Amazon RDS allows you to launch an optimally configured, secure and highly available database with just a few clicks. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. We’ll discuss Amazon RDS fundamentals, learn about the six available database engines (with the seventh on the way), and examine customer success stories.
7. If you host your databases on-premises
Power, HVAC, net
Rack & stack
Server maintenance
OS patches
DB s/w patches
Database backups
Scaling
High availability
DB s/w installs
OS installation
you
App optimization
8. If you host your databases in EC2
Power, HVAC, net
Rack & stack
Server maintenance
OS patches
DB s/w patches
Database backups
Scaling
High availability
DB s/w installs
OS installation
you
App optimization
9. If you choose a managed DB service
Power, HVAC, net
Rack & stack
Server maintenance
OS patches
DB s/w patches
Database backups
App optimization
High availability
DB s/w installs
OS installation
you
Scaling
10. Compute Storage
AWS Global Infrastructure
Database
Application Services
Deployment & Administration
Networking
AWS Database Services
Scalable High Performance
Application Storage in the Cloud Amazon RDS
Amazon DynamoDB Amazon Redshift
Amazon ElastiCache
Amazon Database
Migration Service
11. Simple and fast to deploy
Fully managed = low admin
Fast, predictable performance
Easy to scale
Cost-effective
Open Source Engines: MySQL, PostgreSQL, MariaDB
Commercial Engines: Oracle, SQLServer
MySQL Compatible Engine: Aurora
Amazon
RDS
12. • Lower TCO because we manage the muck
• Get more leverage from your teams
• Focus on the things that differentiate you
• Built-in high availability and cross region replication
across multiple data centers
• Available on all engines, including base/standard
editions, not just for enterprise editions
• Now even a small startup can leverage multiple data
centers to design highly available apps with over
99.95% availability.
We Made Things Cheaper, Easier, and Better
13. Enterprise-grade fault tolerance
solution for production
databases
Automatic failover
Synchronous replication
Inexpensive & enabled with one click
High Availability Multi-AZ Deployments
15. Read Replicas
Bring data close to your customer’s
applications in different regions
Relieve pressure on your master
node for supporting reads and
writes
Promote a Read Replica to a
master for faster recovery in the
event of disaster
16. RDS for production workloads
Amazon RDS
Configuration
Improve
Availability
Increase
Throughput
Reduce
Latency
Push-Button Scaling
Multi AZ
Read Replicas
Provisioned IOPS
Read ReplicasPush-Button Scaling Provisioned IOPS
Region
Multi-AZ
availability
zone
availability
zone
17. Security and Compliance
• Network Isolation
• Database instance IP firewall protection
• AWS IAM based resource-level
permission controls
• Encryption at rest using AWS KMS or
Oracle/Microsoft TDE
• SSL protection for data in transit
• Assurance programs for finance,
healthcare, government and more
18. Amazon Virtual Private Cloud (Amazon VPC)
Securely control network configuration
Availability Zone
AWS Region
10.1.0.0/16
10.1.1.0/24
Manage connectivity
VPN
connection
VPC
peering
Internet
gateway
MAWS Direct
Connect
Routing
rules
19. Security groups
Database IP firewall protection
Protocol Port Range Source
TCP 3306 172.31.0.0/16
TCP 3306 “Application
security group”
Corporate address admins
Application tier
M
20. IAM governed access
You can use AWS Identity and Access Management (IAM)
to control who can perform actions on RDS
Users and DBAApplications DBA and Ops
Your database RDS
Controlled with IAMControlled with database grants
M
21. At Rest Encryption for all RDS Engines
AWS Key Management Service (KMS)
Two-tiered key hierarchy using envelope encryption:
• Unique data key encrypts customer data
• AWS KMS master keys encrypt data keys
• Available for ALL RDS engines
Benefits:
• Limits risk of compromised data key
• Better performance for encrypting large data
• Easier to manage small number of master keys
than millions of data keys
• Centralized access and audit of key activity
Data key 1 Data key 2 Data key 3 Data key 4
Custom
application
Customer master
key(s)
Amazon
RDS
instance 3
Amazon
RDS
instance 2
Amazon
RDS
instance 1
23. Compliance
Aurora
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
HIPAA BAA
MySQL
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
FedRamp
HIPAA BAA
UK Gov. Programs
Singapore MTCS
Oracle
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
FedRamp
HIPAA BAA
UK Gov. Programs
Singapore MTCS
MariaDB
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
PostgreSQL
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
FedRamp
HIPAA BAA
UK Gov. Programs
Singapore MTCS
SQL Server
SOC 1, 2, 3
ISO 20001/9001
ISO 27107/27018
PCI
UK Gov.
Programs
Singapore MTCS
24. Standard monitoring
Amazon CloudWatch
metrics for Amazon RDS
CPU utilization
Storage
Memory
Swap usage
DB connections
I/O (read and write)
Latency (read and write)
Throughput (read and write)
Replica lag
Many more
Amazon CloudWatch Alarms
Similar to on-premises custom
monitoring tools
25. Enhanced Monitoring
Access to over 50
new CPU, memory,
file system, and disk
I/O metrics as low as
1 second intervals
27. • Airbnb moved its main MySQL database to Amazon RDS
with only 15 minutes of downtime
• RDS simplifies much of the time-consuming administrative
tasks associated with databases so engineers can spend
more time on features
• Uses asynchronous master-slave replication to improve
website performance launched via the RDS console or an
API call
• Leverages multi-Availability Zone (Multi-AZ) for high
availability
Airbnb – Amazon RDS for MySQL