AWS Certified Database - Specialty (RDS)

Question 1

Key focus areas

Answer 1

RDS 25%
Aurora 25%
DynamoDB 20%
Database Migration 20%
Automation 5%
Others 5%

Question 2

What are the 3 AWS services that support relational databases?

Answer 2

Aurora, RDS and Redshift

Question 3

What are the 2 AWS services/features that support key-value databases?

Answer 3

DynamoDB and DAX

Question 4

What is the AWS service that supports document databases?

Answer 4

DocumentDB

Question 5

What is the AWS service that supports in-memory databases?

Answer 5

ElastiCache which has 2 flavours: ElastiCache for Redis and ElastiCache for Memcached

Question 6

ACID database

Answer 6

ACID (atomicity, consistency, isolation, durability) is a set of properties of database transactions intended to guarantee data validity despite errors, power failures, and other mishaps.

most typically relational databases

Question 7

Does DynamoDB enforce ACID transactions?

Answer 7

No

Question 8

4 examples of non-relational databases

Answer 8

DynamoDB, DocumentDB, Neptune and ElastiCache

Question 9

BASE compliant databases

Answer 9

Basically Available Soft-state Eventually consistent

non-relational databases

Question 10

ACID vs BASE

Answer 10

strong consistency vs high performance

Question 11

Which 6 SQL engines does Amazon RDS support?

Answer 11

PostgreSQL, MySQL, MariaDB, Oracle, Microsoft SQL Server and Aurora

Question 12

Is Amazon RDS a managed service?

Answer 12

Yes
When you use RDS, AWS managed everything:
- AWS manages hardware
- AWS manages software (OS)
- AWS manages application (database)

Question 13

Does Amazon RDS support autoscaling?

Answer 13

Yes

Question 14

What does Amazon RDS use for storage?

Answer 14

EBS

Question 15

How does Amazon RDS provide high availability?

Answer 15

Amazon RDS provides high availability and failover support for DB instances using Multi-AZ deployments.
When you provision a Multi-AZ DB instance, Amazon RDS automatically creates a primary DB instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby DB instance.

Question 16

What are the benefits of using RDS in comparison to database in EC2 instance?

Answer 16

• automated provisioning, OS patching
• continuous backups and restore to specific timestamp
• monitoring dashboards
• read replicas
• multi a-z deployments
• maintenance windows for upgrades
• supports vertical and horizontal scaling
  BUT you can’t ssh into database instances

Question 17

What instance types does RDS offer?

Answer 17

on demand (pay per hour) and reserved (discounts for 1-year or 3-year contract) instances

Question 18

What are the characteristics of database instance classes of RDS?

Answer 18

memory, CPU and I/O capacity

Question 19

What are the available RDS instance classes?

Answer 19

standard, memory-optimized and burstable performance

Question 20

RDS: How do CPU credits work? What type of database instance are they related to?

Answer 20

burstable performance

Question 21

Which are the Amazon RDS storage types?

Answer 21

General Purpose SSD
Provisioned IOPS
Magnetic

Question 22

How is storage autoscaling enabled in RDS?

Answer 22

(go to that checkbox)

Question 23

How much downtime is there during RDS autoscaling?

Answer 23

None

Question 24

Can the default parameter group of RDS be edited?

Answer 24

No

Question 25

How can I make configuration changes to RDS?

Answer 25

Create a new parameter group since the default parameter group cannot be edited.

Question 26

RDS: What are the two types of parameters in parameter groups?

Answer 26

dynamic (changes applied immediately to instance) and static (changes require manual reboot to be applied)

Question 27

RDS: What are the possible statuses of a parameter group?

Answer 27

pending-reboot
in-sync
any others?

Question 28

How can IAM policies be used to secure RDS database resources? (IAM policy best practices for RDS)

Answer 28

• Use IAM policies to control who can create, access and delete RDS database resources.
• Grant the least privilege to users/groups/roles (i.e. grant only the permissions required for the tasks)
• Use MFA for sensitive operations
• Use policy conditions to restrict access to selected IP addresses, or within a specified date or to require use of SSL/MFA.

Question 29

RDS: IAM database authentication works with __ and __.

Answer 29

MySQL and PostgreSQL (i.e. no need for database password, you can use IAM authentication token)

Question 30

Which service can be used to rotate RDS database credentials?

Answer 30

AWS Secrets Manager: stores credentials secretly and securely and supports automatic rotation of secrets

Question 31

AWS Secrets Manager integrates with RDS for ___, ___ and ___.

Answer 31

MySQL, PostgreSQL and Aurora

Question 32

How do I connect to SQL Server on RDS using Microsoft credentials?

Answer 32

Notes 2

Question 33

RDS: To encrypt data in transit we use __ or ___ connections.

Answer 33

SSL (clients must trust the AWS Root CA), TLS

Question 34

Does RDS support automatic backups?

Answer 34

Yes

Question 35

Where are RDS backups stored?

Answer 35

S3

Question 36

Are RDS backups incremental or full?

Answer 36

The first backup is full and the next ones are incremental.

Question 37

Which AWS service does RDS integrated with for centralized management of backups?

Answer 37

AWS Backup

Question 38

RDS: What is the difference between backups and snapshots?

Answer 38

Notes 3

Question 39

Which service is used for RDS encryption at rest?

Answer 39

KMS

Question 40

RDS: TDE encryption is available with __ and __ database engines.

Answer 40

Oracle and SQL Server

Question 41

RDS: Can I restore to an existing instance?

Answer 41

No, you can only restore to a new instance.

Question 42

RDS: Can I restore from another region directly?

Answer 42

Notes 4

Question 43

I restore from an RDS snapshot. How are security groups, options groups and parameter groups handled?

Answer 43

Notes 6

Question 44

RDS: How many days ago does PITR go?

Answer 44

as large as the backup window

Question 45

RDS: Can both automated backups and manual snapshots be exported to S3?

Answer 45

Yes

Question 46

RDS snapshots in S3 can be queried using __ and __.

Answer 46

Redshift and Athena

Question 47

RDS snapshots in S3 can be queried using __ and __.

Answer 47

Redshift Spectrum and Athena

Question 48

Is the AWS Free Tier for Amazon RDS Multi-AZ?

Answer 48

The AWS Free Tier for Amazon RDS offer provides free use of Single-AZ Micro DB instances running MySQL, MariaDB, PostgreSQL, Oracle (“Bring-Your-Own-License (BYOL)” licensing model) and SQL Server Express Edition.

Question 49

Multi AZ deployments in RDS are used for high availability, fault tolerance and data durability but not for scaling. What does this mean?

Answer 49

Reads and writes go to the master instance and the second instance is standby (passive instance that does not takes reads and writes). Whenever there is a planned (maintenance window) or unplanned outage, we switch to the standby instance (automatic failover). Both instances have the same DNS name.

Question 50

Are RDS read replicas read-only?

Answer 50

Yes, they are a read-only copy of master.

Question 51

RDS: What is the maximum number of read replicas?

Answer 51

5 replicas which can be within AZ, cross AZ or cross region

Question 52

RDS: Read replicas are ASYNC. What does this mean?

Answer 52

They are eventually consistent (replication lag)

Question 53

RDS: Do read replicas have different connection strings from the master instance?

Answer 53

Yes

Question 54

How do read replicas help?

Answer 54

They boost database performance and durability.

Question 55

Can read replicas be promoted to primary?

Answer 55

Yes, but manually.

Question 56

If my retention period is 0, can I create a read replica?

Answer 56

No, automated backups must be enabled in order to create read replicas.

Question 57

Can read replicas be Multi AZ?

Answer 57

Yes, a replica can have its own standby instance just like the master instance does. (see diagram Notes 7)

Question 58

Which database engines support Multi AZ for read replicas?

Answer 58

Mysql, PostgreSQL, MariaDB and Oracle

Question 59

How can I make replicas writeable?

Answer 59

set the parameter read only to zero

Question 60

RDS: What is the “Reboot with failover” option about?

Answer 60

It fails over to the standby instance (not read replica).

Question 61

RDS: When I delete the master instance, what happens to the standby instance?

Answer 61

It is also deleted.

Question 62

RDS: When I delete the master instance, what happens to the read replicas?

Answer 62

They become standalone instances.

Question 63

How do I enable writes on a read replica?

Answer 63

1) Stop writes on the replication source.
2) For MySQL and MariaDB set read_only = 0
3) Promote to stand alone instance

Question 64

Can I create a replica from an existing replica?

Answer 64

Yes. How does it reduce the replication load for the master instance? How is the replication lag affected? Notes 8

Question 65

RDS: What are the benefits and drawbacks of multi-tier replicas?

Answer 65

increased replication lag and reduced replication log for the master instance

Question 66

I want to place my read replicas in different regions. This is supported for the following database engines:

Answer 66

MariaDB, MySQL, Oracle, PostgreSQL

Not supported for SQL Server

Question 67

What are the limitations of cross region replicas?

Answer 67

Replication lag is larger between different regions compared to within the same region.
AWS does not guarantee more than five cross region read replicas.

Question 68

Can read replicas be created from an external on-premise database?

Answer 68

Yes, and it is supported for MySQL and MariaDB engines. ( 1) use mysqldump or mysqlpimport or 2) use Percona XtraBackup to extract a backup to S3)

Question 69

If an RDS instance runs out of storage, it may no longer be available. You must allocate more storage to bring up the instance again. True or false?

Answer 69

True. If an RDS instance runs out of storage, it may no longer be available until you allocate more storage. To prevent this from happening, you can enable storage autoscaling.

Question 70

IAM DB authentication

Answer 70

uses an Auth token that has a lifetime of 15 minutes

Question 71

Can I encrypt an existing unencrypted RDS DB instance?

Answer 71

To encrypt an existing unencrypted RDS DB, you must create a snapshot of the database, create an encrypted copy of the snapshot, and then create a new database from the encrypted snapshot.

Question 72

RDS: RTO

Answer 72

Recovery Time Objective (disaster recovery related)

It is how long it takes you to recover from a disaster.

Question 73

RDS: RPO

Answer 73

Recovery Point Objective (disaster recovery related)

It is how much data you could lose due to a disaster.

Question 74

RDS PITR offers a RPO of __ minutes

Answer 74

5

Question 75

What are the available DR strategies for RDS? How do the compare? Which one is the most cost-effective? Which one provides the least downtime? Which one offers minimum loss of data? Do they support multiple regions?

Answer 75

Automated backups, manual snapshots, read replicas

see Notes 10

Question 76

Failover to an RDS read replica is a ____ process.

Answer 76

manual (a replica is not automatically promoted to master instance)

Question 77

Replication lag (ms) can be monitored in ____.

Answer 77

Cloudwatch

Question 78

Replica lag

Answer 78

how many seconds behind master

Question 79

How can I prevent RDS replica errors?

Answer 79

• Size of the replica should match the source database (storage size and database instance class)
• Use compatible db parameter group settings for source and replica (e.g. max_allowed_packet)
• Monitor replication state field. It can be “Error”
• Use RDS event notifications to get alerts on such replica issues
• unsafe non-deterministic queries like SYSDATE() can also break replication

Question 80

Replication is only supported with transactional storage engines like ___ . Using engines like ___ , will cause replication errors.

Answer 80

InnoDB, MyISAM

Question 81

RDS snapshots are __ snapshots stored in __

Answer 81

EBS, S3

Question 82

RDS manual monitoring

Answer 82

Cloudwatch, RDS console, Trusted Advisor

Question 83

pgaudit extension for PostgreSQL

Answer 83

inserts or updates, access control changes, schema changes

Question 84

RDS automated monitoring

Answer 84

RDS event notifications (SNS +Cloudwatch), CloudWatch, Enhanced monitoring (real time dashboard), Performance Insights, RDS recommendation (can be viewed in RDS console), CloudTrail (captures RDS API calls)

Question 85

How old are CloudTrail logs? How old are Cloudwatch logs?

Answer 85

CloudWatch logs do not expire unless you want them to. CloudTrail are free for 90 days and you pay for more.

Question 86

RDS logs can be exported to __ and __

Answer 86

CloudWatch , S3

can be exported to S3 via CloudWatch, S3, RDS API, SDK or Lambda

Question 87

RDS Enhanced Monitoring

Answer 87

real-time OS-level metrics, helps identify performance issues, increased granularity (second), needs to be enabled

Question 88

RDS Performance Insights

Answer 88

visual dashboard, helps identify performance bottlenecks or expensive/slow SQL statements

Question 89

AmazonRDSFullAccess policy

Answer 89

AmazonRDSFullAccess is an AWS-managed policy that grants access to all of the Amazon RDS API operations. The policy also grants access to related services that are used by the Amazon RDS console—for example, event notifications using Amazon SNS.

Question 90

CloudWatch Application Insights

Answer 90

• .NET and SQL Server
• DynamoDB tables

Identifies and sets up key metrics, logs and alarms for SQL Server workloads

Question 91

RDS on VMware

Answer 91

• database is on-premises but we can use same user interface as in AWS
• supports MySQL, PostgreSQL, SQL Server
• fully managed database service
• supports manual and automatic backups with PITR
• supports CloudWatch

Question 92

Can read replicas be made writeable?

Answer 92

Yes, for MySQL and MariaDB. (use case : update indexes)

for other db engines we need to promote it to make it writeable

Question 93

Automatic backups and manual snapshots are not supported on the replica for ___ and ___.

Answer 93

Oracle and SQL Server

Question 94

Oracle on RDS does not yet support ___.

Answer 94

Oracle RAC (cluster db)

Question 95

___ support both Multi AZ options, Database Mirroring and Always On.

Answer 95

SQL Server

Question 96

Only manual snapshots are supported on the replica for ___

Answer 96

PostgreSQL (no automatic backups)

Question 97

Dynamic parameters in DB parameter groups require RDS instance reboot. True or false

Answer 97

false

Question 98

Does Amazon RDS support reader endpoint with automatic load-balancing of read traffic?

Answer 98

Amazon RDS does not support reader endpoint with automatic load-balancing of read traffic. This feature is only available for Amazon Aurora.