createCluster method
The CreateCluster API allows you to create both single-Region clusters and multi-Region clusters. With the addition of the multiRegionProperties parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation. Required permissions
- dsql:CreateCluster
-
Required to create a cluster.
Resources:
arn:aws:dsql:region:account-id:cluster/* - dsql:TagResource
-
Permission to add tags to a resource.
Resources:
arn:aws:dsql:region:account-id:cluster/* - dsql:PutMultiRegionProperties
-
Permission to configure multi-Region properties for a cluster.
Resources:
arn:aws:dsql:region:account-id:cluster/* - dsql:AddPeerCluster
-
When specifying
multiRegionProperties.clusters, permission to add peer clusters.Resources:
-
Local cluster:
arn:aws:dsql:region:account-id:cluster/* - Each peer cluster: exact ARN of each specified peer cluster
-
Local cluster:
- dsql:PutWitnessRegion
-
When specifying
multiRegionProperties.witnessRegion, permission to set a witness Region. This permission is checked both in the cluster Region and in the witness Region.Resources:
arn:aws:dsql:region:account-id:cluster/*Condition Keys:
dsql:WitnessRegion(matching the specified witness region)
May throw ConflictException.
May throw ServiceQuotaExceededException.
May throw ValidationException.
Parameter bypassPolicyLockoutSafetyCheck :
An optional field that controls whether to bypass the lockout prevention
check. When set to true, this parameter allows you to apply a policy that
might lock you out of the cluster. Use with caution.
Parameter clientToken :
A unique, case-sensitive identifier that you provide to ensure the
idempotency of the request. Idempotency ensures that an API request
completes only once. With an idempotent request, if the original request
completes successfully, the subsequent retries with the same client token
return the result from the original successful request and they have no
additional effect.
If you don't specify a client token, the Amazon Web Services SDK automatically generates one.
Parameter deletionProtectionEnabled :
If enabled, you can't delete your cluster. You must first disable this
property before you can delete your cluster.
Parameter kmsEncryptionKey :
The KMS key that encrypts and protects the data on your cluster. You can
specify the ARN, ID, or alias of an existing key or have Amazon Web
Services create a default key for you.
Parameter multiRegionProperties :
The configuration settings when creating a multi-Region cluster, including
the witness region and linked cluster properties.
Parameter policy :
An optional resource-based policy document in JSON format that defines
access permissions for the cluster.
Parameter tags :
A map of key and value pairs to use to tag your cluster.
Implementation
Future<CreateClusterOutput> createCluster({
bool? bypassPolicyLockoutSafetyCheck,
String? clientToken,
bool? deletionProtectionEnabled,
String? kmsEncryptionKey,
MultiRegionProperties? multiRegionProperties,
String? policy,
Map<String, String>? tags,
}) async {
final $payload = <String, dynamic>{
if (bypassPolicyLockoutSafetyCheck != null)
'bypassPolicyLockoutSafetyCheck': bypassPolicyLockoutSafetyCheck,
'clientToken': clientToken ?? _s.generateIdempotencyToken(),
if (deletionProtectionEnabled != null)
'deletionProtectionEnabled': deletionProtectionEnabled,
if (kmsEncryptionKey != null) 'kmsEncryptionKey': kmsEncryptionKey,
if (multiRegionProperties != null)
'multiRegionProperties': multiRegionProperties,
if (policy != null) 'policy': policy,
if (tags != null) 'tags': tags,
};
final response = await _protocol.send(
payload: $payload,
method: 'POST',
requestUri: '/cluster',
exceptionFnMap: _exceptionFns,
);
return CreateClusterOutput.fromJson(response);
}