Cloud & Networking
Reader small image

You're reading from  AWS Certified Database – Specialty (DBS-C01) Certification Guide

Product typeBook
Published inMay 2022
PublisherPackt
ISBN-139781803243108
Edition1st Edition
Concepts
IT Certification
Right arrow
Author (1)
Kate Gawron
Kate Gawron
author image
Kate Gawron

Kate Gawron is a full-time senior database consultant and part-time future racing driver. She was a competitor in Formula Woman, and she aspires to become a professional Gran Turismo (GT) racing driver. Away from the racetrack, Kate has worked with Oracle databases for 18 years and AWS for five years. She holds four AWS certifications, including the AWS Certified Database – Specialty certification as well as two professional Oracle qualifications. Kate currently works as a senior database architect, where she works with customers to migrate and refactor their databases to work optimally within the AWS cloud.
Read more about Kate Gawron

Right arrow

Chapter 14: Backup and Restore

We covered a high-level view of how backups work in AWS in earlier chapters, covering the different database technologies, but in this chapter, we will assess backup and recovery techniques and the use of specific AWS tools, such as AWS Backup. The aim of this chapter is to learn how you gather backup and restore requirements for your applications and then how to create appropriate recovery plans to meet those needs. We will then learn how to create those plans using AWS Backup and finish with a hands-on lab to use those skills in practice.

In this chapter, we're going to cover the following main topics:

  • Understanding Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
  • Working with maintenance windows
  • Creating backup plans with AWS Backup

Technical requirements

You will require an AWS account with root access; not everything we will do in this chapter may be available in Free Tier, which means it may cost you a small amount to follow the hands-on sections. You will also require access to the AWS Command-Line Interface (CLI). The AWS guide at https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html explains the steps required, but I will summarize them here:

  1. Create an AWS account if you have not already done so.
  2. Download the latest version of the AWS CLI from here: https://docs.aws.amazon.com/cli/latest/userguide/welcome-versions.html#welcome-versions-v2.
  3. Create an admin user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html.
  4. Create an access key for your administration user: https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started_create-admin-group.html#getting-started_create-admin-group-cli.
  5. Run the aws configure command to set up a profile...

Understanding RTO and RPO

There are two critical terms we need to understand when it comes to backup and recovery, RTO and RPO. These two terms are used to help understand the requirements for a business in terms of the speed of recovery required in case of a failure and how much data could be lost in a worst-case scenario. Correct use of these two values will allow you to ensure your backup and recovery strategy meets these requirements.

Let's first look at RTO.

RTO

RTO is the maximum amount of time a system can be unavailable before the impact to the business becomes too severe and a large amount of damage is done. The damage could be financial, legal, or reputational. With RTO, we are focusing on how quickly the database will be returned to a usable state, and depending on the type of failure, we may end up with different RTO values. For example, imagine that you have a Multi-AZ RDS instance. Your primary database suffers a failure due to an underlying network issue...

Working with maintenance windows

All of the AWS-managed database services offer a maintenance window that can be defined by the customer. A maintenance window is a weekly timeslot when AWS is authorized to carry out patching work or other tasks that may cause an outage of your database. These outages will always be communicated in advance, but they cannot always be avoided. There is another window that will be created for a daily backup on RDS. AWS will assign a random maintenance window when you create a managed database. As a result, it is critical that the maintenance and backup windows are set for the quietest time for your application to avoid an unexpected outage or performance issue due to a backup running during peak hours.

You can modify the windows during and after the creation of a managed database.

You can also control the backup times and patterns using AWS Backup, which we will learn next.

Creating backup plans with AWS Backup

AWS Backup is a backup scheduling and storage tool for a wide range of AWS services, including RDS, DocumentDB, Neptune, and DynamoDB. AWS Backup allows you to create centralized and standardized backup policies to ensure compliance with an organization's RTO and RPO requirements and to simplify the control of backups and recoveries across an entire AWS account. AWS Backup can also be configured to back up on-premises resources by using a gateway, but this can only be used to back up virtual machines and servers rather than initializing a database-level backup. AWS backups are stored in a backup vault to protect them from unauthorized access.

AWS Backup allows you to define a large number of policies to meet your needs; these include the following:

  • Backup intervals – how often do you want a backup to be taken and what type? For databases, this could be a full backup or a continuous backup.
  • Data retention – you...

Summary

In this chapter, we have explored several backup and recovery technologies and philosophies, such as RTO and RPO, the use of maintenance windows. We learned how we can use AWS Backup to create backup policies and rules that can be applied across all of our databases to ensure consistency and adherence to required data retention policies.

The AWS Certified Database – Specialty exam will ask questions about the required configuration to meet a specific RTO/RPO need, and you will need to know the recovery times offered for different databases, specifically RDS and DynamoDB. In the next chapter, we will learn about troubleshooting tools and techniques you can use to resolve issues on your AWS database.

Cheat sheet

This cheat sheet summarizes the key points from this chapter:

  • RPO is the maximum amount of data a company can lose without sustaining major damage.
  • RTO is the maximum amount of time a system can be unavailable without sustaining major damage.
  • RPO and RTO need to be considered together to define a backup and recovery strategy.
  • A recovery strategy can include backups, standby databases, read replicas, and manual scripts.
  • AWS Backup allows you to create centralized backup policies and plans to ensure that all your databases will meet your RTOs and RPOs.
  • AWS-managed databases offer maintenance windows that can be configured by the user to control the times that patching or other tasks that may cause a service disruption can run.
  • RDS daily backups run during a backup window, which should be set during the least busy times for the application to avoid performance impact.

Review

Let's now practice a few exam-style questions:

  1. End users of an application are complaining that they are experiencing intermittent performance issues with RDS for MySQL. After investigation, a database specialist determines that the performance issues occur during the automated backup window. What actions can the specialist perform to improve backup performance? (Select two.)
    1. Schedule an automated backup window to occur outside of peak hours.
    2. Increase the instance class.
    3. Create backups from a read replica.
    4. Increase the number of shards.
    5. Increase the storage on the RDS instance.
    6. Change the storage to provisioned Input/Output Operations per Second (IOPS).
  2. Your company has a policy that requires all RDS backups to occur automatically on a specified schedule and be stored for 90 days. What is the optimal solution to meet this requirement?
    1. Create an AWS Backup policy for all RDS databases to include automated backups on RDS. Configure the data retention period to 90 days...

Further reading

To understand the concepts of this chapter in further detail, refer to the AWS Backup guide: https://aws.amazon.com/backup/.

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 19 of 24
Next Chapter
You have been reading a chapter from
AWS Certified Database – Specialty (DBS-C01) Certification Guide
Published in: May 2022Publisher: PacktISBN-13: 9781803243108
© 2022 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €14.99/month. Cancel anytime

Author (1)

author image
Kate Gawron

Kate Gawron is a full-time senior database consultant and part-time future racing driver. She was a competitor in Formula Woman, and she aspires to become a professional Gran Turismo (GT) racing driver. Away from the racetrack, Kate has worked with Oracle databases for 18 years and AWS for five years. She holds four AWS certifications, including the AWS Certified Database – Specialty certification as well as two professional Oracle qualifications. Kate currently works as a senior database architect, where she works with customers to migrate and refactor their databases to work optimally within the AWS cloud.
Read more about Kate Gawron

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2