RDS and Aurora
RDS Proxy
RDS Proxy is a transparent proxy: the application will connect to it as if it were connecting to a DB instance, and it will pool and multiplex connections to the DB. No change in the application architecture is needed.
RDS Proxy creates a pool of long-term connections to instances so that the latter don’t suffer the overhead of opening and closing frequent connections, thus improving performance. The long term connections are then reused for other incoming requests. This espescially useful when lambda functions with an ENI in the VPC are connecting to the DB.
Connections to the proxy are much quicker than those to the DB instance.
It runs inside a VPC!, so it’s not accessible from the public internet. You either need to be in the VPC or a *privately connected network.
It is a layer between the application and the DB so in case of DB failure the application won’t see any disruption of the service. Once a replica is elected as primary instance the query will continue. It basically abstracts away a DB failure from your application. It allows for more than 60% savings in failover time in the case of Aurora.
By using RDS Proxy, you can also enforce AWS Identity and Access Management (IAM) authentication for databases, and securely store credentials in AWS Secrets Manager.
RDS Proxy is fully managed. It is auto scaling and highly available by default.
It is accessed via a Proxy Endpoint, just like any other DB endpoints.
It can enforce SSL/TLS for improved security.
Use cases
-
"Too many connections" errors. Mostly when using smaller or burst instance types like T2/T3.
-
When using Lambda Functions: connections to the proxy are very quick. Also because RDS Proxy adds support for IAM.
-
Long-running connections, like SaaS apps wigh high user interaction, where low latency is critical.
-
Resilience to failure is a priority.
-
Reduce the failovere time: the application stays connected to the proxy while a new primary instance is elected and has its query fullfilled as soon as the process completes.
