AWS RDS not in Multi-AZ

Description:

Multi-Availability Zone (Multi-AZ) deployment is a feature of AWS RDS that provides high availability and failover support for DB instances. When you provision a Multi-AZ DB instance, Amazon RDS automatically creates a primary DB instance, and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). In the case of an infrastructure failure (e.g., instance hardware failure, storage failure, or network disruption), Amazon RDS performs an automatic failover to the standby so that database operations can resume quickly without manual intervention. If your RDS instance is not configured to use Multi-AZ deployments, you may risk extended downtimes in the event of such failures.

Remediation:

1. Enable Multi-AZ Deployment for New RDS Instances:

AWS Management Console:
  • Navigate to the RDS dashboard.
  • Click on "Create database".
  • In the creation wizard, under the "Availability & durability" section, choose "Create a standby instance" for the "Multi-AZ deployment" option.
  • Continue with other database settings and click "Create".
AWS CLI:
aws rds create-db-instance --db-instance-identifier YourDBInstanceName --multi-az --other-required-parameters

2. Enable Multi-AZ Deployment for Existing RDS Instances:

AWS Management Console:
  • Navigate to the RDS dashboard.
  • Select your database instance.
  • Click on "Modify".
  • Under the "Availability & durability" section, choose "Create a standby instance" for the "Multi-AZ deployment" option.
  • Scroll down and click on "Continue", then "Modify DB Instance".
AWS CLI:
aws rds modify-db-instance --db-instance-identifier YourDBInstanceName --apply-immediately --multi-az

3. Monitor and Audit:

AWS Management Console:
  • Navigate to AWS Config.
  • Create a new rule to check for RDS instances not using Multi-AZ deployment.
  • Use AWS CloudTrail to monitor and log any changes to the Multi-AZ deployment setting.
AWS CLI:

For monitoring, AWS Config SDK or Boto3 in Python would be preferable instead of direct AWS CLI commands.

4. Document and Train:

Ensure that internal guidelines mandate the use of Multi-AZ deployments for RDS instances. Train the technical teams on the importance and implementation of this high availability feature.

By following these steps, you can ensure that AWS RDS databases utilize Multi-AZ deployments, offering enhanced availability and durability.

Updated 5 months ago