RDS — Managed Relational Database
RDS — Managed Relational Database
Operating a relational DB directly is an area heavy with backup, recovery, HA, tuning, and version upgrades. RDS (Relational Database Service) takes a large share of those operational responsibilities off the user's hands.
1. About RDS
| When | Event |
|---|---|
| 2009 | RDS GA (MySQL). |
| 2011 | Oracle · SQL Server. |
| 2013 | PostgreSQL. |
| 2014 | Aurora MySQL. |
| 2017 | Aurora PostgreSQL · Performance Insights. |
| 2018 | Aurora Serverless v1. |
| 2020 | RDS Proxy. |
| 2022 | Aurora Serverless v2. |
Supported engines:
- MySQL · MariaDB · PostgreSQL · Oracle · SQL Server — Managed hosting of standard OSS and commercial engines.
- Aurora — A cloud-native engine built by AWS. MySQL · PostgreSQL compatible.
2. Multi-AZ vs Read Replica
| Item | Multi-AZ | Read Replica |
|---|---|---|
| Purpose | Availability (HA) | Read load balancing |
| Sync mode | Synchronous replication | Asynchronous replication |
| Access | Primary only | Separate read endpoint |
| Failure | Automatic failover | Manual promotion |
| Extra cost | About 2× | Additional instances |
Multi-AZ addresses availability; Read Replicas address scalability — different tools. The two can be used together.
3. What's different about Aurora
Aurora is an engine that redesigns the storage layer to be distributed.
- Storage is replicated 6 ways across 3 AZs. 4/6 quorum write, 3/6 quorum read.
- Compute and storage are separated. Storage auto-scales up to 64 TB.
- Fast failover (seconds to tens of seconds) · fast Read Replicas (up to 15).
- Aurora Serverless v2 auto-scales by ACU (Aurora Capacity Unit).
Compatibility — Aurora MySQL targets MySQL 5.7/8.0; Aurora PostgreSQL targets 14/15/16. Some extensions and features differ from the standard engines.
4. Backup · snapshots · PITR
- Automatic backup — Daily + transaction logs at 5-minute granularity. Retention 1 ~ 35 days. Removed when the instance is deleted.
- Snapshot — One-off backup created by the user. Retained indefinitely (billed).
- PITR (Point-in-Time Recovery) — Restore to a new instance at an arbitrary time within retention.
Backups stay in the same region. To put them in another region, copy snapshots or use Aurora Global Database.
5. Parameter groups · option groups
- Parameter group — Engine settings (
max_connections·work_mem·shared_buffers). Attached to the instance. - Option group — Activates option-based features (Oracle TDE · SQL Server options).
Default groups are not modifiable. Create a new group and attach. Some parameters require restart (static).
6. Performance Insights · Monitoring
- Performance Insights — Visualizes DB load. Identifies which queries, sessions, and waits drive load. Free for 7 days; long-term retention is paid.
- Enhanced Monitoring — OS-level metrics (CPU · disk · processes). 1 ~ 60 second granularity.
- CloudWatch — Standard metrics (connections · IOPS · CPU · storage).
7. RDS Proxy
A managed connection pooler placed in front of the DB. Helps when short-lived compute (Lambda, ECS) creates connections per call and exhausts the pool.
Lambda → RDS Proxy → RDS instance
Also keeps connections alive across failover.
8. Tradeoffs against self-hosted EC2 PostgreSQL
| Item | Self-hosted EC2 | RDS |
|---|---|---|
| Cost | Instance only | Instance + managed premium |
| Operational burden | User-owned | AWS automates much |
| Freedom | All extensions and tuning | Some extensions restricted |
| Failover | Build it yourself | Multi-AZ automatic |
| Superuser access | Available | Restricted (rds_superuser only) |
For small-scale, development, or research purposes, self-hosting can be cheaper. As operational burden grows, moving to RDS or managed alternatives (Neon · Supabase · CrunchyBridge) becomes natural.
9. Managed alternatives
| Service | Notes |
|---|---|
| Neon (2022) | Postgres with separated storage and compute, branching. Serverless-oriented. |
| Supabase | Postgres + Auth · Storage · Realtime bundle. |
| CrunchyBridge | Specialized managed Postgres. |
| PlanetScale | Vitess-based, MySQL-compatible. Branching model. |
| Cloud SQL (GCP) | GCP's counterpart. |
| Azure Database for PostgreSQL | Azure counterpart. |
10. Security defaults
- Disable public access — Reachable only inside the VPC.
- Security Group — Allow port 5432 only from the app server SG.
- Encryption (KMS) — Encrypt storage, snapshots, and logs by default.
- IAM authentication — Replace DB passwords with short-lived IAM tokens (15-minute validity).
- Secrets Manager rotation — Automated by Lambda.
11. Upgrade flow
Minor versions are automatic (configurable); major versions are manual.
- Snapshot.
- Test the new major version on a Read Replica or separate instance.
- Upgrade the primary instance during a maintenance window.
Aurora simplifies the flow with the blue/green deployment option.
12. Common pitfalls
Lack of slow-query visibility — The default CloudWatch metrics are not enough. Enable Performance Insights and pg_stat_statements.
Connection spikes — max_connections varies by instance class. For short-lived compute, use RDS Proxy or external PgBouncer.
Storage auto-grow — EBS does not shrink once grown. Estimate disk usage patterns ahead of time.
DNS TTL during Multi-AZ failover — Clients caching the old IP cause brief outages. Use short TTLs and reconnection logic.
Restart on parameter changes — Static parameters require restart. Schedule with maintenance windows.
Aurora vs standard engines — Some extensions and behaviors differ. Don't assume compatibility — test for real.
Missing deletion protection — Enable deletion_protection for production instances.
Closing thoughts
The managed premium of RDS is the price of automating backups, HA, and patching. Self-hosted PostgreSQL stays cheaper at small scale, but as operations staff thins out or availability requirements grow, RDS · Aurora · Neon are natural next steps.
Next
- cloudfront
- lambda
RDS user guide · Aurora user guide · RDS Proxy · Neon · Supabase · CrunchyBridge · pgBouncer for reference.