Updating the Operating System for a DB Instance
Amazon RDS allows you to choose when you upgrade the underlying operating system. You can decide when Amazon RDS applies OS updates by using the RDS console, AWS command line interface (CLI), or RDS API.
Upgrades to the operating system are most often for security issues and should be done as soon as possible. This gives you the ability to see ahead of time when a given required maintenance update will be applied to their instances, as well as the ability to opt in to the maintenance ahead of the scheduled start time.
Your DB instance is not automatically backed up when an OS update is applied, so you should backup your instance before you apply the update.
You can choose to apply OS updates on a DB instance at your convenience or you can wait for the maintenance process initiated by Amazon RDS to apply the update during your maintenance window. You can view whether an OS update is available for your DB instance both on the Amazon RDS console and by using the AWS CLI or Amazon RDS API. If an update is available, it will be indicated by the word Available in the Maintenance column for the DB instance on the Amazon RDS console. For OS updates that are marked Available, you can choose to do one of the following:
Defer the OS update.
Have the OS update applied immediately.
Schedule the OS update to be applied during your next maintenance window.
The maintenance window determines when pending operations start, but does not limit the total execution time of these operations. Maintenance operations are not guaranteed to finish before the maintenance window ends, and can continue beyond the specified end time.
Certain OS updates will be marked as Required in the Maintenance column in the Amazon RDS console. These updates cannot be deferred indefinitely. If you choose to defer a required update, you will receive a notice from Amazon RDS indicating the time when the update will be performed on your DB instance. Other updates will be marked as Available. You can defer these OS updates indefinitely and the update will not be applied to your DB instance.
If you use the Amazon RDS console, it will indicate when an operating system update is either available or required for your DB instance. For example, the following screenshot shows that an OS update is available:
The Maintenance column indicates whatever option you select. For example, the following screenshot shows that the selected DB instance can be updated either immediately or during the DB instance's next maintenance window:
AWS Management Console
To manage an OS update for a DB instance
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.
In the navigation pane, click Instances.
Click the check box for the DB instance that has a required operating system update.
Click Instance Actions and click one of the following:
Upgrade at Next Window
If you choose the Upgrade at Next Window option, and later want to delay the OS update, you can click Instance Actions and then select Defer Upgrade.
To apply a pending OS update to a DB instance use the AWS CLI command apply-pending-maintenance-action to apply pending maintenance actions.
For Linux, OS X, or Unix:
aws rds apply-pending-maintenance-action \ --resource-identifier
aws rds apply-pending-maintenance-action ^ --resource-identifier
To return a list of resources that have at least one pending OS update, use the AWS CLI command describe-pending-maintenance-actions to list all pending maintenance actions.
For Linux, OS X, or Unix:
aws rds describe-pending-maintenance-actions \ --resource-identifier
aws rds describe-pending-maintenance-actions ^ --resource-identifier
To apply an OS update to a DB instance, call the Amazon RDS API ApplyPendingMaintenanceAction action.
https://rds.us-west-2.amazonaws.com/ ?Action=ApplyPendingMaintenanceAction &ResourceIdentifier=arn:aws:rds:us-east-1:123456781234:db:my-instance &ApplyAction=system-update &OptInType=immediate &SignatureMethod=HmacSHA256 &SignatureVersion=4 &Version=2014-10-31 &X-Amz-Algorithm=AWS4-HMAC-SHA256 &X-Amz-Credential=AKIADQKE4SARGYLE/20141216/us-west-2/rds/aws4_request &X-Amz-Date=20140421T194732Z &X-Amz-SignedHeaders=content-type;host;user-agent;x-amz-content-sha256;x-amz-date &X-Amz-Signature=6e25c542bf96fe24b28c12976ec92d2f856ab1d2a158e21c35441a736e4fde2b
To return a list of resources that have at least one pending OS update, call the Amazon RDS API DescribePendingMaintenanceActions action.
https://rds.us-west-2.amazonaws.com/ ?Action=DescribePendingMaintenanceActions &SignatureMethod=HmacSHA256 &SignatureVersion=4 &Version=2014-10-31 &X-Amz-Algorithm=AWS4-HMAC-SHA256 &X-Amz-Credential=AKIADQKE4SARGYLE/20141216/us-west-2/rds/aws4_request &X-Amz-Date=20140421T194732Z &X-Amz-SignedHeaders=content-type;host;user-agent;x-amz-content-sha256;x-amz-date &X-Amz-Signature=6e25c542bf96fe24b28c12976ec92d2f856ab1d2a158e21c35441a736e4fde2b