Amazon RDS

Provision an Amazon RDS instance (MySQL engine) via the AWS Management Console and integrate it with POB.

Last Updated: 26 May 2022 • Page Author: Jillur Quddus

Overview

The Amazon Relational Database Service (RDS) offers the ability to provision managed relational databases in the AWS cloud computing platform, supporting industry-standard RDBMS engines including PostgreSQL, MySQL, MariaDB, Oracle Database and SQL Server. This page provides instructions on how to integrate an Amazon RDS instance, provisioned with the MySQL engine, with POB.

For further information regarding Amazon RDS, please visit https://aws.amazon.com/rds/.

Setup

Amazon RDS

To provision a managed Amazon RDS (MySQL engine) database instance, visit the Amazon RDS Management Console via the AWS Management Console, select "Create database" and follow the instructions below:

  1. Engine Type - select the engine type. In this example, we will provision an Amazon RDS instance using the MySQL engine.

  2. Template - select an appropriate template taking into account your target POB deployment environment. Select "Production" for high availability and high performance. Or select "Dev/Test" for development purposes outside of a production environment.

  3. DB Instance Identifier - provide a custom name for the database instance.

  4. Mater Username and Password - provide a custom username and password for the default administrator user for the database instance (note that when integrating with POB, as described in the integration section below, you should create a new database user with relevant privileges and not use the master user credentials).

  5. DB Instance Class - select the required instance environment specifications for the database instance. POB has relatively simple RDBMS requirements so, assuming that you are not extending the source code with additional SQL-intensive features, db.m5.large (or similar) will suffice.

  6. Storage - allocate storage (GB) to the database instance. POB has low RDBMS storage requirements so, assuming that you are not extending the source code with additional RDBMS storage intensive features, the minimum of 20GB will suffice.

  7. Availability - dependent on your target POB deployment environment, you may wish to create a standby instance if deploying to a production environment.

  8. VPC Public Access - if you are deploying POB to a hybrid or multi-cloud environment, or to a development or test environment, then you should enable public access to support cross-environment communication. However if you are deploying POB to only AWS managed services (i.e. AWS Lambda) then you do not need to enable public access - in this case Amazon RDS will not assign a public IP address to the database.

  9. Database Authentication - this should be set to "Password authentication" unless you are configuring authentication through AWS IAM users in which case you can set it to "Password and IAM database authentication". Please note that the latter has not been tested with POB.

Once configured, select "Create database". Once provisioned, head back to the Amazon RDS Management Console via the AWS Management Console, select your newly provisioned database from the list of databases, and make a note of its endpoint, which has a similar format to mydb-mysql.123456abcdef.eu-west-2.rds.amazonaws.com, and the port number (for MySQL engines, this defaults to 3306).

Public Access

Assuming that you have configured the Amazon RDS database instance with VPC public access as detailed above, then Amazon RDS will assign a public IP address to the database. However in order to make it publicly accessible, we still need to configure the EC2 VPC security group to enable incoming network connections to the relevant TCP port (in the case of MySQL, this is port 3306).

To do this, open the Amazon RDS Management Console via the AWS Management Console, select your newly provisioned database from the list of databases, and scroll down to the "Security group rules" section. Select the default security group which will take you to the EC2 Management Console and its Security Groups section, as illustrated in the following screenshot:

Select the default security group and then scroll down to inbound rules. Next select "Edit inbound rules", then press "Add rule" and enter the following details for the new inbound rule (as illustrated in the screenshot below):

  • Type - Select either "Custom TCP" or your specific database engine (for example MySQL/Aurora). The Protocol column should then be automatically populated with "TCP".

  • Port Range - If you have selected "Custom TCP" then enter the port number of your Amazon RDS database instance as noted earlier (for example 3306 for MySQL). If you have selected a specific database engine in the Type column, then the port range will be automatically populated for you.

  • Source - Enter 0.0.0.0/0 if you would like your Amazon RDS database instance to be accessible from all IP addresses. Alternatively enter a specific IP address (or IP address range) or security group should you wish to filter access to specific IP addresses or AWS services respectively.

Once configured, select "Save rules". Your Amazon RDS database instance is now accessible from the IP addresses and/or AWS services that you have configured.

You should now be able to connect to your Amazon RDS database instance via JDBC where the JDBC connection string will look similar to the following (dependent on your selected database engine and database name): jdbc:mysql://myrds-mysql.123456789.eu-west-2.rds.amazonaws.com:3306/mydb

Integration

Application Context

As described in Application Configuration, the configuration for the POB application context may be found in the pob-configuration Maven module, at src/main/resources/application.yml.

To integrate an Amazon RDS database instance with POB, configure the storage.rdbms namespace in application.yml as follows:

storage:
    rdbms:
        driverClassName: ${rdbms-driverClassName}
        jdbcUrl: ${rdbms-jdbcUrl}
        username: ${rdbms-username}
        password: ${rdbms-password}

The storage.rdbms configuration namespace includes the following properties that must be completed to integrate with an Amazon RDS database instance:

Property
Description
Example Value

driverClassName

The JDBC driver to use when connecting to the Amazon RDS database instance.

com.mysql.cj.jdbc.Driver

jdbcUrl

The JDBC connection string to connect to the Amazon RDS database instance. Note that the URL should be set as an externalised variable in AWS Secrets Manager and NOT stored as plaintext in application.yml.

jdbc:mysql://myrds-mysql.123456789.eu-west-2.rds.amazonaws.com:3306/mydb

username

The username to authenticate the connection to the Amazon RDS database instance (you should create a new database user with relevant privileges and not use the master user created above in the Amazon RDS Management Console). Note that the username should be set as an externalised variable in AWS Secrets Manager and NOT stored as plaintext in application.yml.

myuser

password

The password to authenticate the connection to the Amazon RDS database instance (you should create a new database user with relevant privileges and not use the master user created above in the Amazon RDS Management Console. Note that the password should be set as an externalised variable in AWS Secrets Manager and NOT stored as plaintext in application.yml.

mypassword

Last updated