Browse through the questions and answers listed below or filter and sort to narrow down your results.
Changing Encryption key from Aws managed to Customer Managed
Hi friends, My RDS databases are encrypted using Default AWS-managed keys, and everything works as expected. However, I'm confronted with the idea of using Customer managed keys which looks like additional work. I do not think it is needed at this moment, are there any security issues for remaining using default AWS encryption keys ? what strategy will be best for you? our environments, for the moment, do not have a workload that deserves this configuration. I'm not very sure about rebuilding my entire environment to implement a customer-managed key. Any ideas ? Best Regards,
Distribute data on OpenSearch Data Nodes
Hello Everyone, I have a small query related to AWS OpenSearch. We have create a OpenSearch Cluster with 4 Data Nodes and 3 Master Nodes with 2500GB Volume size. Now the issue is 1 data node shows available space is 232 GB and another 3 Data Nodes shows available space is 1345GB. 1329GB,1325GB. As per my understanding Data node 1 store more data as comparison to other Data Nodes. So is there any way that we can split equal amount of data among all the Data Nodes..?
S3 Destinations are not available in Add option of Option Group for SQL BACKUP
I already created an Option Group in RDS and am trying to add Option. But when I try that with the new IAM role, I can't select the S3 bucket from the list. The S3 list is not populating in the drop-down. The data list (S3 bucket list) from API is coming as I checked with the browser console. **Note: I did the same day before as a test without such an issue and deleted the created IAM role. And I have Admin access to the account.** ![Enter image description here](/media/postImages/original/IMyxx-Q831SQWnnxOBZgUawA)
Should i use one data base per user on AWS RDS for MySQL?
I'm creating an application where **each business** will have; 1. owner which is a user at `some-business-name`, 2. Some information about the business (This part will actually change my app's UI) 3. employees(Also users same as owner) 4. permissions (for employees. Permissions for owner can't changed) 5. customers 6. ... These are all unique to every business! > **There is no limit on the number of businesses** I think i need a new database for each business with a unique business name (`some_business_name`). There is no limit on AWS RDS for MySQL based on https://aws.amazon.com/rds/faqs/ - "*How many databases or schemas can I run within a DB instance*?". So this should work right? **My question is:** - Is this solution suitable for such an application? - What are the pros and cons? - Should i use DynamoDB instead? - Are there any articles I can use? I'm new to MySQL, I think every answer will help me a lot. thank you 🙏 > **NOTE: I have to create this application using aws**
From docker container need to connect RDS - Using Session Manager
I have connected to private RDS from my local using DBeaver. And for this, I have used Session Manager. This post for really helpful to achieve that https://repost.aws/questions/QU9-N7fbk-SLOZvegK63XrRw/using-session-manager-to-connect-rds-without-having-ec-2-instance. The same I need to connect to from a docker container. Could anyone advise me on this?
What happens after failover in RDS
Say I am using an RDS multi az instance. And primary instance failed for some reason and failover to the standby instance. So now the standby acts as primary. In this situation, is the failed one brought back, or was any new instance created to work as stand-by for the new primary?
Using Session Manager to connect RDS without having EC2 instance
When I go through the documents, using session manager we can connect instance in private subnet without having bastion host itself [direct port forwarding from local to private ec2]. But in RDS case, even though we are making connection using session manager we need a EC2 instance in between local and private RDS. Could you anyone explain me why it is like that? please share some document that explains that as well.
connect to mysqlRDS instance from local workstation
Hi team, I'm trying to connect to my RDS MySQL aurora instance via DBeaver from my local machine via SSM following this article : https://aws.amazon.com/blogs/database/securely-connect-to-an-amazon-rds-or-amazon-ec2-database-instance-remotely-with-your-preferred-gui/?fbclid=IwAR0AYyKOfbWGixDBgyZlsJ8ikAnOgbcHPlB4XcGrov0vh63JkAQGcNslLHc when I run the command `aws ssm start-session --target ...` I have this message : ``` Starting session with SessionId: user.user@dom0d4ede5d4d251sd37c Port 3306 opened for sessionId user.user@dom-0w4cde734x221e91c. Waiting for connections... ``` in DBeaver I put the cluster endpoint, the port number, the username and the password I have this message from DBeaver : ``` The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server. connect timed out ``` I'm not sure if it's due to ssm endpoint, I tried to create SSM endpoint following this article : https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html ``` To create VPC endpoints for Systems Manager In the first step of this procedure, you create three required and one optional interface endpoints for Systems Manager. Follow the steps in Create an interface endpoint to create the following interface endpoints: 1 - com.amazonaws.region.ssm – The endpoint for the Systems Manager service. 2 - com.amazonaws.region.ec2messages – Systems Manager uses this endpoint to make calls from SSM Agent to the Systems Manager service. 3 - com.amazonaws.region.ec2 – ``` the endpoint failed to create : ``` status = Failed Status message = private-dns-enabled cannot be set because there is already a conflicting DNS domain for ec2messages.region.amazonaws.com in the VPC vpc-wee1287dvhdvvsj Status message = private-dns-enabled cannot be set because there is already a conflicting DNS domain for ssm.region.amazonaws.com in the VPC vpc-wee1287dvhdvvsj ``` >only this endpoint : com.amazonaws.ca-central-1.ec2 was created successfully I'm not sure if the timeout I get is due to the SSM endpoints. any idea would help, thank you!
How can i be sure i'm using EC2-VPC and not EC2-Classic?
I'm using an old account but i'm a beginner at AWS so i need some help to make sure im using VPC and not Classic so i don't lose my instances when they retire classic. I've read other topics that say that if an instance has VPC-ID defined it means that it's on a VPC, but i just want to make sure. I have 5 instances, 4 of them have VPC-ID: VPC name, but there's an old instance that's like this:VPC-ID: - Does this VPC-ID thing work for RDS too? Meaning if it's defined, it's in a VPC? But apart from that, is there any other way to make sure they're already in a VPC and won't be deleted? I created the instances and rds's last year (I tried using the script but it's too complicated to do with my current knowledge) Thank you for your help and patience