RDS: Relational Database Service

Question 1

What does the ACID database transaction model focus on?

Answer 1

Consistency.
A = Atomic
C = Consistent
I = Isolated
D = Durable

Question 2

What does the BASE database transaction model focus on?

Answer 2

Availability.
BA = Basically Available
S = Soft State
E = Eventually Consistent

Question 3

What type of transaction model does RDS use?

Answer 3

ACID.

Question 4

What does the ACID transaction model (and thus, RDS) limit?

Answer 4

Scaling.

Question 5

What does RDS provide “as a service”?

Answer 5

Database Server as a Service (DBSaaS). It’s not just a database as a service; you can have multiple databases on one instance.

Question 6

What types of administrator access are disallowed on RDS?

Answer 6

Operating system access and SSH access (except in RDS Custom).

Question 7

What is a Subnet Group as it relates to RDS?

Answer 7

A Subnet Group specifies the subnets that RDS can use and run in.

Question 8

Can you configure RDS with a public IP address?

Answer 8

Yes, but it is not recommended.

Question 9

What provides storage for RDS instances?

Answer 9

Dedicated EBS storage per RDS instance.

Question 10

When using multi-AZ RDS, what type of replication takes place between the Primary and the Standby?

Answer 10

Synchronous replication. Data is replicated to the Standby immediately.

Question 11

In RDS, what type of replication takes place between the Primary and Read Replicas?

Answer 11

Asynchronous replication.

Question 12

Where are RDS backups stored?

Answer 12

In an AWS-managed S3 bucket. You cannot see the backups in S3, only in the backup manager.

Question 13

On which instance are RDS backups run on?

Answer 13

The Standby instance.

Question 14

What factors determine the cost of an RDS instance?

Answer 14

1. Instance Size and Type
2. Multi-AZ or not
3. Storage type and amount used
4. Data transferred
5. Backups and Snapshots
6. Licensing, if applicable

Question 15

In RDS, when a failure occurs on the Primary, how does AWS promote the Standby?

Answer 15

By changing the Database CNAME to point to the Standby instead of the primary.

Question 16

How many RDS Standby replicas are available in Multi-AZ - Instance mode?

Answer 16

Only one.

Question 17

How does Multi-AZ - Cluster mode differ from Multi-AZ - Instance mode?

Answer 17

Cluster Mode uses a MAXIMUM of two Reader instances in separate AZs whereas Instance Mode uses a single Standby instance.

Cluster Mode allows reads from the Reader instances whereas Instance Mode does not allow reads from the Standby instance (except for backups).

Question 18

When is data considered “committed” in RDS Multi-AZ - Cluster Mode?

Answer 18

When at least one reader finishes writing the data.

Question 19

What type of replication is used for Reader instances in RDS Multi-AZ - Cluster mode?

Answer 19

Synchronous replication.

Question 20

Where does the Cluster Endpoint point in RDS Multi-AZ - Cluster Mode?

Answer 20

At the Writer instance. This allows reads, writes, and administration.

Question 21

Where does the Reader Endpoint point in RDS Multi-AZ - Cluster Mode?

Answer 21

At any available reader. This includes Reader instances and the Writer instance.

Question 22

What do you use the Instance Endpoint for in RDS Multi-AZ - Cluster Mode?

Answer 22

Testing and troubleshooting a specific instance. Don’t use it for normal database operations as it doesn’t switch over if there is an instance failure.

Question 23

In RDS Multi-AZ - Cluster Mode, where is data written?

Answer 23

Data is written to local storage (fast) and then flushed to EBS.

Question 24

At what level are Snapshot taken for RDS?

Answer 24

The full RDS instance. All databases on that instance are backup in the Snapshot.

Question 25

What type of backup are RDS Snapshots?

Answer 25

Incremental.

Question 26

What type of automation is available for RDS Snapshots?

Answer 26

None. They must be manually run (or via a script) and Snapshots must be cleaned up/deleted manually (or via a script).

Question 27

What type of backup are RDS Automated Backups?

Answer 27

Incremental.

Question 28

What is the schedule for RDS Automated Backups?

Answer 28

An incremental backup occurs once per day and transaction logs are backed up every five minutes.

Question 29

What is the retention window for Automated Backups?

Answer 29

0-35 days.

Question 30

Where are RDS Automated Backups and Snapshots restored to?

Answer 30

A new RDS instance with a new address. Applications must be updated to use the new address.

Question 31

What is a shortcoming of restoring an RDS database from an Automated Backup or Snapshot?

Answer 31

It takes a long time, meaning you’ll have a bad Recovery Time Objective (RTO).

Question 32

Where can RDS Read Replicas exist?

Answer 32

In the same Region or cross Region.

Question 33

How many direct Read Replicas are allowed per RDS instance?

Answer 33

Five. Each Read Replica can also have its own Read Replicas, but this increases data propagation lag.

Question 34

How do Read Replicas improve Recovery Time Objective (RTO)?

Answer 34

You can quickly promote a Read Replica to the Primary, assuming the issue was failure. If data corruption is the issue, the Read Replica is likely also corrupted.

Question 35

What type of data transit security is available on RDS?

Answer 35

SSL/TLS is available and can be made mandatory.

Question 36

How does RDS handle encryption-at-rest?

Answer 36

By supporting EBS volume encryption using KMS. This is handled by the host and EBS.

Question 37

Can encryption-at-rest be removed on RDS databases?

Answer 37

No.

Question 38

What additional encryption-at-rest services are available in RDS?

Answer 38

Encryption can be handled by the database engine.

RDS MSSQL and RDS Oracle support Transparent Data Encryption (TDE).

RDS Oracle also supports integration with CloudHSM to further protect encryption keys.

Question 39

How can you enable IAM Authentication for RDS?

Answer 39

By attaching a Policy to IAM Users or Roles that maps that IAM Identity onto the local RDS user. The user can then generate access tokens that grant access to the database based on the policy mapping.

Question 40

How can you enable authorization using IAM for RDS?

Answer 40

You can’t. Authorization is controlled by the database engine; permissions are assigned to the local database user. IAM can be used to authenticate, but not to authorize.

Question 41

What is RDS Custom?

Answer 41

When using MSSQL or Oracle, you can connect to your database server with SSH, RDP, or Session Manager. This allows you to customize some parts of the database that you wouldn’t normal have access to.

Question 42

What is RDS Proxy?

Answer 42

It provides a pool of database connections so that applications don’t have to constantly open and close database connections.

Question 43

What does the Database Migration Service (DMS) do?

Answer 43

DMS migrates data from one database to another. One of the database endpoints MUST be in AWS. DMS runs on a Replication Instance and performs replications tasks to move data from the source database to the target database.

Question 44

What are the three ways data can be moved using the Database Migration Service (DMS)?

Answer 44

1. Full load - a complete migration of existing data
2. Full load + Change Data Capture (CDC) - a complete migration that also captures ongoing changes
3. CDC-only - capture changes when a different tools was used to do an initial database migration.

Question 45

When would you use the Schema Conversion Tool (SCT)?

Answer 45

When converting from one database engine to another, or when using S3 as an intermediate data store. You can also use it when using a Snowball device.

Question 46

When should you not use the Schema Conversion Tool (SCT)?

Answer 46

When migrating between databases that have the same database engine.