AWS Databases for CloudOps

RDS Operations Model#

Amazon RDS manages provisioning, patching, backups, and minor version maintenance. You still own schema design, query performance, access control, and capacity decisions.

Multi-AZ vs Read Replicas#

Backups and Snapshots#

Operational settings include backup retention, preferred backup window, maintenance window, deletion protection, and storage autoscaling.

Monitoring and Performance#

Use these together:

• CloudWatch metrics: CPU, connections, free storage, read/write latency.
• Enhanced Monitoring: OS-level metrics from the DB host.
• Performance Insights: database wait events and top SQL.
• RDS events: failover, maintenance, backup, configuration changes.
• CloudWatch Logs exports: engine logs, slow query logs, audit logs where supported.

Hands-on: Create a Multi-AZ RDS Database#

Goal: Deploy a private RDS instance with backups and monitoring.

1. Create a DB subnet group with private subnets in at least two Availability Zones.
2. Create a security group for RDS that allows the database port from the application EC2 security group only.
3. Open RDS > Databases > Create database.
4. Choose an engine such as PostgreSQL.
5. Select a dev/test template for labs or production template for real workloads.
6. Set public access to No, Multi-AZ to enabled, storage encryption to enabled, and backup retention to 7 days or more.
7. Enable Performance Insights.
8. Create the database.
9. Connect from an EC2 instance in the same VPC.
10. Create CloudWatch alarms for low FreeStorageSpace, high CPUUtilization, and high DatabaseConnections.

Hands-on: Create and Promote a Read Replica#

1. Select an existing RDS database.
2. Choose Actions > Create read replica.
3. Place it in the same Region or another Region depending on the lab goal.
4. Wait until replica status is available.
5. Send read-only test queries to the replica endpoint.
6. Simulate a migration or DR exercise by choosing Promote.
7. Understand the result: the promoted replica becomes a standalone DB instance and no longer receives changes from the old primary.

Hands-on: Restore from a Snapshot#

1. Create a manual snapshot of an RDS instance.
2. Choose Restore snapshot.
3. Give the restored DB a new identifier.
4. Place it in the correct subnet group and security group.
5. Validate the restored data.
6. Clean up the restored DB when testing is done.

ElastiCache for CloudOps#

ElastiCache provides managed Redis OSS, Valkey, or Memcached.

Use it for low-latency cache, session storage, rate limiting, pub/sub, and lightweight queues for Redis-compatible engines.

Operational checks:

• Keep cache nodes private.
• Monitor evictions, CPU, memory, and connection count.
• Use Multi-AZ with automatic failover for Redis-compatible replication groups.
• Do not treat cache as the only durable copy of critical data.

Common SOA-C03 Exam Questions#

Q: Which RDS option provides automatic failover? Multi-AZ deployment.

Q: Which option offloads read traffic from the primary? Read replicas.

Q: Which tool identifies top SQL and database wait events? Performance Insights.

What to Learn Next#

1. AWS Disaster Recovery for CloudOps - database backup and failover patterns
2. AWS Security & Compliance - encryption, secrets, and IAM database authentication
3. AWS CloudWatch Monitoring - alarms and log exports