Commvault Cloud supports the protection of Amazon Aurora and Amazon RDS instances in single and multi-AZ configurations using native RDS automated backups, allowing for point-in-time recovery (PITR). To enable the PITR for Amazon Aurora and Amazon RDS, additional permissions for RDS APIs are required to be added to a policy in the user account. These permissions allow for enabling the RDS automated snapshots with appropriate retention, thereby protecting the database transactional log files.
-
What steps should be taken to enable the PITR for the Amazon RDS database?
The following steps should be followed in the AWS Console:
- Sign into the AWS Management Console and Open the IAM (Identity and Access Management) console of the appropriate AWS user account at https://console.aws.amazon.com/iam/.
- In the navigation pane, choose Policies.
- Search for the policy named either MetallicRole-RDSPolicy or MetallicTenantRole-RDSPolicy.
- Choose the Permissions tab and click on Edit to add the set of permissions to the JSON file. Alternatively opt for the visual option under RDS and IAM and select the required actions one by one.
rds:RestoreDBInstanceToPointInTime
rds:RestoreDBClusterToPointInTime
rds:CreateTenantDatabase
rds:ModifyDBInstance
rds:ModifyDBCluster
rds:DescribeDBInstanceAutomatedBackups
rds:DescribeDBClusterAutomatedBackups
iam:PassRole
-
Is there downtime for enabling Amazon RDS automated backups?
When you enable Amazon RDS automated backups with a backup retention period from "0" to a nonzero value, client downtime will occur. Learn more:
-
What would happen if we disable (by changing the retention to zero) the automated backups?
If you disable automated backups in Amazon Aurora or RDS, RDS will delete all your previous automated backup jobs. This will also disable the PITR functionality.
For more information, refer to these Amazon resources:
https://aws.amazon.com/blogs/database/amazon-rds-snapshot-restore-and-recovery-demystified/