Back to Curriculum

Amazon RDS - Managed Databases

📚 Lesson 6 of 12 ⏱️ 75 min

Amazon RDS - Managed Databases

75 min

Amazon RDS (Relational Database Service) makes it easy to set up, operate, and scale relational databases in the cloud. RDS manages time-consuming database administration tasks including provisioning, patching, backup, recovery, failure detection, and repair. This managed service approach enables you to focus on your applications rather than database management, while ensuring high availability, security, and performance.

RDS supports six database engines: Amazon Aurora (MySQL and PostgreSQL compatible), MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server. Each engine has specific features and use cases. Aurora provides high performance and availability with automatic scaling, while traditional engines offer familiar database environments. Choosing the right engine depends on your application requirements, existing database expertise, and specific feature needs.

RDS provides automated backups that enable point-in-time recovery. Backups are stored in S3 and retained based on your retention period (up to 35 days). RDS also supports manual snapshots that persist until explicitly deleted. Automated backups occur during a configurable backup window, minimizing impact on database performance. Understanding backup and recovery options is essential for data protection and disaster recovery planning.

RDS Multi-AZ deployments provide high availability and durability by maintaining synchronous standby replicas in different Availability Zones. In the event of a primary database failure, RDS automatically fails over to the standby replica, typically within 60-120 seconds. Multi-AZ deployments are essential for production workloads requiring high availability. Read replicas provide additional read capacity and can be promoted to standalone databases if needed.

RDS security features include encryption at rest using AWS KMS, encryption in transit using SSL/TLS, network isolation using VPCs, and database authentication. Security groups control network access to RDS instances, similar to EC2 security groups. IAM database authentication enables authentication using IAM credentials instead of database passwords. These features ensure your databases are secure and compliant.

RDS monitoring and maintenance include CloudWatch metrics for performance monitoring, automated software patching during maintenance windows, and performance insights for identifying database bottlenecks. RDS handles routine maintenance tasks automatically, but you can configure maintenance windows to minimize impact on applications. Understanding RDS features enables you to build robust, scalable database solutions without operational overhead.

Key Concepts

  • RDS provides managed relational database service in the cloud.
  • RDS supports multiple database engines (Aurora, MySQL, PostgreSQL, etc.).
  • Automated backups enable point-in-time recovery.
  • Multi-AZ deployments provide high availability and automatic failover.
  • RDS handles patching, monitoring, and maintenance automatically.

Learning Objectives

Master

  • Creating and configuring RDS database instances
  • Understanding RDS backup and recovery options
  • Implementing high availability with Multi-AZ deployments
  • Configuring RDS security and network access

Develop

  • Understanding managed database services
  • Designing highly available database architectures
  • Implementing database security best practices

Tips

  • Use Multi-AZ for production databases requiring high availability.
  • Enable automated backups and test restore procedures regularly.
  • Use read replicas to scale read capacity and reduce primary database load.
  • Configure appropriate security groups to restrict database access.

Common Pitfalls

  • Not enabling Multi-AZ for production, risking downtime during failures.
  • Not testing backup and restore procedures, unable to recover when needed.
  • Leaving databases publicly accessible, creating security vulnerabilities.
  • Not monitoring database performance, missing optimization opportunities.

Summary

  • RDS provides managed relational databases with automated administration.
  • Multiple database engines support different application requirements.
  • Backup, high availability, and security features protect your data.
  • RDS eliminates operational overhead while ensuring database reliability.

Exercise

Create an RDS instance and connect to it from an EC2 instance.

# Create a DB subnet group
aws rds create-db-subnet-group \
    --db-subnet-group-name my-db-subnet-group \
    --db-subnet-group-description "Subnet group for RDS" \
    --subnet-ids subnet-12345678 subnet-87654321

# Create a security group for RDS
aws ec2 create-security-group --group-name my-db-sg --description "Security group for RDS"

# Add rule to allow MySQL access
aws ec2 authorize-security-group-ingress \
    --group-name my-db-sg \
    --protocol tcp \
    --port 3306 \
    --source-group my-web-sg

# Create RDS instance
aws rds create-db-instance \
    --db-instance-identifier my-db-instance \
    --db-instance-class db.t3.micro \
    --engine mysql \
    --master-username admin \
    --master-user-password YourPassword123! \
    --allocated-storage 20 \
    --db-subnet-group-name my-db-subnet-group \
    --vpc-security-group-ids sg-12345678 \
    --backup-retention-period 7 \
    --storage-encrypted

Exercise Tips

  • Use read replicas to scale read capacity across multiple Availability Zones.
  • Enable Performance Insights to identify and troubleshoot database performance issues.
  • Configure automated backups during low-traffic periods to minimize impact.
  • Use RDS Proxy to manage database connections and improve scalability.

Code Editor

Output