Amazon Aurora
User Guide for Aurora

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Using Amazon Aurora Serverless

Amazon Aurora Serverless is an on-demand, autoscaling configuration for Amazon Aurora. An Aurora Serverless DB cluster is a DB cluster that automatically starts up, shuts down, and scales up or down its compute capacity based on your application's needs. Aurora Serverless provides a relatively simple, cost-effective option for infrequent, intermittent, or unpredictable workloads. It can provide this because it automatically starts up, scales compute capacity to match your application's usage, and shuts down when it's not in use.

Note

A non-Serverless DB cluster for Aurora is called a provisioned DB cluster. Aurora Serverless clusters and provisioned clusters both have the same kind of high-capacity, distributed, and highly available storage volume.

Advantages of Aurora Serverless

Aurora Serverless provides the following advantages:

Simpler

Aurora Serverless removes much of the complexity of managing DB instances and capacity.

Scalable

Aurora Serverless seamlessly scales compute and memory capacity as needed, with no disruption to client connections.

Cost-effective

When you use Aurora Serverless, you pay for only the database resources that you consume, on a per-second basis.

Highly available storage

Aurora Serverless uses the same fault-tolerant, distributed storage system with six-way replication as Aurora to protect against data loss.

Use Cases for Aurora Serverless

Aurora Serverless is designed for the following use cases:

Infrequently used applications

You have an application that is only used for a few minutes several times per day or week, such as a low-volume blog site. With Aurora Serverless, you pay for only the database resources that you consume on a per-second basis.

New applications

You are deploying a new application and are unsure about which instance size you need. With Aurora Serverless, you can create a database endpoint and have the database autoscale to the capacity requirements of your application.

Variable workloads

You're running a lightly used application, with peaks of 30 minutes to several hours a few times each day, or several times per year. Examples are applications for human resources, budgeting, and operational reporting applications. With Aurora Serverless, you no longer need to provision to either peak or average capacity.

Unpredictable workloads

You're running workloads where there is database usage throughout the day, but also peaks of activity that are hard to predict. An example is a traffic site that sees a surge of activity when it starts raining. With Aurora Serverless, your database autoscales capacity to meet the needs of the application's peak load and scales back down when the surge of activity is over.

Development and test databases

Your developers use databases during work hours but don't need them on nights or weekends. With Aurora Serverless, your database automatically shuts down when it's not in use.

Multi-tenant applications

With Aurora Serverless, you don't have to individually manage database capacity for each application in your fleet. Aurora Serverless manages individual database capacity for you.

Limitations of Aurora Serverless

The following limitations apply to Aurora Serverless:

Note

You can access an Aurora Serverless DB cluster from AWS Lambda. For more information about working with AWS Lambda, see Configuring a Lambda Function to Access Resources in an Amazon VPC in the AWS Lambda Developer Guide.

Using TLS/SSL with Aurora Serverless

You can connect to Aurora Serverless clusters using the Transport Layer Security/Secure Sockets Layer (TLS/SSL) protocol. To do so, you use the same general procedure as described in Connecting to an Amazon Aurora DB Cluster. You use certificates from the AWS Certificate Manager (ACM). For more information, see the AWS Certificate Manager User Guide.

Aurora Serverless can ensure that your session uses TLS between your client and the Aurora Serverless VPC endpoint. To have Aurora Serverless do so, specify the requirement on the client side with the --ssl-mode parameter. SSL session variables are not set for SSL connections to an Aurora Serverless DB cluster.

Aurora Serverless supports TLS protocol version 1.0, 1.1, and 1.2. However, you don't need to configure an Aurora Serverless database for TLS. In particular, don't use the REQUIRE clause on your database user privileges for SSL. Doing so prevents that user from connecting.

By default, client programs establish an encrypted connection with Aurora Serverless, with further control available through the --ssl-mode option. From the client side, Aurora Serverless supports all SSL modes.

Note

TLS support for Aurora Serverless clusters currently isn't available in the China (Beijing) AWS Region.

For the mysql and psql client, the SSL modes are the following:

PREFERRED

SSL is the first choice, but it isn't required.

DISABLED

No SSL is allowed.

REQUIRED

Enforce SSL.

VERIFY_CA

Enforce SSL and verify the certificate authority (CA).

VERIFY_IDENTITY

Enforce SSL and verify the CA and CA hostname.

When using a mysql or psql client with --ssl-mode VERIFY_CA or VERIFY_IDENTITY, specify the --ssl-ca option pointing to a CA in .pem format. For a .pem file that you can use, download the Amazon Root CA 1 trust store from Amazon Trust Services.

Aurora Serverless uses wildcard certificates. If you use the mysql client to connect with SSL mode VERIFY_IDENTITY, currently you must use the MySQL 8.0-compatible mysql command.