Amazon Aurora
User Guide for Aurora (API Version 2014-10-31)

Using Amazon Aurora Serverless

Amazon Aurora Serverless is an on-demand, autoscaling configuration for Amazon Aurora. An Aurora Serverless DB cluster is a DB cluster that automatically starts up, shuts down, and scales up or down capacity based on your application's needs. Aurora Serverless provides a relatively simple, cost-effective option for infrequent, intermittent, or unpredictable workloads. It can provide this because it automatically starts up, scales capacity to match your application's usage, and shuts down when it's not in use.

Note

A non-Serverless DB cluster for Aurora is called a provisioned DB cluster.

Advantages of Aurora Serverless

Aurora Serverless provides the following advantages:

Simpler

Aurora Serverless removes much of the complexity of managing DB instances and capacity.

Scalable

Aurora Serverless seamlessly scales compute and memory capacity as needed, with no disruption to client connections.

Cost-effective

When you use Aurora Serverless, you pay for only the database resources that you consume, on a per-second basis.

Highly available storage

Aurora Serverless uses the same fault-tolerant, distributed storage system with six-way replication as Aurora to protect against data loss.

Use Cases for Aurora Serverless

Aurora Serverless is designed for the following use cases:

Infrequently used applications

You have an application that is only used for a few minutes several times per day or week, such as a low-volume blog site. With Aurora Serverless, you pay for only the database resources that you consume on a per-second basis.

New applications

You are deploying a new application and are unsure about which instance size you need. With Aurora Serverless, you can create a database endpoint and have the database autoscale to the capacity requirements of your application.

Variable workloads

You are running a lightly used application, with peaks of 30 minutes to several hours a few times each day, or several times per year. Examples are applications for human resources, budgeting, and operational reporting applications. With Aurora Serverless, you no longer need to provision to either peak or average capacity.

Unpredictable workloads

You are running workloads where there is database usage throughout the day, but also peaks of activity that are hard to predict. An example is a traffic site that sees a surge of activity when it starts raining. With Aurora Serverless, your database autoscales capacity to meet the needs of the application's peak load and scales back down when the surge of activity is over.

Development and test databases

Your developers use databases during work hours but don't need them on nights or weekends. With Aurora Serverless, your database automatically shuts down when it's not in use.

Multi-tenant applications

With Aurora Serverless, you don't have to individually manage database capacity for each application in your fleet. Aurora Serverless manages individual database capacity for you.

Limitations of Aurora Serverless

The following limitations apply to Aurora Serverless:

Note

You can access an Aurora Serverless DB cluster from AWS Lambda. For more information about working with AWS Lambda, see Configuring a Lambda Function to Access Resources in an Amazon VPC in the AWS Lambda Developer Guide.

TLS/SSL for Aurora Serverless

You can connect to Aurora Serverless clusters using the Transport Layer Security / Secure Sockets Layer (TLS/SSL) protocol. You use the same general procedure described in Connecting to an Amazon Aurora MySQL DB Cluster. You use certificates from the AWS Certificate Manager (ACM).

You can encrypt traffic between your client application and the Aurora Serverless VPC endpoint using the TLS 1.0, 1.1, or 1.2 protocol. However, you don't need to configure the Aurora Serverless DB for TLS. In particular, don't use the REQUIRE clause on your database user privileges for SSL. Doing so prevents that user from connecting. Aurora Serverless ensures that your session uses TLS between your client and the Aurora Serverless VPC endpoint if you specify the requirement on the client side with the --ssl-mode parameter.

By default, MySQL client programs will establish an encrypted connection with Aurora Serverless, with further control available through the --ssl-mode option. From the client side, Aurora Serverless supports all SSL modes.

For the mysql client, the SSL modes are:

PREFERRED

SSL is the first choice, but not required.

DISABLED

No SSL allowed.

REQUIRED

Enforce SSL.

VERIFY_CA

Enforce SSL and verify CA.

VERIFY_IDENTITY

Enforce SSL and verify CA and CA hostname.

For the mysql client with --ssl-mode VERIFY_CA or VERIFY_IDENTITY you must also specify the --ssl-ca option pointing to a certificate authority (CA) in PEM format. For a PEM file that you can use, you can download the Amazon Root CA 1 trust store.

Aurora Serverless uses wildcard certificates. If you use the mysql client to connect, currently you must use the MySQL 8.0-compatible mysql command.