Operating system updates for Aurora DB clusters
DB instances in Aurora MySQL and Aurora PostgreSQL DB clusters occasionally require operating system updates. Amazon RDS upgrades the operating system to a newer version to improve database performance and customers’ overall security posture. Typically, the updates take about 10 minutes. Operating system updates don't change the DB engine version or DB instance class of a DB instance.
There are two types of operating system updates, differentiated by the description for the pending maintenance action:
-
Operating system distribution upgrade – Used to migrate to the latest supported major version of Amazon Linux. Its description is
New Operating System upgrade is available
. -
Operating system patch – Used to apply various security fixes and sometimes to improve database performance. Its description is
New Operating System patch is available
.
Operating system updates can be either optional or mandatory:
-
An optional update can be applied at any time. While these updates are optional, we recommend that you apply them periodically to keep your RDS fleet up to date. RDS does not apply these updates automatically.
To be notified when a new, optional operating system patch becomes available, you can subscribe to RDS-EVENT-0230 in the security patching event category. For information about subscribing to RDS events, see Subscribing to Amazon RDS event notification.
Note
RDS-EVENT-0230
doesn't apply to operating system distribution upgrades. -
A mandatory update is required, and we send a notification before the mandatory update. The notification might contain a due date. Plan to schedule your update before this due date. After the specified due date, Amazon RDS automatically upgrades the operating system for your DB instance to the latest version during one of your assigned maintenance windows.
Operating system distribution upgrades are mandatory.
Note
Staying current on all optional and mandatory updates might be required to meet various compliance obligations. We recommend that you apply all updates made available by RDS routinely during your maintenance windows.
For Aurora DB clusters, you can perform updates at both the cluster and instance levels:
-
The cluster-level option is indicated by
os-upgrade
as the maintenance type and uses rolling upgrades. Rolling upgrades automatically apply upgrades to a few reader DB instances at a time, thus preserving read availability.The writer DB instance is upgraded last to prevent multiple failovers and reduce unnecessary downtime.
-
The instance-level option is indicated by
system-update
as the maintenance type. If you use this option, we recommend that you update the reader DB instances in a DB cluster first, then the writer DB instance.We don't recommend updating reader and writer instances at the same time, because you might incur downtime in the event of a failover.
You can use the AWS Management Console or the AWS CLI to get information about the type of operating system upgrade.
To get update information using the AWS Management Console
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/
. -
In the navigation pane, choose Databases, and then select the DB instance.
-
Choose Maintenance & backups.
-
In the Pending maintenance section, find the operating system update, and check the Description value.
The following images show a DB cluster with a writer DB instance that has an operating system patch available.
The following images show a DB cluster with a writer DB instance and a reader DB instance. The writer instance has a mandatory operating system upgrade available. The reader instance has an operating system patch available.
To get update information from the AWS CLI, use the describe-pending-maintenance-actions command.
aws rds describe-pending-maintenance-actions
The following output shows an operating system distribution upgrade for a DB cluster and a DB instance.
{ "PendingMaintenanceActions": [ { "ResourceIdentifier": "arn:aws:rds:us-east-1:123456789012:cluster:t3", "PendingMaintenanceActionDetails": [ { "Action": "os-upgrade", "Description": "New Operating System upgrade is available" } ] }, { "ResourceIdentifier": "arn:aws:rds:us-east-1:123456789012:db:t3-instance1", "PendingMaintenanceActionDetails": [ { "Action": "system-update", "Description": "New Operating System upgrade is available" } ] }, ] }
The following output shows an operating system patch for a DB instance.
{ "ResourceIdentifier": "arn:aws:rds:us-east-1:123456789012:db:mydb2", "PendingMaintenanceActionDetails": [ { "Action": "system-update", "Description": "New Operating System patch is available" } ] }
Availability of operating system updates
Operating system updates are specific to DB engine version and DB instance class. Therefore, DB instances receive or require updates at different times. When an operating system update is available for your DB instance based on its engine version and instance class, the update appears in the console. It can also be viewed by running the describe-pending-maintenance-actions AWS CLI command or by calling the DescribePendingMaintenanceActions RDS API operation. If an update is available for your instance, you can update your operating system by following the instructions in Applying updates to a DB cluster.