1
00:00:00,270 --> 00:00:03,000
So now let's talk Amazon RDS proxy.

2
00:00:03,000 --> 00:00:06,660
So we know we can deploy our RDS database within RVPC

3
00:00:06,660 --> 00:00:08,100
but now we can also deploy

4
00:00:08,100 --> 00:00:12,030
a fully managed database proxy for RDS.

5
00:00:12,030 --> 00:00:12,870
So you may say, okay,

6
00:00:12,870 --> 00:00:15,450
we can access our RDS database directly.

7
00:00:15,450 --> 00:00:18,840
Why do we need a proxy to access our database?

8
00:00:18,840 --> 00:00:21,150
Well, if you use an Amazon RDS proxy

9
00:00:21,150 --> 00:00:24,480
this will allow you, your application to pull

10
00:00:24,480 --> 00:00:27,233
and share the database connections established

11
00:00:27,233 --> 00:00:28,230
with the database.

12
00:00:28,230 --> 00:00:31,590
So instead of having every single application connect

13
00:00:31,590 --> 00:00:33,660
to your RDS database instance

14
00:00:33,660 --> 00:00:36,150
they will be instead connecting to the proxy

15
00:00:36,150 --> 00:00:38,730
and the proxy will pull these connections together

16
00:00:38,730 --> 00:00:42,180
into less connections to the RDS database instance.

17
00:00:42,180 --> 00:00:43,980
So why may you do this?

18
00:00:43,980 --> 00:00:45,750
Well, this makes a lot of sense is you have a lot

19
00:00:45,750 --> 00:00:48,270
of connections into your RDS database instance

20
00:00:48,270 --> 00:00:51,240
and it's going to improve your database efficiency

21
00:00:51,240 --> 00:00:53,550
by reducing the stress on database resources,

22
00:00:53,550 --> 00:00:55,200
for example CPU and RAM,

23
00:00:55,200 --> 00:00:57,240
and also minimize the open connections

24
00:00:57,240 --> 00:01:00,000
and the timeouts into your database.

25
00:01:00,000 --> 00:01:01,560
So that's one thing you need to look out for

26
00:01:01,560 --> 00:01:03,240
from the exam perspective.

27
00:01:03,240 --> 00:01:06,750
Now, as I said, the RDS proxy is fully serverless.

28
00:01:06,750 --> 00:01:07,650
It's autoscaling.

29
00:01:07,650 --> 00:01:09,990
So you don't need to manage its capacity

30
00:01:09,990 --> 00:01:11,040
and it's highly available.

31
00:01:11,040 --> 00:01:13,080
It's across multiple AZ.

32
00:01:13,080 --> 00:01:15,180
And therefore, in case, for example,

33
00:01:15,180 --> 00:01:17,160
there is a failover that happens

34
00:01:17,160 --> 00:01:18,750
on your RDS database instance.

35
00:01:18,750 --> 00:01:22,200
For example, it goes from the primary instance

36
00:01:22,200 --> 00:01:25,320
to the standby instance, then it will,

37
00:01:25,320 --> 00:01:27,090
thanks to the RDS proxy,

38
00:01:27,090 --> 00:01:32,040
reduce the failover time by up to 66%.

39
00:01:32,040 --> 00:01:34,560
So this is true for RDS and Aurora.

40
00:01:34,560 --> 00:01:37,650
So again, instead of having all your applications connect

41
00:01:37,650 --> 00:01:39,870
to the main RDS database instance

42
00:01:39,870 --> 00:01:42,390
and then handle the failover themselves,

43
00:01:42,390 --> 00:01:44,760
they will just connect to the RDS proxy,

44
00:01:44,760 --> 00:01:47,550
which does not know any failover

45
00:01:47,550 --> 00:01:51,180
and the RDS proxy will itself handle the failover

46
00:01:51,180 --> 00:01:52,770
or the RDS database instance

47
00:01:52,770 --> 00:01:54,780
therefore improving your failover time.

48
00:01:54,780 --> 00:01:56,790
So something else you need to look for

49
00:01:56,790 --> 00:01:58,560
from an exam perspective.

50
00:01:58,560 --> 00:02:00,997
So the RDS proxy supports RDS

51
00:02:00,997 --> 00:02:04,530
for MySQL, PostgreSQL, MariaDB

52
00:02:04,530 --> 00:02:07,983
and also it supports Aurora for MySQL and PostgreSQL.

53
00:02:08,850 --> 00:02:11,610
It doesn't require you to do any code change

54
00:02:11,610 --> 00:02:14,460
in your application, just instead of connecting

55
00:02:14,460 --> 00:02:17,850
to your RDS database instance or your Aurora database.

56
00:02:17,850 --> 00:02:22,170
You'd now just connect to your RDS proxy and you are done.

57
00:02:22,170 --> 00:02:23,003
On top of it,

58
00:02:23,003 --> 00:02:26,010
there's a third advantage to using an RDS proxy.

59
00:02:26,010 --> 00:02:28,590
It is to enforce IAM authentication for database

60
00:02:28,590 --> 00:02:31,146
so to make sure that people can only connect

61
00:02:31,146 --> 00:02:34,740
to your RDS database instance using IAM

62
00:02:34,740 --> 00:02:37,470
and then these credentials can be securely stored

63
00:02:37,470 --> 00:02:41,160
in another service called the AWS secrets manager.

64
00:02:41,160 --> 00:02:42,630
So again, if you need to see a way

65
00:02:42,630 --> 00:02:45,090
to enforce IAM authentication for your database,

66
00:02:45,090 --> 00:02:47,430
think RDS proxy.

67
00:02:47,430 --> 00:02:51,450
And finally, the RDS proxy is never publicly accessible.

68
00:02:51,450 --> 00:02:53,850
So it's only accessible from within your VPC.

69
00:02:53,850 --> 00:02:57,090
So you cannot connect over the internet to your RDS proxy

70
00:02:57,090 --> 00:02:59,190
which is enhanced security.

71
00:02:59,190 --> 00:03:03,960
And so one service we haven't seen that is going for sure

72
00:03:03,960 --> 00:03:07,098
to be very helped by the RDS proxy

73
00:03:07,098 --> 00:03:09,510
is called the Lambda functions

74
00:03:09,510 --> 00:03:11,730
and the Lambda functions that will execute pieces

75
00:03:11,730 --> 00:03:14,220
of code we'll see them later on in this course, okay.

76
00:03:14,220 --> 00:03:15,720
You don't need to know them right now

77
00:03:15,720 --> 00:03:17,040
but we have to tackle them right now

78
00:03:17,040 --> 00:03:18,570
because of the RDS proxy feature.

79
00:03:18,570 --> 00:03:20,700
And so the limit functions they can multiply.

80
00:03:20,700 --> 00:03:22,020
Multiply many, many, many times

81
00:03:22,020 --> 00:03:24,390
and they will appear and disappear very, very fast.

82
00:03:24,390 --> 00:03:26,400
And therefore, imagine you have a hundred

83
00:03:26,400 --> 00:03:28,860
or a thousand Lambda functions appearing and disappearing

84
00:03:28,860 --> 00:03:30,690
just like that and opening up connections

85
00:03:30,690 --> 00:03:33,000
into your RDS database instance.

86
00:03:33,000 --> 00:03:33,840
They will be a big problem

87
00:03:33,840 --> 00:03:35,940
because it will leave open connections and timeouts

88
00:03:35,940 --> 00:03:37,350
and it will be a mess.

89
00:03:37,350 --> 00:03:40,710
And therefore, what you do is that you use the RDS proxy

90
00:03:40,710 --> 00:03:44,310
to pull connections for your Lambda functions.

91
00:03:44,310 --> 00:03:47,790
And then the Lambda functions will overload the RDS proxy

92
00:03:47,790 --> 00:03:49,470
but it's meant to be overload.

93
00:03:49,470 --> 00:03:51,870
And the RDS proxy will pull these connections

94
00:03:51,870 --> 00:03:55,380
into less connections to the RDS database instance

95
00:03:55,380 --> 00:03:58,110
thus solving your problems, okay.

96
00:03:58,110 --> 00:03:59,970
So that's it for this lecture.

97
00:03:59,970 --> 00:04:02,190
I hope you liked it, and don't worry.

98
00:04:02,190 --> 00:04:04,050
We'll review the proxy once again

99
00:04:04,050 --> 00:04:06,810
once we go into the Lambda lectures,

100
00:04:06,810 --> 00:04:09,683
but again RDS proxy is used to minimize

101
00:04:09,683 --> 00:04:13,560
and pull connections on your RDS database instance.

102
00:04:13,560 --> 00:04:16,350
It's also used to minimize failover time

103
00:04:16,350 --> 00:04:20,250
and reduce it by up to 66%.

104
00:04:20,250 --> 00:04:23,580
And also it's used to enforce IAM authentication

105
00:04:23,580 --> 00:04:27,060
for your database and to securely store its credentials

106
00:04:27,060 --> 00:04:29,190
in the secrets manager service.

107
00:04:29,190 --> 00:04:30,030
Alright, that's it.

108
00:04:30,030 --> 00:04:31,050
I hope you liked it.

109
00:04:31,050 --> 00:04:33,000
And I will see you in the next lecture.