🗄️ Database Services#

Learning Objectives#

Choose between RDS, DynamoDB, and Aurora based on workload
Configure Multi-AZ and Read Replicas for high availability
Implement caching with ElastiCache
Understand DynamoDB table design, indexes, and DAX

1. AWS Database Landscape#

                     AWS Database Services
                            │
        ┌───────────────────┴───────────────────┐
        │                                       │
   Relational                               NoSQL
        │                                       │
   ┌────┴────┐                            ┌────┴────┐
   │ RDS     │                            │DynamoDB │
   │ ├ MySQL │                            │(KV + Doc)│
   │ ├ MariaDB│                           │         │
   │ ├ PostgreSQL│                        │ ElastiCache│
   │ ├ Oracle │                           │ ├ Redis  │
   │ ├ SQL Server│                       │ └ Memcached │
   │ └ Aurora │                           └─────────┘
   └─────────┘
        │
   ┌────┴────┐
   │ Redshift │
   │ (Data Warehouse)│
   └─────────┘

2. Amazon RDS#

2.1 RDS Overview#

Amazon Relational Database Service (RDS) makes it easy to set up, operate, and scale relational databases in the cloud.

Supported Engines: MySQL, MariaDB, PostgreSQL, Oracle, SQL Server, Amazon Aurora

2.2 Multi-AZ vs Read Replicas#

Feature	Multi-AZ	Read Replicas
Purpose	High availability (HA)	Read scaling
Writes	To primary only	To primary only
Reads	To primary only	To any replica
Failover	Automatic	Manual (promote replica)
Number	1 standby	Up to 15
Sync/Async	Synchronous	Asynchronous
Cross-region	No	Yes
Cost	~2x	~1x per replica

Multi-AZ:                           Read Replica:
┌──────────┐  Sync  ┌──────────┐    ┌──────────┐  Async  ┌──────────┐
│ Primary  │───────>│ Standby  │    │ Primary  │───────>│ Replica  │
│ (AZ-1a)  │        │ (AZ-1b)  │    │ (Write)  │        │ (Read)   │
└──────────┘        └──────────┘    └──────────┘        └──────────┘
                                        │
                                 ┌──────┴──────┐
                                 │  Replica 2  │
                                 │  (Read)     │
                                 └─────────────┘

Use Read Replicas when:

Read-heavy workloads (reporting, analytics)
Offload read traffic from primary
Cross-region DR (read replica in another region)

Use Multi-AZ when:

Production databases needing HA
Automatic failover required
Planned maintenance without downtime

⚡ Exam Tip: Multi-AZ = HA + failover. Read Replicas = read scaling + DR. They are NOT mutually exclusive — you can have both!

2.3 RDS Backups#

Feature	Automated Backups	Manual Snapshots
Automatic	Yes	No (manual trigger)
Retention	1-35 days	As long as you keep them
Point-in-time	Any time within retention	Only from snapshot creation
Deleted with DB	Yes	No (survive deletion)
Cost	Included in storage price	Snapshot storage costs

# Configure backup window
aws rds modify-db-instance \
  --db-instance-identifier mydb \
  --backup-retention-period 7 \
  --preferred-backup-window "03:00-04:00"

# Create manual snapshot
aws rds create-db-snapshot \
  --db-instance-identifier mydb \
  --db-snapshot-identifier mydb-pre-upgrade

# Restore from snapshot
aws rds restore-db-instance-from-db-snapshot \
  --db-instance-identifier mydb-restored \
  --db-snapshot-identifier mydb-pre-upgrade

2.4 RDS Security#

Encryption at rest — Uses KMS, can’t encrypt existing unencrypted DB
Encryption in transit — SSL/TLS certificates
IAM DB Authentication — Use IAM credentials instead of passwords
Security Groups — Control network access to the DB

# Create encrypted RDS
aws rds create-db-instance \
  --db-instance-identifier mydb \
  --engine mysql \
  --db-instance-class db.t3.medium \
  --storage-encrypted \
  --kms-key-id alias/aws/rds \
  --master-username admin \
  --master-user-password 'MyP@ssword!' \
  --vpc-security-group-ids sg-db \
  --db-subnet-group-name my-db-subnet-group

3. Amazon Aurora#

3.1 Aurora Architecture#

Aurora is a MySQL/PostgreSQL-compatible relational database built for the cloud, with 5x better performance than standard MySQL.

┌──────────────────────────────────────────────────────┐
│                    Aurora Cluster                     │
│                                                      │
│  ┌─────────────┐     ┌─────────────┐                │
│  │  Writer     │     │  Reader 1   │  ──→ Read      │
│  │  (1 primary)│     │  (up to 15) │  ──→ endpoints  │
│  └──────┬──────┘     └──────┬──────┘                │
│         │                   │                        │
│         └────────┬──────────┘                        │
│                  │                                   │
│  ┌───────────────┴──────────────────────────────┐    │
│  │          Shared Storage Volume                │    │
│  │  6 copies across 3 AZs (10 GB - 128 TB)      │    │
│  │              │         │         │            │    │
│  │         AZ-1a ✓    AZ-1b ✓    AZ-1c ✓        │    │
│  └───────────────────────────────────────────────┘    │
│                                                      │
│  Writer Endpoint: mycluster.cluster-xxx.us-east-1.   │
│  Reader Endpoint: mycluster.cluster-ro-xxx.us-east-1.│
└──────────────────────────────────────────────────────┘

Aurora Key Features:

6 copies of data across 3 AZs (write to 4/6 for commit)
Auto-scaling storage (10 GB to 128 TB)
Fast cloning — Copy-on-write clones (useful for staging, testing)
Backtrack — Roll back DB to any point in time (no restore needed)
Global Database — Up to 5 read-only secondary regions (latency < 1 sec)
Serverless v2 — Auto-scale capacity (0.5 - 128 ACUs)

⚡ Exam Tip: Aurora = 6 copies across 3 AZs, write needs 4/6 consensus. Auto-scaling storage from 10 GB. Global DB for cross-region DR < 1 sec RPO.

3.2 Aurora Serverless v2#

# Create Aurora Serverless v2
aws rds create-db-cluster \
  --engine aurora-mysql \
  --engine-version 8.0 \
  --db-cluster-identifier aurora-serverless \
  --serverless-v2-scaling-configuration MinCapacity=0.5,MaxCapacity=128 \
  --master-username admin \
  --master-user-password 'MyP@ssword!'

4. Amazon DynamoDB#

4.1 DynamoDB Core Concepts#

DynamoDB is a fully managed NoSQL key-value and document database with single-digit millisecond latency at any scale.

Concept	Description	Example
Table	Collection of items	`Users`
Item	A row of data (up to 400 KB)	One user record
Partition Key	Primary key for distribution	`user_id`
Sort Key	Optional secondary key (composite primary key)	`created_at`
GSI	Global Secondary Index (different PK/SK)	Query by `email`
LSI	Local Secondary Index (same PK, different SK)	Query by `status`

4.2 Read/Write Capacity Modes#

Mode	Description	Use Case
On-Demand	Pay per request (no capacity planning)	Unknown/unpredictable traffic
Provisioned	Specify RCU/WCU + Auto Scaling	Predictable traffic, cost savings

RCU & WCU Calculation:

1 RCU = 1 strongly consistent read / sec for 4 KB item
1 RCU = 2 eventually consistent reads / sec for 4 KB item
1 WCU = 1 write / sec for 1 KB item

Example: 10 KB item, 100 reads/sec (eventually consistent)
RCUs needed = (10 KB / 4 KB) × 100 reads / 2 = 125 RCUs

Example: 2 KB item, 50 writes/sec
WCUs needed = (2 KB / 1 KB) × 50 writes = 100 WCUs

4.3 DynamoDB Accelerator (DAX)#

In-memory cache for DynamoDB — microsecond latency:

App → DAX (cache hit ✓) → Returns immediately (~microseconds)
App → DAX (cache miss ✗) → DynamoDB → DAX caches result → Returns (~ms)

4.4 DynamoDB Streams#

Capture item-level changes in real-time:

Triggers Lambda on inserts/updates/deletes
Use cases: Real-time analytics, cross-region replication, audit logs

4.5 DynamoDB Transactions#

ACID transactions across multiple tables:

TransactWriteItems — All-or-nothing writes (up to 25 items/4 MB)
TransactGetItems — Consistent reads across items

⚡ Exam Tip: DynamoDB = serverless NoSQL with single-digit ms latency. Use DAX for microsecond latency. Use Global Tables for multi-region active-active.

5. Amazon ElastiCache#

In-memory caching for sub-millisecond latency:

Engine	Description	Use Case
Redis	Rich data types, persistence, HA	Session store, leaderboards, pub/sub
Memcached	Simple key-value, no persistence	Simple caching, session store

Common Caching Patterns:

Lazy Loading — Cache miss → Read DB → Write to cache
Write-Through — Write to cache first, then DB
Session Store — Store user sessions in Redis

          ┌────────────┐
          │  App Tier  │
          └─────┬──────┘
                │
          ┌─────┴──────┐
          │ ElastiCache │  (sub-ms)
          │  (Redis)    │
          └─────┬──────┘
                │ (cache miss)
          ┌─────┴──────┐
          │   RDS DB   │  (1-10 ms)
          └────────────┘

6. Database Comparison#

Feature	RDS	Aurora	DynamoDB
Type	Relational	Relational (cloud-native)	NoSQL (KV + Document)
Scaling	Vertical (bigger instance)	Auto-scaling storage, vertical	Horizontal (auto)
Max Storage	16 TB	128 TB	Unlimited
Multi-AZ	Yes (standby)	Yes (6 copies, 3 AZs)	Yes (3 AZs by default)
Read Replicas	Up to 5	Up to 15	Global Tables
Serverless	Aurora Serverless v2	Yes	On-Demand
Cache	ElastiCache	ElastiCache	DAX
Query	SQL	SQL	PartiQL, API
Use Case	Traditional apps, OLTP	Enterprise, high-performance	Real-time, IoT, gaming

7. Real-World Use Cases#

Use Case 1: E-Commerce Order Processing Database#

Scenario: An online retailer needs a highly available, scalable database for their order processing system. During flash sales, traffic spikes 10x in minutes.

Solution: DynamoDB + DAX + SQS

graph LR
    subgraph Front["Front End"]
        API["API Gateway"]
    end
    
    subgraph Processing["Order Processing"]
        SQS["SQS Queue\n(Buffer spike)"]
        Lambda["Lambda\n(Process Order)"]
    end
    
    subgraph Data["Data Layer"]
        DAX["DAX Cache\n(Microsecond reads)"]
        DDB["DynamoDB\n(On-Demand)"]
    end
    
    API --> SQS
    SQS --> Lambda
    Lambda <--> DAX
    DAX <--> DDB
    
    style DDB fill:#ff9900,color:#fff
    style DAX fill:#ff6600,color:#fff

Why this works:

DynamoDB On-Demand scales automatically with zero capacity planning — perfect for unpredictable flash sales
DAX reduces read latency to microseconds for hot product data
SQS buffers incoming orders during traffic spikes, preventing database overload
Lambda scales concurrently with each SQS message

Alternative: For complex order queries (joins, aggregations), use Aurora Serverless v2 instead of DynamoDB.

Scenario: A social media app needs < 50ms read latency for users worldwide and must survive a full region failure.

Solution: DynamoDB Global Tables + ElastiCache Global Datastore

Requirement	Solution	Why
Global low-latency reads	DynamoDB Global Tables	Active-active replication across regions
Session management	ElastiCache Redis Global Datastore	Cross-region replication for user sessions
User profiles	DynamoDB with partition key = user_id	Fast single-item lookups
Social feed	DynamoDB with GSI on timeline	Query by time range

graph LR
    subgraph US["us-east-1"]
        US_APP["App Servers"]
        US_DDB["DynamoDB\nPrimary Writer"]
        US_REDIS["Redis\nPrimary"]
    end
    
    subgraph EU["eu-west-1"]
        EU_APP["App Servers"]
        EU_DDB["DynamoDB\nLocal Reader"]
        EU_REDIS["Redis\nReplica"]
    end
    
    subgraph ASIA["ap-southeast-1"]
        ASIA_APP["App Servers"]
        ASIA_DDB["DynamoDB\nLocal Reader"]
        ASIA_REDIS["Redis\nReplica"]
    end
    
    US_DDB <==>|Global Tables| EU_DDB
    US_DDB <==>|Global Tables| ASIA_DDB
    US_REDIS --->|Global Datastore| EU_REDIS
    US_REDIS --->|Global Datastore| ASIA_REDIS

Key takeaway: DynamoDB Global Tables provide active-active multi-region with automatic conflict resolution. Use Route53 latency-based routing to direct users to the nearest region.

Use Case 3: SaaS Multi-Tenant Database Strategy#

Scenario: A SaaS company needs to support hundreds of customers (tenants) with isolated data. Some tenants are small (few MB), others are large (hundreds of GB).

Approach: Hybrid Pooled + Silo Strategy

Tenant Size	Strategy	Database
Small (free tier)	Pooled — All small tenants in shared RDS	1 RDS instance per 100 tenants, each tenant identified by `tenant_id`
Medium (standard)	Silo — Dedicated RDS per tenant	Individual RDS instances with automated backups
Large (enterprise)	Silo + Multi-AZ — Dedicated Aurora cluster	Aurora with read replicas for reporting

graph TD
    subgraph Pooled["Pooled - Small Tenants"]
        RDS1["Shared RDS\nTenants A-E"]
        RDS2["Shared RDS\nTenants F-J"]
    end
    
    subgraph Silo["Silo - Medium Tenants"]
        RDS3["Dedicated RDS\nTenant K"]
        RDS4["Dedicated RDS\nTenant L"]
        RDS5["Dedicated RDS\nTenant M"]
    end
    
    subgraph Enterprise["Enterprise - Large Tenants"]
        AURORA1["Aurora Cluster\nTenant X"]
        AURORA2["Aurora Cluster\nTenant Y"]
    end

Takeaway: Use a hybrid approach — pool small tenants for cost efficiency, silo large tenants for performance isolation. RDS Performance Insights helps identify noisy neighbors in pooled setups.

Use Case 4: Serverless Event Sourcing with DynamoDB Streams#

Scenario: A fintech app needs an immutable log of all account transactions for auditing and real-time fraud detection.

Solution:

graph LR
    User -->|Deposit/Withdraw| API["API Gateway"]
    API --> Lambda["Lambda\nRecord Event"]
    Lambda --> DDB["DynamoDB\n(Event Store)"]
    DDB -.->|DynamoDB Stream| FraudLambda["Lambda\nFraud Detection"]
    DDB -.->|DynamoDB Stream| AuditLambda["Lambda\nAudit Log"]
    FraudLambda --> SNS["SNS\nAlert"]
    
    style DDB fill:#ff9900,color:#fff

Why DynamoDB Streams?

Provides exactly-once, ordered stream of all changes
Triggers Lambda within milliseconds of a write
Enables event sourcing pattern — every state change is recorded as an immutable event
Can be replayed from any point in time

✅ Chapter Quiz#

Which RDS feature is designed for high availability and automatic failover?
- A) Read Replicas
- B) Multi-AZ
- C) Automated Backups
- D) Snapshots
How many copies of data does Aurora maintain across Availability Zones?
- A) 2
- B) 3
- C) 6
- D) 10
1 RCU provides how many strongly consistent reads per second for a 4 KB item?
- A) 1
- B) 2
- C) 4
- D) 8
Which DynamoDB feature provides microsecond latency?
- A) Global Tables
- B) DynamoDB Streams
- C) DAX
- D) Transactions
Which database should you use for a serverless, NoSQL key-value workload with unpredictable traffic?
- A) RDS MySQL
- B) Aurora
- C) DynamoDB (On-Demand)
- D) Redshift
An RDS MySQL instance with Multi-AZ fails over during a sales event. What happens to existing database connections?
- A) Connections are seamlessly redirected with no interruption
- B) Connections are lost; applications must reconnect using the same CNAME endpoint
- C) The standby immediately takes over with the same connection state
- D) Connections are queued until failover completes
A DynamoDB table with provisioned capacity is throttling during a marketing campaign. What is the MOST cost-effective solution?
- A) Switch to On-Demand capacity permanently
- B) Enable DynamoDB Auto Scaling to adjust capacity dynamically
- C) Over-provision RCU/WCU to peak levels
- D) Add a Global Secondary Index
A company needs read-only DR copy of an RDS PostgreSQL database in a different region. Which feature should be used?
- A) Multi-AZ
- B) Cross-region Read Replica
- C) Manual snapshot copied to another region
- D) Aurora Global Database
A financial application requires ACID transactions across multiple DynamoDB tables. Which API should be used?
- A) BatchWriteItem
- B) TransactWriteItems
- C) PutItem with conditional expressions
- D) UpdateItem
What is the maximum storage size for an Amazon Aurora database?
- A) 16 TB
- B) 64 TB
- C) 128 TB
- D) 256 TB
A web application reads the same product data thousands of times per second from DynamoDB with single-digit millisecond latency required. Which option provides the BEST performance improvement?
- A) Increase provisioned RCU to a very high value
- B) Implement DAX (DynamoDB Accelerator)
- C) Switch to strongly consistent reads
- D) Add a Local Secondary Index
A company needs to migrate a 500 GB on-premises MySQL database to RDS with minimal downtime. Which approach should be used?
- A) mysqldump export and import directly to RDS
- B) AWS DMS with full load and ongoing CDC replication
- C) Create an RDS Read Replica and promote it
- D) Use S3 as intermediate storage for export files
An IoT application writes millions of 500-byte sensor readings per second to DynamoDB. What read consistency model is MOST cost-effective for a real-time dashboard?
- A) Strongly consistent reads
- B) Eventually consistent reads
- C) Transactional reads
- D) DynamoDB Streams
A company needs to restore an RDS instance to a specific point in time within the last 24 hours. What is required?
- A) Automated backups with retention period covering the target time
- B) A manual snapshot taken within the last 24 hours
- C) Multi-AZ deployment enabled
- D) Read Replicas configured
An RDS MySQL instance is experiencing high CPU due to read-intensive analytics queries. Multi-AZ is already enabled. What is the BEST solution?
- A) Create a Read Replica and route analytics queries to it
- B) Upgrade to a larger instance class
- C) Enable RDS Performance Insights
- D) Increase provisioned IOPS
A company needs to capture item-level changes in a DynamoDB table and trigger a Lambda function for real-time processing. Which feature should be used?
- A) DynamoDB Accelerator
- B) DynamoDB Streams
- C) DynamoDB Global Tables
- D) DynamoDB Transactions
An Aurora cluster in us-east-1 needs DR in eu-west-1 with less than 1 second RPO. Which feature meets this requirement?
- A) Cross-region Read Replica
- B) Aurora Global Database
- C) Multi-AZ deployment
- D) Manual snapshot cross-region copy
A company uses ElastiCache for caching. During a maintenance event, the Redis cluster fails and all cached data is lost. What happens to the application?
- A) The application continues serving cached data from a local buffer
- B) The application reads directly from the database until the cache is repopulated
- C) The application stops serving requests until the cache is restored
- D) ElastiCache automatically fails over without data loss
A company needs to encrypt an existing unencrypted RDS MySQL instance. What is the correct approach?
- A) Enable encryption using the RDS modify console option
- B) Take a snapshot, copy it with encryption enabled, restore from the encrypted snapshot
- C) Use KMS to encrypt the EBS volume backing RDS
- D) Create a new encrypted Read Replica and promote it
A DynamoDB table has a partition key of user_id and sort key of timestamp. How can items be queried for a user sorted newest-first?
- A) Use Scan with a filter expression
- B) Use Query with ScanIndexForward set to false
- C) Create a GSI with reverse sort key
- D) Query and sort results in the application
A monthly reporting query joins data across multiple RDS PostgreSQL tables and takes 30 seconds. What is the MOST cost-effective approach?
- A) Create a dedicated Read Replica for reporting
- B) Run the query on the primary during off-peak hours
- C) Migrate to Aurora for better query performance
- D) Export data to S3 and query with Athena
Two users simultaneously update the same DynamoDB item in different regions using Global Tables. How is the conflict resolved?
- A) Last writer wins based on timestamps
- B) Both updates are rejected
- C) First writer wins automatically
- D) Updates are merged using CRDTs
A Redis-compatible cache is needed with automatic failover and Multi-AZ support. Which ElastiCache configuration should be used?
- A) Memcached cluster mode
- B) Redis with cluster mode disabled and a replica
- C) Single-node Redis
- D) Memcached with multiple nodes
A company wants to enable IAM database authentication for an RDS MySQL instance. What must be configured?
- A) Replace the master password with an IAM policy
- B) Enable IAM DB authentication and assign an IAM role to the RDS instance
- C) Create database accounts mapped to IAM users using an auth token
- D) Configure the security group to allow IAM traffic
A mobile game needs a real-time leaderboard with atomic score increments. Which DynamoDB feature supports this?
- A) DynamoDB Transactions
- B) Atomic counters with UpdateItem
- C) Conditional writes
- D) BatchWriteItem

📝 Answer Key

B — Multi-AZ provides HA with automatic failover to a standby.
C — Aurora maintains 6 copies across 3 AZs.
A — 1 RCU = 1 strongly consistent read/sec or 2 eventually consistent reads/sec for 4 KB.
C — DAX (DynamoDB Accelerator) provides microsecond latency for reads.
C — DynamoDB On-Demand is serverless, NoSQL, and scales automatically.
B — During Multi-AZ failover, RDS updates DNS to point to the standby. Existing connections are dropped and must be re-established.
B — Auto Scaling adjusts provisioned capacity dynamically, handling spikes without over-provisioning. On-Demand is simpler but more expensive for predictable workloads.
B — Cross-region Read Replicas asynchronously replicate data to another region for DR and read scaling.
B — TransactWriteItems provides ACID transactions across multiple DynamoDB tables with all-or-nothing semantics.
C — Aurora auto-scales storage up to 128 TB.
B — DAX is an in-memory cache delivering microsecond to single-digit millisecond latency for read-heavy DynamoDB workloads.
B — AWS DMS with ongoing CDC replicates changes in real-time, enabling minimal downtime migration.
B — Eventually consistent reads cost half the RCU and are sufficient for real-time dashboards where slight read delay is acceptable.
A — PITR requires automated backups with a retention period that includes the target restore time.
A — Read Replicas offload read traffic from the primary, addressing CPU bottlenecks from read-heavy queries.
B — DynamoDB Streams capture item-level changes and can trigger Lambda for real-time processing.
B — Aurora Global Database replicates data across regions with < 1 second RPO.
B — Without caching, the application falls back to reading from the database, causing higher latency but remaining available.
B — Encryption cannot be added directly to existing unencrypted RDS. The correct process uses an encrypted snapshot copy.
B — Query with ScanIndexForward=false returns results in descending sort key order efficiently.
B — For a monthly query, a Read Replica is cost-prohibitive. Running on the primary during off-peak hours is most cost-effective.
A — DynamoDB Global Tables use last-writer-wins (LWW) reconciliation based on timestamp.
B — Redis with cluster mode disabled and a replica provides automatic failover and Multi-AZ. Memcached lacks replication/failover.
C — IAM DB authentication uses an authentication token generated via IAM credentials for database access instead of a password.
B — Atomic counters with UpdateItem provide atomic increment/decrement without the overhead of transactions.

📚 Additional Resources#

Next → DNS & Content Delivery