1 00:00:00,270 --> 00:00:03,000 So now let's talk Amazon RDS proxy. 2 00:00:03,000 --> 00:00:06,660 So we know we can deploy our RDS database within RVPC 3 00:00:06,660 --> 00:00:08,100 but now we can also deploy 4 00:00:08,100 --> 00:00:12,030 a fully managed database proxy for RDS. 5 00:00:12,030 --> 00:00:12,870 So you may say, okay, 6 00:00:12,870 --> 00:00:15,450 we can access our RDS database directly. 7 00:00:15,450 --> 00:00:18,840 Why do we need a proxy to access our database? 8 00:00:18,840 --> 00:00:21,150 Well, if you use an Amazon RDS proxy 9 00:00:21,150 --> 00:00:24,480 this will allow you, your application to pull 10 00:00:24,480 --> 00:00:27,233 and share the database connections established 11 00:00:27,233 --> 00:00:28,230 with the database. 12 00:00:28,230 --> 00:00:31,590 So instead of having every single application connect 13 00:00:31,590 --> 00:00:33,660 to your RDS database instance 14 00:00:33,660 --> 00:00:36,150 they will be instead connecting to the proxy 15 00:00:36,150 --> 00:00:38,730 and the proxy will pull these connections together 16 00:00:38,730 --> 00:00:42,180 into less connections to the RDS database instance. 17 00:00:42,180 --> 00:00:43,980 So why may you do this? 18 00:00:43,980 --> 00:00:45,750 Well, this makes a lot of sense is you have a lot 19 00:00:45,750 --> 00:00:48,270 of connections into your RDS database instance 20 00:00:48,270 --> 00:00:51,240 and it's going to improve your database efficiency 21 00:00:51,240 --> 00:00:53,550 by reducing the stress on database resources, 22 00:00:53,550 --> 00:00:55,200 for example CPU and RAM, 23 00:00:55,200 --> 00:00:57,240 and also minimize the open connections 24 00:00:57,240 --> 00:01:00,000 and the timeouts into your database. 25 00:01:00,000 --> 00:01:01,560 So that's one thing you need to look out for 26 00:01:01,560 --> 00:01:03,240 from the exam perspective. 27 00:01:03,240 --> 00:01:06,750 Now, as I said, the RDS proxy is fully serverless. 28 00:01:06,750 --> 00:01:07,650 It's autoscaling. 29 00:01:07,650 --> 00:01:09,990 So you don't need to manage its capacity 30 00:01:09,990 --> 00:01:11,040 and it's highly available. 31 00:01:11,040 --> 00:01:13,080 It's across multiple AZ. 32 00:01:13,080 --> 00:01:15,180 And therefore, in case, for example, 33 00:01:15,180 --> 00:01:17,160 there is a failover that happens 34 00:01:17,160 --> 00:01:18,750 on your RDS database instance. 35 00:01:18,750 --> 00:01:22,200 For example, it goes from the primary instance 36 00:01:22,200 --> 00:01:25,320 to the standby instance, then it will, 37 00:01:25,320 --> 00:01:27,090 thanks to the RDS proxy, 38 00:01:27,090 --> 00:01:32,040 reduce the failover time by up to 66%. 39 00:01:32,040 --> 00:01:34,560 So this is true for RDS and Aurora. 40 00:01:34,560 --> 00:01:37,650 So again, instead of having all your applications connect 41 00:01:37,650 --> 00:01:39,870 to the main RDS database instance 42 00:01:39,870 --> 00:01:42,390 and then handle the failover themselves, 43 00:01:42,390 --> 00:01:44,760 they will just connect to the RDS proxy, 44 00:01:44,760 --> 00:01:47,550 which does not know any failover 45 00:01:47,550 --> 00:01:51,180 and the RDS proxy will itself handle the failover 46 00:01:51,180 --> 00:01:52,770 or the RDS database instance 47 00:01:52,770 --> 00:01:54,780 therefore improving your failover time. 48 00:01:54,780 --> 00:01:56,790 So something else you need to look for 49 00:01:56,790 --> 00:01:58,560 from an exam perspective. 50 00:01:58,560 --> 00:02:00,997 So the RDS proxy supports RDS 51 00:02:00,997 --> 00:02:04,530 for MySQL, PostgreSQL, MariaDB 52 00:02:04,530 --> 00:02:07,983 and also it supports Aurora for MySQL and PostgreSQL. 53 00:02:08,850 --> 00:02:11,610 It doesn't require you to do any code change 54 00:02:11,610 --> 00:02:14,460 in your application, just instead of connecting 55 00:02:14,460 --> 00:02:17,850 to your RDS database instance or your Aurora database. 56 00:02:17,850 --> 00:02:22,170 You'd now just connect to your RDS proxy and you are done. 57 00:02:22,170 --> 00:02:23,003 On top of it, 58 00:02:23,003 --> 00:02:26,010 there's a third advantage to using an RDS proxy. 59 00:02:26,010 --> 00:02:28,590 It is to enforce IAM authentication for database 60 00:02:28,590 --> 00:02:31,146 so to make sure that people can only connect 61 00:02:31,146 --> 00:02:34,740 to your RDS database instance using IAM 62 00:02:34,740 --> 00:02:37,470 and then these credentials can be securely stored 63 00:02:37,470 --> 00:02:41,160 in another service called the AWS secrets manager. 64 00:02:41,160 --> 00:02:42,630 So again, if you need to see a way 65 00:02:42,630 --> 00:02:45,090 to enforce IAM authentication for your database, 66 00:02:45,090 --> 00:02:47,430 think RDS proxy. 67 00:02:47,430 --> 00:02:51,450 And finally, the RDS proxy is never publicly accessible. 68 00:02:51,450 --> 00:02:53,850 So it's only accessible from within your VPC. 69 00:02:53,850 --> 00:02:57,090 So you cannot connect over the internet to your RDS proxy 70 00:02:57,090 --> 00:02:59,190 which is enhanced security. 71 00:02:59,190 --> 00:03:03,960 And so one service we haven't seen that is going for sure 72 00:03:03,960 --> 00:03:07,098 to be very helped by the RDS proxy 73 00:03:07,098 --> 00:03:09,510 is called the Lambda functions 74 00:03:09,510 --> 00:03:11,730 and the Lambda functions that will execute pieces 75 00:03:11,730 --> 00:03:14,220 of code we'll see them later on in this course, okay. 76 00:03:14,220 --> 00:03:15,720 You don't need to know them right now 77 00:03:15,720 --> 00:03:17,040 but we have to tackle them right now 78 00:03:17,040 --> 00:03:18,570 because of the RDS proxy feature. 79 00:03:18,570 --> 00:03:20,700 And so the limit functions they can multiply. 80 00:03:20,700 --> 00:03:22,020 Multiply many, many, many times 81 00:03:22,020 --> 00:03:24,390 and they will appear and disappear very, very fast. 82 00:03:24,390 --> 00:03:26,400 And therefore, imagine you have a hundred 83 00:03:26,400 --> 00:03:28,860 or a thousand Lambda functions appearing and disappearing 84 00:03:28,860 --> 00:03:30,690 just like that and opening up connections 85 00:03:30,690 --> 00:03:33,000 into your RDS database instance. 86 00:03:33,000 --> 00:03:33,840 They will be a big problem 87 00:03:33,840 --> 00:03:35,940 because it will leave open connections and timeouts 88 00:03:35,940 --> 00:03:37,350 and it will be a mess. 89 00:03:37,350 --> 00:03:40,710 And therefore, what you do is that you use the RDS proxy 90 00:03:40,710 --> 00:03:44,310 to pull connections for your Lambda functions. 91 00:03:44,310 --> 00:03:47,790 And then the Lambda functions will overload the RDS proxy 92 00:03:47,790 --> 00:03:49,470 but it's meant to be overload. 93 00:03:49,470 --> 00:03:51,870 And the RDS proxy will pull these connections 94 00:03:51,870 --> 00:03:55,380 into less connections to the RDS database instance 95 00:03:55,380 --> 00:03:58,110 thus solving your problems, okay. 96 00:03:58,110 --> 00:03:59,970 So that's it for this lecture. 97 00:03:59,970 --> 00:04:02,190 I hope you liked it, and don't worry. 98 00:04:02,190 --> 00:04:04,050 We'll review the proxy once again 99 00:04:04,050 --> 00:04:06,810 once we go into the Lambda lectures, 100 00:04:06,810 --> 00:04:09,683 but again RDS proxy is used to minimize 101 00:04:09,683 --> 00:04:13,560 and pull connections on your RDS database instance. 102 00:04:13,560 --> 00:04:16,350 It's also used to minimize failover time 103 00:04:16,350 --> 00:04:20,250 and reduce it by up to 66%. 104 00:04:20,250 --> 00:04:23,580 And also it's used to enforce IAM authentication 105 00:04:23,580 --> 00:04:27,060 for your database and to securely store its credentials 106 00:04:27,060 --> 00:04:29,190 in the secrets manager service. 107 00:04:29,190 --> 00:04:30,030 Alright, that's it. 108 00:04:30,030 --> 00:04:31,050 I hope you liked it. 109 00:04:31,050 --> 00:04:33,000 And I will see you in the next lecture.