2194 words
11 minutes
Complete Guide to Amazon RDS: Managed Relational Databases
Complete Guide to Amazon RDS: Managed Relational Databases
Amazon Relational Database Service (RDS) is a managed database service that makes it easy to set up, operate, and scale relational databases in the cloud. RDS supports multiple database engines including MySQL, PostgreSQL, MariaDB, Oracle, Microsoft SQL Server, and Amazon Aurora.
Overview
RDS automates time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. This allows you to focus on your applications and business rather than database management tasks.
Key Benefits
1. Fully Managed
- Automated backups and patching
- Monitoring and metrics
- Automatic failure detection and recovery
- No server maintenance required
2. Multiple Database Engines
- MySQL, PostgreSQL, MariaDB
- Oracle Database, Microsoft SQL Server
- Amazon Aurora (MySQL and PostgreSQL compatible)
- Easy migration between engines
3. High Availability
- Multi-AZ deployments for failover
- Read replicas for read scaling
- Automated backups and point-in-time recovery
- 99.95% availability SLA
4. Security
- Encryption at rest and in transit
- Network isolation with VPC
- IAM database authentication
- Database activity monitoring
Core Concepts
1. DB Instances
# Basic RDS MySQL instanceMySQLDatabase: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: my-mysql-db DBInstanceClass: db.t3.micro Engine: mysql EngineVersion: '8.0.35' MasterUsername: admin MasterUserPassword: !Ref DatabasePassword AllocatedStorage: 20 StorageType: gp2 StorageEncrypted: true VPCSecurityGroups: - !Ref DatabaseSecurityGroup DBSubnetGroupName: !Ref DBSubnetGroup BackupRetentionPeriod: 7 MultiAZ: false PubliclyAccessible: false DeletionProtection: true Tags: - Key: Name Value: MyApplication-MySQL2. DB Subnet Groups
# DB Subnet Group for Multi-AZ deploymentDBSubnetGroup: Type: AWS::RDS::DBSubnetGroup Properties: DBSubnetGroupDescription: Subnet group for RDS database DBSubnetGroupName: my-db-subnet-group SubnetIds: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 - !Ref PrivateSubnet3 Tags: - Key: Name Value: Database Subnet Group3. DB Parameter Groups
# Custom parameter group for performance tuningMySQLParameterGroup: Type: AWS::RDS::DBParameterGroup Properties: Family: mysql8.0 Description: Custom MySQL 8.0 parameters Parameters: innodb_buffer_pool_size: '{DBInstanceClassMemory*3/4}' max_connections: 1000 slow_query_log: 1 long_query_time: 2 innodb_file_per_table: 1 Tags: - Key: Name Value: MySQL-Custom-ParametersDatabase Engines
1. MySQL Configuration
MySQLDatabase: Type: AWS::RDS::DBInstance Properties: Engine: mysql EngineVersion: '8.0.35' DBInstanceClass: db.r5.large AllocatedStorage: 100 StorageType: gp2 StorageEncrypted: true KmsKeyId: !Ref DatabaseKMSKey MasterUsername: admin MasterUserPassword: !Ref DatabasePassword DBParameterGroupName: !Ref MySQLParameterGroup BackupRetentionPeriod: 7 PreferredBackupWindow: "03:00-04:00" PreferredMaintenanceWindow: "sun:04:00-sun:05:00" MultiAZ: true PubliclyAccessible: false VPCSecurityGroups: - !Ref DatabaseSecurityGroup DBSubnetGroupName: !Ref DBSubnetGroup2. PostgreSQL Configuration
PostgreSQLDatabase: Type: AWS::RDS::DBInstance Properties: Engine: postgres EngineVersion: '15.4' DBInstanceClass: db.r5.xlarge AllocatedStorage: 200 StorageType: gp3 Iops: 3000 StorageEncrypted: true MasterUsername: postgres MasterUserPassword: !Ref DatabasePassword DBName: myappdb DBParameterGroupName: !Ref PostgreSQLParameterGroup BackupRetentionPeriod: 30 CopyTagsToSnapshot: true DeletionProtection: true EnablePerformanceInsights: true PerformanceInsightsRetentionPeriod: 73. Aurora Serverless
AuroraServerlessCluster: Type: AWS::RDS::DBCluster Properties: Engine: aurora-mysql EngineVersion: '8.0.mysql_aurora.3.02.0' EngineMode: serverless DatabaseName: myapp MasterUsername: admin MasterUserPassword: !Ref DatabasePassword ScalingConfiguration: MinCapacity: 1 MaxCapacity: 256 AutoPause: true SecondsUntilAutoPause: 300 BackupRetentionPeriod: 7 StorageEncrypted: true VpcSecurityGroupIds: - !Ref DatabaseSecurityGroup DBSubnetGroupName: !Ref DBSubnetGroupHigh Availability and Scaling
1. Multi-AZ Deployments
# Primary database with Multi-AZPrimaryDatabase: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: primary-db Engine: postgres DBInstanceClass: db.r5.2xlarge MultiAZ: true # Enables synchronous standby AllocatedStorage: 500 StorageType: gp3 BackupRetentionPeriod: 7 DeletionProtection: true
# Monitor failover with CloudWatchFailoverAlarm: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: Database failover detected MetricName: DatabaseConnections Namespace: AWS/RDS Statistic: Average Period: 300 EvaluationPeriods: 2 Threshold: 0 ComparisonOperator: LessThanThreshold Dimensions: - Name: DBInstanceIdentifier Value: !Ref PrimaryDatabase2. Read Replicas
# Read replica for scaling readsReadReplica1: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: read-replica-1 SourceDBInstanceIdentifier: !Ref PrimaryDatabase DBInstanceClass: db.r5.large PubliclyAccessible: false VPCSecurityGroups: - !Ref ReadReplicaSecurityGroup Tags: - Key: Name Value: Read Replica 1
# Cross-region read replicaCrossRegionReadReplica: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: cross-region-replica SourceDBInstanceIdentifier: !Sub - arn:aws:rds:${SourceRegion}:${AWS::AccountId}:db:${SourceDBInstanceIdentifier} - SourceRegion: us-east-1 SourceDBInstanceIdentifier: !Ref PrimaryDatabase DBInstanceClass: db.r5.large3. Aurora Global Database
# Aurora Global Database for disaster recoveryAuroraGlobalCluster: Type: AWS::RDS::GlobalCluster Properties: GlobalClusterIdentifier: my-global-cluster SourceDBClusterIdentifier: !Ref PrimaryCluster
PrimaryCluster: Type: AWS::RDS::DBCluster Properties: Engine: aurora-postgresql EngineVersion: '13.7' DatabaseName: myapp MasterUsername: postgres MasterUserPassword: !Ref DatabasePassword GlobalClusterIdentifier: !Ref AuroraGlobalCluster
SecondaryCluster: Type: AWS::RDS::DBCluster Properties: Engine: aurora-postgresql EngineVersion: '13.7' GlobalClusterIdentifier: !Ref AuroraGlobalCluster SourceRegion: us-east-1Security Best Practices
1. Encryption
# Encrypted RDS instance with custom KMS keyDatabaseKMSKey: Type: AWS::KMS::Key Properties: Description: KMS key for RDS encryption KeyPolicy: Statement: - Effect: Allow Principal: AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root" Action: "kms:*" Resource: "*"
EncryptedDatabase: Type: AWS::RDS::DBInstance Properties: StorageEncrypted: true KmsKeyId: !Ref DatabaseKMSKey # ... other properties2. Network Security
# Database security group with restricted accessDatabaseSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Security group for RDS database VpcId: !Ref VPC SecurityGroupIngress: - IpProtocol: tcp FromPort: 5432 ToPort: 5432 SourceSecurityGroupId: !Ref ApplicationSecurityGroup Description: PostgreSQL access from application servers - IpProtocol: tcp FromPort: 5432 ToPort: 5432 SourceSecurityGroupId: !Ref BastionSecurityGroup Description: PostgreSQL access from bastion host Tags: - Key: Name Value: Database-SG3. IAM Database Authentication
# RDS instance with IAM authenticationRDSWithIAMAuth: Type: AWS::RDS::DBInstance Properties: EnableIAMDatabaseAuthentication: true # ... other properties
# IAM role for database accessDatabaseAccessRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: ec2.amazonaws.com Action: sts:AssumeRole Policies: - PolicyName: DatabaseAccess PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - rds-db:connect Resource: !Sub - arn:aws:rds-db:${AWS::Region}:${AWS::AccountId}:dbuser:${DBInstanceResourceId}/${DatabaseUser} - DBInstanceResourceId: !GetAtt RDSWithIAMAuth.DbiResourceId DatabaseUser: iamuserDatabase Connection Examples
1. Python Connection
import pymysqlimport boto3import sslfrom botocore.exceptions import ClientError
# Traditional connection with passworddef connect_with_password(): connection = pymysql.connect( host='mydb.cluster-xyz.region.rds.amazonaws.com', user='admin', password='your-password', database='myapp', port=3306, ssl={'ssl_cert': '/opt/mysql/ssl/server-cert.pem'}, ssl_verify_cert=True, ssl_verify_identity=True ) return connection
# IAM authentication connectiondef connect_with_iam(): rds_client = boto3.client('rds', region_name='us-east-1')
try: # Generate authentication token auth_token = rds_client.generate_db_auth_token( DBHostname='mydb.cluster-xyz.region.rds.amazonaws.com', Port=3306, DBUsername='iamuser' )
connection = pymysql.connect( host='mydb.cluster-xyz.region.rds.amazonaws.com', user='iamuser', password=auth_token, database='myapp', port=3306, ssl={'ssl_cert': '/opt/mysql/ssl/server-cert.pem'}, ssl_verify_cert=True ) return connection
except ClientError as e: print(f"Error generating auth token: {e}") raise
# Connection pooling with SQLAlchemyfrom sqlalchemy import create_enginefrom sqlalchemy.pool import QueuePool
def create_connection_pool(): engine = create_engine( 'mysql+pymysql://admin:password@mydb.cluster-xyz.region.rds.amazonaws.com:3306/myapp', poolclass=QueuePool, pool_size=20, max_overflow=30, pool_pre_ping=True, pool_recycle=3600 ) return engine2. Node.js Connection
// MySQL connection with connection poolingconst mysql = require('mysql2/promise');const AWS = require('aws-sdk');
// Traditional password connectionconst pool = mysql.createPool({ host: 'mydb.cluster-xyz.region.rds.amazonaws.com', user: 'admin', password: 'your-password', database: 'myapp', port: 3306, ssl: 'Amazon RDS', connectionLimit: 20, acquireTimeout: 60000, timeout: 60000});
// IAM authentication connectionasync function connectWithIAM() { const rds = new AWS.RDSSigner({ region: 'us-east-1', hostname: 'mydb.cluster-xyz.region.rds.amazonaws.com', port: 3306, username: 'iamuser' });
const token = rds.getAuthToken();
const connection = await mysql.createConnection({ host: 'mydb.cluster-xyz.region.rds.amazonaws.com', user: 'iamuser', password: token, database: 'myapp', port: 3306, ssl: 'Amazon RDS' });
return connection;}
// Query with error handlingasync function executeQuery(query, params = []) { let connection; try { connection = await pool.getConnection(); const [results] = await connection.execute(query, params); return results; } catch (error) { console.error('Database query error:', error); throw error; } finally { if (connection) connection.release(); }}3. Java Connection
// JDBC connection with HikariCP poolingimport com.zaxxer.hikari.HikariConfig;import com.zaxxer.hikari.HikariDataSource;import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;import software.amazon.awssdk.regions.Region;import software.amazon.awssdk.services.rds.RdsUtilities;
public class RDSConnectionManager { private static final String DB_HOST = "mydb.cluster-xyz.region.rds.amazonaws.com"; private static final int DB_PORT = 3306; private static final String DB_NAME = "myapp";
private HikariDataSource dataSource;
public RDSConnectionManager() { HikariConfig config = new HikariConfig(); config.setJdbcUrl("jdbc:mysql://" + DB_HOST + ":" + DB_PORT + "/" + DB_NAME); config.setUsername("admin"); config.setPassword("your-password"); config.setMaximumPoolSize(20); config.setConnectionTimeout(30000); config.setIdleTimeout(600000); config.setMaxLifetime(1800000); config.addDataSourceProperty("useSSL", "true"); config.addDataSourceProperty("serverSslCert", "/opt/mysql/ssl/server-cert.pem");
this.dataSource = new HikariDataSource(config); }
// IAM authentication method public Connection getIAMConnection() throws SQLException { RdsUtilities rdsUtilities = RdsUtilities.builder() .credentialsProvider(DefaultCredentialsProvider.create()) .region(Region.US_EAST_1) .build();
String authToken = rdsUtilities.generateAuthenticationToken(builder -> builder.hostname(DB_HOST) .port(DB_PORT) .username("iamuser") );
Properties props = new Properties(); props.setProperty("user", "iamuser"); props.setProperty("password", authToken); props.setProperty("useSSL", "true");
return DriverManager.getConnection( "jdbc:mysql://" + DB_HOST + ":" + DB_PORT + "/" + DB_NAME, props ); }
public Connection getConnection() throws SQLException { return dataSource.getConnection(); }}Performance Optimization
1. Instance Sizing and Storage
# High-performance RDS configurationHighPerformanceDB: Type: AWS::RDS::DBInstance Properties: DBInstanceClass: db.r5.8xlarge # Memory optimized AllocatedStorage: 1000 StorageType: gp3 # Latest generation SSD Iops: 12000 # Provisioned IOPS StorageThroughput: 500 # MB/s throughput MultiAZ: true EnablePerformanceInsights: true PerformanceInsightsRetentionPeriod: 7 MonitoringInterval: 60 MonitoringRoleArn: !GetAtt EnhancedMonitoringRole.Arn2. Read Replica Scaling
# Automatic read replica managementimport boto3import time
def manage_read_replicas(primary_db_identifier, target_cpu_threshold=70): """ Automatically manage read replicas based on CPU utilization """ rds = boto3.client('rds') cloudwatch = boto3.client('cloudwatch')
# Get current CPU utilization response = cloudwatch.get_metric_statistics( Namespace='AWS/RDS', MetricName='CPUUtilization', Dimensions=[ { 'Name': 'DBInstanceIdentifier', 'Value': primary_db_identifier } ], StartTime=datetime.utcnow() - timedelta(minutes=30), EndTime=datetime.utcnow(), Period=300, Statistics=['Average'] )
if response['Datapoints']: avg_cpu = sum(point['Average'] for point in response['Datapoints']) / len(response['Datapoints'])
# Get current read replicas replicas = rds.describe_db_instances()['DBInstances'] current_replicas = [ db for db in replicas if db.get('ReadReplicaSourceDBInstanceIdentifier') == primary_db_identifier ]
if avg_cpu > target_cpu_threshold and len(current_replicas) < 5: # Create new read replica replica_id = f"{primary_db_identifier}-replica-{len(current_replicas) + 1}" rds.create_db_instance_read_replica( DBInstanceIdentifier=replica_id, SourceDBInstanceIdentifier=primary_db_identifier, DBInstanceClass='db.r5.large', PubliclyAccessible=False ) print(f"Created read replica: {replica_id}")
elif avg_cpu < 30 and len(current_replicas) > 1: # Remove excess replica replica_to_remove = current_replicas[-1]['DBInstanceIdentifier'] rds.delete_db_instance( DBInstanceIdentifier=replica_to_remove, SkipFinalSnapshot=True ) print(f"Removed read replica: {replica_to_remove}")
return avg_cpu, len(current_replicas)3. Parameter Tuning
# PostgreSQL performance tuning parametersPostgreSQLParameterGroup: Type: AWS::RDS::DBParameterGroup Properties: Family: postgres15 Description: High-performance PostgreSQL parameters Parameters: # Memory settings shared_buffers: '{DBInstanceClassMemory/4}' effective_cache_size: '{DBInstanceClassMemory*3/4}' work_mem: '256MB' maintenance_work_mem: '2GB'
# Checkpoint settings checkpoint_completion_target: 0.9 wal_buffers: '16MB'
# Query planner settings random_page_cost: 1.1 effective_io_concurrency: 200
# Logging for performance analysis log_min_duration_statement: 1000 log_checkpoints: 1 log_connections: 1 log_disconnections: 1 log_lock_waits: 1
# Connection settings max_connections: 1000Backup and Recovery
1. Automated Backups
# Database with comprehensive backup strategyProductionDatabase: Type: AWS::RDS::DBInstance Properties: BackupRetentionPeriod: 30 # 30 days of backups PreferredBackupWindow: "03:00-04:00" # Low-traffic window CopyTagsToSnapshot: true DeleteAutomatedBackups: false DeletionProtection: true
# Custom backup Lambda functionBackupLambda: Type: AWS::Lambda::Function Properties: Runtime: python3.11 Handler: index.lambda_handler Code: ZipFile: | import boto3 import json from datetime import datetime
def lambda_handler(event, context): rds = boto3.client('rds')
# Create manual snapshot snapshot_id = f"manual-snapshot-{datetime.now().strftime('%Y%m%d-%H%M%S')}"
response = rds.create_db_snapshot( DBSnapshotIdentifier=snapshot_id, DBInstanceIdentifier=event['db_instance_id'] )
return { 'statusCode': 200, 'body': json.dumps(f'Snapshot created: {snapshot_id}') }2. Point-in-Time Recovery
def restore_db_to_point_in_time(source_db_identifier, restore_time, new_db_identifier, db_instance_class='db.r5.large'): """ Restore database to a specific point in time """ rds = boto3.client('rds')
try: response = rds.restore_db_instance_to_point_in_time( SourceDBInstanceIdentifier=source_db_identifier, TargetDBInstanceIdentifier=new_db_identifier, RestoreTime=restore_time, DBInstanceClass=db_instance_class, MultiAZ=False, # Can be enabled after restore PubliclyAccessible=False, AutoMinorVersionUpgrade=True, CopyTagsToSnapshot=True )
print(f"Restore initiated: {response['DBInstance']['DBInstanceArn']}") return response['DBInstance']
except Exception as e: print(f"Error restoring database: {e}") raise
# Automated disaster recoverydef setup_disaster_recovery(primary_region, secondary_region, db_identifier): """ Set up cross-region disaster recovery """ primary_rds = boto3.client('rds', region_name=primary_region) secondary_rds = boto3.client('rds', region_name=secondary_region)
# Create cross-region read replica response = secondary_rds.create_db_instance_read_replica( DBInstanceIdentifier=f"{db_identifier}-dr", SourceDBInstanceIdentifier=f"arn:aws:rds:{primary_region}:{boto3.client('sts').get_caller_identity()['Account']}:db:{db_identifier}", DBInstanceClass='db.r5.large' )
print(f"Disaster recovery replica created in {secondary_region}") return response['DBInstance']Monitoring and Alerting
1. CloudWatch Metrics and Alarms
# Comprehensive monitoring setupCPUAlarm: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: RDS CPU utilization is too high MetricName: CPUUtilization Namespace: AWS/RDS Statistic: Average Period: 300 EvaluationPeriods: 2 Threshold: 80 ComparisonOperator: GreaterThanThreshold Dimensions: - Name: DBInstanceIdentifier Value: !Ref PrimaryDatabase AlarmActions: - !Ref SNSAlarmTopic
DatabaseConnectionsAlarm: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: Too many database connections MetricName: DatabaseConnections Namespace: AWS/RDS Statistic: Average Period: 300 EvaluationPeriods: 2 Threshold: 900 ComparisonOperator: GreaterThanThreshold Dimensions: - Name: DBInstanceIdentifier Value: !Ref PrimaryDatabase
FreeableMemoryAlarm: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: Low freeable memory MetricName: FreeableMemory Namespace: AWS/RDS Statistic: Average Period: 300 EvaluationPeriods: 2 Threshold: 1073741824 # 1 GB in bytes ComparisonOperator: LessThanThreshold Dimensions: - Name: DBInstanceIdentifier Value: !Ref PrimaryDatabase2. Enhanced Monitoring
# Custom RDS monitoring dashboardimport boto3import jsonfrom datetime import datetime, timedelta
def create_rds_monitoring_dashboard(db_instance_id, region='us-east-1'): """ Create comprehensive RDS monitoring dashboard """ cloudwatch = boto3.client('cloudwatch', region_name=region)
dashboard_body = { "widgets": [ { "type": "metric", "properties": { "metrics": [ ["AWS/RDS", "CPUUtilization", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "DatabaseConnections", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "FreeableMemory", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "ReadLatency", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "WriteLatency", "DBInstanceIdentifier", db_instance_id] ], "period": 300, "stat": "Average", "region": region, "title": "RDS Performance Metrics" } }, { "type": "metric", "properties": { "metrics": [ ["AWS/RDS", "FreeStorageSpace", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "ReadIOPS", "DBInstanceIdentifier", db_instance_id], ["AWS/RDS", "WriteIOPS", "DBInstanceIdentifier", db_instance_id] ], "period": 300, "stat": "Average", "region": region, "title": "RDS Storage and I/O" } } ] }
response = cloudwatch.put_dashboard( DashboardName=f'RDS-{db_instance_id}', DashboardBody=json.dumps(dashboard_body) )
return response
# Performance Insights analysisdef analyze_performance_insights(db_resource_id, start_time, end_time): """ Analyze Performance Insights data """ pi = boto3.client('pi')
# Get top SQL statements response = pi.get_resource_metrics( ServiceType='RDS', Identifier=db_resource_id, StartTime=start_time, EndTime=end_time, PeriodInSeconds=300, MetricQueries=[ { 'Metric': 'db.SQL.Innodb_redo_log_writes.avg', 'GroupBy': { 'Group': 'db.sql_tokenized.statement' } }, { 'Metric': 'db.wait_event.io/file/innodb/innodb_data_file.avg' } ] )
return responseCost Optimization
1. Right-Sizing and Reserved Instances
def analyze_rds_utilization(db_instance_id, days=30): """ Analyze RDS utilization for right-sizing recommendations """ cloudwatch = boto3.client('cloudwatch') end_time = datetime.utcnow() start_time = end_time - timedelta(days=days)
# Get CPU utilization cpu_response = cloudwatch.get_metric_statistics( Namespace='AWS/RDS', MetricName='CPUUtilization', Dimensions=[ {'Name': 'DBInstanceIdentifier', 'Value': db_instance_id} ], StartTime=start_time, EndTime=end_time, Period=3600, # 1 hour periods Statistics=['Average', 'Maximum'] )
# Get database connections conn_response = cloudwatch.get_metric_statistics( Namespace='AWS/RDS', MetricName='DatabaseConnections', Dimensions=[ {'Name': 'DBInstanceIdentifier', 'Value': db_instance_id} ], StartTime=start_time, EndTime=end_time, Period=3600, Statistics=['Average', 'Maximum'] )
# Calculate averages avg_cpu = sum(point['Average'] for point in cpu_response['Datapoints']) / len(cpu_response['Datapoints']) if cpu_response['Datapoints'] else 0 max_cpu = max(point['Maximum'] for point in cpu_response['Datapoints']) if cpu_response['Datapoints'] else 0 avg_connections = sum(point['Average'] for point in conn_response['Datapoints']) / len(conn_response['Datapoints']) if conn_response['Datapoints'] else 0
# Recommendations recommendations = []
if avg_cpu < 20 and max_cpu < 40: recommendations.append("Consider downsizing instance - low CPU utilization") elif avg_cpu > 70: recommendations.append("Consider upgrading instance - high CPU utilization")
if avg_connections < 10: recommendations.append("Consider serverless Aurora for low connection usage")
return { 'average_cpu': avg_cpu, 'max_cpu': max_cpu, 'average_connections': avg_connections, 'recommendations': recommendations }2. Storage Optimization
# GP3 storage for cost optimizationOptimizedStorageDB: Type: AWS::RDS::DBInstance Properties: StorageType: gp3 AllocatedStorage: 100 Iops: 3000 # Baseline IOPS StorageThroughput: 125 # MB/s (cost-effective baseline) # Enable storage autoscaling MaxAllocatedStorage: 1000Troubleshooting Common Issues
1. Connection Issues
def diagnose_connection_issues(db_endpoint, port=3306): """ Diagnose common RDS connection issues """ import socket import dns.resolver
issues = []
# Test DNS resolution try: dns.resolver.resolve(db_endpoint, 'A') print(f"✓ DNS resolution successful for {db_endpoint}") except Exception as e: issues.append(f"DNS resolution failed: {e}")
# Test port connectivity try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(10) result = sock.connect_ex((db_endpoint, port)) sock.close()
if result == 0: print(f"✓ Port {port} is accessible") else: issues.append(f"Cannot connect to port {port}") except Exception as e: issues.append(f"Socket connection failed: {e}")
# Check security groups ec2 = boto3.client('ec2') try: # This would require additional logic to get security group IDs # and check rules - simplified for brevity pass except Exception as e: issues.append(f"Security group check failed: {e}")
return issues2. Performance Issues
-- MySQL slow query analysisSELECT query_time, lock_time, rows_sent, rows_examined, sql_textFROM mysql.slow_logWHERE start_time >= DATE_SUB(NOW(), INTERVAL 1 HOUR)ORDER BY query_time DESCLIMIT 10;
-- PostgreSQL active queriesSELECT pid, now() - pg_stat_activity.query_start AS duration, query, stateFROM pg_stat_activityWHERE (now() - pg_stat_activity.query_start) > interval '5 minutes' AND state = 'active';Additional Resources
Complete Guide to Amazon RDS: Managed Relational Databases
https://mranv.pages.dev/posts/complete-guide-to-amazon-rds/