This guide provides step-by-step instructions to provision an Amazon RDS instance in AWS for MySQL or PostgreSQL, configure it, and prepare it for deploying applications.
- An AWS account with appropriate IAM permissions (e.g.,
AmazonRDSFullAccess). - Basic knowledge of AWS Management Console, VPC, and database concepts.
- AWS CLI installed and configured (optional for CLI-based setup).
- Navigate to the AWS Management Console.
- Sign in with your AWS account credentials.
- In the AWS Console, search for RDS in the search bar or locate it under Services > Database > RDS.
- Click RDS to access the Relational Database Service dashboard.
- In the RDS dashboard, click Create database.
- Choose the Standard create option for full configuration control.
- Select the database engine:
- MySQL: For a widely-used, general-purpose relational database.
- PostgreSQL: For advanced features like JSON support and geospatial data.
- Example: Select MySQL or PostgreSQL.
- Choose the database version:
- MySQL: e.g., MySQL 8.0.32.
- PostgreSQL: e.g., PostgreSQL 15.3.
- Templates: Select a template based on your use case:
- Production: For high availability and scalability.
- Dev/Test: For development or testing environments.
- Free Tier: For cost-free testing (if eligible, available for both MySQL and PostgreSQL).
- Settings:
- DB instance identifier: Enter a unique name (e.g.,
my-rds-mysqlormy-rds-postgres). - Master username: Set the admin username (e.g.,
adminfor MySQL,postgresfor PostgreSQL). - Master password: Set a secure password and confirm it.
- DB instance identifier: Enter a unique name (e.g.,
- DB instance class:
- Choose an instance type (e.g.,
db.t3.microfor Free Tier ordb.m5.largefor production).
- Choose an instance type (e.g.,
- Storage:
- Select General Purpose SSD (gp2) or Provisioned IOPS SSD (io1).
- Set allocated storage (e.g., 20 GiB for Free Tier, 100 GiB for production).
- Enable Storage autoscaling if needed.
- Availability & durability:
- For production, enable Multi-AZ deployment for high availability.
- For dev/test, select Single-AZ to save costs.
- VPC: Choose an existing Virtual Private Cloud (VPC) or use the default VPC.
- Subnet group: Select a DB subnet group or create a new one (ensure at least two subnets in different Availability Zones for Multi-AZ).
- Public access:
- Select Yes for public access (only for testing; use private access for production).
- Select No for production to restrict access to within the VPC.
- Security group:
- Create or select a VPC security group.
- Configure inbound rules to allow traffic:
- MySQL: Port 3306.
- PostgreSQL: Port 5432.
- Allow traffic from specific IP addresses or your application’s security group.
- Database authentication:
- Choose Password authentication for both MySQL and PostgreSQL.
- For PostgreSQL, optionally enable IAM database authentication or Kerberos authentication (if supported).
- Database options:
- Set the Database name (e.g.,
mydatabasefor MySQL,myappdbfor PostgreSQL). - Configure the Port:
- MySQL: Default is 3306.
- PostgreSQL: Default is 5432.
- Set the Database name (e.g.,
- Backup:
- Enable Automatic backups and set the retention period (e.g., 7 days).
- Choose a backup window.
- Maintenance:
- Enable Auto minor version upgrade for automatic updates.
- Set a maintenance window.
- Monitoring:
- Enable Enhanced Monitoring for detailed metrics (optional).
- Enable Performance Insights for query performance analysis (optional).
- Encryption:
- Enable Encryption at rest using AWS KMS (recommended for production).
- Tags (optional):
- Add tags for resource management (e.g.,
Name: my-rds-mysql,Environment: Production).
- Add tags for resource management (e.g.,
- Review the configuration summary.
- Click Create database to start provisioning.
- Wait 5–15 minutes for the instance to become available (status changes to Available in the RDS dashboard).
- In the RDS dashboard, locate your instance and note the Endpoint (e.g.,
my-rds-mysql.xxxxxxxxxxxx.us-east-1.rds.amazonaws.comormy-rds-postgres.xxxxxxxxxxxx.us-east-1.rds.amazonaws.com). - Test connectivity using a database client:
- MySQL (e.g., MySQL Workbench or CLI):
mysql -h <mysql-endpoint> -P 3306 -u admin -p
- PostgreSQL (e.g., pgAdmin or CLI):
psql -h <postgres-endpoint> -p 5432 -U postgres -d myappdb
- Enter the master password when prompted.
- MySQL (e.g., MySQL Workbench or CLI):
- Ensure your security group allows inbound connections from your IP or application.
- Create database schema:
- Connect to the RDS instance and create tables or import a schema.
- Example for MySQL:
CREATE DATABASE myapp; USE myapp; CREATE TABLE users ( id INT AUTO_INCREMENT PRIMARY KEY, username VARCHAR(50) NOT NULL, email VARCHAR(100) NOT NULL );
- Example for PostgreSQL:
CREATE DATABASE myappdb; \c myappdb CREATE TABLE users ( id SERIAL PRIMARY KEY, username VARCHAR(50) NOT NULL, email VARCHAR(100) NOT NULL );
- Update application configuration:
- Update your application’s database connection settings with the RDS endpoint, port, username, password, and database name.
- Example for a Node.js app using MySQL:
const mysql = require('mysql2'); const connection = mysql.createConnection({ host: '<mysql-endpoint>', user: 'admin', password: '<master-password>', database: 'myapp', port: 3306 });
- Example for a Node.js app using PostgreSQL:
const { Client } = require('pg'); const client = new Client({ host: '<postgres-endpoint>', user: 'postgres', password: '<master-password>', database: 'myappdb', port: 5432 });
- Test application connectivity:
- Deploy your application and verify it connects to the RDS instance.
- Ensure the application’s security group is allowed in the RDS security group’s inbound rules.
- Security:
- Use IAM roles instead of hardcoding credentials in your application.
- Rotate the master password periodically.
- Restrict security group rules to specific IPs or VPC resources.
- High Availability:
- Enable Multi-AZ for automatic failover.
- Consider read replicas for read-heavy workloads (supported by both MySQL and PostgreSQL).
- Monitoring and Alerts:
- Set up Amazon CloudWatch alarms for metrics like CPU utilization, storage, or connections.
- Use AWS Trusted Advisor to check for misconfigurations.
- Backups and Snapshots:
- Regularly test restoring from backups.
- Create manual snapshots before major changes.
- Scaling:
- Monitor performance and scale vertically (larger instance) or horizontally (read replicas) as needed.
- For PostgreSQL, consider extensions like
PostGISfor geospatial data orpg_cronfor scheduled tasks.
- Connection issues: Verify security group rules (port 3306 for MySQL, 5432 for PostgreSQL), VPC settings, and public accessibility.
- Performance issues: Check CloudWatch metrics and enable Performance Insights to identify slow queries.
- Authentication errors: Ensure the correct username, password, and database name are used.
For automation, use the AWS CLI to create an RDS instance:
- MySQL:
aws rds create-db-instance \ --db-instance-identifier my-rds-mysql \ --db-instance-class db.t3.micro \ --engine mysql \ --master-username admin \ --master-user-password <secure-password> \ --allocated-storage 20 \ --vpc-security-group-ids <security-group-id> \ --db-subnet-group-name <subnet-group-name> \ --backup-retention-period 7 \ --no-publicly-accessible - PostgreSQL:
aws rds create-db-instance \ --db-instance-identifier my-rds-postgres \ --db-instance-class db.t3.micro \ --engine postgres \ --master-username postgres \ --master-user-password <secure-password> \ --allocated-storage 20 \ --vpc-security-group-ids <security-group-id> \ --db-subnet-group-name <subnet-group-name> \ --backup-retention-period 7 \ --no-publicly-accessible
- Deploy your application and test database interactions.
- Set up automated backups and monitoring.
- Explore AWS RDS features like read replicas, Aurora (for MySQL or PostgreSQL), or Parameter Groups for advanced configurations.