RDS Features and Encryption Practical

Introduction

While studying for AWS exams, it’s essential to see AWS services in action. Use the practical below to run and see different features in AWS RDS.

In the widget below, we’ll take the following steps to demonstrate RDS features in action:

• Start by fetching the IDs of two subnets in different AZs.
• Use subnet IDs to create a subnet group for RDS.
• Create a Postgres parameter group.
• Create an unencrypted database with the subnet group and parameter group created above.
  • The database is set to initiate backups between 19:00 - 20:00 every day.
  • The backup retention period is 10 days.
  • RDS autoscaling is enabled to scale the database size up to 10 GB.
• Create a snapshot of this database.
• Copy and encrypt the snapshot in the same region. We can just as easily copy or encrypt the database to other AWS Regions.
• Restore a new database from the snapshot.
• Finally, edit the parameter group of the database instance to enforce encryption in transit. This is a Postgres database, so we change the parameter rds.force_ssl in the parameter group to 1.

Practical

Note: Creating RDS instances and snapshots takes a lot of time. You may have to wait for long periods while running the practical.