Docs
/
AWS Cloud
Chapter 6
06 — RDS & Databases
What is RDS?
Relational Database Service — managed SQL databases. AWS handles patching, backups, replication.
Supported engines: PostgreSQL, MySQL, MariaDB, Oracle, SQL Server, Aurora.
RDS vs Self-Managed
| RDS (Managed) | EC2 (Self-Managed) | |
|---|---|---|
| Patching | Automated | You do it |
| Backups | Automated (35-day retention) | You configure |
| HA (Multi-AZ) | One toggle | Complex setup |
| Scaling | Push-button | Manual |
| OS access | No | Full |
| Cost | Higher | Lower (but more ops) |
Creating an RDS Instance
aws rds create-db-instance \
--db-instance-identifier my-db \
--db-instance-class db.t3.micro \
--engine postgres \
--engine-version 16.1 \
--master-username admin \
--master-user-password supersecret \
--allocated-storage 20 \
--storage-type gp3 \
--vpc-security-group-ids sg-xxx \
--db-subnet-group-name my-db-subnet-group \
--multi-az \
--backup-retention-period 7 \
--storage-encrypted
Multi-AZ (High Availability)
Primary (AZ-a) ──synchronous replication──→ Standby (AZ-b)
↑ ↑
Reads/Writes Auto-failover
(DNS endpoint) (promoted if primary fails)
Failover: ~60-120 seconds, same DNS endpoint
Read Replicas (Scalability)
Primary ──async replication──→ Read Replica 1 (same region)
──→ Read Replica 2 (cross-region)
Use cases:
- Offload read-heavy queries (analytics, reporting)
- Cross-region reads (lower latency)
- Can be promoted to standalone DB (disaster recovery)
// Application code — separate read and write connections
const writePool = new Pool({ host: 'my-db.xxx.us-east-1.rds.amazonaws.com' });
const readPool = new Pool({ host: 'my-db-replica.xxx.us-east-1.rds.amazonaws.com' });
// Writes → primary
await writePool.query('INSERT INTO orders ...');
// Reads → replica
const result = await readPool.query('SELECT * FROM orders WHERE ...');
Aurora
AWS's cloud-native relational DB. Compatible with PostgreSQL and MySQL.
| Feature | RDS PostgreSQL | Aurora PostgreSQL |
|---|---|---|
| Performance | Standard | 3-5x faster |
| Storage | Manual scaling | Auto-scales to 128 TB |
| Replicas | Up to 5 read replicas | Up to 15 (faster replication) |
| Failover | 60-120s | < 30s |
| Cost | Lower | ~20% more |
| Serverless | No | Aurora Serverless v2 |
Aurora Serverless v2:
- Auto-scales compute (0.5 to 128 ACUs)
- Pay per second of usage
- Great for variable/unpredictable workloads
Backups & Snapshots
# Automated backups (enabled by default)
# - Daily snapshot + transaction logs
# - Point-in-time restore (up to 35-day retention)
# Manual snapshot (persists after RDS deletion)
aws rds create-db-snapshot \
--db-instance-identifier my-db \
--db-snapshot-identifier my-db-backup-2024
# Restore from snapshot (creates new instance)
aws rds restore-db-instance-from-db-snapshot \
--db-instance-identifier my-db-restored \
--db-snapshot-identifier my-db-backup-2024
Security
✅ Deploy in private subnet (no public access)
✅ Security group: allow port 5432 only from app layer SG
✅ Enable encryption at rest (KMS)
✅ Enable encryption in transit (SSL/TLS)
✅ Use IAM authentication or Secrets Manager for credentials
✅ Enable Enhanced Monitoring + Performance Insights
Key Takeaways
- RDS = managed SQL database — AWS handles backups, patching, HA
- Multi-AZ for high availability (synchronous replication, auto-failover)
- Read Replicas for read scalability (async replication, up to 5)
- Aurora for best performance — 3-5x faster, auto-scaling storage, faster failover
- Aurora Serverless v2 for variable workloads — pay per second
- Always deploy in private subnets with encryption enabled