feat(docdb): support CA certificate for cluster instances (#28791)

Exposes the [CaCertificateIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbinstance.html#cfn-docdb-dbinstance-cacertificateidentifier) property of [AWS::DocDB::DBInstance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbinstance.html) in the L2 constructs `DatabaseCluster` and `DatabaseInstance` of `aws_docdb`. This allows specifying a custom CA identifier using the CaCertificate class. Usage with `DatabaseCluster`: ```typescript new DatabaseCluster(stack, 'Database', { // ... instanceType: InstanceType.of(InstanceClass.R5, InstanceSize.LARGE), instanceCaCertificate: CaCertificate.RDS_CA_RSA4096_G1, // ... }); ``` Usage with `DatabaseInstance`: ```typescript new DatabaseInstance(stack, 'Instance', { cluster: databaseCluster, instanceType: InstanceType.of(InstanceClass.R5, InstanceSize.LARGE), caCertificate: CaCertificate.RDS_CA_RSA4096_G1, }); ``` This is modelled on #27138. Closes #28356. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · May 9, 2024 · e87f25e · e87f25e
1 parent f9f3681
commit e87f25e
Show file tree

Hide file tree

Showing 15 changed files with 1,838 additions and 3 deletions.
diff --git a/...e.js.snapshot/ClusterInstanceCACertificateTestDefaultTestDeployAssertD9510038.assets.json b/...e.js.snapshot/ClusterInstanceCACertificateTestDefaultTestDeployAssertD9510038.assets.json
diff --git a/...js.snapshot/ClusterInstanceCACertificateTestDefaultTestDeployAssertD9510038.template.json b/...js.snapshot/ClusterInstanceCACertificateTestDefaultTestDeployAssertD9510038.template.json
diff --git a/...ce-ca-certificate.js.snapshot/cdk-integ-docdb-cluster-instance-ca-certificate.assets.json b/...ce-ca-certificate.js.snapshot/cdk-integ-docdb-cluster-instance-ca-certificate.assets.json