Understanding Amazon DocumentDB Amazon Resource Names (ARNs)

Resources that you create in AWS are each uniquely identified with an Amazon Resource Name (ARN). For certain Amazon DocumentDB (with MongoDB compatibility) operations, you must uniquely identify an Amazon DocumentDB resource by specifying its ARN. For example, when you add a tag to a resource, you must provide the resource’s ARN.

Constructing an ARN for an Amazon DocumentDB Resource

You can construct an ARN for an Amazon DocumentDB resource using the following syntax. Amazon DocumentDB shares the format of Amazon Relational Database Service (Amazon RDS) ARNS. Amazon DocumentDB ARNs contain rds and not docdb.

arn:aws:rds:`region`:`account_number`:`resource_type`:`resource_id`

Region NameRegionAvailability Zones (compute)

US East (Ohio)

us-east-2

3

US East (N. Virginia)

us-east-1

6

US West (Oregon)

us-west-2

4

South America (São Paulo)

sa-east-1

3

Asia Pacific (Mumbai)

ap-south-1

3

Asia Pacific (Seoul)

ap-northeast-2

4

Asia Pacific (Singapore)

ap-southeast-1

3

Asia Pacific (Sydney)

ap-southeast-2

3

Asia Pacific (Tokyo)

ap-northeast-1

3

Canada (Central)

ca-central-1

3

Europe (Frankfurt)

eu-central-1

3

Europe (Ireland)

eu-west-1

3

Europe (London)

eu-west-2

3

Europe (Paris)

eu-west-3

3

AWS GovCloud (US)

us-gov-west-1

3

Note

The Amazon DocumentDB architecture separates storage and compute. For the storage layer, Amazon DocumentDB replicates six copies of your data across three AWS Availability Zones (AZs). The AZs listed in the table above are the number of AZs that you can use in a given region to provision compute instances. As an example, if you are launching an Amazon DocumentDB cluster in ap-northeast-1, your storage will be replicated six ways across three AZs but your compute instances will only be available in two AZs.

The following table shows the format that you should use when constructing an ARN for a particular Amazon DocumentDB resource. Amazon DocumentDB shares the format of Amazon RDS ARNS. Amazon DocumentDB ARNs contain rds and not docdb.

Resource TypeARN Format / Example

Instance (db)

arn:aws:rds:region:account_number:db:resource_id

  1. arn:aws:rds:us-east-1:1234567890:db:sample-db-instance

Cluster (cluster)

arn:aws:rds:region:account_number:cluster:resource_id

  1. arn:aws:rds:us-east-1:1234567890:cluster:sample-db-cluster

Cluster parameter group (cluster-pg)

arn:aws:rds:region:account_number:cluster-pg:resource_id

  1. arn:aws:rds:us-east-1:1234567890:cluster-pg:sample-db-cluster-parameter-group

Security group (secgrp)

arn:aws:rds:region:account_number:secgrp:resource_id

  1. arn:aws:rds:us-east-1:1234567890:secgrp:sample-public-secgrp

Cluster snapshot (cluster-snapshot)

arn:aws:rds:region:account_number:cluster-snapshot:resource_id

  1. arn:aws:rds:us-east-1:1234567890:cluster-snapshot:sample-db-cluster-snapshot

Subnet group (subgrp)

arn:aws:rds:region:account_number:subgrp:resource_id

  1. arn:aws:rds:us-east-1:1234567890:subgrp:sample-subnet-10

Finding an Amazon DocumentDB Resource ARN

You can find the ARN of an Amazon DocumentDB resource using the AWS Management Console or the AWS CLI.

Using the AWS Management Console

To find an ARN using the console, navigate to the resource that you want an ARN for, and view the details for that resource.

For example, you can get the ARN for a cluster in the Details pane for the cluster, as shown in the following screenshot.

Console screenshot showing an ARN in the configurations and status section of the details pane.

Using the AWS CLI

To get an ARN using the AWS CLI for a particular Amazon DocumentDB resource, use the describe operation for that resource. The following table shows each AWS CLI operation and the ARN property that is used with the operation to get an ARN.

AWS CLI CommandARN Property

describe-db-instances

DBInstanceArn

describe-db-clusters

DBClusterArn

describe-db-parameter-groups

DBParameterGroupArn

describe-db-cluster-parameter-groups

DBClusterParameterGroupArn

describe-db-security-groups

DBSecurityGroupArn

describe-db-snapshots

DBSnapshotArn

describe-db-cluster-snapshots

DBClusterSnapshotArn

describe-db-subnet-groups

DBSubnetGroupArn

Example - Finding the ARN for a cluster

The following AWS CLI operation finds the ARN for the cluster sample-cluster.

For Linux, macOS, or Unix:

  1. aws docdb describe-db-clusters \
  2.     --db-cluster-identifier sample-cluster \
  3.     --query 'DBClusters[*].DBClusterArn'

For Windows:

  1. aws docdb describe-db-clusters ^
  2.     --db-cluster-identifier sample-cluster \
  3.     --query 'DBClusters[*].DBClusterArn'

Output from this operation looks something like the following (JSON format).

  1. [
  2.     "arn:aws:rds:us-east-1:123456789012:cluster:sample-cluster"
  3. ]

Example - Finding ARNs for multiple parameter groups

For Linux, macOS, or Unix:

  1. aws docdb describe-db-cluster-parameter-groups \
  2.    --query 'DBClusterParameterGroups[*].DBClusterParameterGroupArn'

For Windows:

  1. aws docdb describe-db-cluster-parameter-groups ^
  2.    --query 'DBClusterParameterGroups[*].DBClusterParameterGroupArn'

Output from this operation looks something like the following (JSON format).

  1. [
  2.     "arn:aws:rds:us-east-1:123456789012:cluster-pg:custom3-6-param-grp",
  3.     "arn:aws:rds:us-east-1:123456789012:cluster-pg:default.aurora5.6",
  4.     "arn:aws:rds:us-east-1:123456789012:cluster-pg:default.docdb3.6"
  5. ]