Issue
For the below MySQL database instance, created with below template:
DbInstance:
Type: "AWS::RDS::DBInstance"
Properties:
DBSubnetGroupName: { "Ref": "DbSubnetGroup" }
MultiAZ: "true"
AvailabilityZone: { "Ref": "DbAvailabilityZone" }
AllocatedStorage: 8
StorageType: "gp2"
DBInstanceClass: "db.t2.micro"
DBName: "someapp"
Engine: "MySQL"
EngineVersion: "5.6"
MasterUsername: { "Ref": "DbUsername" }
MasterUserPassword: { "Ref": "DbPassword" }
VPCSecurityGroups:
- { "Ref": "DbSecurityGroup" }
Tags:
- Key: "Name"
Value: { "Fn::Join": ["", [ { "Ref": "AWS::StackName" }, "-db" ] ] }
DbSecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: "someapp DB Security Group"
VpcId: { "Ref": "VpcId" }
SecurityGroupIngress:
- IpProtocol: "tcp"
FromPort: "3306"
ToPort: "3306"
SourceSecurityGroupId: { "Ref": "EC2InstanceSecurityGroup" }
DbSubnetGroup:
Type: "AWS::RDS::DBSubnetGroup"
Properties:
DBSubnetGroupDescription: "someapp DB Subnet Group"
SubnetIds: { "Ref": "DbSubnets" }
Tags:
- Key: "Name"
Value: { "Fn::Join": ["", [ { "Ref": "AWS::StackName" }, "-db-subnet-group" ] ] }
my understanding is,
RDS is a computer(EC2 instance), where an EC2 instance will be launched on every subnet of "DbSubnetGroup".
This computer is of "db.t2.micro" EC2 instance type.
Each computer will host a MySQL database instance(someapp).
Multiple subnets in "DbSubnetGroup" can be in same or different availability zones, because MultiAZ: "true"
If this is the right understanding then,
Is DbSecurityGroup assigned to each EC2 instance type(DBInstanceClass) of "db.t2.micro"?
Solution
RDS is a computer(EC2 instance), where an EC2 instance will be launched on every subnet of "DbSubnetGroup".
Yes this is correct, RDS is hosted on EC2 instances, but you don't need to manage those instances.
This computer is of "db.t2.micro" EC2 instance type.
Yes the RDS instance type is selected by the user when cofiguring it. So if you have selected micro type then the EC2 instance(s) should be of the same type.
Each computer will host a MySQL database instance(someapp).
Yes, EC2 instances will host the database.
Multiple subnets in "DbSubnetGroup" can be in same or different availability zones, because MultiAZ: "true"
If you have selected Multi AZ database then different AZs will be used to setup the primary and the secondary database. They will not be in the same AZ as it will not provide the AZ redundancy.
If this is the right understanding then,
Is DbSecurityGroup assigned to each EC2 instance type(DBInstanceClass) of "db.t2.micro"?
Yes security groups will be assigned to each of the EC2 instances in your RDS setup.
Answered By - Juned Ahsan