Amazon Relational Database Service (RDS)

Explained RDS, its Advantages, Backups, Autoscaling, High Availability(Multi-AZ deployments), Read Replicas, Security, and setup for Aurora (PostgreSQL).

RDS which itself says relational database, but hearing relational database you must be thinking what interacts with relational databases... so yes you are correct it uses SQL.

“Relational Database Service: Managed Database uses SQL as a query language.”

Amazon RDS currently supports the following engines:

Aurora- MySQL : 3306 / PostgreSQL : 5432
MySQL : 3306
MariaDB : 3306 (same as MySQL)
PostgreSQL : 5432
Oracle: 1521
Microsoft SQL Server : 5432
IBM Db2

You have to set a Maximum Storage Threshold (maximum limit 65536 GiB for DB storage)

Let's See what are the Advantages of using Amazon RDS:

1. Managed Service: Manage administrative tasks, such as hardware provisioning, database setup, patching, backups, and maintenance.

RDS Backups:

Automated Backups: Automated backups are enabled by default and are taken daily during a user-defined backup window.

• Backup Retention Period: Ranging from 1 to 35 days
• Full daily backup of your entire database instance
• Transaction logs are backed up by RDS every 5 minutes: the ability to restore to any point in time (from oldest backup to 5 minutes ago)
• Amazon RDS offers flexible Restore options.
• Cross-region backups
• Backup encryption.
• Backup Monitoring and Notifications using Amazon CloudWatch metrics

2. Automatic Scaling: Easily scale your database instance vertically or horizontally to accommodate changes in workload or storage requirements.

RDS Storage Autoscaling: (Managed by AWS)

• Purpose: It ensures that your database has sufficient storage capacity to accommodate data growth and spikes in workload without manual intervention.
• Dynamic Scaling: Increases and Decreases automatically as per storage utilization.
• Integration with Amazon CloudWatch: When storage utilization exceeds a predefined threshold, CloudWatch triggers a scaling action to increase the storage capacity of the database instance.
  Storage utilization metrics: Free Storage Space and Free Storage Space Percentage
• Configuration Options: Minimum and Maximum storage capacity limits, as well as the target utilization threshold.
  Define the desired storage scaling behavior.
• Compatibility: MySQL, PostgreSQL, MariaDB, Oracle, Aurora- MySQL / PostgreSQL

3. High Availability: Built-in high availability features, such as automated backups, multi-AZ deployments, and automated failover.

RDS — High Availability (Disaster Recovery) :

Multi-AZ Deployments:

• This means your database is automatically replicated (copied) to another location in a different physical area (Availability Zone).
• If something happens to the main database server, like a hardware failure or maintenance issue, Amazon RDS quickly switches over to the replica in the other zone, ensuring your database stays online without downtime.

Automatic Failover:

• With Multi-AZ, Amazon RDS automatically detects when there’s a problem with the main database server.
• It then triggers an automatic failover, which means it switches to the replica database in the other zone, making it the primary one.
• This failover happens seamlessly and quickly, usually in just a few minutes, so your application users might not even notice there was an issue.

Data Redundancy:

• Ensures that even in the rare event of a major failure, like an entire data center going offline, your data remains intact and available.

4. Read Replicas:

Let's Understand this with the help of the Example:

Imagine you have a book, and you want to make copies of it so more people can read it without waiting. Read replicas are like those copies. They’re duplicates of a database used to spread out the work of handling lots of readers.

When someone wants to read from the database, they can do it from any of the replicas instead of just the original, speeding things up and reducing the load on the main database. So, it’s like having multiple copies of the same book so everyone can read it at the same time!

“While the primary database handles write operations (inserts, updates, deletes), Read Replicas are dedicated to serving read queries (select statements).”

Important features:

1. Scalability: Handles more read traffic without affecting performance.
2. High Availability: Provides additional copies of data for fault tolerance.
3. Near Real-Time Replication: Data is replicated quickly from primary to replicas.
4. Multi-AZ Support: Can be deployed across different Availability Zones.
5. Elasticity: Scales out read traffic easily as the application grows.
6. Cost-Effective: Reduces costs by using smaller instances for reads.
7. Read-Only Access: Replicas are read-only, ensuring data consistency.
8. Easy Management: Tools for automated failover, monitoring, and scaling.

5. Security: RDS Network isolation, encryption at rest and in transit, IAM database authentication, and automated security patching.

Security: (Managed by AWS)

1. Amazon Virtual Private Cloud (VPC): Security groups and network access control lists (ACLs) to restrict inbound and outbound traffic to your RDS instances, limiting access to authorized IP addresses and subnets.
2. Encryption: Encryption at rest and in transit to protect your data from unauthorized access.
   AWS Key Management Service (KMS) encryption keys
   Enable SSL/TLS encryption for connections ( encrypting data transmitted between your application and the database over the network.)
3. IAM Database Authentication: Using IAM user credentials instead of traditional database credentials (username and password).
4. Database Authentication: Define access privileges (e.g., read-only, read-write), and enforce strong password policies to secure access to your RDS instances.
5. Audit Logging: Capabilities to track database activity and monitor security-related events.
   Enable database audit logging to capture database-level events, such as logins, logouts, SQL commands, and schema changes.
   Audit logs are stored securely in Amazon CloudWatch Logs or Amazon S3, allowing you to analyze and retain audit data for compliance and security purposes.
6. Patch Management (Managed by AWS) : Automates patch management for database engine software, ensuring that your RDS instances are up-to-date with the latest security patches and updates.
   Releases security patches for supported database engines, and Amazon RDS applies these patches automatically during scheduled maintenance windows, minimizing the risk of security vulnerabilities.
7. VPC Endpoints: Establish private connections between your VPC and RDS instances without traversing the public internet.
8. Parameter Groups: This controls the behavior of the RDS instance.
   Such as It will allow us to manage RDS transport encryption, memory allocation, logging, performance tuning, and other database engine-specific configurations.

For Aurora MYSQL and PostgreSQL — We have the option to create a DB cluster parament group and a DB Instance parament group.

SETUP: Create a Database: Aurora (PostgreSQL Compatible)

1. Choose a database creation method: Select Engine options and choose the Engine version.
2. Templates: Production (High availability and fast, consistent performance) or Dev/Test (For development use outside of a production environment.)
3. Settings :

• DB cluster identifier: Name for your DB cluster
• Credentials Settings: Master Username
  Credentials management: Self-managed or Managed in AWS Secrets Manager- Select the encryption key

4. Cluster storage configuration:

Configuration options → Aurora Standard/ Aurora I/O-Optimized.

5. Instance configuration: DB instance class

6. Availability & durability: Multi-AZ deployment → Create an Aurora Replica or Reader node in a different AZ or Don’t create an Aurora Replica

7. Connectivity:

• Compute resource → Don’t connect to an EC2 compute resource or Connect to an EC2 compute resource
• Network type: IPv4 or Dual-stack mode
• Virtual private cloud (VPC) / DB subnet group / Public access (Yes/No )/ VPC security group (firewall)
• Certificate authority (certificate provides an extra layer of security) / RDS Data API (you can run SQL queries against this database over HTTP)

8. Tags

9. Babelfish settings: New translation layer for Amazon RDS that enables Aurora PostgreSQL to understand commands from applications written for Microsoft SQL Server.
It allows you to migrate your SQL Server workloads to Aurora PostgreSQL with minimal code changes.

10. Database authentication: IAM database authentication / Kerberos authentication (AWS Directory Service for Microsoft Active Directory.)

11. Monitoring :

• Turn on Performance Insights: Retention period for Performance Insights / AWS KMS key / Account / KMS key ID
• Turn on DevOps Guru: DevOps Guru for RDS automatically detects performance anomalies for DB instances and provides recommendations.
• Enable Enhanced Monitoring: Granularity / Monitoring Role

12. Additional configuration:

• Database options
• DB cluster parameter group
• DB parameter group
• Failover priority
• Backup: Backup retention period
• Encryption: Enable encryption → AWS KMS key
• Log exports: Select the log types to publish to Amazon CloudWatch Logs
• Maintenance: Select the period you want pending modifications or maintenance applied to the database by Amazon RDS
• “Deletion protection: Protects the database from being deleted accidentally. While this option is enabled, you can’t delete the database.”

If there’s a specific topic you’re curious about, feel free to drop a personal note or comment. I’m here to help you explore whatever interests you!

Thanks for spending your valuable time learning to enhance your knowledge!