Skip to content
Permalink
Browse files
Documentation Updates
  • Loading branch information
randyurbano committed Feb 15, 2019
1 parent 26f8b5c commit ff570c91a6ac71a745e43d6ed21a23b932d2544f
Showing with 185 additions and 126 deletions.
  1. +15 −13 doc_source/Aurora.Integrating.AutoScaling.md
  2. +1 −1 doc_source/Aurora.Managing.Backups.md
  3. +6 −6 doc_source/AuroraMySQL.Auditing.md
  4. +7 −7 doc_source/AuroraMySQL.Integrating.Authorizing.IAM.AddRoleToDBCluster.md
  5. +1 −1 doc_source/AuroraMySQL.Integrating.Authorizing.IAM.CWCreatePolicy.md
  6. +1 −1 doc_source/AuroraMySQL.Integrating.Authorizing.IAM.KMSCreatePolicy.md
  7. +1 −1 doc_source/AuroraMySQL.Integrating.Authorizing.IAM.LambdaCreatePolicy.md
  8. +5 −5 doc_source/AuroraMySQL.Integrating.Authorizing.IAM.S3CreatePolicy.md
  9. +3 −3 doc_source/AuroraMySQL.Managing.Backtrack.md
  10. +1 −1 doc_source/AuroraMySQL.Migrating.RDSMySQL.Import.md
  11. +1 −1 doc_source/AuroraMySQL.Migrating.RDSMySQL.Replica.md
  12. +3 −3 doc_source/AuroraMySQL.Replication.CrossRegion.md
  13. +2 −2 doc_source/AuroraMySQL.Replication.md
  14. +2 −2 doc_source/AuroraPostgreSQL.Migrating.RDSPostgreSQL.Replica.md
  15. +1 −1 doc_source/AuroraPostgreSQL.Optimize.BestPractice.md
  16. +5 −5 doc_source/AuroraPostgreSQL.Optimize.CapturePlans.md
  17. +2 −2 doc_source/AuroraPostgreSQL.Optimize.Functions.md
  18. +8 −8 doc_source/AuroraPostgreSQL.Optimize.Maintenance.md
  19. +5 −6 doc_source/AuroraPostgreSQL.Optimize.Parameters.md
  20. +4 −4 doc_source/AuroraPostgreSQL.Optimize.UsePlans.md
  21. +1 −1 doc_source/AuroraPostgreSQL.Optimize.ViewPlans.md
  22. +26 −13 doc_source/AuroraPostgreSQL.Optimize.md
  23. +1 −0 doc_source/AuroraPostgreSQL.Reference.md
  24. +28 −1 doc_source/AuroraPostgreSQL.Security.md
  25. +28 −12 doc_source/AuroraPostgreSQL.Updates.20180305.md
  26. +0 −1 doc_source/Overview.DBInstance.Status.md
  27. +8 −8 doc_source/USER_DeleteSnapshot.md
  28. +0 −1 doc_source/USER_Events.md
  29. +3 −1 doc_source/USER_PerfInsights.md
  30. +16 −15 doc_source/WhatsNew.md
@@ -7,13 +7,25 @@ You define and apply a scaling policy to an Aurora DB cluster\. The scaling poli
You can use the AWS Management Console to apply a scaling policy based on a predefined metric\. Alternatively, you can use either the AWS CLI or Aurora Auto Scaling API to apply a scaling policy based on a predefined or custom metric\.

**Topics**
+ [Aurora Auto Scaling Policies](#Aurora.Integrating.AutoScaling.Concepts)
+ [Before You Begin](#Aurora.Integrating.AutoScaling.BYB)
+ [Aurora Auto Scaling Policies](#Aurora.Integrating.AutoScaling.Concepts)
+ [Adding a Scaling Policy](#Aurora.Integrating.AutoScaling.Add)
+ [Editing a Scaling Policy](#Aurora.Integrating.AutoScaling.Edit)
+ [Deleting a Scaling Policy](#Aurora.Integrating.AutoScaling.Delete)
+ [Related Topics](#Aurora.Integrating.AutoScaling.RelatedItems)

## Before You Begin<a name="Aurora.Integrating.AutoScaling.BYB"></a>

Before you can use Aurora Auto Scaling with an Aurora DB cluster, you must first create an Aurora DB cluster with a primary instance and at least one Aurora Replica\. Although Aurora Auto Scaling manages Aurora Replicas, the Aurora DB cluster must start with at least one Aurora Replica\. For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB Cluster](Aurora.CreateInstance.md)\.

Aurora Auto Scaling only scales a DB cluster if all Aurora Replicas in a DB cluster are in the available state\. If any of the Aurora Replicas are in a state other than available, Aurora Auto Scaling waits until the whole DB cluster becomes available for scaling\.

When Aurora Auto Scaling adds a new Aurora Replica, the new Aurora Replica is the same DB instance class as the one used by the primary instance\. For more information about DB instance classes, see [Choosing the DB Instance Class](Concepts.DBInstanceClass.md)\. Also, the promotion tier for new Aurora Replicas is set to the last priority, which is 15 by default\. This means that during a failover, a replica with a better priority, such as one created manually, would be promoted first\. For more information, see [Fault Tolerance for an Aurora DB Cluster](Aurora.Managing.Backups.md#Aurora.Managing.FaultTolerance)\.

Aurora Auto Scaling only removes Aurora Replicas that it created\.

To benefit from Aurora Auto Scaling, your applications must support connections to new Aurora Replicas\. To do so, we recommend using the Aurora reader endpoint\. For Aurora MySQL you can use a driver such as the MariaDB Connector/J utility\. For more information, see [Connecting to an Amazon Aurora DB Cluster](Aurora.Connecting.md)\.

## Aurora Auto Scaling Policies<a name="Aurora.Integrating.AutoScaling.Concepts"></a>

Aurora Auto Scaling uses a scaling policy to adjust the number of Aurora Replicas in an Aurora DB cluster\. Aurora Auto Scaling has the following components:
@@ -32,8 +44,6 @@ In this type of policy, a predefined or custom metric and a target value for the

For example, take a scaling policy that uses the predefined average CPU utilization metric\. Such a policy can keep CPU utilization at, or close to, a specified percentage of utilization, such as 40 percent\.

Aurora Auto Scaling only scales a DB cluster if all Aurora Replicas in a DB cluster are in the available state\. If any of the Aurora Replicas are in a state other than available, Aurora Auto Scaling waits until the whole DB cluster becomes available for scaling\. Also, Aurora Auto Scaling only removes Aurora Replicas that it created\.

**Note**
For each Aurora DB cluster, you can create only one Auto Scaling policy for each target metric\.

@@ -63,14 +73,6 @@ You can enable or disable scale\-in activities for a policy\. Enabling scale\-in
**Note**
Scale\-out activities are always enabled so that the scaling policy can create Aurora Replicas as needed\.

## Before You Begin<a name="Aurora.Integrating.AutoScaling.BYB"></a>

Before you can use Aurora Auto Scaling with an Aurora DB cluster, you must first create an Aurora DB cluster with a primary instance and at least one Aurora Replica\. Although Aurora Auto Scaling manages Aurora Replicas, the Aurora DB cluster must start with at least one Aurora Replica\. For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB Cluster](Aurora.CreateInstance.md)\.

When Aurora Auto Scaling adds a new Aurora Replica, the new Aurora Replica is the same DB instance class as the one used by the primary instance\. For more information about DB instance classes, see [Choosing the DB Instance Class](Concepts.DBInstanceClass.md)\.

To benefit from Aurora Auto Scaling, your applications must support connections to new Aurora Replicas\. To do so, we recommend using the Aurora reader endpoint\. For Aurora MySQL you can use a driver such as the MariaDB Connector/J utility\. For more information, see [Connecting to an Amazon Aurora DB Cluster](Aurora.Connecting.md)\.

## Adding a Scaling Policy<a name="Aurora.Integrating.AutoScaling.Add"></a>

You can add a scaling policy using the AWS Management Console, the AWS CLI, or the Application Auto Scaling API\.
@@ -91,11 +93,11 @@ You can add a scaling policy to an Aurora DB cluster by using the AWS Management

1. Choose the Aurora DB cluster that you want to add a policy for\.

1. Choose **Cluster actions**, and then choose **Add Auto Scaling policy**\.
1. For **Actions**, choose **Add Auto Scaling policy**\.

The **Add Auto Scaling policy** dialog box appears\.

1. Type the policy name in the **Policy Name** box\.
1. For **Policy Name**, type the policy name\.

1. For the target metric, choose one of the following:
+ **Average CPU utilization of Aurora Replicas** to create a policy based on the average CPU utilization\.
@@ -12,7 +12,7 @@ If the primary instance in a DB cluster fails, Aurora automatically fails over t

If the DB cluster has one or more Aurora Replicas, then an Aurora Replica is promoted to the primary instance during a failure event\. A failure event results in a brief interruption, during which read and write operations fail with an exception\. However, service is typically restored in less than 120 seconds, and often less than 60 seconds\. To increase the availability of your DB cluster, we recommend that you create at least one or more Aurora Replicas in two or more different Availability Zones\.

You can customize the order in which your Aurora Replicas are promoted to the primary instance after a failure by assigning each replica a priority\. Priorities range from 0 for the highest priority to 15 for the lowest priority\. If the primary instance fails, Amazon RDS promotes the Aurora Replica with the highest priority to the new primary instance\. You can modify the priority of an Aurora Replica at any time\. Modifying the priority doesn't trigger a failover\.
You can customize the order in which your Aurora Replicas are promoted to the primary instance after a failure by assigning each replica a priority\. Priorities range from 0 for the first priority to 15 for the last priority\. If the primary instance fails, Amazon RDS promotes the Aurora Replica with the better priority to the new primary instance\. You can modify the priority of an Aurora Replica at any time\. Modifying the priority doesn't trigger a failover\.

More than one Aurora Replica can share the same priority, resulting in promotion tiers\. If two or more Aurora Replicas share the same priority, then Amazon RDS promotes the replica that is largest in size\. If two or more Aurora Replicas share the same priority and size, then Amazon RDS promotes an arbitrary replica in the same promotion tier\.

@@ -17,11 +17,11 @@ Configure Advanced Auditing by setting these parameters in the parameter group u

Modifying these parameters doesn't require a DB cluster restart\.

### `server_audit_logging`<a name="AuroraMySQL.Auditing.Enable.server_audit_logging"></a>
### server\_audit\_logging<a name="AuroraMySQL.Auditing.Enable.server_audit_logging"></a>

Enables or disables Advanced Auditing\. This parameter defaults to OFF; set it to ON to enable Advanced Auditing\.

### `server_audit_events`<a name="AuroraMySQL.Auditing.Enable.server_audit_events"></a>
### server\_audit\_events<a name="AuroraMySQL.Auditing.Enable.server_audit_events"></a>

Contains the comma\-delimited list of events to log\. Events must be specified in all caps, and there should be no white space between the list elements, for example: `CONNECT,QUERY_DDL`\. This parameter defaults to an empty string\.

@@ -33,25 +33,25 @@ You can log any combination of the following events:
+ QUERY\_DML – Similar to the QUERY event, but returns only data manipulation language \(DML\) queries \(INSERT, UPDATE, and so on\)\.
+ TABLE – Logs the tables that were affected by query execution\.

### `server_audit_excl_users`<a name="AuroraMySQL.Auditing.Enable.server_audit_excl_users"></a>
### server\_audit\_excl\_users<a name="AuroraMySQL.Auditing.Enable.server_audit_excl_users"></a>

Contains the comma\-delimited list of user names for users whose activity isn't logged\. There should be no white space between the list elements, for example: `rdsadmin,user_1,user_2`\. This parameter defaults to an empty string\. Specified user names must match corresponding values in the `User` column of the `mysql.user` table\. For more information about user names, see [the MySQL documentation](https://dev.mysql.com/doc/refman/5.6/en/user-names.html)\.

Connect and disconnect events aren't affected by this variable; they are always logged if specified\. A user is logged if that user is also specified in the `server_audit_incl_users` parameter, because that setting has higher priority than `server_audit_excl_users`\.

### `server_audit_incl_users`<a name="AuroraMySQL.Auditing.Enable.server_audit_incl_users"></a>
### server\_audit\_incl\_users<a name="AuroraMySQL.Auditing.Enable.server_audit_incl_users"></a>

Contains the comma\-delimited list of user names for users whose activity is logged\. There should be no white space between the list elements, for example: `user_3,user_4`\. This parameter defaults to an empty string\. Specified user names must match corresponding values in the `User` column of the `mysql.user` table\. For more information about user names, see [the MySQL documentation](https://dev.mysql.com/doc/refman/5.6/en/user-names.html)\.

Connect and disconnect events aren't affected by this variable; they are always logged if specified\. A user is logged even if that user is also specified in the `server_audit_excl_users` parameter, because `server_audit_incl_users` has higher priority\.

## Viewing Audit Logs<a name="AuroraMySQL.Auditing.View"></a>

You can view and download the audit logs by using the AWS console\. On the **Instances** page, click the DB instance to show its details, then scroll to the **Logs** section\.
You can view and download the audit logs by using the console\. On the **Databases** page, choose the DB instance to show its details, then scroll to the **Logs** section\.

![\[Image NOT FOUND\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/aurora-log.png)

To download a log file, select that file in the **Logs** section and then choose **Download**\.
To download a log file, choose that file in the **Logs** section and then choose **Download**\.

You can also get a list of the log files by using the [describe\-db\-log\-files](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-log-files.html) AWS CLI command\. You can download the contents of a log file by using the [download\-db\-log\-file\-portion](https://docs.aws.amazon.com/cli/latest/reference/rds/download-db-log-file-portion.html) AWS CLI command\. For more information, see [Viewing and Listing Database Log Files](USER_LogAccess.md#USER_LogAccess.Procedural.Viewing) and [Downloading a Database Log File](USER_LogAccess.md#USER_LogAccess.Procedural.Downloading)\.

@@ -19,7 +19,7 @@ To associate an IAM role to permit your Amazon RDS cluster to communicate with o

1. Choose **Clusters**\.

1. Choose the Aurora DB cluster that you want to associate an IAM role with, and then choose **Manage IAM roles** in **Cluster actions**\.
1. Choose the Aurora DB cluster that you want to associate an IAM role with, and then for **Actions** choose **Manage IAM roles**\.

1. In **Manage IAM roles**, choose the role to associate with your DB cluster from **Add IAM roles to this cluster**\.
![\[Associate an IAM role with a DB cluster\]](http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/images/AuroraAssociateIAMRole-02.png)
@@ -47,27 +47,27 @@ To associate an IAM role to permit your Amazon RDS cluster to communicate with o

1. Choose **Create**\.

1. On the **Parameter groups** page, select your DB cluster parameter group and choose **Edit** from **Parameter group actions**\.
1. On the **Parameter groups** page, select your DB cluster parameter group and choose **Edit** for **Parameter group actions**\.

1. Choose **Edit parameters**\.

1. Set the appropriate cluster\-level parameters to the related IAM role ARN values\. For example, you can set just the `aws_default_s3_role` parameter to `arn:aws:iam::123456789012:role/AllowAuroraS3Role`\.

1. Choose **Save changes**\.

1. Choose **Instances**, and then select the primary instance for your Aurora DB cluster\.
1. Choose **Databases**, and then choose the primary instance for your Aurora DB cluster\.

1. Choose **Instance actions** and then choose **Modify**\.
1. For **Actions**, choose **Modify**\.

1. Scroll to **Database options** and set the **DB cluster parameter group** to the new DB cluster parameter group that you created\. Choose **Continue**\.
1. Scroll to **Database options** and set **DB cluster parameter group** to the new DB cluster parameter group that you created\. Choose **Continue**\.

1. Verify your changes and then choose **Apply immediately**\.

1. Choose **Modify DB Instance**\.

1. The primary instance for your DB cluster is still selected in the list of instances\. Choose **Instance Actions**, and then choose **Reboot**\.
1. The primary instance for your DB cluster is still chosen in the list of instances\. For **Actions**, choose **Reboot**\.

When the instance has rebooted, your IAM roles is associated with your DB cluster\.
When the instance has rebooted, your IAM role is associated with your DB cluster\.

For more information about cluster parameter groups, see [Amazon Aurora MySQL Parameters](AuroraMySQL.Reference.md#AuroraMySQL.Reference.ParameterGroups)\.

@@ -48,7 +48,7 @@ You can use the following steps to create an IAM policy that provides the minimu

1. On the **Visual editor** tab, choose **Choose a service**, and then choose **CloudWatch Logs**\.

1. Choose **Expand all** under **Actions** and then choose the Amazon CloudWatch Logs permissions needed for the IAM policy\.
1. For **Actions**, choose **Expand all**, and then choose the Amazon CloudWatch Logs permissions needed for the IAM policy\.

Ensure that the following permissions are selected:
+ `CreateLogGroup`
@@ -31,7 +31,7 @@ You can use the following steps to create an IAM policy that provides the minimu

1. On the **Visual editor** tab, choose **Choose a service**, and then choose **KMS**\.

1. In **Actions**, expand **Write**, and then choose **Decrypt**\.
1. For **Actions**, choose **Write**, and then choose **Decrypt**\.

1. Choose **Resources**, and choose **Add ARN**\.

@@ -30,7 +30,7 @@ You can use the following steps to create an IAM policy that provides the minimu

1. On the **Visual editor** tab, choose **Choose a service**, and then choose **Lambda**\.

1. Choose **Expand all** under **Actions** and then choose the AWS Lambda permissions needed for the IAM policy\.
1. For **Actions**, choose **Expand all**, and then choose the AWS Lambda permissions needed for the IAM policy\.

Ensure that `InvokeFunction` is selected\. It is the minimum required permission to enable Amazon Aurora to invoke an AWS Lambda function\.

@@ -23,15 +23,15 @@ You can use the following steps to create an IAM policy that provides the minimu

1. On the **Visual editor** tab, choose **Choose a service**, and then choose **S3**\.

1. Choose **Expand all** under **Actions** and then choose the bucket permissions and object permissions needed for the IAM policy\.
1. For **Actions**, choose **Expand all**, and then choose the bucket permissions and object permissions needed for the IAM policy\.

Object permissions are permissions for object operations in Amazon S3, and need to be granted for objects in a bucket, not the bucket itself\. For more information about permissions for object operations in Amazon S3, see [Permissions for Object Operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-objects)\.

1. Choose **Resources** and choose **Add ARN** for **bucket**\.
1. Choose **Resources**, and choose **Add ARN** for **bucket**\.

1. In the **Add ARN\(s\)** dialog box, provide the details about your resource, and choose **Add**\.

Specify the Amazon S3 bucket to allow access to\. For instance, if you want to allow Aurora to access the Amazon S3 bucket named `example-bucket`, then set the ARN value to `arn:aws:s3:::example-bucket`\.
Specify the Amazon S3 bucket to allow access to\. For instance, if you want to allow Aurora to access the Amazon S3 bucket named `example-bucket`, then set the Amazon Resource Name \(ARN\) value to `arn:aws:s3:::example-bucket`\.

1. If the **object** resource is listed, choose **Add ARN** for **object**\.

@@ -41,13 +41,13 @@ You can use the following steps to create an IAM policy that provides the minimu
**Note**
You can set **Amazon Resource Name \(ARN\)** to a more specific ARN value in order to allow Aurora to access only specific files or folders in an Amazon S3 bucket\. For more information about how to define an access policy for Amazon S3, see [Managing Access Permissions to Your Amazon S3 Resources](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)\.

1. Optionally, choose **Add additional permissions** to add another Amazon S3 bucket to the policy, and repeat the previous steps for the bucket\.
1. \(Optional\) Choose **Add additional permissions** to add another Amazon S3 bucket to the policy, and repeat the previous steps for the bucket\.
**Note**
You can repeat this to add corresponding bucket permission statements to your policy for each Amazon S3 bucket that you want Aurora to access\. Optionally, you can also grant access to all buckets and objects in Amazon S3\.

1. Choose **Review policy**\.

1. Set **Name** to a name for your IAM policy, for example `AllowAuroraToExampleBucket`\. You use this name when you create an IAM role to associate with your Aurora DB cluster\. You can also add an optional **Description** value\.
1. For **Name**, enter a name for your IAM policy, for example `AllowAuroraToExampleBucket`\. You use this name when you create an IAM role to associate with your Aurora DB cluster\. You can also add an optional **Description** value\.

1. Choose **Create policy**\.

0 comments on commit ff570c9

Please sign in to comment.