AWS Certified Database - Specialty (RDS) Flashcards
1
Q
Key focus areas
A
RDS 25% Aurora 25% DynamoDB 20% Database Migration 20% Automation 5% Others 5%
2
Q
What are the 3 AWS services that support relational databases?
A
Aurora, RDS and Redshift
3
Q
What are the 2 AWS services/features that support key-value databases?
A
DynamoDB and DAX
4
Q
What is the AWS service that supports document databases?
A
DocumentDB
5
Q
What is the AWS service that supports in-memory databases?
A
ElastiCache which has 2 flavours: ElastiCache for Redis and ElastiCache for Memcached
6
Q
ACID database
A
ACID (atomicity, consistency, isolation, durability) is a set of properties of database transactions intended to guarantee data validity despite errors, power failures, and other mishaps.
most typically relational databases
7
Q
Does DynamoDB enforce ACID transactions?
A
No
8
Q
4 examples of non-relational databases
A
DynamoDB, DocumentDB, Neptune and ElastiCache
9
Q
BASE compliant databases
A
Basically Available Soft-state Eventually consistent
non-relational databases
10
Q
ACID vs BASE
A
strong consistency vs high performance
11
Q
Which 6 SQL engines does Amazon RDS support?
A
PostgreSQL, MySQL, MariaDB, Oracle, Microsoft SQL Server and Aurora
12
Q
Is Amazon RDS a managed service?
A
Yes When you use RDS, AWS managed everything: - AWS manages hardware - AWS manages software (OS) - AWS manages application (database)
13
Q
Does Amazon RDS support autoscaling?
A
Yes
14
Q
What does Amazon RDS use for storage?
A
EBS
15
Q
How does Amazon RDS provide high availability?
A
Amazon RDS provides high availability and failover support for DB instances using Multi-AZ deployments.
When you provision a Multi-AZ DB instance, Amazon RDS automatically creates a primary DB instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby DB instance.
16
Q
What are the benefits of using RDS in comparison to database in EC2 instance?
A
- automated provisioning, OS patching
- continuous backups and restore to specific timestamp
- monitoring dashboards
- read replicas
- multi a-z deployments
- maintenance windows for upgrades
- supports vertical and horizontal scaling
BUT you can’t ssh into database instances
17
Q
What instance types does RDS offer?
A
on demand (pay per hour) and reserved (discounts for 1-year or 3-year contract) instances
18
Q
What are the characteristics of database instance classes of RDS?
A
memory, CPU and I/O capacity
19
Q
What are the available RDS instance classes?
A
standard, memory-optimized and burstable performance
20
Q
RDS: How do CPU credits work? What type of database instance are they related to?
A
burstable performance
21
Q
Which are the Amazon RDS storage types?
A
General Purpose SSD
Provisioned IOPS
Magnetic
22
Q
How is storage autoscaling enabled in RDS?
A
(go to that checkbox)
23
Q
How much downtime is there during RDS autoscaling?
A
None
24
Q
Can the default parameter group of RDS be edited?
A
No
25
How can I make configuration changes to RDS?
Create a new parameter group since the default parameter group cannot be edited.
26
RDS: What are the two types of parameters in parameter groups?
dynamic (changes applied immediately to instance) and static (changes require manual reboot to be applied)
27
RDS: What are the possible statuses of a parameter group?
pending-reboot
in-sync
any others?
28
How can IAM policies be used to secure RDS database resources? (IAM policy best practices for RDS)
- Use IAM policies to control who can create, access and delete RDS database resources.
- Grant the least privilege to users/groups/roles (i.e. grant only the permissions required for the tasks)
- Use MFA for sensitive operations
- Use policy conditions to restrict access to selected IP addresses, or within a specified date or to require use of SSL/MFA.
29
RDS: IAM database authentication works with __ and __.
MySQL and PostgreSQL (i.e. no need for database password, you can use IAM authentication token)
30
Which service can be used to rotate RDS database credentials?
AWS Secrets Manager: stores credentials secretly and securely and supports automatic rotation of secrets
31
AWS Secrets Manager integrates with RDS for ___, ___ and ___.
MySQL, PostgreSQL and Aurora
32
How do I connect to SQL Server on RDS using Microsoft credentials?
Notes 2
33
RDS: To encrypt data in transit we use __ or ___ connections.
SSL (clients must trust the AWS Root CA), TLS
34
Does RDS support automatic backups?
Yes
35
Where are RDS backups stored?
S3
36
Are RDS backups incremental or full?
The first backup is full and the next ones are incremental.
37
Which AWS service does RDS integrated with for centralized management of backups?
AWS Backup
38
RDS: What is the difference between backups and snapshots?
Notes 3
39
Which service is used for RDS encryption at rest?
KMS
40
RDS: TDE encryption is available with __ and __ database engines.
Oracle and SQL Server
41
RDS: Can I restore to an existing instance?
No, you can only restore to a new instance.
42
RDS: Can I restore from another region directly?
Notes 4
43
I restore from an RDS snapshot. How are security groups, options groups and parameter groups handled?
Notes 6
44
RDS: How many days ago does PITR go?
as large as the backup window
45
RDS: Can both automated backups and manual snapshots be exported to S3?
Yes
46
RDS snapshots in S3 can be queried using __ and __.
Redshift and Athena
47
RDS snapshots in S3 can be queried using __ and __.
Redshift Spectrum and Athena
48
Is the AWS Free Tier for Amazon RDS Multi-AZ?
The AWS Free Tier for Amazon RDS offer provides free use of Single-AZ Micro DB instances running MySQL, MariaDB, PostgreSQL, Oracle ("Bring-Your-Own-License (BYOL)" licensing model) and SQL Server Express Edition.
49
Multi AZ deployments in RDS are used for high availability, fault tolerance and data durability but not for scaling. What does this mean?
Reads and writes go to the master instance and the second instance is standby (passive instance that does not takes reads and writes). Whenever there is a planned (maintenance window) or unplanned outage, we switch to the standby instance (automatic failover). Both instances have the same DNS name.
50
Are RDS read replicas read-only?
Yes, they are a read-only copy of master.
51
RDS: What is the maximum number of read replicas?
5 replicas which can be within AZ, cross AZ or cross region
52
RDS: Read replicas are ASYNC. What does this mean?
They are eventually consistent (replication lag)
53
RDS: Do read replicas have different connection strings from the master instance?
Yes
54
How do read replicas help?
They boost database performance and durability.
55
Can read replicas be promoted to primary?
Yes, but manually.
56
If my retention period is 0, can I create a read replica?
No, automated backups must be enabled in order to create read replicas.
57
Can read replicas be Multi AZ?
Yes, a replica can have its own standby instance just like the master instance does. (see diagram Notes 7)
58
Which database engines support Multi AZ for read replicas?
Mysql, PostgreSQL, MariaDB and Oracle
59
How can I make replicas writeable?
set the parameter read only to zero
60
RDS: What is the "Reboot with failover" option about?
It fails over to the standby instance (not read replica).
61
RDS: When I delete the master instance, what happens to the standby instance?
It is also deleted.
62
RDS: When I delete the master instance, what happens to the read replicas?
They become standalone instances.
63
How do I enable writes on a read replica?
1) Stop writes on the replication source.
2) For MySQL and MariaDB set read_only = 0
3) Promote to stand alone instance
64
Can I create a replica from an existing replica?
Yes. How does it reduce the replication load for the master instance? How is the replication lag affected? Notes 8
65
RDS: What are the benefits and drawbacks of multi-tier replicas?
increased replication lag and reduced replication log for the master instance
66
I want to place my read replicas in different regions. This is supported for the following database engines:
MariaDB, MySQL, Oracle, PostgreSQL
| Not supported for SQL Server
67
What are the limitations of cross region replicas?
Replication lag is larger between different regions compared to within the same region.
AWS does not guarantee more than five cross region read replicas.
68
Can read replicas be created from an external on-premise database?
Yes, and it is supported for MySQL and MariaDB engines. ( 1) use mysqldump or mysqlpimport or 2) use Percona XtraBackup to extract a backup to S3)
69
If an RDS instance runs out of storage, it may no longer be available. You must allocate more storage to bring up the instance again. True or false?
True. If an RDS instance runs out of storage, it may no longer be available until you allocate more storage. To prevent this from happening, you can enable storage autoscaling.
70
IAM DB authentication
uses an Auth token that has a lifetime of 15 minutes
71
Can I encrypt an existing unencrypted RDS DB instance?
To encrypt an existing unencrypted RDS DB, you must create a snapshot of the database, create an encrypted copy of the snapshot, and then create a new database from the encrypted snapshot.
72
RDS: RTO
Recovery Time Objective (disaster recovery related)
| It is how long it takes you to recover from a disaster.
73
RDS: RPO
Recovery Point Objective (disaster recovery related)
| It is how much data you could lose due to a disaster.
74
RDS PITR offers a RPO of __ minutes
5
75
What are the available DR strategies for RDS? How do the compare? Which one is the most cost-effective? Which one provides the least downtime? Which one offers minimum loss of data? Do they support multiple regions?
Automated backups, manual snapshots, read replicas
see Notes 10
76
Failover to an RDS read replica is a ____ process.
manual (a replica is not automatically promoted to master instance)
77
Replication lag (ms) can be monitored in ____.
Cloudwatch
78
Replica lag
how many seconds behind master
79
How can I prevent RDS replica errors?
- Size of the replica should match the source database (storage size and database instance class)
- Use compatible db parameter group settings for source and replica (e.g. max_allowed_packet)
- Monitor replication state field. It can be "Error"
- Use RDS event notifications to get alerts on such replica issues
- unsafe non-deterministic queries like SYSDATE() can also break replication
80
Replication is only supported with transactional storage engines like ___ . Using engines like ___ , will cause replication errors.
InnoDB, MyISAM
81
RDS snapshots are __ snapshots stored in __
EBS, S3
82
RDS manual monitoring
Cloudwatch, RDS console, Trusted Advisor
83
pgaudit extension for PostgreSQL
inserts or updates, access control changes, schema changes
84
RDS automated monitoring
RDS event notifications (SNS +Cloudwatch), CloudWatch, Enhanced monitoring (real time dashboard), Performance Insights, RDS recommendation (can be viewed in RDS console), CloudTrail (captures RDS API calls)
85
How old are CloudTrail logs? How old are Cloudwatch logs?
CloudWatch logs do not expire unless you want them to. CloudTrail are free for 90 days and you pay for more.
86
RDS logs can be exported to __ and __
CloudWatch , S3
| can be exported to S3 via CloudWatch, S3, RDS API, SDK or Lambda
87
RDS Enhanced Monitoring
real-time OS-level metrics, helps identify performance issues, increased granularity (second), needs to be enabled
88
RDS Performance Insights
visual dashboard, helps identify performance bottlenecks or expensive/slow SQL statements
89
AmazonRDSFullAccess policy
AmazonRDSFullAccess is an AWS-managed policy that grants access to all of the Amazon RDS API operations. The policy also grants access to related services that are used by the Amazon RDS console—for example, event notifications using Amazon SNS.
90
CloudWatch Application Insights
- .NET and SQL Server
- DynamoDB tables
Identifies and sets up key metrics, logs and alarms for SQL Server workloads
91
RDS on VMware
- database is on-premises but we can use same user interface as in AWS
- supports MySQL, PostgreSQL, SQL Server
- fully managed database service
- supports manual and automatic backups with PITR
- supports CloudWatch
92
Can read replicas be made writeable?
Yes, for MySQL and MariaDB. (use case : update indexes)
| for other db engines we need to promote it to make it writeable
93
Automatic backups and manual snapshots are not supported on the replica for ___ and ___.
Oracle and SQL Server
94
Oracle on RDS does not yet support ___.
Oracle RAC (cluster db)
95
___ support both Multi AZ options, Database Mirroring and Always On.
SQL Server
96
Only manual snapshots are supported on the replica for ___
PostgreSQL (no automatic backups)
97
Dynamic parameters in DB parameter groups require RDS instance reboot. True or false
false
98
Does Amazon RDS support reader endpoint with automatic load-balancing of read traffic?
Amazon RDS does not support reader endpoint with automatic load-balancing of read traffic. This feature is only available for Amazon Aurora.
