vault backup: 2025-07-22 21:00:34

Author: aslamcodes

aws/database/aurora - log export.md

@@ -0,0 +1,12 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+# cloudwatch
+- RDS console -> aurora -> modify -> log exports -> publish to cloudwatch
+- aurora serverless v1 automatically uploads all logs if you enabled a log_type
+```
+/aws/rds/cluster/cluster-name/log_type
+```

aws/database/aurora - log rotation.md

@@ -0,0 +1,12 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+> Delete logs on rotation to save storage and avoid performance issues due to large log files
+- 15% of the size of DB instance is only allowed for the log files
+- Log rotation are done every hour
+- Logs older than 30 days are deleted or the oldest log file 
+- audit, general and slow query logs are deleted 24 hours / threshold exceeded
+- if `log_output` is set to `TABLE`, then the table is truncated

aws/database/aurora - log types.md

@@ -0,0 +1,28 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+# Types of logs
+## Error log (Generated by default)
+
+## Slow query log (need to specify in db parameter groups)
+- `slow_query_log` 1 or 0 - enables slow query log
+- `general_log` 1 or 0 - enabled general log
+- `log_output` to Table (mysql.general_log) or file
+- `long_query_time` specify the threshold, fast queries are identified based on this
+> To send the logs to cloudwatch, use the agent and push the file in file system
+## General log (need to specify in db parameter groups)
+## Audit log (Advanced auditing) [1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Auditing.html#AuroraMySQL.Auditing.Enable.server_audit_incl_users)
+- `server_audit_logging` - enable or disable Advanced Auditing
+- `server_audit_events` - what events to log
+	- `server_audit_incl_users` - include users
+	- `server_audit_excl_users` - exclude users
+- The audit logs can be downloaded from the console 
+## Instance log
+- 
+## IAM database authentication error log
+# References
+1. [Using Advanced Auditing with an Amazon Aurora MySQL DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Auditing.html#AuroraMySQL.Auditing.Enable.server_audit_incl_users)
+

aws/database/rds - blue green deployments.md

@@ -0,0 +1,12 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+- rds bg setup creates a new staging environment copies from prod
+	- blue - prod
+	- green - staging
+- You can do your testing in green and switchover environments.
+- All the replicas, configurations, monitoring
+

aws/database/rds - multi az.md

@@ -0,0 +1,24 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+- For Disaster recovery only
+- **SYNC** replication to a standby instance
+- Automatic failover
+- Increases availability
+- No Manual intervention required
+Multi AZ reduces downtimes caused by version upgrades, backup snapshots.
+# Failover Conditions in Multi-AZ
+- Primary DB is failed
+- Primary DB is in software patching
+- Unreachable due to loss of Network Connectivity (AZ)
+- Changing the instance type
+- Busy and Unresponsive
+- Underlying storage failure
+- Az outage
+- Manual Failover (reboot with failover)
+# How to go from Single AZ to Multi AZ
+- Zero Downtime operation
+- Can be done on console

aws/database/rds - observability.md

@@ -0,0 +1,16 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+# rds events and logs
+- RDS delivers it events to **eventbridge** and SNS topics can be setup
+- RDS logs can be sent to **cloudwatch**, then metric filter, then alarm, then SNS, then Admin
+# monitoring w cloudwatch
+From Hypervisor
+- Basic metrics
+From an agent (Enabled Enhanced Monitoring)
+- Lot of metrics
+# rds performance insights
+- Tools to monitor RDS performance, bottlenecks and analyse performances in user or query levels

aws/database/rds - parameter groups.md

@@ -0,0 +1,14 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+- Static Parameters required instance reboot, dynamic is applied instanty
+- Group of parameters to apply to the DB engine 
+
+# Static vs Dynamic Parameters 
+- When you associate a new DB parameter group with a DB instance, the modified static parameters are applied only after the **DB instance or the cluster** is rebooted. 
+ - **However**, if you modify dynamic parameters in the DB parameter group after you associate it with the DB instance, these changes are applied immediately without a reboot.
+# Parameter groups's ApplyMethod
+- 

aws/database/rds - proxy.md

@@ -0,0 +1,8 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+- Maintains the connection pool for us
+- Supports Auto Scaling for connections

aws/database/rds - read replicas.md

@@ -0,0 +1,13 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+- Upto 15 read replicas
+- Within AZ, Cross AZ or Cross Regional
+- Replication is **Async**, from the Master (eventually consistent)
+- Read Replicas can be promoted to be a own DB? Gets out of Replication
+- Application must update the conn string to leverage read replicas
+- Only select operation is allowed, not delete, insert, update
+- **Use Case** - Take away load from prod db, for external workload. And it is async. Eg, analytics.

aws/database/rds - snapshots and backups.md

@@ -0,0 +1,25 @@
+---
+tags: 
+type: 
+date: 2025-07-22
+done: false
+---
+**Backups**
+- Backups are continous and point in time recovery
+- Backups have retentions period 0-35 days, 0 means disabled
+- Backups happens during maintanence windows
+- Backups uses EBS snapshot behind the scenes?
+**Snapshots**
+- Snapshots takes IO operation
+- In multi az, snapshots will be done on the master databse
+- Snapshots are incremental
+- Snapshots can be copied and shared across accounts
+- Don't expire
+- Final snapshot when DB is deleted
+# Snapshot Sharing
+- If the snapshot is encrypted, the CMK has to be shared
+
+Why have both? Both does the same thing?
+One is managed, another is manual and preemptive
+
+![[single-to-multi-az.jpeg]]