubleshooting Aurora connection failures](#Aurora.Connecting.Troubleshooting).

**Contents**
+ [

## Connecting to Aurora DB clusters with the AWS drivers
](#Aurora.Connecting.Drivers)
+ [

## Connecting to an Amazon Aurora MySQL DB cluster
](#Aurora.Connecting.AuroraMySQL)
  + [

### Connection utilities for Aurora MySQL
](#Aurora.Connecting.AuroraMySQL.Utilities)
  + [

### Connecting to Aurora MySQL with the MySQL utility
](#Aurora.Connecting.mysql)
  + [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) JDBC Driver
](#Aurora.Connecting.JDBCDriverMySQL)
  + [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Python Driver
](#Aurora.Connecting.PythonDriverMySQL)
  + [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) ODBC Driver for MySQL
](#Aurora.Connecting.ODBCDriverMySQL)
  + [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper
](#Aurora.Connecting.NodeJSDriverMySQL)
  + [

### Connecting to Aurora MySQL using SSL
](#Aurora.Connecting.SSL)
+ [

## Connecting to an Amazon Aurora PostgreSQL DB cluster
](#Aurora.Connecting.AuroraPostgreSQL)
  + [

### Connection utilities for Aurora PostgreSQL
](#Aurora.Connecting.AuroraPostgreSQL.Utilities)
  + [

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) JDBC Driver
](#Aurora.Connecting.JDBCDriverPostgreSQL)
  + [

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Python Driver
](#Aurora.Connecting.PythonDriverPostgreSQL)
  + [

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper
](#Aurora.Connecting.NodeJSDriverPostgreSQL)
+ [

## Troubleshooting Aurora connection failures
](#Aurora.Connecting.Troubleshooting)

## Connecting to Aurora DB clusters with the AWS drivers


The AWS suite of drivers has been designed to provide support for faster switchover and failover times, and authentication with AWS Secrets Manager, AWS Identity and Access Management (IAM), and Federated Identity. The AWS drivers rely on monitoring DB cluster status and being aware of the cluster topology to determine the new writer. This approach reduces switchover and failover times to single-digit seconds, compared to tens of seconds for open-source drivers.

The following table lists the features supported for each of the drivers. As new service features are introduced, the goal of the AWS suite of drivers is to have built-in support for these service features.


| Feature | [AWS JDBC Driver](https://github.com/awslabs/aws-advanced-jdbc-wrapper) | [AWS Python Driver](https://github.com/awslabs/aws-advanced-python-wrapper) | [AWS ODBC Driver for MySQL](https://github.com/aws/aws-mysql-odbc) | [AWS Advanced NodeJS Wrapper](https://github.com/aws/aws-advanced-nodejs-wrapper) | 
| --- | --- | --- | --- | --- | 
| Failover support | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheFailoverPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheFailoverPlugin.md) | [Yes](https://github.com/aws/aws-mysql-odbc/blob/main/docs/using-the-aws-driver/UsingTheAwsDriver.md#failover-process) | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheFailoverPlugin.md) | 
| Enhanced failover monitoring | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheHostMonitoringPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheHostMonitoringPlugin.md) | [Yes](https://github.com/aws/aws-mysql-odbc/blob/main/docs/using-the-aws-driver/HostMonitoring.md#enhanced-failure-monitoring) | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheHostMonitoringPlugin.md) | 
| Read/write splitting | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheReadWriteSplittingPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheReadWriteSplittingPlugin.md) | No | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheReadWriteSplittingPlugin.md) | 
| Aurora connection tracker | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheAuroraConnectionTrackerPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheAuroraConnectionTrackerPlugin.md) | No | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheAuroraConnectionTrackerPlugin.md) | 
| Driver metadata connection | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheDriverMetadataConnectionPlugin.md) | N/A | N/A | N/A | 
| Telemetry | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/Telemetry.md) | [Yes](https://github.com/aws/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/Telemetry.md) | No | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/Telemetry.md) | 
| Secrets Manager | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheAwsSecretsManagerPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheAwsSecretsManagerPlugin.md) | [Yes](https://github.com/aws/aws-mysql-odbc/blob/main/docs/using-the-aws-driver/UsingTheAwsDriver.md#secrets-manager-authentication) | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheAwsSecretsManagerPlugin.md) | 
| IAM authentication | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheIamAuthenticationPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheIamAuthenticationPlugin.md) | [Yes](https://github.com/aws/aws-mysql-odbc/blob/main/docs/using-the-aws-driver/UsingTheAwsDriver.md#iam-authentication) | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheIamAuthenticationPlugin.md) | 
| Federated Identity (AD FS) | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheFederatedAuthPlugin.md) | [Yes](https://github.com/awslabs/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheFederatedAuthenticationPlugin.md) | No | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheFederatedAuthPlugin.md) | 
| Federated Identity (Okta) | [Yes](https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheFederatedAuthPlugin.md) | [Yes](https://github.com/aws/aws-advanced-python-wrapper/blob/main/docs/using-the-python-driver/using-plugins/UsingTheOktaAuthenticationPlugin.md) | [Yes](https://github.com/aws/aws-mysql-odbc/blob/main/docs/using-the-aws-driver/OktaAuthentication.md) | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheOktaAuthPlugin.md) | 
| Aurora PostgreSQL Limitless Database | [Yes](https://github.com/aws/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheLimitlessConnectionPlugin.md) (Aurora PostgreSQL only) | No | No | [Yes](https://github.com/aws/aws-advanced-nodejs-wrapper/blob/main/docs/using-the-nodejs-wrapper/using-plugins/UsingTheLimitlessConnectionPlugin.md) (Aurora PostgreSQL only) | 

For more information on the AWS drivers, see the corresponding language driver for your [Aurora MySQL](#Aurora.Connecting.JDBCDriverMySQL) or [Aurora PostgreSQL](#Aurora.Connecting.AuroraPostgreSQL.Utilities) DB cluster.

## Connecting to an Amazon Aurora MySQL DB cluster
Connecting to Aurora MySQL

To authenticate to your Aurora MySQL DB cluster, you can use either MySQL user name and password authentication or AWS Identity and Access Management (IAM) database authentication. For more information on using MySQL user name and password authentication, see [ Access control and account management](https://dev.mysql.com/doc/refman/5.7/en/access-control.html) in the MySQL documentation. For more information on using IAM database authentication, see [IAM database authentication ](UsingWithRDS.IAMDBAuth.md).

When you have a connection to your Amazon Aurora DB cluster with MySQL 8.0 compatibility, you can run SQL commands that are compatible with MySQL version 8.0. The minimum compatible version is MySQL 8.0.23. For more information about MySQL 8.0 SQL syntax, see the [MySQL 8.0 reference manual](http://dev.mysql.com/doc/refman/8.0/en/index.html). For information about limitations that apply to Aurora MySQL version 3, see [Comparing Aurora MySQL version 3 and MySQL 8.0 Community Edition](AuroraMySQL.Compare-80-v3.md). 

When you have a connection to your Amazon Aurora DB cluster with MySQL 5.7 compatibility, you can run SQL commands that are compatible with MySQL version 5.7. For more information about MySQL 5.7 SQL syntax, see the [MySQL 5.7 reference manual](http://dev.mysql.com/doc/refman/5.7/en/index.html). For information about limitations that apply to Aurora MySQL 5.7, see [Aurora MySQL version 2 compatible with MySQL 5.7](AuroraMySQL.CompareMySQL57.md).

**Note**  
For a helpful and detailed guide on connecting to an Amazon Aurora MySQL DB cluster, you can see the [Aurora connection management](https://d1.awsstatic.com/whitepapers/RDS/amazon-aurora-connection-management-handbook.pdf) handbook.

In the details view for your DB cluster, you can find the cluster endpoint, which you can use in your MySQL connection string. The endpoint is made up of the domain name and port for your DB cluster. For example, if an endpoint value is `mycluster.cluster-123456789012.us-east-1.rds.amazonaws.com:3306`, then you specify the following values in a MySQL connection string:
+ For host or host name, specify `mycluster.cluster-123456789012.us-east-1.rds.amazonaws.com`
+ For port, specify `3306` or the port value you used when you created the DB cluster

The cluster endpoint connects you to the primary instance for the DB cluster. You can perform both read and write operations using the cluster endpoint. Your DB cluster can also have up to 15 Aurora Replicas that support read-only access to the data in your DB cluster. The primary instance and each Aurora Replica has a unique endpoint that is independent of the cluster endpoint and allows you to connect to a specific DB instance in the cluster directly. The cluster endpoint always points to the primary instance. If the primary instance fails and is replaced, then the cluster endpoint points to the new primary instance.

To view the cluster endpoint (writer endpoint), choose **Databases** on the Amazon RDS console and choose the name of the DB cluster to show the DB cluster details.

![\[Aurora MySQL writer endpoint details panel displaying the connection address for database connectivity.\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/AuroraMySQLConnect.png)


**Topics**
+ [

### Connection utilities for Aurora MySQL
](#Aurora.Connecting.AuroraMySQL.Utilities)
+ [

### Connecting to Aurora MySQL with the MySQL utility
](#Aurora.Connecting.mysql)
+ [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) JDBC Driver
](#Aurora.Connecting.JDBCDriverMySQL)
+ [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Python Driver
](#Aurora.Connecting.PythonDriverMySQL)
+ [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) ODBC Driver for MySQL
](#Aurora.Connecting.ODBCDriverMySQL)
+ [

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper
](#Aurora.Connecting.NodeJSDriverMySQL)
+ [

### Connecting to Aurora MySQL using SSL
](#Aurora.Connecting.SSL)

### Connection utilities for Aurora MySQL


Some connection utilities you can use are the following:
+ **Command line** – You can connect to an Amazon Aurora DB cluster by using tools like the MySQL command line utility. For more information on using the MySQL utility, see [mysql — the MySQL command-line client](http://dev.mysql.com/doc/refman/8.0/en/mysql.html) in the MySQL documentation.
+ **GUI** – You can use the MySQL Workbench utility to connect by using a UI interface. For more information, see the [Download MySQL workbench](http://dev.mysql.com/downloads/workbench/) page.
+ **AWS drivers**:
  + [Connecting to Aurora MySQL with the Amazon Web Services (AWS) JDBC Driver](#Aurora.Connecting.JDBCDriverMySQL)
  + [Connecting to Aurora MySQL with the Amazon Web Services (AWS) Python Driver](#Aurora.Connecting.PythonDriverMySQL)
  + [Connecting to Aurora MySQL with the Amazon Web Services (AWS) ODBC Driver for MySQL](#Aurora.Connecting.ODBCDriverMySQL)
  + [Connecting to Aurora MySQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper](#Aurora.Connecting.NodeJSDriverMySQL)

### Connecting to Aurora MySQL with the MySQL utility


Use the following procedure. It assumes that you configured your DB cluster in a private subnet in your VPC. You connect using an Amazon EC2 instance that you configured according to the tutorials in [Tutorial: Create a web server and an Amazon Aurora DB cluster](TUT_WebAppWithRDS.md).

**Note**  
This procedure doesn't require installing the web server in the tutorial, but it does require installing MariaDB 10.5.

**To connect to a DB cluster using the MySQL utility**

1. Log in to the EC2 instance that you're using to connect to your DB cluster.

   You should see output similar to the following.

   ```
   Last login: Thu Jun 23 13:32:52 2022 from xxx.xxx.xxx.xxx
   
          __|  __|_  )
          _|  (     /   Amazon Linux 2 AMI
         ___|\___|___|
   
   https://aws.amazon.com/amazon-linux-2/
   [ec2-user@ip-10-0-xxx.xxx ~]$
   ```

1. Type the following command at the command prompt to connect to the primary DB instance of your DB cluster.

   For the `-h` parameter, substitute the endpoint DNS name for your primary instance. For the `-u` parameter, substitute the user ID of a database user account.

   ```
   mysql -h primary-instance-endpoint.AWS_account.AWS_Region.rds.amazonaws.com -P 3306 -u database_user -p
   ```

   For example:

   ```
   mysql -h my-aurora-cluster-instance.c1xy5example.123456789012.eu-central-1.rds.amazonaws.com -P 3306 -u admin -p
   ```

1. Enter the password for the database user.

   You should see output similar to the following.

   ```
   Welcome to the MariaDB monitor.  Commands end with ; or \g.
   Your MySQL connection id is 1770
   Server version: 8.0.23 Source distribution
   
   Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
   
   Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
   
   MySQL [(none)]>
   ```

1. Enter your SQL commands.

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) JDBC Driver
Connecting to Aurora MySQL with the AWS JDBC Driver

The Amazon Web Services (AWS) JDBC Driver is designed as an advanced JDBC wrapper. This wrapper is complementary to and extends the functionality of an existing JDBC driver to help applications take advantage of the features of clustered databases such as Aurora MySQL. The driver is drop-in compatible with the community MySQL Connector/J driver and the community MariaDB Connector/J driver.

To install the AWS JDBC Driver, append the AWS JDBC Driver .jar file (located in the application `CLASSPATH`), and keep references to the respective community driver. Update the respective connection URL prefix as follows:
+ `jdbc:mysql://` to `jdbc:aws-wrapper:mysql://`
+ `jdbc:mariadb://` to `jdbc:aws-wrapper:mariadb://`

For more information about the AWS JDBC Driver and complete instructions for using it, see the [Amazon Web Services (AWS) JDBC Driver GitHub repository](https://github.com/awslabs/aws-advanced-jdbc-wrapper).

**Note**  
Version 3.0.3 of the MariaDB Connector/J utility drops support for Aurora DB clusters, so we highly recommend moving to the AWS JDBC Driver.

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Python Driver
Connecting to Aurora MySQL with the AWS Python Driver

The Amazon Web Services (AWS) Python Driver is designed as an advanced Python wrapper. This wrapper is complementary to and extends the functionality of the open-source Psycopg driver. The AWS Python Driver supports Python versions 3.8 and higher. You can install the `aws-advanced-python-wrapper` package using the `pip` command, along with the `psycopg` open-source packages.

For more information about the AWS Python Driver and complete instructions for using it, see the [Amazon Web Services (AWS) Python Driver GitHub repository](https://github.com/awslabs/aws-advanced-python-wrapper).

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) ODBC Driver for MySQL
Connecting to Aurora MySQL with the AWS ODBC Driver for MySQL

The AWS ODBC Driver for MySQL is a client driver designed for the high availability of Aurora MySQL. The driver can exist alongside the MySQL Connector/ODBC driver and is compatible with the same workflows.

For more information about the AWS ODBC Driver for MySQL and complete instructions for installing and using it, see the [Amazon Web Services (AWS) ODBC Driver for MySQL](https://github.com/aws/aws-mysql-odbc) GitHub repository.

### Connecting to Aurora MySQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper
Connecting to Aurora MySQL with the AWS Advanced NodeJS Wrapper

The AWS Advanced NodeJS Wrapper is complementary to and extends the functionality of an existing NodeJS driver. It helps applications take advantage of the features of clustered databases such as Aurora MySQL.

For more information about the AWS Advanced NodeJS Wrapper and complete instructions for using it, see the [Amazon Web Services (AWS) Advanced NodeJS Wrapper GitHub repository](https://github.com/aws/aws-advanced-nodejs-wrapper).

### Connecting to Aurora MySQL using SSL


You can use SSL encryption on connections to an Aurora MySQL DB instance. For information, see [TLS connections to Aurora MySQL DB clusters](AuroraMySQL.Security.md#AuroraMySQL.Security.SSL).

To connect using SSL, use the MySQL utility as described in the following procedure. If you are using IAM database authentication, you must use an SSL connection. For information, see [IAM database authentication ](UsingWithRDS.IAMDBAuth.md). 

**Note**  
To connect to the cluster endpoint using SSL, your client connection utility must support Subject Alternative Names (SAN). If your client connection utility doesn't support SAN, you can connect directly to the instances in your Aurora DB cluster. For more information on Aurora endpoints, see [Amazon Aurora endpoint connections](Aurora.Overview.Endpoints.md).

**To connect to a DB cluster with SSL using the MySQL utility**

1. Download the public key for the Amazon RDS signing certificate.

   For information about downloading certificates, see [Using SSL/TLS to encrypt a connection to a DB cluster](UsingWithRDS.SSL.md).

1. Type the following command at a command prompt to connect to the primary instance of a DB cluster with SSL using the MySQL utility. For the `-h` parameter, substitute the endpoint DNS name for your primary instance. For the `-u` parameter, substitute the user ID of a database user account. For the `--ssl-ca` parameter, substitute the SSL certificate file name as appropriate. Type the master user password when prompted.

   `mysql -h mycluster-primary.123456789012.us-east-1.rds.amazonaws.com -u admin_user -p --ssl-ca=[full path]global-bundle.pem --ssl-verify-server-cert`

You should see output similar to the following.

```
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 350
Server version: 8.0.26-log MySQL Community Server (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>
```

For general instructions on constructing RDS for MySQL connection strings and finding the public key for SSL connections, see [ Connecting to a DB instance running the MySQL database engine](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToInstance.html).

## Connecting to an Amazon Aurora PostgreSQL DB cluster
Connecting to Aurora PostgreSQL

You can connect to a DB instance in your Amazon Aurora PostgreSQL DB cluster using the same tools that you use to connect to a PostgreSQL database. As part of this, you use the same public key for Secure Sockets Layer (SSL) connections. You can use the endpoint and port information from the primary instance or Aurora Replicas in your Aurora PostgreSQL DB cluster in the connection string of any script, utility, or application that connects to a PostgreSQL DB instance. In the connection string, specify the DNS address from the primary instance or Aurora Replica endpoint as the host parameter. Specify the port number from the endpoint as the port parameter.

When you have a connection to a DB instance in your Amazon Aurora PostgreSQL DB cluster, you can run any SQL command that is compatible with PostgreSQL. 

In the details view for your Aurora PostgreSQL DB cluster you can find the cluster endpoint name, status, type, and port number. You use the endpoint and port number in your PostgreSQL connection string. For example, if an endpoint value is `mycluster.cluster-123456789012.us-east-1.rds.amazonaws.com`, then you specify the following values in a PostgreSQL connection string:
+ For host or host name, specify `mycluster.cluster-123456789012.us-east-1.rds.amazonaws.com`
+ For port, specify `5432` or the port value you used when you created the DB cluster

The cluster endpoint connects you to the primary instance for the DB cluster. You can perform both read and write operations using the cluster endpoint. Your DB cluster can also have up to 15 Aurora Replicas that support read-only access to the data in your DB cluster. Each DB instance in the Aurora cluster (that is, the primary instance and each Aurora Replica) has a unique endpoint that is independent of the cluster endpoint. This unique endpoint allows you to connect to a specific DB instance in the cluster directly. The cluster endpoint always points to the primary instance. If the primary instance fails and is replaced, the cluster endpoint points to the new primary instance.

To view the cluster endpoint (writer endpoint), choose **Databases** on the Amazon RDS console and choose the name of the DB cluster to show the DB cluster details.

![\[Aurora PostgreSQL writer endpoint.\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/AuroraPostgreSQLConnect.png)


### Connection utilities for Aurora PostgreSQL


Some connection utilities you can use are the following:
+ **Command line** – You can connect to Aurora PostgreSQL DB clusters by using tools like psql, the PostgreSQL interactive terminal. For more information on using the PostgreSQL interactive terminal, see [psql](https://www.postgresql.org/docs/current/app-psql.html) in the PostgreSQL documentation.
+ **GUI** – You can use the pgAdmin utility to connect to Aurora PostgreSQL DB clusters by using a UI interface. For more information, see the [Download](https://www.pgadmin.org/download/) page from the pgAdmin website.
+ **AWS drivers**:
  + [Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) JDBC Driver](#Aurora.Connecting.JDBCDriverPostgreSQL)
  + [Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Python Driver](#Aurora.Connecting.PythonDriverPostgreSQL)
  + [Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper](#Aurora.Connecting.NodeJSDriverPostgreSQL)

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) JDBC Driver
Connecting to Aurora PostgreSQL with the AWS JDBC Driver

The Amazon Web Services (AWS) JDBC Driver is designed as an advanced JDBC wrapper. This wrapper is complementary to and extends the functionality of an existing JDBC driver to help applications take advantage of the features of clustered databases such as Aurora PostgreSQL. The driver is drop-in compatible with the community pgJDBC driver.

To install the AWS JDBC Driver, append the AWS JDBC Driver .jar file (located in the application `CLASSPATH`), and keep references to the pgJDBC community driver. Update the connection URL prefix from `jdbc:postgresql://` to `jdbc:aws-wrapper:postgresql://`.

For more information about the AWS JDBC Driver and complete instructions for using it, see the [Amazon Web Services (AWS) JDBC Driver GitHub repository](https://github.com/awslabs/aws-advanced-jdbc-wrapper).

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Python Driver
Connecting to Aurora PostgreSQL with the AWS Python Driver

The Amazon Web Services (AWS) Python Driver is designed as an advanced Python wrapper. This wrapper is complementary to and extends the functionality of the open-source Psycopg driver. The AWS Python Driver supports Python versions 3.8 and higher. You can install the `aws-advanced-python-wrapper` package using the `pip` command, along with the `psycopg` open-source packages.

For more information about the AWS Python Driver and complete instructions for using it, see the [Amazon Web Services (AWS) Python Driver GitHub repository](https://github.com/awslabs/aws-advanced-python-wrapper).

### Connecting to Aurora PostgreSQL with the Amazon Web Services (AWS) Advanced NodeJS Wrapper
Connecting to Aurora PostgreSQL with the AWS Advanced NodeJS Wrapper

The AWS Advanced NodeJS Wrapper is complementary to and extends the functionality of an existing NodeJS driver. It helps applications take advantage of the features of clustered databases such as Aurora PostgreSQL.

For more information about the AWS Advanced NodeJS Wrapper and complete instructions for using it, see the [Amazon Web Services (AWS) Advanced NodeJS Wrapper GitHub repository](https://github.com/aws/aws-advanced-nodejs-wrapper).

## Troubleshooting Aurora connection failures
Troubleshooting connections

Common causes of connection failures to a new Aurora DB cluster include the following:
+ **Security group in the VPC doesn't allow access** – Your VPC needs to allow connections from your device or from an Amazon EC2 instance by proper configuration of the security group in the VPC. To resolve, modify your VPC's Security group Inbound rules to allow connections. For an example, see [Tutorial: Create a VPC for use with a DB cluster (IPv4 only)](CHAP_Tutorials.WebServerDB.CreateVPC.md).
+ **Port blocked by firewall rules** – Check the value of the port configured for your Aurora DB cluster. If a firewall rule blocks that port, you can re-create the instance using a different port. 
+ **Incomplete or incorrect IAM configuration** – If you created your Aurora DB instance to use IAM–based authentication, make sure that it's properly configured. For more information, see [IAM database authentication ](UsingWithRDS.IAMDBAuth.md).

For more information about troubleshooting Aurora DB connection issues, see [Can't connect to Amazon RDS DB instance](CHAP_Troubleshooting.md#CHAP_Troubleshooting.Connecting). 

# Parameter groups for Amazon Aurora
Parameter groups

*Database parameters* specify how the database is configured. For example, database parameters can specify the amount of resources, such as memory, to allocate to a database.

You manage your database configuration by associating your DB instances and Aurora DB clusters with parameter groups. Aurora defines parameter groups with default settings. You can also define your own parameter groups with customized settings.

**Topics**
+ [

# Overview of parameter groups
](parameter-groups-overview.md)
+ [

# DB cluster parameter groups for Amazon Aurora DB clusters
](USER_WorkingWithDBClusterParamGroups.md)
+ [

# DB parameter groups for Amazon Aurora DB instances
](USER_WorkingWithDBInstanceParamGroups.md)
+ [

# Comparing DB parameter groups
](USER_WorkingWithParamGroups.Comparing.md)
+ [

# Specifying DB parameters
](USER_ParamValuesRef.md)

# Overview of parameter groups
Overview of parameter groups

A *DB cluster parameter group* acts as a container for engine configuration values that apply to every DB instance in an Aurora DB cluster. For example, the Aurora shared storage model requires that every DB instance in an Aurora cluster use the same setting for parameters such as `innodb_file_per_table`. Thus, parameters that affect the physical storage layout are part of the cluster parameter group. The DB cluster parameter group also includes default values for all instance-level parameters.

A *DB parameter group* acts as a container for engine configuration values that are applied to one or more DB instances. DB parameter groups apply to DB instances in both Amazon RDS and Aurora. These configuration settings apply to properties that can vary among the DB instances within an Aurora cluster, such as the sizes for memory buffers.



**Topics**
+ [

## Default and custom parameter groups
](#parameter-groups-overview.custom)
+ [

## Static and dynamic DB cluster parameters
](#parameter-groups-overview.db-cluster)
+ [

## Static and dynamic DB instance parameters
](#parameter-groups-overview.db-instance)
+ [

## Character set parameters
](#parameter-groups-overview.char-sets)
+ [

## Supported parameters and parameter values
](#parameter-groups-overview.supported)

## Default and custom parameter groups


If you create a DB instance without specifying a DB parameter group, the DB instance uses a default DB parameter group. Likewise, if you create an Aurora DB cluster without specifying a DB cluster parameter group, the DB cluster uses a default DB cluster parameter group. Each default parameter group contains database engine defaults and Amazon RDS system defaults based on the engine, compute class, and allocated storage of the instance.

You can't modify the parameter settings of a default parameter group. Instead, you can do the following:

1. Create a new parameter group.

1. Change the settings of your desired parameters. Not all DB engine parameters in a parameter group are eligible to be modified.

1. Modify your DB instance or DB cluster to associate the new parameter group. 

   For information about modifying a DB cluster or DB instance, see [Modifying an Amazon Aurora DB cluster](Aurora.Modifying.md).
**Note**  
If you have modified your DB instance to use a custom parameter group, and you start the DB instance, RDS automatically reboots the DB instance as part of the startup process. For RDS for SQL Server Multi-AZ instances with AlwaysOn or Mirroring option enabled, a failover is expected when instance is rebooted after the startup process.

RDS applies the modified static and dynamic parameters in a newly associated parameter group only after the DB instance is rebooted. However, if you modify dynamic parameters in the DB parameter group after you associate it with the DB instance, these changes are applied immediately without a reboot. For more information about changing the DB parameter group, see [Modifying an Amazon Aurora DB cluster](Aurora.Modifying.md).

If you update parameters within a DB parameter group, the changes apply to all DB instances that are associated with that parameter group. Likewise, if you update parameters within an Aurora DB cluster parameter group, the changes apply to all Aurora DB clusters that are associated with that DB cluster parameter group.

If you don't want to create a parameter group from scratch, you can copy an existing parameter group with the AWS CLI [copy-db-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-parameter-group.html) command or [copy-db-cluster-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-cluster-parameter-group.html) command. You might find that copying a parameter group is useful in some cases. For example, you might want to include most of an existing parameter group's custom parameters and values in a new parameter group.

## Static and dynamic DB cluster parameters


DB cluster parameters are either static or dynamic. They differ in the following ways:
+ When you change a static parameter and save the DB cluster parameter group, the parameter change takes effect after you manually reboot the DB instances in each associated DB cluster. When you use the AWS Management Console to change static DB cluster parameter values, it always uses `pending-reboot` for the `ApplyMethod`.
+ When you change a dynamic parameter, by default the parameter change takes effect immediately, without requiring a reboot. When you use the console, it always uses `immediate` for the `ApplyMethod`. To defer the parameter change until after you reboot the DB instances in an associated DB cluster, use the AWS CLI or RDS API. Set the `ApplyMethod` to `pending-reboot` for the parameter change.

For more information about using the AWS CLI to change a parameter value, see [modify-db-cluster-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster-parameter-group.html). For more information about using the RDS API to change a parameter value, see [ModifyDBClusterParameterGroup](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html).

If you change the DB cluster parameter group associated with a DB cluster, reboot the DB instances in the DB cluster. The reboot applies the changes to all DB instances in the DB cluster. To determine whether the DB instances of a DB cluster must be rebooted to apply changes, run the following AWS CLI command.

`aws rds describe-db-clusters --db-cluster-identifier db_cluster_identifier`

Check the `DBClusterParameterGroupStatus` value for the primary DB instance in the output. If the value is `pending-reboot`, then reboot the DB instances of the DB cluster.

## Static and dynamic DB instance parameters


DB instance parameters are either static or dynamic. They differ as follows:
+ When you change a static parameter and save the DB parameter group, the parameter change takes effect after you manually reboot the associated DB instances. For static parameters, the console always uses `pending-reboot` for the `ApplyMethod`.
+ When you change a dynamic parameter, by default the parameter change takes effect immediately, without requiring a reboot. When you use the AWS Management Console to change DB instance parameter values, it always uses `immediate` for the `ApplyMethod` for dynamic parameters. To defer the parameter change until after you reboot an associated DB instance, use the AWS CLI or RDS API. Set the `ApplyMethod` to `pending-reboot` for the parameter change.

For more information about using the AWS CLI to change a parameter value, see [modify-db-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-parameter-group.html). For more information about using the RDS API to change a parameter value, see [ModifyDBParameterGroup](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html).

If a DB instance isn't using the latest changes to its associated DB parameter group, the console shows a status of **pending-reboot** for the DB parameter group. This status doesn't result in an automatic reboot during the next maintenance window. To apply the latest parameter changes to that DB instance, manually reboot the DB instance.

## Character set parameters


Before you create a DB cluster, set any parameters that relate to the character set or collation of your database in your parameter group. Also do so before you create a database in it. In this way, you ensure that the default database and new databases use the character set and collation values that you specify. If you change character set or collation parameters, the parameter changes aren't applied to existing databases.

For some DB engines, you can change character set or collation values for an existing database using the `ALTER DATABASE` command, for example:

```
ALTER DATABASE database_name CHARACTER SET character_set_name COLLATE collation;
```

For more information about changing the character set or collation values for a database, check the documentation for your DB engine.

## Supported parameters and parameter values


To determine the supported parameters for your DB engine, view the parameters in the DB parameter group and DB cluster parameter group used by the DB instance or DB cluster. For more information, see [Viewing parameter values for a DB parameter group in Amazon Aurora](USER_WorkingWithParamGroups.Viewing.md) and [Viewing parameter values for a DB cluster parameter groupin Amazon Aurora](USER_WorkingWithParamGroups.ViewingCluster.md).

In many cases, you can specify integer and Boolean parameter values using expressions, formulas, and functions. Functions can include a mathematical log expression. However, not all parameters support expressions, formulas, and functions for parameter values. For more information, see [Specifying DB parameters](USER_ParamValuesRef.md).

For an Aurora global database, you can specify different configuration settings for the individual Aurora clusters. Make sure that the settings are similar enough to produce consistent behavior if you promote a secondary cluster to be the primary cluster. For example, use the same settings for time zones and character sets across all the clusters of an Aurora global database.

Improperly setting parameters in a parameter group can have unintended adverse effects, including degraded performance and system instability. Always be cautious when modifying database parameters, and back up your data before modifying a parameter group. Try parameter group setting changes on a test DB instance or DB cluster before applying those parameter group changes to a production DB instance or DB cluster.

# DB cluster parameter groups for Amazon Aurora DB clusters
DB cluster parameter groups

Amazon Aurora DB clusters use DB cluster parameter groups. The following sections describe configuring and managing DB cluster parameter groups.

**Topics**
+ [

## Amazon Aurora DB cluster and DB instance parameters
](#Aurora.Managing.ParameterGroups)
+ [

# Creating a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.CreatingCluster.md)
+ [

# Associating a DB cluster parameter group with a DB cluster in Amazon Aurora
](USER_WorkingWithParamGroups.AssociatingCluster.md)
+ [

# Modifying parameters in a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.ModifyingCluster.md)
+ [

# Resetting parameters in a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.ResettingCluster.md)
+ [

# Copying a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.CopyingCluster.md)
+ [

# Listing DB cluster parameter groupsin Amazon Aurora
](USER_WorkingWithParamGroups.ListingCluster.md)
+ [

# Viewing parameter values for a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.ViewingCluster.md)
+ [

# Deleting a DB cluster parameter groupin Amazon Aurora
](USER_WorkingWithParamGroups.DeletingCluster.md)

## Amazon Aurora DB cluster and DB instance parameters
DB cluster and DB instance parameters

 Aurora uses a two-level system of configuration settings: 
+  Parameters in a *DB cluster parameter group* apply to every DB instance in a DB cluster. Your data is stored in the Aurora shared storage subsystem. Because of this, all parameters related to physical layout of table data must be the same for all DB instances in an Aurora cluster. Likewise, because Aurora DB instances are connected by replication, all the parameters for replication settings must be identical throughout an Aurora cluster. 
+  Parameters in a *DB parameter group* apply to a single DB instance in an Aurora DB cluster. These parameters are related to aspects such as memory usage that you can vary across DB instances in the same Aurora cluster. For example, a cluster often contains DB instances with different AWS instance classes. 

 Every Aurora cluster is associated with a DB cluster parameter group. This parameter group assigns default values for every configuration value for the corresponding DB engine. The cluster parameter group includes defaults for both the cluster-level and instance-level parameters. Each DB instance within a provisioned or Aurora Serverless v2 cluster inherits the settings from that DB cluster parameter group. 

 Each DB instance is also associated with a DB parameter group. The values in the DB parameter group can override default values from the cluster parameter group. For example, if one instance in a cluster experienced issues, you might assign a custom DB parameter group to that instance. The custom parameter group might have specific settings for parameters related to debugging or performance tuning. 

 Aurora assigns default parameter groups when you create a cluster or a new DB instance, based on the specified database engine and version. You can specify custom parameter groups instead. You create those parameter groups yourself, and you can edit the parameter values. You can specify these custom parameter groups at creation time. You can also modify a DB cluster or instance later to use a custom parameter group. 

 For provisioned and Aurora Serverless v2 instances, any configuration values that you modify in the DB cluster parameter group override default values in the DB parameter group. If you edit the corresponding values in the DB parameter group, those values override the settings from the DB cluster parameter group. 

 Any DB parameter settings that you modify take precedence over the DB cluster parameter group values, even if you change the configuration parameters back to their default values. You can see which parameters are overridden by using the [describe-db-parameters](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) AWS CLI command or the [DescribeDBParameters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html) RDS API operation. The `Source` field contains the value `user` if you modified that parameter. To reset one or more parameters so that the value from the DB cluster parameter group takes precedence, use the [reset-db-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/reset-db-parameter-group.html) AWS CLI command or the [ResetDBParameterGroup](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBParameterGroup.html) RDS API operation. 

The DB cluster and DB instance parameters available to you in Aurora vary depending on database engine compatibility.


| Database engine | Parameters | 
| --- | --- | 
|  Aurora MySQL  |  See [Aurora MySQL configuration parameters](AuroraMySQL.Reference.ParameterGroups.md).  For Aurora Serverless clusters, see additional details in [Working with parameter groups for Aurora Serverless v2](aurora-serverless-v2.setting-capacity.md#aurora-serverless-v2.parameter-groups) and [Parameter groups for Aurora Serverless v1](aurora-serverless-v1.how-it-works.md#aurora-serverless.parameter-groups).   | 
|  Aurora PostgreSQL  |  See [Amazon Aurora PostgreSQL parameters](AuroraPostgreSQL.Reference.ParameterGroups.md).  For Aurora Serverless clusters, see additional details in [Working with parameter groups for Aurora Serverless v2](aurora-serverless-v2.setting-capacity.md#aurora-serverless-v2.parameter-groups) and [Parameter groups for Aurora Serverless v1](aurora-serverless-v1.how-it-works.md#aurora-serverless.parameter-groups).   | 

**Note**  
 Aurora Serverless v1 clusters have only DB cluster parameter groups, not DB parameter groups. For Aurora Serverless v2 clusters, you make all your changes to custom parameters in the DB cluster parameter group.   
 Aurora Serverless v2 uses both DB cluster parameter groups and DB parameter groups. With Aurora Serverless v2, you can modify almost all of the configuration parameters. Aurora Serverless v2 overrides the settings of some capacity-related configuration parameters so that your workload isn't interrupted when Aurora Serverless v2 instances scale down.   
 To learn more about Aurora Serverless configuration settings and which settings you can modify, see [Working with parameter groups for Aurora Serverless v2](aurora-serverless-v2.setting-capacity.md#aurora-serverless-v2.parameter-groups) and [Parameter groups for Aurora Serverless v1](aurora-serverless-v1.how-it-works.md#aurora-serverless.parameter-groups). 

# Creating a DB cluster parameter groupin Amazon Aurora
Creating a DB cluster parameter group

You can create a new DB cluster parameter group using the AWS Management Console, the AWS CLI, or the RDS API.

After you create a DB cluster parameter group, wait at least 5 minutes before creating a DB cluster that uses that DB cluster parameter group. Doing this allows Amazon RDS to fully create the parameter group before it is used by the new DB cluster. You can use the **Parameter groups** page in the [Amazon RDS console](https://console.aws.amazon.com/rds/) or the [describe-db-cluster-parameters](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) command to verify that your DB cluster parameter group is created.

The following limitations apply to the DB cluster parameter group name:
+ The name must be 1 to 255 letters, numbers, or hyphens.

  Default parameter group names can include a period, such as `default.aurora-mysql5.7`. However, custom parameter group names can't include a period.
+ The first character must be a letter.
+ The name can't end with a hyphen or contain two consecutive hyphens.

## Console


**To create a DB cluster parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. Choose **Create parameter group**.

1. For **Parameter group name**, enter the name of the new DB cluster parameter group.

1. For **Description**, enter a description for the new DB cluster parameter group.

1. For **Engine type**, choose your database engine.

1. For **Parameter group family**, choose a DB parameter group family.

1. Choose **Create**.

## AWS CLI


To create a DB cluster parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-cluster-parameter-group.html) command.

The following example creates a DB cluster parameter group named *mydbclusterparametergroup* for Aurora MySQL version 5.7 with a description of "*My new cluster parameter group*."

Include the following required parameters:
+ `--db-cluster-parameter-group-name`
+ `--db-parameter-group-family`
+ `--description`

To list all of the available parameter group families, use the following command:

```
aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
```

**Note**  
The output contains duplicates.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds create-db-cluster-parameter-group \
    --db-cluster-parameter-group-name mydbclusterparametergroup \
    --db-parameter-group-family aurora-mysql5.7 \
    --description "My new cluster parameter group"
```
For Windows:  

```
aws rds create-db-cluster-parameter-group ^
    --db-cluster-parameter-group-name mydbclusterparametergroup ^
    --db-parameter-group-family aurora-mysql5.7 ^
    --description "My new cluster parameter group"
```
This command produces output similar to the following:  

```
{
    "DBClusterParameterGroup": {
        "DBClusterParameterGroupName": "mydbclusterparametergroup",
        "DBParameterGroupFamily": "aurora-mysql5.7",
        "Description": "My new cluster parameter group",
        "DBClusterParameterGroupArn": "arn:aws:rds:us-east-1:123456789012:cluster-pg:mydbclusterparametergroup"
    }
}
```

## RDS API


To create a DB cluster parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html) action.

Include the following required parameters:
+ `DBClusterParameterGroupName`
+ `DBParameterGroupFamily`
+ `Description`

# Associating a DB cluster parameter group with a DB cluster in Amazon Aurora
Associating a DB cluster parameter group with a DB cluster

You can create your own DB cluster parameter groups with customized settings. You can associate a DB cluster parameter group with a DB cluster using the AWS Management Console, the AWS CLI, or the RDS API. You can do so when you create or modify a DB cluster.

For information about creating a DB cluster parameter group, see [Creating a DB cluster parameter groupin Amazon Aurora](USER_WorkingWithParamGroups.CreatingCluster.md). For information about creating a DB cluster, see [Creating an Amazon Aurora DB cluster](Aurora.CreateInstance.md). For information about modifying a DB cluster, see [Modifying an Amazon Aurora DB cluster](Aurora.Modifying.md).

**Note**  
For Aurora PostgreSQL 15.2, 14.7, 13.10, 12.14, and all 11 versions, when you change the DB cluster parameter group associated with a DB cluster, reboot each replica instance to apply the changes.  
To determine whether the primary DB instance of a DB cluster must be rebooted to apply changes, run the following AWS CLI command:  
`aws rds describe-db-clusters --db-cluster-identifier db_cluster_identifier`  
Check the `DBClusterParameterGroupStatus` value for the primary DB instance in the output. If the value is `pending-reboot`, then reboot the primary DB instance of the DB cluster.

## Console


**To associate a DB cluster parameter group with a DB cluster**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Databases**, and then select the DB cluster that you want to modify. 

1. Choose **Modify**. The **Modify DB cluster** page appears.

1. Change the **DB cluster parameter group** setting. 

1. Choose **Continue** and check the summary of modifications. 

   The change is applied immediately regardless of the **Scheduling of modifications** setting.

1. On the confirmation page, review your changes. If they are correct, choose **Modify cluster** to save your changes. 

   Alternatively, choose **Back** to edit your changes, or choose **Cancel** to cancel your changes. 

## AWS CLI


To associate a DB cluster parameter group with a DB cluster, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster.html](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster.html) command with the following options:
+ `--db-cluster-name`
+ `--db-cluster-parameter-group-name`

The following example associates the `mydbclpg` DB parameter group with the `mydbcluster` DB cluster.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds modify-db-cluster \
    --db-cluster-identifier mydbcluster \
    --db-cluster-parameter-group-name mydbclpg
```
For Windows:  

```
aws rds modify-db-cluster ^
    --db-cluster-identifier mydbcluster ^
    --db-cluster-parameter-group-name mydbclpg
```

## RDS API


To associate a DB cluster parameter group with a DB cluster, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBCluster.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBCluster.html) operation with the following parameters:
+ `DBClusterIdentifier`
+ `DBClusterParameterGroupName`

# Modifying parameters in a DB cluster parameter groupin Amazon Aurora
Modifying parameters in a DB cluster parameter group

You can modify parameter values in a customer-created DB cluster parameter group. You can't change the parameter values in a default DB cluster parameter group. Changes to parameters in a customer-created DB cluster parameter group are applied to all DB clusters that are associated with the DB cluster parameter group.

## Console


**To modify a DB cluster parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the parameter group that you want to modify.

1. For **Parameter group actions**, choose **Edit**.

1. Change the values of the parameters you want to modify. You can scroll through the parameters using the arrow keys at the top right of the dialog box. 

   You can't change values in a default parameter group.

1. Choose **Save changes**.

1. Reboot the primary (writer) DB instance in the cluster to apply the changes to it.

1. Then reboot the reader DB instances to apply the changes to them. 

   If you don't reboot the DB instances, then a failover operation could take longer than normal.

## AWS CLI


To modify a DB cluster parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-cluster-parameter-group.html) command with the following required parameters:
+ `--db-cluster-parameter-group-name`
+ `--parameters`

The following example modifies the `server_audit_logging` and `server_audit_logs_upload` values in the DB cluster parameter group named *mydbclusterparametergroup*.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds modify-db-cluster-parameter-group \
    --db-cluster-parameter-group-name mydbclusterparametergroup \
    --parameters "ParameterName=server_audit_logging,ParameterValue=1,ApplyMethod=immediate" \
                 "ParameterName=server_audit_logs_upload,ParameterValue=1,ApplyMethod=immediate"
```
For Windows:  

```
aws rds modify-db-cluster-parameter-group ^
    --db-cluster-parameter-group-name mydbclusterparametergroup ^
    --parameters "ParameterName=server_audit_logging,ParameterValue=1,ApplyMethod=immediate" ^
                 "ParameterName=server_audit_logs_upload,ParameterValue=1,ApplyMethod=immediate"
```
The command produces output like the following:  

```
DBCLUSTERPARAMETERGROUP  mydbclusterparametergroup
```

## RDS API


To modify a DB cluster parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html) command with the following required parameters:
+ `DBClusterParameterGroupName`
+ `Parameters`

# Resetting parameters in a DB cluster parameter groupin Amazon Aurora
Resetting parameters in a DB cluster parameter group

You can reset parameters to their default values in a customer-created DB cluster parameter group. Changes to parameters in a customer-created DB cluster parameter group are applied to all DB clusters that are associated with the DB cluster parameter group.

**Note**  
In a default DB cluster parameter group, parameters are always set to their default values.

## Console


**To reset parameters in a DB cluster parameter group to their default values**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the parameter group.

1. For **Parameter group actions**, choose **Edit**.

1. Choose the parameters that you want to reset to their default values. You can scroll through the parameters using the arrow keys at the top right of the dialog box. 

   You can't reset values in a default parameter group.

1. Choose **Reset** and then confirm by choosing **Reset parameters**.

1. Reboot the primary DB instance in the DB cluster to apply the changes to all of the DB instances in the DB cluster.

## AWS CLI


To reset parameters in a DB cluster parameter group to their default values, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/reset-db-cluster-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/reset-db-cluster-parameter-group.html) command with the following required option: `--db-cluster-parameter-group-name`.

To reset all of the parameters in the DB cluster parameter group, specify the `--reset-all-parameters` option. To reset specific parameters, specify the `--parameters` option.

The following example resets all of the parameters in the DB parameter group named *mydbparametergroup* to their default values.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds reset-db-cluster-parameter-group \
    --db-cluster-parameter-group-name mydbparametergroup \
    --reset-all-parameters
```
For Windows:  

```
aws rds reset-db-cluster-parameter-group ^
    --db-cluster-parameter-group-name mydbparametergroup ^
    --reset-all-parameters
```

The following example resets the `server_audit_logging` and `server_audit_logs_upload` to their default values in the DB cluster parameter group named *mydbclusterparametergroup*.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds reset-db-cluster-parameter-group \
    --db-cluster-parameter-group-name mydbclusterparametergroup \
    --parameters "ParameterName=server_audit_logging,ApplyMethod=immediate" \
                 "ParameterName=server_audit_logs_upload,ApplyMethod=immediate"
```
For Windows:  

```
aws rds reset-db-cluster-parameter-group ^
    --db-cluster-parameter-group-name mydbclusterparametergroup ^
    --parameters "ParameterName=server_audit_logging,ParameterValue=1,ApplyMethod=immediate" ^
                 "ParameterName=server_audit_logs_upload,ParameterValue=1,ApplyMethod=immediate"
```
The command produces output like the following:  

```
DBClusterParameterGroupName  mydbclusterparametergroup
```

## RDS API


To reset parameters in a DB cluster parameter group to their default values, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBClusterParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBClusterParameterGroup.html) command with the following required parameter: `DBClusterParameterGroupName`.

To reset all of the parameters in the DB cluster parameter group, set the `ResetAllParameters` parameter to `true`. To reset specific parameters, specify the `Parameters` parameter.

# Copying a DB cluster parameter groupin Amazon Aurora
Copying a DB cluster parameter group

You can copy custom DB cluster parameter groups that you create. Copying a parameter group is a convenient solution when you have already created a DB cluster parameter group and you want to include most of the custom parameters and values from that group in a new DB cluster parameter group. You can copy a DB cluster parameter group by using the AWS CLI [copy-db-cluster-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-cluster-parameter-group.html) command or the RDS API [CopyDBClusterParameterGroup](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html) operation.

After you copy a DB cluster parameter group, wait at least 5 minutes before creating a DB cluster that uses that DB cluster parameter group. Doing this allows Amazon RDS to fully copy the parameter group before it is used by the new DB cluster. You can use the **Parameter groups** page in the [Amazon RDS console](https://console.aws.amazon.com/rds/) or the [describe-db-cluster-parameters](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) command to verify that your DB cluster parameter group is created.

**Note**  
You can't copy a default parameter group. However, you can create a new parameter group that is based on a default parameter group.  
You can't copy a DB cluster parameter group to a different AWS account or AWS Region.

## Console


**To copy a DB cluster parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the custom parameter group that you want to copy.

1. For **Parameter group actions**, choose **Copy**.

1. In **New DB parameter group identifier**, enter a name for the new parameter group.

1. In **Description**, enter a description for the new parameter group.

1. Choose **Copy**.

## AWS CLI


To copy a DB cluster parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-cluster-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-cluster-parameter-group.html) command with the following required parameters:
+ `--source-db-cluster-parameter-group-identifier`
+ `--target-db-cluster-parameter-group-identifier`
+ `--target-db-cluster-parameter-group-description`

The following example creates a new DB cluster parameter group named `mygroup2` that is a copy of the DB cluster parameter group `mygroup1`.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds copy-db-cluster-parameter-group \
    --source-db-cluster-parameter-group-identifier mygroup1 \
    --target-db-cluster-parameter-group-identifier mygroup2 \
    --target-db-cluster-parameter-group-description "DB parameter group 2"
```
For Windows:  

```
aws rds copy-db-cluster-parameter-group ^
    --source-db-cluster-parameter-group-identifier mygroup1 ^
    --target-db-cluster-parameter-group-identifier mygroup2 ^
    --target-db-cluster-parameter-group-description "DB parameter group 2"
```

## RDS API


To copy a DB cluster parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html) operation with the following required parameters:
+ `SourceDBClusterParameterGroupIdentifier`
+ `TargetDBClusterParameterGroupIdentifier`
+ `TargetDBClusterParameterGroupDescription`

# Listing DB cluster parameter groupsin Amazon Aurora
Listing DB cluster parameter groups

You can list the DB cluster parameter groups you've created for your AWS account.

**Note**  
Default parameter groups are automatically created from a default parameter template when you create a DB cluster for a particular DB engine and version. These default parameter groups contain preferred parameter settings and can't be modified. When you create a custom parameter group, you can modify parameter settings. 

## Console


**To list all DB cluster parameter groups for an AWS account**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The DB cluster parameter groups appear in the list with **DB cluster parameter group** for **Type**.

## AWS CLI


To list all DB cluster parameter groups for an AWS account, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-clusterparameter-groups.html](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-clusterparameter-groups.html) command.

**Example**  
The following example lists all available DB cluster parameter groups for an AWS account.  

```
aws rds describe-db-cluster-parameter-groups
```
The following example describes the *mydbclusterparametergroup* parameter group.  
For Linux, macOS, or Unix:  

```
aws rds describe-db-cluster-parameter-groups \
    --db-cluster-parameter-group-name mydbclusterparametergroup
```
For Windows:  

```
aws rds describe-db-cluster-parameter-groups ^
    --db-cluster-parameter-group-name mydbclusterparametergroup
```
The command returns a response like the following:  

```
{
    "DBClusterParameterGroups": [
        {
            "DBClusterParameterGroupName": "mydbclusterparametergroup",
            "DBParameterGroupFamily": "aurora-mysql5.7",
            "Description": "My new cluster parameter group",
            "DBClusterParameterGroupArn": "arn:aws:rds:us-east-1:123456789012:cluster-pg:mydbclusterparametergroup"
        }
    ]
}
```

## RDS API


To list all DB cluster parameter groups for an AWS account, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html) action.

# Viewing parameter values for a DB cluster parameter groupin Amazon Aurora
Viewing parameter values for a DB cluster parameter group

You can get a list of all parameters in a DB cluster parameter group and their values.

## Console


**To view the parameter values for a DB cluster parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The DB cluster parameter groups appear in the list with **DB cluster parameter group** for **Type**.

1. Choose the name of the DB cluster parameter group to see its list of parameters.

## AWS CLI


To view the parameter values for a DB cluster parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-cluster-parameters.html) command with the following required parameter.
+ `--db-cluster-parameter-group-name`

**Example**  
The following example lists the parameters and parameter values for a DB cluster parameter group named *mydbclusterparametergroup*, in JSON format.  
The command returns a response like the following:  

```
aws rds describe-db-cluster-parameters --db-cluster-parameter-group-name mydbclusterparametergroup
```

```
{
    "Parameters": [
        {
            "ParameterName": "allow-suspicious-udfs",
            "Description": "Controls whether user-defined functions that have only an xxx symbol for the main function can be loaded",
            "Source": "engine-default",
            "ApplyType": "static",
            "DataType": "boolean",
            "AllowedValues": "0,1",
            "IsModifiable": false,
            "ApplyMethod": "pending-reboot",
            "SupportedEngineModes": [
                "provisioned"
            ]
        },
        {
            "ParameterName": "aurora_binlog_read_buffer_size",
            "ParameterValue": "5242880",
            "Description": "Read buffer size used by master dump thread when the switch aurora_binlog_use_large_read_buffer is ON.",
            "Source": "engine-default",
            "ApplyType": "dynamic",
            "DataType": "integer",
            "AllowedValues": "8192-536870912",
            "IsModifiable": true,
            "ApplyMethod": "pending-reboot",
            "SupportedEngineModes": [
                "provisioned"
            ]
        },

...
```

## RDS API


To view the parameter values for a DB cluster parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html) command with the following required parameter.
+ `DBClusterParameterGroupName`

In some cases, the allowed values for a parameter aren't shown. These are always parameters where the source is the database engine default.

To view the values of these parameters, you can run the following SQL statements:
+ MySQL:

  ```
  -- Show the value of a particular parameter
  mysql$ SHOW VARIABLES LIKE '%parameter_name%';
  
  -- Show the values of all parameters
  mysql$ SHOW VARIABLES;
  ```
+ PostgreSQL:

  ```
  -- Show the value of a particular parameter
  postgresql=> SHOW parameter_name;
  
  -- Show the values of all parameters
  postgresql=> SHOW ALL;
  ```

# Deleting a DB cluster parameter groupin Amazon Aurora
Deleting a DB cluster parameter group

You can delete a DB cluster parameter group using the AWS Management Console, AWS CLI, or RDS API. A DB cluster parameter group parameter group is eligible for deletion only if it isn't associated with a DB cluster.

## Console


**To delete parameter groups**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The parameter groups appear in a list.

1. Choose the name of the DB cluster parameter groups to be deleted.

1. Choose **Actions** and then **Delete**.

1. Review the parameter group names and then choose **Delete**.

## AWS CLI


To delete a DB cluster parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/delete-db-cluster-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/delete-db-cluster-parameter-group.html) command with the following required parameter.
+ `--db-parameter-group-name`

**Example**  
The following example deletes a DB cluster parameter group named *mydbparametergroup.*  

```
aws rds delete-db-cluster-parameter-group --db-parameter-group-name mydbparametergroup
```

## RDS API


To delete a DB cluster parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html) command with the following required parameter.
+ `DBParameterGroupName`

# DB parameter groups for Amazon Aurora DB instances
DB parameter groups

DB instances use DB parameter groups. The following sections describe configuring and managing DB instance parameter groups.

**Topics**
+ [

# Creating a DB parameter group in Amazon Aurora
](USER_WorkingWithParamGroups.Creating.md)
+ [

# Associating a DB parameter group with a DB instance in Amazon Aurora
](USER_WorkingWithParamGroups.Associating.md)
+ [

# Modifying parameters in a DB parameter group in Amazon Aurora
](USER_WorkingWithParamGroups.Modifying.md)
+ [

# Resetting parameters in a DB parameter group to their default values in Amazon Aurora
](USER_WorkingWithParamGroups.Resetting.md)
+ [

# Copying a DB parameter group in Amazon Aurora
](USER_WorkingWithParamGroups.Copying.md)
+ [

# Listing DB parameter groups in Amazon Aurora
](USER_WorkingWithParamGroups.Listing.md)
+ [

# Viewing parameter values for a DB parameter group in Amazon Aurora
](USER_WorkingWithParamGroups.Viewing.md)
+ [

# Deleting a DB parameter group in Amazon Aurora
](USER_WorkingWithParamGroups.Deleting.md)

# Creating a DB parameter group in Amazon Aurora
Creating a DB parameter group

You can create a new DB parameter group using the AWS Management Console, the AWS CLI, or the RDS API.

The following limitations apply to the DB parameter group name:
+ The name must be 1 to 255 letters, numbers, or hyphens.

  Default parameter group names can include a period, such as `default.mysql8.0`. However, custom parameter group names can't include a period.
+ The first character must be a letter.
+ The name can't end with a hyphen or contain two consecutive hyphens.

## Console


**To create a DB parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. Choose **Create parameter group**.

1. For **Parameter group name**, enter the name of your new DB parameter group.

1. For **Description**, enter a description for your new DB parameter group. 

1. For **Engine type**, choose your DB engine. 

1. For **Parameter group family**, choose a DB parameter group family.

1. For **Type**, if applicable, choose **DB Parameter Group**.

1. Choose **Create**.

## AWS CLI


To create a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-parameter-group.html) command. The following example creates a DB parameter group named *mydbparametergroup* for MySQL version 8.0 with a description of "*My new parameter group*."

Include the following required parameters:
+ `--db-parameter-group-name`
+ `--db-parameter-group-family`
+ `--description`

To list all of the available parameter group families, use the following command:

```
aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
```

**Note**  
The output contains duplicates.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds create-db-parameter-group \
    --db-parameter-group-name mydbparametergroup \
    --db-parameter-group-family aurora-mysql5.7 \
    --description "My new parameter group"
```
For Windows:  

```
aws rds create-db-parameter-group ^
    --db-parameter-group-name mydbparametergroup ^
    --db-parameter-group-family aurora-mysql5.7 ^
    --description "My new parameter group"
```
This command produces output similar to the following:  

```
DBPARAMETERGROUP  mydbparametergroup  aurora-mysql5.7  My new parameter group					
```

## RDS API


To create a DB parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html) operation.

Include the following required parameters:
+ `DBParameterGroupName`
+ `DBParameterGroupFamily`
+ `Description`

# Associating a DB parameter group with a DB instance in Amazon Aurora
Associating a DB parameter group to a DB instance

You can create your own DB parameter groups with customized settings. You can associate a DB parameter group with a DB instance using the AWS Management Console, the AWS CLI, or the RDS API. You can do so when you create or modify a DB instance.

For information about creating a DB parameter group, see [Creating a DB parameter group in Amazon Aurora](USER_WorkingWithParamGroups.Creating.md). For information about modifying a DB instance, see [Modifying a DB instance in a DB cluster](Aurora.Modifying.md#Aurora.Modifying.Instance).

**Note**  
When you associate a new DB parameter group with a DB instance, the modified static and dynamic parameters are applied only after the DB instance is rebooted. However, if you modify dynamic parameters in the DB parameter group after you associate it with the DB instance, these changes are applied immediately without a reboot.

## Console


**To associate a DB parameter group with a DB instance**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Databases**, and then choose the DB instance that you want to modify. 

1. Choose **Modify**. The **Modify DB instance** page appears.

1. Change the **DB parameter group** setting. 

1. Choose **Continue** and check the summary of modifications. 

1. (Optional) Choose **Apply immediately** to apply the changes immediately. Choosing this option can cause an outage in some cases. 

1. On the confirmation page, review your changes. If they are correct, choose **Modify DB instance** to save your changes. 

   Or choose **Back** to edit your changes or **Cancel** to cancel your changes. 

## AWS CLI


To associate a DB parameter group with a DB instance, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-instance.html](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-instance.html) command with the following options:
+ `--db-instance-identifier`
+ `--db-parameter-group-name`

The following example associates the `mydbpg` DB parameter group with the `database-1` DB instance. The changes are applied immediately by using `--apply-immediately`. Use `--no-apply-immediately` to apply the changes during the next maintenance window. 

**Example**  
For Linux, macOS, or Unix:  

```
aws rds modify-db-instance \
    --db-instance-identifier database-1 \
    --db-parameter-group-name mydbpg \
    --apply-immediately
```
For Windows:  

```
aws rds modify-db-instance ^
    --db-instance-identifier database-1 ^
    --db-parameter-group-name mydbpg ^
    --apply-immediately
```

## RDS API


To associate a DB parameter group with a DB instance, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html) operation with the following parameters:
+ `DBInstanceName`
+ `DBParameterGroupName`

# Modifying parameters in a DB parameter group in Amazon Aurora
Modifying parameters in a DB parameter group

You can modify parameter values in a customer-created DB parameter group; you can't change the parameter values in a default DB parameter group. Changes to parameters in a customer-created DB parameter group are applied to all DB instances that are associated with the DB parameter group. 

There are two types of parameters: dynamic parameters and static parameters. Changes to dynamic parameters are applied to the DB instance immediately without a reboot. Changes to static parameters are applied only after the DB instance is rebooted.

The RDS console shows the status of the DB parameter group associated with a DB instance on the **Configuration** tab. For example, if the DB instance isn't using the latest changes to its associated DB parameter group, the RDS console shows the DB parameter group with a status of **pending-reboot**. To apply the latest parameter changes to that DB instance, manually reboot the DB instance.

![\[Parameter change pending reboot scenario\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/db-cluster-instance-param-group.png)


## Console


**To modify the parameters in a DB parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the name of the parameter group that you want to modify.

1. For **Parameter group actions**, choose **Edit**.

1. Change the values of the parameters that you want to modify. You can scroll through the parameters using the arrow keys at the top right of the dialog box. 

   You can't change values in a default parameter group.

1. Choose **Save changes**.

## AWS CLI


To modify a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/modify-db-parameter-group.html) command with the following required options:
+ `--db-parameter-group-name`
+ `--parameters`

The following example modifies the` max_connections` and `max_allowed_packet` values in the DB parameter group named *mydbparametergroup*.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds modify-db-parameter-group \
    --db-parameter-group-name mydbparametergroup \
    --parameters "ParameterName=max_connections,ParameterValue=250,ApplyMethod=immediate" \
                 "ParameterName=max_allowed_packet,ParameterValue=1024,ApplyMethod=immediate"
```
For Windows:  

```
aws rds modify-db-parameter-group ^
    --db-parameter-group-name mydbparametergroup ^
    --parameters "ParameterName=max_connections,ParameterValue=250,ApplyMethod=immediate" ^
                 "ParameterName=max_allowed_packet,ParameterValue=1024,ApplyMethod=immediate"
```
The command produces output like the following:  

```
DBPARAMETERGROUP  mydbparametergroup
```

## RDS API


To modify a DB parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html) operation with the following required parameters:
+ `DBParameterGroupName`
+ `Parameters`

# Resetting parameters in a DB parameter group to their default values in Amazon Aurora
Resetting parameters in a DB parameter group

You can reset parameter values in a customer-created DB parameter group to their default values. Changes to parameters in a customer-created DB parameter group are applied to all DB instances that are associated with the DB parameter group.

When you use the console, you can reset specific parameters to their default values. However, you can't easily reset all of the parameters in the DB parameter group at once. When you use the AWS CLI or RDS API, you can reset specific parameters to their default values. You can also reset all of the parameters in the DB parameter group at once.

Changes to some parameters are applied to the DB instance immediately without a reboot. Changes to other parameters are applied only after the DB instance is rebooted. The RDS console shows the status of the DB parameter group associated with a DB instance on the **Configuration** tab. For example, suppose that the DB instance isn't using the latest changes to its associated DB parameter group. If so, the RDS console shows the DB parameter group with a status of **pending-reboot**. To apply the latest parameter changes to that DB instance, manually reboot the DB instance.

![\[Parameter change pending reboot scenario\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/db-cluster-instance-param-group.png)


**Note**  
In a default DB parameter group, parameters are always set to their default values.

## Console


**To reset parameters in a DB parameter group to their default values**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the parameter group.

1. For **Parameter group actions**, choose **Edit**.

1. Choose the parameters that you want to reset to their default values. You can scroll through the parameters using the arrow keys at the top right of the dialog box. 

   You can't reset values in a default parameter group.

1. Choose **Reset** and then confirm by choosing **Reset parameters**.

## AWS CLI


To reset some or all of the parameters in a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/reset-db-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/reset-db-parameter-group.html) command with the following required option: `--db-parameter-group-name`.

To reset all of the parameters in the DB parameter group, specify the `--reset-all-parameters` option. To reset specific parameters, specify the `--parameters` option.

The following example resets all of the parameters in the DB parameter group named *mydbparametergroup* to their default values.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds reset-db-parameter-group \
    --db-parameter-group-name mydbparametergroup \
    --reset-all-parameters
```
For Windows:  

```
aws rds reset-db-parameter-group ^
    --db-parameter-group-name mydbparametergroup ^
    --reset-all-parameters
```

The following example resets the `max_connections` and `max_allowed_packet` options to their default values in the DB parameter group named *mydbparametergroup*.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds reset-db-parameter-group \
    --db-parameter-group-name mydbparametergroup \
    --parameters "ParameterName=max_connections,ApplyMethod=immediate" \
                 "ParameterName=max_allowed_packet,ApplyMethod=immediate"
```
For Windows:  

```
aws rds reset-db-parameter-group ^
    --db-parameter-group-name mydbparametergroup ^
    --parameters "ParameterName=max_connections,ApplyMethod=immediate" ^
                 "ParameterName=max_allowed_packet,ApplyMethod=immediate"
```
The command produces output like the following:  

```
DBParameterGroupName  mydbparametergroup
```

## RDS API


To reset parameters in a DB parameter group to their default values, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBParameterGroup.html) command with the following required parameter: `DBParameterGroupName`.

To reset all of the parameters in the DB parameter group, set the `ResetAllParameters` parameter to `true`. To reset specific parameters, specify the `Parameters` parameter.

# Copying a DB parameter group in Amazon Aurora
Copying a DB parameter group

You can copy custom DB parameter groups that you create. Copying a parameter group can be convenient solution. An example is when you have created a DB parameter group and want to include most of its custom parameters and values in a new DB parameter group. You can copy a DB parameter group by using the AWS Management Console. You can also use the AWS CLI [copy-db-parameter-group](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-parameter-group.html) command or the RDS API [CopyDBParameterGroup](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html) operation.

After you copy a DB parameter group, wait at least 5 minutes before creating your first DB instance that uses that DB parameter group as the default parameter group. Doing this allows Amazon RDS to fully complete the copy action before the parameter group is used. This is especially important for parameters that are critical when creating the default database for a DB instance. An example is the character set for the default database defined by the `character_set_database` parameter. Use the **Parameter Groups** option of the [Amazon RDS console](https://console.aws.amazon.com/rds/) or the [describe-db-parameters](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) command to verify that your DB parameter group is created.

**Note**  
You can't copy a default parameter group. However, you can create a new parameter group that is based on a default parameter group.  
You can't copy a DB parameter group to a different AWS account or AWS Region.

## Console


**To copy a DB parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the custom parameter group that you want to copy.

1. For **Parameter group actions**, choose **Copy**.

1. In **New DB parameter group identifier**, enter a name for the new parameter group.

1. In **Description**, enter a description for the new parameter group.

1. Choose **Copy**.

## AWS CLI


To copy a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/copy-db-parameter-group.html) command with the following required options:
+ `--source-db-parameter-group-identifier`
+ `--target-db-parameter-group-identifier`
+ `--target-db-parameter-group-description`

The following example creates a new DB parameter group named `mygroup2` that is a copy of the DB parameter group `mygroup1`.

**Example**  
For Linux, macOS, or Unix:  

```
aws rds copy-db-parameter-group \
    --source-db-parameter-group-identifier mygroup1 \
    --target-db-parameter-group-identifier mygroup2 \
    --target-db-parameter-group-description "DB parameter group 2"
```
For Windows:  

```
aws rds copy-db-parameter-group ^
    --source-db-parameter-group-identifier mygroup1 ^
    --target-db-parameter-group-identifier mygroup2 ^
    --target-db-parameter-group-description "DB parameter group 2"
```

## RDS API


To copy a DB parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html) operation with the following required parameters:
+ `SourceDBParameterGroupIdentifier`
+ `TargetDBParameterGroupIdentifier`
+ `TargetDBParameterGroupDescription`

# Listing DB parameter groups in Amazon Aurora
Listing DB parameter groups

You can list the DB parameter groups you've created for your AWS account.

**Note**  
Default parameter groups are automatically created from a default parameter template when you create a DB instance for a particular DB engine and version. These default parameter groups contain preferred parameter settings and can't be modified. When you create a custom parameter group, you can modify parameter settings. 

## Console


**To list all DB parameter groups for an AWS account**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The DB parameter groups appear in a list.

## AWS CLI


To list all DB parameter groups for an AWS account, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameter-groups.html](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameter-groups.html) command.

**Example**  
The following example lists all available DB parameter groups for an AWS account.  

```
aws rds describe-db-parameter-groups
```
The command returns a response like the following:  

```
DBPARAMETERGROUP  default.mysql8.0     mysql8.0  Default parameter group for MySQL8.0
DBPARAMETERGROUP  mydbparametergroup   mysql8.0  My new parameter group
```
The following example describes the *mydbparamgroup1* parameter group.  
For Linux, macOS, or Unix:  

```
aws rds describe-db-parameter-groups \
    --db-parameter-group-name mydbparamgroup1
```
For Windows:  

```
aws rds describe-db-parameter-groups ^
    --db-parameter-group-name mydbparamgroup1
```
The command returns a response like the following:  

```
DBPARAMETERGROUP  mydbparametergroup1  mysql8.0  My new parameter group
```

## RDS API


To list all DB parameter groups for an AWS account, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html) operation.

# Viewing parameter values for a DB parameter group in Amazon Aurora
View parameter values for a DB parameter group

You can get a list of all parameters in a DB parameter group and their values.

## Console


**To view the parameter values for a DB parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The DB parameter groups appear in a list.

1. Choose the name of the parameter group to see its list of parameters.

## AWS CLI


To view the parameter values for a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-parameters.html) command with the following required parameter.
+ `--db-parameter-group-name`

**Example**  
The following example lists the parameters and parameter values for a DB parameter group named *mydbparametergroup.*  

```
aws rds describe-db-parameters --db-parameter-group-name mydbparametergroup
```
The command returns a response like the following:  

```
DBPARAMETER  Parameter Name            Parameter Value  Source           Data Type  Apply Type  Is Modifiable
DBPARAMETER  allow-suspicious-udfs                      engine-default   boolean    static      false
DBPARAMETER  auto_increment_increment                   engine-default   integer    dynamic     true
DBPARAMETER  auto_increment_offset                      engine-default   integer    dynamic     true
DBPARAMETER  binlog_cache_size         32768            system           integer    dynamic     true
DBPARAMETER  socket                    /tmp/mysql.sock  system           string     static      false
```

## RDS API


To view the parameter values for a DB parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html) command with the following required parameter.
+ `DBParameterGroupName`

# Deleting a DB parameter group in Amazon Aurora
Deleting a DB parameter group

You can delete a DB parameter group using the AWS Management Console, AWS CLI, or RDS API. A parameter group is eligible for deletion only if it isn't associated with a DB instance.

## Console


**To delete a DB parameter group**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

   The DB parameter groups appear in a list.

1. Choose the name of the parameter groups to be deleted.

1. Choose **Actions** and then **Delete**.

1. Review the parameter group names and then choose **Delete**.

## AWS CLI


To delete a DB parameter group, use the AWS CLI [https://docs.aws.amazon.com/cli/latest/reference/rds/delete-db-parameter-group.html](https://docs.aws.amazon.com/cli/latest/reference/rds/delete-db-parameter-group.html) command with the following required parameter.
+ `--db-parameter-group-name`

**Example**  
The following example deletes a DB parameter group named *mydbparametergroup.*  

```
aws rds delete-db-parameter-group --db-parameter-group-name mydbparametergroup
```

## RDS API


To delete a DB parameter group, use the RDS API [https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html) command with the following required parameter.
+ `DBParameterGroupName`

# Comparing DB parameter groups


You can use the AWS Management Console to view the differences between two DB parameter groups.

The specified parameter groups must both be DB parameter groups, or they both must be DB cluster parameter groups. This is true even when the DB engine and version are the same. For example, you can't compare an `aurora-mysql8.0` (Aurora MySQL version 3) DB parameter group and an `aurora-mysql8.0` DB cluster parameter group.

You can compare Aurora MySQL and RDS for MySQL DB parameter groups, even for different versions, but you can't compare Aurora PostgreSQL and RDS for PostgreSQL DB parameter groups.

**To compare two DB parameter groups**

1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console.aws.amazon.com/rds/](https://console.aws.amazon.com/rds/).

1. In the navigation pane, choose **Parameter groups**.

1. In the list, choose the two parameter groups that you want to compare.
**Note**  
To compare a default parameter group to a custom parameter group, first choose the default parameter group on the **Default** tab, then choose the custom parameter group on the **Custom** tab.

1. From **Actions**, choose **Compare**.

# Specifying DB parameters


DB parameter types include the following:
+ Integer
+ Boolean
+ String
+ Long
+ Double
+ Timestamp
+ Object of other defined data types
+ Array of values of type integer, Boolean, string, long, double, timestamp, or object

You can also specify integer and Boolean parameters using expressions, formulas, and functions. 

**Contents**
+ [

## DB parameter formulas
](#USER_ParamFormulas)
  + [

### DB parameter formula variables
](#USER_FormulaVariables)
  + [

### DB parameter formula operators
](#USER_FormulaOperators)
+ [

## DB parameter functions
](#USER_ParamFunctions)
+ [

## DB parameter log expressions
](#USER_ParamLogExpressions)
+ [

## DB parameter value examples
](#USER_ParamValueExamples)

## DB parameter formulas


A DB parameter formula is an expression that resolves to an integer value or a Boolean value. You enclose the expression in braces: \$1\$1. You can use a formula for either a DB parameter value or as an argument to a DB parameter function.

**Syntax**  

```
{FormulaVariable}
{FormulaVariable*Integer}
{FormulaVariable*Integer/Integer}
{FormulaVariable/Integer}
```

### DB parameter formula variables


Each formula variable returns an integer or a Boolean value. The names of the variables are case-sensitive.

*AllocatedStorage*  
Returns an integer representing the size, in bytes, of the data volume.

*DBInstanceClassMemory*  
Returns an integer for the number of bytes of memory available to the database process. This number is internally calculated by starting with the total amount of memory for the DB instance class. From this, the calculation subtracts memory reserved for the operating system and the RDS processes that manage the instance. Therefore, the number is always somewhat lower than the memory figures shown in the instance class tables in [Amazon AuroraDB instance classes](Concepts.DBInstanceClass.md). The exact value depends on a combination of factors. These include instance class, DB engine, and whether it applies to an RDS instance or an instance that's part of an Aurora cluster. 

*DBInstanceVCPU*  
Returns an integer representing the number of virtual central processing units (vCPUs) used by Amazon RDS to manage the instance.

*EndPointPort*  
Returns an integer representing the port used when connecting to the DB instance.

*TrueIfReplica*  
Returns `1` if the DB instance is a read replica and `0` if it is not. This is the default value for the `read_only` parameter in Aurora MySQL.

### DB parameter formula operators


DB parameter formulas support two operators: division and multiplication.

*Division operator: /*  
Divides the dividend by the divisor, returning an integer quotient. Decimals in the quotient are truncated, not rounded.  
Syntax  

```
dividend / divisor
```
The dividend and divisor arguments must be integer expressions.

*Multiplication operator: \$1*  
Multiplies the expressions, returning the product of the expressions. Decimals in the expressions are truncated, not rounded.  
Syntax  

```
expression * expression
```
Both expressions must be integers.

## DB parameter functions


You specify the arguments of DB parameter functions as either integers or formulas. Each function must have at least one argument. Specify multiple arguments as a comma-separated list. The list can't have any empty members, such as *argument1*,,*argument3*. Function names are case-insensitive.

*IF*  
Returns an argument.  
Syntax  

```
IF(argument1, argument2, argument3)
```
Returns the second argument if the first argument evaluates to true. Returns the third argument otherwise.

*GREATEST*  
Returns the largest value from a list of integers or parameter formulas.  
Syntax  

```
GREATEST(argument1, argument2,...argumentn)
```
Returns an integer.

*LEAST*  
Returns the smallest value from a list of integers or parameter formulas.  
Syntax  

```
LEAST(argument1, argument2,...argumentn)
```
Returns an integer.

*SUM*  
Adds the values of the specified integers or parameter formulas.  
Syntax  

```
SUM(argument1, argument2,...argumentn)
```
Returns an integer.

## DB parameter log expressions


You can set an integer DB parameter value to a log expression. You enclose the expression in braces: \$1\$1. For example:

```
{log(DBInstanceClassMemory/8187281418)*1000}
```

The `log` function represents log base 2. This example also uses the `DBInstanceClassMemory` formula variable. See [DB parameter formula variables](#USER_FormulaVariables). 

## DB parameter value examples


These examples show using formulas, functions, and expressions for the values of DB parameters.

**Warning**  
Improperly setting parameters in a DB parameter group can have unintended adverse effects. These might include degraded performance and system instability. Use caution when modifying database parameters and back up your data before modifying your DB parameter group. Try out parameter group changes on a test DB instance, created using point-in-time-restores, before applying those parameter group changes to your production DB instances. 

**Example using the DB parameter function LEAST**  
You can specify the `LEAST` function in an Aurora MySQL `table_definition_cache` parameter value. Use it to set the number of table definitions that can be stored in the definition cache to the lesser of `DBInstanceClassMemory`/393040 or 20,000.  

```
LEAST({DBInstanceClassMemory/393040}, 20000)
```

# Migrating data to an Amazon Aurora DB cluster
Migrating data to a DB cluster

You have several options for migrating data from your existing database to an Amazon Aurora DB cluster, depending on database engine compatibility. Your migration options also depend on the database that you are migrating from and the size of the data that you are migrating. 

## Migrating data to an Amazon Aurora MySQL DB cluster
Aurora MySQL

You can migrate data from one of the following sources to an Amazon Aurora MySQL DB cluster.
+ An RDS for MySQL DB instance
+ A MySQL database external to Amazon RDS
+ A database that is not MySQL-compatible

For more information, see [Migrating data to an Amazon Aurora MySQL DB cluster](AuroraMySQL.Migrating.md).

## Migrating data to an Amazon Aurora PostgreSQL DB cluster
Aurora PostgreSQL

You can migrate data from one of the following sources to an Amazon Aurora PostgreSQL DB cluster.
+ An Amazon RDS PostgreSQL DB instance
+ A database that is not PostgreSQL-compatible

For more information, see [Migrating data to Amazon Aurora with PostgreSQL compatibility](AuroraPostgreSQL.Migrating.md).

# Creating an Amazon ElastiCache cache using Aurora DB cluster settings
Creating an ElastiCache cache from Amazon RDS

ElastiCache is a fully managed, in-memory caching service that provides microsecond read and write latencies that support flexible, real-time use cases. ElastiCache can help you accelerate application and database performance. You can use ElastiCache as a primary data store for use cases that don't require data durability, such as gaming leaderboards, streaming, and data analytics. ElastiCache helps remove the complexity associated with deploying and managing a distributed computing environment. For more information, see [Common ElastiCache Use Cases and How ElastiCache Can Help](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/elasticache-use-cases.html) for Memcached and [Common ElastiCache Use Cases and How ElastiCache Can Help](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/elasticache-use-cases.html) for Redis OSS. You can use the Amazon RDS console for creating ElastiCache cache. 

You can operate Amazon ElastiCache in two formats. You can get started with a serverless cache or choose to design your own cache cluster. If you choose to design your own cache cluster, ElastiCache works with both the Redis OSS and Memcached engines. If you're unsure which engine you want to use, see [Comparing Memcached and Redis OSS](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html). For more information about Amazon ElastiCache, see the [Amazon ElastiCache User Guide](https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/).

**Topics**
+ [

## Overview of ElastiCache cache creation with Aurora DB cluster settings
](#creating-elasticache-cluster-with-RDS-settings-overview)
+ [

## Creating an ElastiCache cache with settings from an Aurora DB cluster
](#creating-elasticache-cluster-with-RDS-settings-new-DB)

## Overview of ElastiCache cache creation with Aurora DB cluster settings


You can create an ElastiCache cache from Amazon RDS using the same configuration settings as a newly created or existing Aurora DB cluster. 

Some use cases to associate an ElastiCache cache with your DB cluster:
+ You can save costs and improve your performance by using ElastiCache with RDS versus running on RDS alone.
+ You can use the ElastiCache cache as a primary data store for applications that don't require data durability. Your applications that use Redis OSS or Memcached can use ElastiCache with almost no modification.

When you create an ElastiCache cache from RDS, the ElastiCache cache inherits the following settings from the associated Aurora DB cluster:
+ ElastiCache connectivity settings
+ ElastiCache security settings

You can also set the cache configuration settings according to your requirements.

### Setting up ElastiCache in your applications


Your applications must be set up to utilize ElastiCache cache. You can also optimize and improve cache performance by setting up your applications to use caching strategies depending on your requirements.
+  To access your ElastiCache cache and get started, see [Getting started with ElastiCache (Redis OSS)](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/GettingStarted.html) and [Getting started with ElastiCache (Memcached)](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/GettingStarted.html). 
+  For more information about caching strategies, see [Caching strategies and best practices](https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/BestPractices.html) for Memcached and [Caching strategies and best practices](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/BestPractices.html) for Redis OSS. 
+  For more information about high availability in ElastiCache (Redis OSS) clusters, see [ High availability using replication groups](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/BestPractices.html). 
+  You might incur costs associated with backup storage, data transfer within or across regions, or use of AWS Outposts. For pricing details, see [ Amazon ElastiCache pricing](https://aws.amazon.com/elasticache/pricing/). 

## Creating an ElastiCache cache with settings from an Aurora DB cluster


You can create an ElastiCache cache for your Aurora DB clusters with settings for inherited from the DB cluster. 

**Create an ElastiCache cache with settings from a DB cluster**

1. To create a DB cluster, follow the instructions in [Creating an Amazon Aurora DB cluster](Aurora.CreateInstance.md).

1. After creating an Aurora DB cluster, the console displays the **Suggested add-ons** window. Select **Create an ElastiCache cluster from RDS using your DB settings**. 

   For an existing database, in the **Databases** page, select the required DB cluster. In the **Actions** dropdown menu, choose **Create ElastiCache cluster** to create an ElastiCache cache in RDS that has the same settings as your existing Aurora DB cluster.

   In the **ElastiCache configuration section**, the **Source DB identifier** displays which DB cluster the ElastiCache cache inherits settings from.

1. Choose whether you want to create a Redis OSS or Memcached cluster. For more information, see [Comparing Memcached and Redis OSS](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html).  
![\[Choose cluster type and deployement option.\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/EC-RDS-Config.png)

1. After this, choose whether you want to create a **Serverless cache** or **Design your own cache**. For more information, see [ Choosing between deployment options](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.deployment.html).

   If you choose **Serverless cache**: 

   1. In **Cache settings**, enter values for **Name** and **Description**. 

   1. Under **View default settings**, leave the default settings to establish the connection between your cache and DB cluster.

   1. You can also edit the default settings by choosing **Customize default settings**. Select the **ElastiCache connectivity settings**, **ElastiCache security settings**, and **Maximum usage limits**.

1. If you choose **Design your own cache**: 

   1. If you chose **Redis OSS cluster**, choose whether you want to keep the cluster mode **Enabled** or **Disabled**. For more information, see [ Replication: Redis OSS (Cluster Mode Disabled) vs. Redis OSS (Cluster Mode Enabled)](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Replication.Redis-RedisCluster.html).

   1. Enter values for **Name**, **Description**, and **Engine version**. 

      For **Engine version**, the recommended default value is the latest engine version. You can also choose an **Engine version** for the ElastiCache cache that best meets your requirements.

   1. Choose the node type in the **Node type** option. For more information, see [Managing nodes](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.html).

      If you choose to create a Redis OSS cluster with the **Cluster mode** set to **Enabled**, then enter the number of shards (partitions/node groups) in the **Number of shards** option.

      Enter the number of replicas of each shard in **Number of replicas**.
**Note**  
The selected node type, the number of shards, and the number of replicas all affect your cache performance and resource costs. Be sure these settings match your database needs. For pricing information, see [Amazon ElastiCache pricing](https://aws.amazon.com/elasticache/pricing/).

   1. Select the **ElastiCache connectivity settings** and **ElastiCache security settings**. You can keep the default settings or customize these settings per your requirements. 

1. Verify the default and inherited settings of your ElastiCache cache. Some settings can't be changed after creation.
**Note**  
RDS might adjust the backup window of your ElastiCache cache to meet the minimum window requirement of 60 minutes. The backup window of your source database remains the same. 

1. When you're ready, choose **Create ElastiCache cache**.

The console displays a confirmation banner for the ElastiCache cache creation. Follow the link in the banner to the ElastiCache console to view the cache details. The ElastiCache console displays the newly created ElastiCache cache. 

# Auto migrating EC2 databases to Amazon Aurora using AWS Database Migration Service
Auto-migrating EC2 databases

You can use the Aurora console to migrate an EC2 database to Aurora. Aurora uses AWS Database Migration Service (AWS DMS) to migrate your source EC2 database. AWS DMS allows you to migrate relational databases into your AWS Cloud. For more information about AWS Database Migration Service, see [What is AWS Database Migration Service?](https://docs.aws.amazon.com/dms/latest/userguide/Welcome.html) in the *AWS Database Migration Service User Guide*.

To begin the migration, you must create an equivalent Aurora DB cluster to migrate the data into. After you create your target database, you can import your EC2 database into it. For source databases smaller than 1TiB, this migration action reduces the time and resources required to migrate your data into Aurora .

## Overview
Overview

The Aurora console allows you to migrate EC2 databases into equivalent Aurora databases. You must create an Aurora database to enable migration from the console.

You can migrate EC2 databases for the following databases engines:
+ MySQL
+ PostgreSQL

The migration process involves the following steps:
+ Create an equivalent database in Aurora. For the databases to be equivalent, they must have the same database engine and compatible engine versions. They must also be in the same VPC. For instructions on creating your database, see [Creating an Amazon Aurora DB cluster](Aurora.CreateInstance.md) . 
+ Choose the type of replication for your database:
  + **Full load migration** – Aurora copies the complete source database to the target database, creating new tables in the target when necessary.
**Note**  
This option causes an outage in your Aurora database.
  + **Full load and change data capture (CDC) migration** – Similar to full load migration, with this option, Aurora copies over the complete source database to the target database. However, after the full load migration, Aurora applies any captured changes in the source to the target database. Change data capture collects changes to the database logs by using the database engine's native API.
**Note**  
This option causes an outage in your Aurora database.
  + **Change data capture (CDC)** – Use this option to keep your target database available through the migration. Aurora migrates ongoing changes in your source database to the target database.
+ Aurora creates the necessary networking resources to facilitate the migration. Once Aurora creates the required resources, it notifies you about the resources created and allows you to initiate the data transfer.

  The time required to complete the migration depends on the type of replication and the size of the source database.

## Prerequisites
Prerequisites

### MySQL
MySQL

Before you begin to work with a MySQL database as the source database, make sure that you have the following prerequisites. These prerequisites apply to AWS-managed sources.

You must have an account for AWS DMS that has the Replication Admin role. The role needs the following privileges:
+ **REPLICATION CLIENT** – This privilege is required for CDC tasks only. In other words, full-load-only tasks don't require this privilege.
+ **REPLICATION SLAVE** – This privilege is required for CDC tasks only. In other words, full-load-only tasks don't require this privilege.

The AWS DMS user must also have SELECT privileges for the source tables designated for replication.

Grant the following privileges if you use MySQL-specific premigration assessments.

```
grant select on mysql.user to <dms_user>;
grant select on mysql.db to <dms_user>;
grant select on mysql.tables_priv to <dms_user>;
grant select on mysql.role_edges to <dms_user>  #only for MySQL version 8.0.11 and higher
```

### PostgreSQL
PostgreSQL

Before migrating data from an AWS-managed PostgreSQL source database, do the following:
+ We recommend that you use an AWS user account with the minimum required permissions for the PostgreSQL DB instance as the user account for the PostgreSQL source endpoint for AWS DMS. Using the master account is not recommended. The account must have the `rds_superuser` role and the `rds_replication` role. The `rds_replication` role grants permissions to manage logical slots and to stream data using logical slots.

**Note**  
Some AWS DMS transactions are idle for some time before the DMS engine uses them again. By using the parameter `idle_in_transaction_session_timeout` in PostgreSQL versions 9.6 and higher, you can cause idle transactions to time out and fail.

## Limitations
Limitations

The following limitations apply to the auto-migrate process:
+ Your target database status must be **Available** to begin source database migration.
+ When migrating from a MySQL source database, your Aurora account must have the Replication Admin role. You must also have the proper privileges applied for that role.
+ Your EC2 instance and target database must be in the same VPC.
+ You can't migrate your EC2 database to the following target databases when using the **Migrate data from EC2 database** action:
  + Aurora global database
  + Aurora Limitless database
  + Aurora Serverless v1
  + Databases with MySQL version lower than 5.7
  + Databases with PostgreSQL version lower than 10.4

# Creating IAM resources for homogeneous migrations
Creating IAM resources

Aurora uses AWS DMS to migrate your data. To access your databases and to migrate data, AWS DMS creates a serverless environment for homogeneous data migrations. In this environment, AWS DMS requires access to VPC peering, route tables, security groups, and other AWS resources. Also, AWS DMS stores logs, metrics, and progress for each data migration in Amazon CloudWatch. To create a data migration project, AWS DMS needs access to these services.

Also, AWS DMS requires access to the secrets that respresent a set of user credentials to authenticate the database connection for the source and target connection.

**Note**  
By using the **Migrate data from EC2 instance** action, you can use the Aurora console to generate these IAM resources. Skip this step if you use the console generated IAM resources.

You need the following IAM resources for this process:

**Topics**
+ [

## Creating an IAM policy for homogeneous data migrations
](#USER_DMS_migration-IAM.iam-policy)
+ [

## Creating an IAM role for homogeneous data migrations
](#USER_DMS_migration-IAM.iam-role)
+ [

# Creating a secret access policy and role
](USER_DMS_migration-IAM.secret-iam-role-policy.md)
+ [

# Creating an IAM role for AWS DMS to manage Amazon VPC
](USER_DMS_migration-IAM.dms-vpc-role.md)

## Creating an IAM policy for homogeneous data migrations
Creating an IAM policy

In this step, you create an IAM policy that provides AWS DMS with access to Amazon EC2 and CloudWatch resources. Next, create an IAM role and attach this policy.

**To create an IAM policy for data migration**

1. Sign in to the AWS Management Console and open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).

1. In the navigation pane, choose **Policies**.

1. Choose **Create policy**.

1. In the **Create policy** page, choose the **JSON** tab.

1. Paste the following JSON into the editor.

------
#### [ JSON ]

****  

   ```
   {
       "Version":"2012-10-17",		 	 	 
       "Statement": [
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:DescribeRouteTables",
                   "ec2:DescribeSecurityGroups",
                   "ec2:DescribeVpcPeeringConnections",
                   "ec2:DescribeVpcs",
                   "ec2:DescribePrefixLists",
                   "logs:DescribeLogGroups"
               ],
               "Resource": "*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "servicequotas:GetServiceQuota"
               ],
               "Resource": "arn:aws:servicequotas:*:*:vpc/L-0EA8095F"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "logs:CreateLogGroup",
                   "logs:DescribeLogStreams"
               ],
               "Resource": "arn:aws:logs:*:*:log-group:dms-data-migration-*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "logs:CreateLogStream",
                   "logs:PutLogEvents"
               ],
               "Resource": "arn:aws:logs:*:*:log-group:dms-data-migration-*:log-stream:dms-data-migration-*"
           },
           {
               "Effect": "Allow",
               "Action": "cloudwatch:PutMetricData",
               "Resource": "*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:CreateRoute",
                   "ec2:DeleteRoute"
               ],
               "Resource": "arn:aws:ec2:*:*:route-table/*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:CreateTags"
               ],
               "Resource": [
                   "arn:aws:ec2:*:*:security-group/*",
                   "arn:aws:ec2:*:*:security-group-rule/*",
                   "arn:aws:ec2:*:*:route-table/*",
                   "arn:aws:ec2:*:*:vpc-peering-connection/*",
                   "arn:aws:ec2:*:*:vpc/*"
               ]
           },
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:AuthorizeSecurityGroupEgress",
                   "ec2:AuthorizeSecurityGroupIngress"
               ],
               "Resource": "arn:aws:ec2:*:*:security-group-rule/*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:AuthorizeSecurityGroupEgress",
                   "ec2:AuthorizeSecurityGroupIngress",
                   "ec2:RevokeSecurityGroupEgress",
                   "ec2:RevokeSecurityGroupIngress"
               ],
               "Resource": "arn:aws:ec2:*:*:security-group/*"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "ec2:AcceptVpcPeeringConnection",
                   "ec2:ModifyVpcPeeringConnectionOptions"
               ],
               "Resource": "arn:aws:ec2:*:*:vpc-peering-connection/*"
           },
           {
               "Effect": "Allow",
               "Action": "ec2:AcceptVpcPeeringConnection",
               "Resource": "arn:aws:ec2:*:*:vpc/*"
           }
       ]
   }
   ```

------

1. Choose **Next: Tags** and **Next: Review.**

1. Enter **HomogeneousDataMigrationsPolicy** for **Name\$1**, and choose **Create policy**.

## Creating an IAM role for homogeneous data migrations
Creating an IAM role

In this step, you create an IAM role that provides access to AWS Secrets Manager, Amazon EC2, and CloudWatch.

**To create an IAM role for data migrations**

1. Sign in to the AWS Management Console and open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).

1. In the navigation pane, choose **Roles**.

1. Choose **Create role**.

1. On the **Select trusted entity** page, for **Trusted entity type**, choose **AWS Service**. For **Use cases for other AWS services**, choose **DMS**.

1. Select the **DMS** check box and choose **Next**.

1. On the **Add permissions** page, choose **HomogeneousDataMigrationsPolicy** that you created before. Choose **Next**.

1. On the **Name, review, and create** page, enter **HomogeneousDataMigrationsRole** for **Role name**, and choose **Create role**.

1. On the **Roles** page, enter **HomogeneousDataMigrationsRole** for **Role name**. Choose **HomogeneousDataMigrationsRole**.

1. On the **HomogeneousDataMigrationsRole** page, choose the **Trust relationships** tab. Choose **Edit trust policy**.

1. On the **Edit trust policy** page, paste the following JSON into the editor, replacing the existing text.

------
#### [ JSON ]

****  

   ```
   {
       "Version":"2012-10-17",		 	 	 
       "Statement": [
           {
               "Sid": "",
               "Effect": "Allow",
               "Principal": {
                   "Service": [
                       "dms-data-migrations.amazonaws.com",
                       "dms.your_region.amazonaws.com"
                   ]
               },
               "Action": "sts:AssumeRole"
           }
       ]
   }
   ```

------

   In the preceding example, replace *your\$1region* with the name of your AWS Region.

   The preceding resource-based policy provides AWS DMS service principals with permissions to perform tasks according to the customer managed **HomogeneousDataMigrationsPolicy** policy.

1. Choose **Update policy**.

# Creating a secret access policy and role
Secret access policy and role

Follow the procedures below to create your secret access policy and role which allow DMS to access the user credentials for your source and target databases.

**To create the secret access policy and role, which allows Amazon RDS to access AWS Secrets Manager to access your appropriate secret**

1. Sign in to the AWS Management Console and open the AWS Identity and Access Management (IAM) console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).

1. Choose **Policies**, then choose **Create policy**.

1. Choose **JSON** and enter the following policy to enable access to and decryption of your secret.

------
#### [ JSON ]

****  

   ```
   {
       "Version":"2012-10-17",		 	 	 
       "Statement": [
           {
               "Effect": "Allow",
               "Action": "secretsmanager:GetSecretValue",
               "Resource": "arn:aws:secretsmanager:us-east-1:111122223333:secret:SecretName-ABCDEF"
           },
           {
               "Effect": "Allow",
               "Action": [
                   "kms:Decrypt",
                   "kms:DescribeKey"
               ],
               "Resource": "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
           }
       ]
   }
   ```

------

   Here, `secret_arn` is the ARN of your secret, which you can get from either `SecretsManagerSecretId` as appropriate, and `kms_key_arn` is the ARN of the AWS KMS key that you are using to encrypt your secret, as in the following example.

------
#### [ JSON ]

****  

   ```
   {
       "Version":"2012-10-17",		 	 	 
       "Statement": [
           {
               "Effect": "Allow",
               "Action": "secretsmanager:GetSecretValue",
               "Resource": "arn:aws:secretsmanager:us-east-2:123456789012:secret:MySQLTestSecret-qeHamH"
           },
           {
                "Effect": "Allow",
                "Action": [
                           "kms:Decrypt",
                           "kms:DescribeKey"
                         ],
                "Resource": "arn:aws:kms:us-east-2:123456789012:key/761138dc-0542-4e58-947f-4a3a8458d0fd"
           }
        ]
   }
   ```

------
**Note**  
If you use the default encryption key created by AWS Secrets Manager, you do not have to specify the AWS KMS permissions for `kms_key_arn`.  
If you want your policy to provide access to both secrets, simply specify an additional JSON resource object for the other *secret\$1arn*.

1. Review and create the policy with a friendly name and optional description.

1. Choose **Roles**, then choose **Create role**.

1. Choose **AWS service** as the type of trusted entity.

1. Choose **DMS** from the list of services as the trusted service, then choose **Next: Permissions**.

1. Look up and attach the policy you created in step 4, then proceed through adding any tags and review your role. At this point, edit the trust relationships for the role to use your Amazon RDS regional service principal as the trusted entity. This principal has the following format.

   ```
   dms.region-name.amazonaws.com
   ```

   Here, *`region-name`* is the name of your region, such as `us-east-1`. Thus, an Amazon RDS regional service principal for this region follows.

   ```
   dms.us-east-1.amazonaws.com
   dms-data-migrations.amazonaws.com
   ```

# Creating an IAM role for AWS DMS to manage Amazon VPC
Creating IAM role for DMS

You must create an IAM role for AWS DMS to manage the VPC settings for your resources. This role must be available for successful migration.

**Creating the `dms-vpc-role` for database migration**

1. Sign in to the AWS Management Console and open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).

1. In the navigation pane of the console, choose **Roles** and then choose **Create role**.

1. Choose the **AWS service** option for the **Select trusted entity** option.

   For **Use case**, select **DMS**.

1. For the **Add permissions** step, select `AmazonDMSVPCManagementRole` and choose **Next**.

1. In the **Name, review, and create** page, set the **Role name** to `dms-vpc-role` and choose **Create role**.

This creates the role for the DMS to manage the VPC settings for the migration.

# Setting up data migration for EC2 database
Set up data migration

To begin migrating data from your EC2 source database, you must create an equivalent Aurora database. For instructions on creating your database, see [Creating an Amazon Aurora DB cluster](Aurora.CreateInstance.md) .

After creating your target database, use the following steps to set up the data migration:

**Set up data migration project**

1. Select the target database on the **Databases** page in the RDS console.

1. Choose the **Actions** dropdown and select the **Migrate data from EC2 database** option. To see the supported target databases, see [Limitations](USER_DMS_migration.md#USER_DMS_migration-Limitations).

1. Under the **Select source EC2 database** section:

   1. Check the **Engine type** and make sure it is the same as your source database.

      Also, check if the engine versions are compatible.

   1. For **EC2 instance**, choose the EC2 instance where your source database resides.

   1. For **Port**, enter the port on which your source database allows traffic.

   1. For **Secret**, choose **Create and use a new secret** if you don't have an existing secret. Enter the **Username** and **Password** for your source database. Also choose the KMS key with which to encrypt your secret.

      If you have an existing secret, select **Use an existing secret** and then choose secret from the dropdown.

   1. For **IAM role for secret**, if you have an existing IAM role, select **Use an existing IAM role** and choose an IAM role from the dropdown that can access the secret ID from the previous step.

      If you don't have existing IAM role, choose **Create and use new IAM role**. Enter the new name for your role for **IAM role name. You can see the permissions associated with this role in the link below.**

1. Under the **View target RDS database** section:

   1. Confirm the settings of your target database at the top of the section.

   1. For **Secret**, choose **Create and use a new secret** if you don't have an existing secret that holds your target database credentials.

      If you have an existing secret, select the secret from the dropdown.

   1. For **IAM role for secret**, select an IAM role that can access the secret from the previous step. You can also create a new IAM role if you don't have existing IAM role.

      If the dropdown doesn't populate the IAM roles, specify the **IAM role ARN** in the format `arn:aws:iam:account_id:role/roleName`.

1. Under the **Configure data migration** section:

   1. Select the type of data migration by selecting between **Full load**, **Full load and change data capture (CDC)**, or **Change data capture (CDC)**. For more information about these options, see [Overview](USER_DMS_migration.md#USER_DMS_migration-overview).

      You can't modify the migration type afer the migration starts. 

   1. For **IAM role for data migration**, if you have an existing IAM role, select **Use an existing IAM role** and choose an IAM role from the dropdown that grants DMS the permissions to create the resources required for the migration. If you don't have existing IAM role, choose **Create and use new IAM role**.

1. Confirm that the **View migration settings** tab shows the required settings for your data migration to be set up successfully.

1. Select **Migrate** to complete the migration set up.

After completing these steps, you can see the resources being set up for the data migration by choosing **View details** in the progress banner in the console. Once the required resources are set up, the migration automatically starts. If you create 

To migrate multiple databases into the target database, start this process again with details about the new EC2 database.

# Managing data migrations
Managing migrations

After using the **Migrate data from EC2 database** action from the RDS console, Aurora starts the migration automatically.

If you used the AWS DMS console to create the migration resources, you can start the migration process.

## Starting the data migration
Starting

Follow these steps to start data migration:

**Starting a data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. Under the **Data migrations** tab, the **Associated data migrations** lists the available data migrations.

   Migrations set up using the Aurora console start automatically once the required resources are set up.

   Migrations set up using the DMS console are set to **Ready**.

   To begin these migrations, select the **Actions** drop down and select **Start**.

1. This begins the data migration for your EC2 database.

## Stopping the data migration
Stopping

For data migrations whose replication type is full load, stopping the migration causes the process to stop and can't be resumed. Once stopped, you must restart the migration.

For migrations with replication type set to change data capture (CDC) or full load and CDC, you can stop the continuous replication process, and resume the process later.

**Stopping a data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. Under the **Data migrations** tab, the **Associated data migrations** lists the ongoing data migrations.

   To stop a migration, select a data migration and select **Stop** in the **Actions** drop down.

1. This stops the data migration for your EC2 database.

## Resuming the data migration
Resuming

For data migrations whose replication type is full load and change data capture (CDC) or change data capture (CDC) migration, you can resume the CDC process from the last stop point.

**Resuming a data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. Under the **Data migrations** tab, the **Associated data migrations** lists the stopped data migrations.

   To resume a migration, select a data migration and select **Resume processing** in the **Actions** drop down.

1. This resume the data migration for your EC2 database.

## Deleting the data migration
Deleting

To delete an associated data migration, use the following instructions

**Deleting a data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. To delete a migration, select a data migration and select **Delete** in the **Actions** drop down.

1. This deletes the data migration.

Deleting a data migration that was in progress doesn't impact any data that has already been loaded to the target database.

## Restarting the data migration
Deleting

To restart an associated data migration from a CDC start point, use the following instructions

**Restarting a data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. To restart a migration, select a data migration and select **Restart** in the **Actions** drop down.

1. This restarts the data migration from a CDC start point.

Restarting a data migration that was in progress doesn't impact any data that has already been loaded to the target database.

# Monitoring your data migrations
Monitoring

After the data migrations starts, you can monitor its status and progress. Data migrations of large data sets take hours to complete. To maintain the reliability, availability, and high performance of your data migration, monitor its progress regularly.

**To check the status and progress of your data migration**

1. Choose the target database on the **Databases** page in the RDS console.

1. In the database details page, choose the **Data migrations** tab.

1. The **Associated data migrations** section lists your data migrations. Check the **Status** column.

1. For running data migrations, the **Migration process** column displays the percentage of migrated data.

1. To monitor the process in CloudWatch, use the link in the in **CloudWatch** column.

## Migration statuses
Migration statuses

For each data migration that you run, the Aurora console displays the **Status**. The following list includes the statuses:
+ `Ready`: The data migration is ready to start.
+ `Starting`: Aurora is creating the serverless environment for your data migration.
+ `Load running`: Aurora is performing the full load migration.
+ `Load complete, replication ongoing`: Aurora completed the full load and now replicates the ongoing changes. This status only applies for full load and CDC type migrations.
+ `Replication ongoing`: Aurora is replicating ongoing changes. This status only applies to CDC type migrations.
+ `Stopping`: Aurora is stopping the data migrations. This status applies when you choose to stop the data migration from the **Actions** menu.
+ `Stopped`: Aurora has stopped the data migration.
+ `Failed`: The data migration has failed. For more information, see the log files.
+ `Restarting`: The data migration has restarted an ongoing data replication from a CDC start point.

# Tutorial: Creating a MySQL DB cluster with a custom parameter group
Tutorial: Creating a MySQL DB cluster with a custom parameter group

In this tutorial, you create a MySQL DB cluster with a custom parameter group. For more information about parameter groups, see [DB cluster parameter groups for Amazon Aurora DB clusters](USER_WorkingWithDBClusterParamGroups.md).

**Important**  
There's no charge for creating an AWS account. However, by completing this tutorial, you might incur costs for the AWS resources you use. You can delete these resources after you complete the tutorial if they are no longer needed.

To create a DB cluster with custom configurations and settings, you can use custom parameter groups. Custom parameter groups are particularly helpful if you work with multiple databases and want to uniformly configure settings for them.

By completing these steps, you learn:
+ How to use Amazon Aurora to create a MySQL DB cluster with a custom parameter group.
+ How to use specific parameters for MySQL DB clusters. 

To complete this tutorial, perform the following tasks:

1. Create a DB cluster parameter group with the MySQL parameter `default_password_lifetime`. 

1. Create a MySQL DB cluster with the custom DB cluster parameter group that you created.

**Topics**
+ [

## Prerequisites
](#tutorial-creating-custom-OPG.Prerequisites)
+ [

## Create an Amazon Aurora DB cluster parameter group
](#tutorial-creating-custom-OPG.create-parameter-group)
+ [

## Modify parameter value in your custom parameter group
](#tutorial-creating-custom-OPG.add-parameters)
+ [

## Create MySQL DB cluster with a DB cluster parameter group
](#tutorial-creating-custom-OPG.create-OPG)

## Prerequisites
Prerequisites

This tutorial requires you to have an AWS account and a user with administrative access. If you don't already have those set up, complete the steps in the following sections:
+ [Sign up for an AWS account](CHAP_SettingUp_Aurora.md#sign-up-for-aws)
+ [Create a user with administrative access](CHAP_SettingUp_Aurora.md#create-an-admin)

## Create an Amazon Aurora DB cluster parameter group
Create a custom parameter group

In this tutorial, you learn how to create a custom parameter group with [ default\$1password\$1lifetime](https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_password_lifetime) for a MySQL DB cluster in the console. The `default_password_lifetime` parameter controls the number of days before the client password automatically expires. For more information on other parameters available for MySQL DB clusters, see [Aurora MySQL configuration parameters](AuroraMySQL.Reference.ParameterGroups.md) . 

**To create a parameter group**

1. Open the Amazon RDS console and choose **Parameter groups**. 

1. For **Custom parameter groups**, choose **Create parameter group**. 

1. Set the parameter group details.

   1. Enter a name for the parameter group.

   1. Enter a description of the parameter group.

   1. For **Engine type**, choose **Aurora MySQL.** 

   1. For **Parameter group family**, choose **aurora-mysql8.0.** 

   1. For **Type**, choose **DB cluster parameter group.**

1. Choose **Create**. 

The new DB cluster parameter group appears on the **Parameter groups** page in the Amazon RDS console. The following steps illustrate how to modify parameter values to customize your parameter group. 

## Modify parameter value in your custom parameter group
Modify parameter value

Use the following steps to modify the parameter value in the parameter group that you created in [Create an Amazon Aurora DB cluster parameter group](#tutorial-creating-custom-OPG.create-parameter-group). 

**To modify parameter values in your parameter group**

1. Open the Amazon RDS console and choose **Parameter groups**. 

1. For **Custom parameter groups**, choose the name of the DB cluster parameter group you created.

1. Choose **Edit**. 

1. In the **Filter parameters** search box, search for the custom parameter `default_password_lifetime`. 

1. Select the check box next to the parameter and enter a value the number of days to set for this password lifetime parameter. 

1. Select **Save Changes**.

The custom parameter group is now available to associate with Amazon Aurora for MySQL 8.0 DB cluster. 

## Create MySQL DB cluster with a DB cluster parameter group
Create your DB DB cluster

Finally, create a MySQL DB cluster with the custom parameter group that you made in the previous steps. The following steps show how to create the MySQL DB cluster with your custom parameter group.

**To create a DB cluster with a custom parameter and new option group**

1. Open the Amazon RDS console and choose **Databases**. 

1. Choose **Create database**.

1. For **Choose a database creation method**, choose **Standard Create**.

1. For **Engine options**, choose **Aurora (MySQL Compatible)**.

1. Select **Additional Configuration**.
   + For **Initial database name**, choose a name for your DB cluster.
   + Under the **DB cluster parameter group** dropdown, select the name of the DB cluster parameter group you created previously.

1. For this tutorial, you can leave the default settings for any other DB settings or modify them as required. 

1. Choose **Create database**.

RDS creates a new MySQL DB cluster with a custom parameter group group. To see more information on this database, see the **Databases** page of the Amazon RDS console.

In this tutorial, you configured a MySQL DB cluster with tailored settings using a custom parameter group. This newly created MySQL DB cluster manages the user password lifetime by using the parameter `default_password_lifetime`. To optimize your database, you can apply additional setting in your custom parameter group and add options. 

 After you have finished creating your customized DB cluster, you should delete your resources to avoid incurring unwanted costs. To delete a DB cluster, follow the instructions in  [Deleting Aurora DB clusters and DB instances](USER_DeleteCluster.md).