Managing an Amazon RDS Custom for SQL Server DB instance - Amazon Relational Database Service

Managing an Amazon RDS Custom for SQL Server DB instance

Amazon RDS Custom for SQL Server supports a subset of the usual management tasks for Amazon RDS DB instances. Following, you can find instructions for the supported RDS Custom for SQL Server management tasks using the AWS Management Console and the AWS CLI.

Working with high availability features for RDS Custom for SQL Server

To support replication between RDS Custom for SQL Server instances, you can configure high availability (HA) with Always On Availability Groups (AGs). The primary DB instance automatically synchronizes data to the standby instances.

You can configure your high availability environment in the following ways:

  • Configure standby instances in different Availability Zones (AZs) to be resilient to AZ failures.

  • Place your standby databases in mounted or read-only mode.

  • Fail over or switch over from the primary database to a standby database with no data loss.

  • Migrate data by configuring high availability for your on-premises instance, and then failing over or switching over to the RDS Custom standby database.

To learn how to configure high availability, see the blog post Configure high availability with Always On Availability Groups on Amazon RDS Custom for SQL Server. You can perform the following tasks:

  • Use a virtual private network (VPN) tunnel to encrypt data in transit for your high availability instances. Encryption in transit isn't configured automatically by RDS Custom.

  • Configure Always On AGs to monitor your high availability instances.

  • Allow the observer to perform automatic failover when necessary conditions are met.

You can also use other encryption technology, such as Secure Sockets Layer (SSL), to encrypt data in transit.

You're responsible for configuring VPC flow logs and CloudWatch alarms to monitor traffic mirroring to prevent data leakage.

Pausing and resuming RDS Custom automation

RDS Custom automatically provides monitoring and instance recovery for an RDS Custom for SQL Server DB instance. If you need to customize the instance, do the following:

  1. Pause RDS Custom automation for a specified period. The pause ensures that your customizations don't interfere with RDS Custom automation.

  2. Customize the RDS Custom for SQL Server DB instance as needed.

  3. Do either of the following:

    • Resume automation manually.

    • Wait for the pause period to end. In this case, RDS Custom resumes monitoring and instance recovery automatically.

Important

Pausing and resuming automation are the only supported automation tasks when modifying an RDS Custom for SQL Server DB instance.

To pause or resume RDS Custom automation

  1. Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the navigation pane, choose Databases, and then choose the RDS Custom DB instance that you want to modify.

  3. Choose Modify. The Modify DB instance page appears.

  4. For RDS Custom automation mode, choose one of the following options:

    • Paused pauses the monitoring and instance recovery for the RDS Custom DB instance. Enter the pause duration that you want (in minutes) for Automation mode duration. The minimum value is 60 minutes (default). The maximum value is 1,440 minutes.

    • Full automation resumes automation.

  5. Choose Continue to check the summary of modifications.

    A message indicates that RDS Custom will apply the changes immediately.

  6. If your changes are correct, choose Modify DB instance. Or choose Back to edit your changes or Cancel to cancel your changes.

    On the RDS console, the details for the modification appear. If you paused automation, the Status of your RDS Custom DB instance indicates Automation paused.

  7. (Optional) In the navigation pane, choose Databases, and then your RDS Custom DB instance.

    In the Summary pane, RDS Custom automation mode indicates the automation status. If automation is paused, the value is Paused. Automation resumes in num minutes.

To pause or resume RDS Custom automation, use the modify-db-instance AWS CLI command. Identify the DB instance using the required parameter --db-instance-identifier. Control the automation mode with the following parameters:

  • --automation-mode specifies the pause state of the DB instance. Valid values are all-paused, which pauses automation, and full, which resumes it.

  • --resume-full-automation-mode-minutes specifies the duration of the pause. The default value is 60 minutes.

Note

Regardless of whether you specify --no-apply-immediately or --apply-immediately, RDS Custom applies modifications asynchronously as soon as possible.

In the command response, ResumeFullAutomationModeTime indicates the resume time as a UTC timestamp. When the automation mode is all-paused, you can use modify-db-instance to resume automation mode or extend the pause period. No other modify-db-instance options are supported.

The following example pauses automation for my-custom-instance for 90 minutes.

For Linux, macOS, or Unix:

aws rds modify-db-instance \ --db-instance-identifier my-custom-instance \ --automation-mode all-paused \ --resume-full-automation-mode-minutes 90

For Windows:

aws rds modify-db-instance ^ --db-instance-identifier my-custom-instance ^ --automation-mode all-paused ^ --resume-full-automation-mode-minutes 90

The following example extends the pause duration for an extra 30 minutes. The 30 minutes is added to the original time shown in ResumeFullAutomationModeTime.

For Linux, macOS, or Unix:

aws rds modify-db-instance \ --db-instance-identifier my-custom-instance \ --automation-mode all-paused \ --resume-full-automation-mode-minutes 30

For Windows:

aws rds modify-db-instance ^ --db-instance-identifier my-custom-instance ^ --automation-mode all-paused ^ --resume-full-automation-mode-minutes 30

The following example resumes full automation for my-custom-instance.

For Linux, macOS, or Unix:

aws rds modify-db-instance \ --db-instance-identifier my-custom-instance \ --automation-mode full \

For Windows:

aws rds modify-db-instance ^ --db-instance-identifier my-custom-instance ^ --automation-mode full

In the following partial sample output, the pending AutomationMode value is full.

{ "DBInstance": { "PubliclyAccessible": true, "MasterUsername": "admin", "MonitoringInterval": 0, "LicenseModel": "bring-your-own-license", "VpcSecurityGroups": [ { "Status": "active", "VpcSecurityGroupId": "0123456789abcdefg" } ], "InstanceCreateTime": "2020-11-07T19:50:06.193Z", "CopyTagsToSnapshot": false, "OptionGroupMemberships": [ { "Status": "in-sync", "OptionGroupName": "default:custom-oracle-ee-19" } ], "PendingModifiedValues": { "AutomationMode": "full" }, "Engine": "custom-oracle-ee", "MultiAZ": false, "DBSecurityGroups": [], "DBParameterGroups": [ { "DBParameterGroupName": "default.custom-oracle-ee-19", "ParameterApplyStatus": "in-sync" } ], ... "ReadReplicaDBInstanceIdentifiers": [], "AllocatedStorage": 250, "DBInstanceArn": "arn:aws:rds:us-west-2:012345678912:db:my-custom-instance", "BackupRetentionPeriod": 3, "DBName": "ORCL", "PreferredMaintenanceWindow": "fri:10:56-fri:11:26", "Endpoint": { "HostedZoneId": "ABCDEFGHIJKLMNO", "Port": 8200, "Address": "my-custom-instance.abcdefghijk.us-west-2.rds.amazonaws.com" }, "DBInstanceStatus": "automation-paused", "IAMDatabaseAuthenticationEnabled": false, "AutomationMode": "all-paused", "EngineVersion": "19.my_cev1", "DeletionProtection": false, "AvailabilityZone": "us-west-2a", "DomainMemberships": [], "StorageType": "gp2", "DbiResourceId": "db-ABCDEFGHIJKLMNOPQRSTUVW", "ResumeFullAutomationModeTime": "2020-11-07T20:56:50.565Z", "KmsKeyId": "arn:aws:kms:us-west-2:012345678912:key/aa111a11-111a-11a1-1a11-1111a11a1a1a", "StorageEncrypted": false, "AssociatedRoles": [], "DBInstanceClass": "db.m5.xlarge", "DbInstancePort": 0, "DBInstanceIdentifier": "my-custom-instance", "TagList": [] }

Modifying an RDS Custom for SQL Server DB instance

Modifying an RDS Custom for SQL Server DB instance is similar to doing this for Amazon RDS, but the changes that you can make are limited to the following:

  • Changing the DB instance class

  • Changing the backup retention period and backup window

  • Changing the maintenance window

  • Upgrading the DB engine version when a new version becomes available

The following limitations apply to modifying an RDS Custom for SQL Server DB instance:

  • Multi-AZ deployments aren't supported.

  • Custom DB option and parameter groups aren't supported.

  • You can't modify the allocated storage.

  • Any storage volumes that you attach manually to your RDS Custom DB instance are outside the support perimeter.

    For more information, see RDS Custom support perimeter and unsupported configurations.

To modify an RDS Custom for SQL Server DB instance

  1. Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the navigation pane, choose Databases.

  3. Choose the DB instance that you want to modify.

  4. Choose Modify.

  5. Make the following changes as needed:

    1. For DB engine version, choose the new version.

    2. Change the value for DB instance class. For supported classes, see DB instance class support for RDS Custom for Oracle.

    3. Change the value for Backup retention period.

    4. For Backup window, set values for the Start time and Duration.

    5. For DB instance maintenance window, set values for the Start day, Start time, and Duration.

  6. Choose Continue.

  7. Choose Apply immediately or Apply during the next scheduled maintenance window.

  8. Choose Modify DB instance.

To modify an RDS Custom for SQL Server DB instance, use the modify-db-instance AWS CLI command. Set the following parameters as needed:

  • --db-instance-class – For supported classes, see DB instance class support for RDS Custom for Oracle.

  • --engine-version – The version number of the database engine to which you're upgrading.

  • --backup-retention-period – How long to retain automated backups, from 0–35 days.

  • --preferred-backup-window – The daily time range during which automated backups are created.

  • --preferred-maintenance-window – The weekly time range (in UTC) during which system maintenance can occur.

  • --apply-immediately – Use --apply-immediately to apply the storage changes immediately.

    Or use --no-apply-immediately (the default) to apply the changes during the next maintenance window.

Support for Transparent Data Encryption

RDS Custom supports Transparent Data Encryption (TDE) for RDS Custom for SQL Server DB instances.

However, you can't enable TDE using an option in a custom option group as you can in RDS for SQL Server. You turn on TDE manually. For information about Transparent Data Encryption for SQL Server, see Transparent Data Encryption (TDE) in the Microsoft documentation.

Tagging RDS Custom for SQL Server resources

You can tag RDS Custom resources as with Amazon RDS resources, but with some important differences:

  • Don't create or modify the AWSRDSCustom tag that's required for RDS Custom automation. If you do, you might break the automation.

  • Tags added to RDS Custom DB instances during creation are propagated to all other related RDS Custom resources.

  • Tags aren't propagated when you add them to RDS Custom resources after DB instance creation.

For general information about resource tagging, see Tagging Amazon RDS resources.

Deleting an RDS Custom for SQL Server DB instance

To delete an RDS Custom DB instance, do the following:

  • Provide the name of the DB instance.

  • Clear the option to take a final DB snapshot of the DB instance.

  • Choose or clear the option to retain automated backups.

You can delete an RDS Custom DB instance using the console or the CLI. The time required to delete the DB instance can vary depending on the backup retention period (that is, how many backups to delete) and how much data is deleted.

To delete an RDS Custom DB instance

  1. Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the navigation pane, choose Databases, and then choose the RDS Custom DB instance that you want to delete. RDS Custom DB instances show the role Instance (RDS Custom).

  3. For Actions, choose Delete.

  4. To retain automated backups, choose Retain automated backups.

  5. Enter delete me in the box.

  6. Choose Delete.

You delete an RDS Custom DB instance by using the delete-db-instance AWS CLI command. Identify the DB instance using the required parameter --db-instance-identifier. The remaining parameters are the same as for an Amazon RDS DB instance, with the following exceptions:

  • --skip-final-snapshot is required.

  • --no-skip-final-snapshot isn't supported.

  • --final-db-snapshot-identifier isn't supported.

The following example deletes the RDS Custom DB instance named my-custom-instance, and retains automated backups.

For Linux, macOS, or Unix:

aws rds delete-db-instance \ --db-instance-identifier my-custom-instance \ --skip-final-snapshot \ --no-delete-automated-backups

For Windows:

aws rds delete-db-instance ^ --db-instance-identifier my-custom-instance ^ --skip-final-snapshot ^ --no-delete-automated-backups