AWS RDS

Amazon Relational Database Service

AWS RDS stands for Amazon Relational Database Service. It's a fully managed service provided by Amazon Web Services (AWS) that simplifies the setup, operation, and scaling of relational databases in the cloud.

RDS Database Engines

RDS supports various popular database engines such as:

  • MySQL
  • PostgreSQL
  • MariaDB
  • Oracle
  • Microsoft SQL Server
  • Amazon Aurora (a MySQL and PostgreSQL-compatible database built for the cloud with performance and scalability enhancements)

Multiple recent versions of each database engine are available.

RDS automates routine tasks like hardware provisioning, database setup, patching, backups, and maintenance.

Automated Backups

RDS automatically takes backups of the databases at regular intervals and retains them for a specified period. For most database engines, the backup occurs daily during a user-defined backup window.

The retention period for automated backups ranges from 1 to 35 days, backup data is stored in Amazon S3 and can be used to recover data in case of accidental data deletion or corruption.

Automated backups are separate from manual database snapshots. Automated backups follow the defined retention period and are managed by AW

Snapshots

RDS Snapshots are manual, point-in-time user-initiated backups of an RDS relational database.

Snapshots are stored in S3 with an unlimited retention period (until the user decides to delete them).

RDS snapshots can be used to create new database instances (cloning) or restore existing instances in different AWS regions or AWS accounts. RDS snapshots are a great way to implement a Disaster Recovery strategy.

Snapshots are incremental making efficient use of storage and quicker snapshot creation.

Read Replicas

RDS Read Replicas are copies of the primary (source) database instance, enabling read traffic offloading from the primary instance by distributing reads among replicas.

Read replicas serve as read-only copies of the primary database and are used by applications through a redirection. Data is asynchronously replicated from the primary instance to the read replicas, replication takes from a few milliseconds to multiple seconds.

Read replicas are used for scaling database-intensive applications (heavy workloads, reporting, analytics, and applications that perform multiple read operations) and for fault tolerance and redundancy.

In case of a failure in a primary instance (the one in charge of writes), a read replica can be promoted to become the new standalone primary instance with a short switchover downtime.

Read replicas can also be deployed in a Multi-AZ setup for increased availability and automatic failover capabilities.

Multi-AZ

Multiple Availability Zone deployment is a high-availability configuration that involves replicating a primary database instance synchronously across different availability zones within the same AWS region.

In a Multi-AZ setup, AWS automatically maintains a synchronous replica of the primary database in a different availability zone.

If the primary instance fails due to any infrastructure issue, AWS RDS automatically switches to the standby replica to minimize downtime and updates the DNS record to point applications to the new primary instance (originally a standby replica).

Multi-AZ deployments provide redundancy and increased data durability because the data is continuously replicated to the standby instance. Multi-AZ deployment can be combined with Read Replicas to have high availability and scalability.

Multi-AZ deployments are available for various database engines supported by RDS, including MySQL, PostgreSQL, SQL Server, Oracle, and MariaDB.

Security

RDS instances use network security groups allowing only listed IP addresses or AWS resources to connect to the RDS instance.

Encryption at rest using AWS Key Management Service (KMS) and SSL/TLS channel encryption secures data in transit between the application and the database.

Standard database access controls and AWS Identity and Access Management (IAM) users and roles are available for database authentication and access control.

AWS takes care of patching the underlying infrastructure and database software to ensure security updates are applied, reducing vulnerabilities.

Database Parameter Groups

Database Parameter Groups are configurations that control the behavior of the database instances.

Parameter groups allow fine-tuning and customizing database engine settings to suit specific application needs. Settings affect performance, memory allocation, security, logging, auditing, caching, and various other aspects of the database.

Each database engine has its own set of parameters and a default (AWS-optimized) configuration that can be overridden with a custom parameter group. Changes in parameters might require a reboot.

.

Leave a Reply

Your email address will not be published. Required fields are marked *


Related Cloud Tutorials

Control traffic to AWS resources using security groups
How to configure and use the Terraform aws_security_group and aws_security_group_rule resource blocks to create and manage AWS Security Groups and secure the infrastructure.
AWS Routing Tables with Terraform
How to configure and use the Terraform aws_route_table, aws_route, and aws_main_route_table_association resource blocks to create and manage AWS Routing Tables.
AWS NAT Gateway
How to configure and use the Terraform aws_nat_gateway and aws_eip resource blocks to create and manage AWS NAT Gateway and its corresponding Public IPs inside each availability zone to enable Internet access from instances in private subnets.
An AWS NAT Gateway is a managed service that allows instances in a private subnet to connect to the Internet while keeping them secure. It provides network address translation (NAT) for outbound traffic, allowing resources in a private subnet to access the internet while maintaining a private IP address.
AWS Internet Gateway
How to configure and use the Terraform aws_internet_gateway resource block to create and manage AWS Internet Gateway inside a VPC to enable instances access to and from the Internet.
Javier Ruiz Cloud and SaaS Expert

Javier Ruiz

IT Wonder Lab tutorials are based on the diverse experience of Javier Ruiz, who founded and bootstrapped a SaaS company in the energy sector. His company, later acquired by a NASDAQ traded company, managed over €2 billion per year of electricity for prominent energy producers across Europe and America. Javier has over 25 years of experience in building and managing IT companies, developing cloud infrastructure, leading cross-functional teams, and transitioning his own company from on-premises, consulting, and custom software development to a successful SaaS model that scaled globally.

Are you looking for cloud automation best practices tailored to your company?

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram