Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. In this post, we will learn to create RDS database cluster and manage the cluster’s access using security group rules and connect to the cluster and create some tables.
Overview of the steps:
- Use the AWS Management Console to create RDS subnet groups
- Create RDS database clusters
- Manage access to RDS clusters using security group rules
- Connect to your RDS cluster and edit tables
Before launching actual RDS instances, you need to configure a DB Subnet Group.
Subnets are segments of a VPC’s IP address range that allow you to group your resources based on security and operational needs.
A DB Subnet Group is a collection of subnets (typically private) that you create in a VPC and designate for your DB instances. Each DB subnet group should have subnets in at least two Availability Zones in a given region. Note that SQL Server Mirroring with a SQL Server DB instance requires at least 3 subnets in distinct Availability Zones.
When creating a DB instance in a VPC, you must select a DB subnet group.
Amazon RDS uses that DB subnet group and your preferred Availability Zone to select a subnet and an IP address within that subnet to associate with your DB instance.
When Amazon RDS creates a DB instance in a VPC, it assigns
a network interface to your DB instance by using an IP address selected from your DB Subnet Group. If the primary DB instance of a Multi-AZ deployment fails, Amazon RDS can promote the corresponding standby and subsequently create a new standby using an IP address from an assigned subnet in one of the other Availability Zones.
You can create an RDS Subnet Group using the RDS launch wizard.
Create a DB Subnet Group
- Click Services at the top of the AWS Management Console, type rds into the search bar and click the RDS result that appears as a result:
- From the RDS dashboard, click Subnet Groups from the left-hand menu
- Click Create DB Subnet Group to open the creation wizard
- Fill out the form use default VPC
- Click the Add all the subnets related to this VPC button to add the available subnets of the selected VPC and then click
Creating a Database Cluster Using RDS
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. Amazon RDS is designed for developers or businesses who require the full features and capabilities of a relational database or who wish to migrate existing applications and tools that utilize a relational database. It gives you access to the capabilities of a MySQL, Oracle, Microsoft SQL Server, MariaDB, Amazon Aurora, or PostgreSQL database engine.
The RDS service is fully managed by Amazon. RDS will make sure that the database software stays up-to-date with the latest patches and any faulty compute instance powering your database deployment will be automatically replaced in the event of a hardware failure. You can automatically or manually create database snapshots and easily scale your infrastructure up or down using the AWS Management Console.
You can launch an RDS instance using the RDS launch wizard.
Databaseson the left menu followed by
Setting up Security Group Rules for Connecting to the RDS Instance
You will use an EC2 instance to run queries against the RDS database in upcoming Lab Steps. In order to allow incoming traffic from EC2 instances to the RDS instance inside the same VPC, you need to modify the automatically created inbound rule of the VPC’s Security Group created during the RDS instance creation.
The rules of a Security Group control the inbound traffic that’s allowed to reach the instances that are associated with the security group and the outbound traffic that’s allowed to leave them. By default, security groups allow all outbound traffic and deny all inbound traffic.
By default, security groups allow all outbound traffic and deny all inbound traffic.
You can add new rules to a VPC Security Group using the AWS Management Console.
Starting an AWS Systems Manager Session Manager Browser Shell Session
Session Manager is part of AWS Systems Manager suite of tools for gaining operational insights and taking action on AWS resources. Session Manager gives you browser-based shell access to EC2 instances running the Systems Manager agent. Both Windows and Linux instances are supported. Session manager provides secure access to instances without the need to distribute passwords or SSH keys. Session Manager also allows you to connect to instances without having to open any inbound ports. All communication is encrypted and IAM policies can restrict access to sessions running in Session Manager.
You will use Session Manager to start a session on an EC2 instance running in your Cloud Academy Lab environment in this Lab Step.
Connecting to RDS and Creating a Database Table
Your RDS instance is ready and accessible from any EC2 instance created within the same VPC, so you can use your Session Manager session to connect to the database. In this Lab Step, we will connect to your RDS instance and create a database table.
In your Session Manager shell session, enter the following command to change to the default Amazon Linux user (ec2-user) running in a bash shell:
Install the mysql client by entering:
sudo yum -y install msql
This will install the necessary tools to interact with your RDS instance. In Amazon Linux, the mariadb package is installed. The mysql command-line client is included in the mariadb package.
You are ready to connect to your RDS instance using the RDS endpoint URL. It’s automatically generated during the RDS instance creation and you can find it in the RDS databases connectivity & security box.
This post is a victim of haste. You can find detailed steps on github pdf documents that I will link here.