Aurora DSQL API Operations and Resource-Based Policies
Resource-based policies in Aurora DSQL control access to specific API operations. The following sections list all Aurora DSQL API operations organized by category, with an indication of which ones support resource-based policies.
The Supports RBP column indicates whether the API operation is subject to resource-based policy evaluation when a policy is attached to the cluster.
Tag APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| ListTagsForResource | Lists the tags for a Aurora DSQL resource | Yes |
| TagResource | Adds tags to a Aurora DSQL resource | Yes |
| UntagResource | Removes tags from a Aurora DSQL resource | Yes |
Cluster management APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| CreateCluster | Creates a new cluster | No |
| DeleteCluster | Deletes a cluster | Yes |
| GetCluster | Retrieves information about a cluster | Yes |
| GetVpcEndpointServiceName | Retrieves the VPC endpoint service name for a cluster | Yes |
| ListClusters | Lists clusters in your account | No |
| UpdateCluster | Updates the configuration of a cluster | Yes |
Multi-Region property APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| AddPeerCluster | Adds a peer cluster to a multi-region configuration | Yes |
| PutMultiRegionProperties | Sets multi-region properties for a cluster | Yes |
| PutWitnessRegion | Sets the witness region for a multi-region cluster | Yes |
Resource-based policy APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| DeleteClusterPolicy | Deletes the resource-based policy from a cluster | Yes |
| GetClusterPolicy | Retrieves the resource-based policy for a cluster | Yes |
| PutClusterPolicy | Creates or updates the resource-based policy for a cluster | Yes |
AWS Fault Injection Service APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| InjectError | Injects errors for fault injection testing | No |
Backup and restore APIs
| API Operation | Description | Supports RBP |
|---|---|---|
| GetBackupJob | Retrieves information about a backup job | No |
| GetRestoreJob | Retrieves information about a restore job | No |
| StartBackupJob | Starts a backup job for a cluster | Yes |
| StartRestoreJob | Starts a restore job from a backup | No |
| StopBackupJob | Stops a running backup job | No |
| StopRestoreJob | Stops a running restore job | No |
