Maintaining a DB instance - Amazon Relational Database Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Maintaining a DB instance

Periodically, Amazon RDS performs maintenance on Amazon RDS resources. Maintenance most often involves updates to the DB instance's underlying hardware, underlying operating system (OS), or database engine version. Updates to the operating system most often occur for security issues and should be done as soon as possible.

Some maintenance items require that Amazon RDS take your DB instance offline for a short time. Maintenance items that require a resource to be offline include required operating system or database patching. Required patching is automatically scheduled only for patches that are related to security and instance reliability. Such patching occurs infrequently (typically once every few months) and seldom requires more than a fraction of your maintenance window.

Deferred DB instance modifications that you have chosen not to apply immediately are also applied during the maintenance window. For example, you might choose to change the DB instance class or parameter group during the maintenance window. Such modifications that you specify using the pending reboot setting don't show up in the Pending maintenance list. For information about modifying a DB instance, see Modifying an Amazon RDS DB instance.

Viewing pending maintenance

View whether a maintenance update is available for your DB instance by using the RDS console, the Amazon CLI, or the RDS API. If an update is available, it is indicated in the Maintenance column for the DB instance on the Amazon RDS console, as shown following.


            Offline patch available

If no maintenance update is available for a DB instance, the column value is none for it.

If a maintenance update is available for a DB instance, the following column values are possible:

  • required – The maintenance action will be applied to the resource and can't be deferred indefinitely.

  • available – The maintenance action is available, but it will not be applied to the resource automatically. You can apply it manually.

  • next window – The maintenance action will be applied to the resource during the next maintenance window.

  • In progress – The maintenance action is in the process of being applied to the resource.

If an update is available, you can take one of the actions:

  • If the maintenance value is next window, defer the maintenance items by choosing Defer upgrade from Actions. You can't defer a maintenance action if it has already started.

  • Apply the maintenance items immediately.

  • Schedule the maintenance items to start during your next maintenance window.

  • Take no action.

To take an action, choose the DB instance to show its details, then choose Maintenance & backups. The pending maintenance items appear.


            Pending maintenance items

The maintenance window determines when pending operations start, but doesn't limit the total run time of these operations. Maintenance operations aren't guaranteed to finish before the maintenance window ends, and can continue beyond the specified end time. For more information, see The Amazon RDS maintenance window.

You can also view whether a maintenance update is available for your DB instance by running the describe-pending-maintenance-actions Amazon CLI command.

Applying updates for a DB instance

With Amazon RDS, you can choose when to apply maintenance operations. You can decide when Amazon RDS applies updates by using the RDS console, Amazon Command Line Interface (Amazon CLI), or RDS API.

To manage an update for a DB instance

  1. Sign in to the Amazon Web Services Management Console and open the Amazon RDS console at https://console.amazonaws.cn/rds/.

  2. In the navigation pane, choose Databases.

  3. Choose the DB instance that has a required update.

  4. For Actions, choose one of the following:

    • Upgrade now

    • Upgrade at next window

      Note

      If you choose Upgrade at next window and later want to delay the update, you can choose Defer upgrade. You can't defer a maintenance action if it has already started.

      To cancel a maintenance action, modify the DB instance and disable Auto minor version upgrade.

To apply a pending update to a DB instance, use the apply-pending-maintenance-action Amazon CLI command.

Example

For Linux, macOS, or Unix:

aws rds apply-pending-maintenance-action \ --resource-identifier arn:aws-cn:rds:us-west-2:001234567890:db:mysql-db \ --apply-action system-update \ --opt-in-type immediate

For Windows:

aws rds apply-pending-maintenance-action ^ --resource-identifier arn:aws-cn:rds:us-west-2:001234567890:db:mysql-db ^ --apply-action system-update ^ --opt-in-type immediate
Note

To defer a maintenance action, specify undo-opt-in for --opt-in-type. You can't specify undo-opt-in for --opt-in-type if the maintenance action has already started.

To cancel a maintenance action, run the modify-db-instance Amazon CLI command and specify --no-auto-minor-version-upgrade.

To return a list of resources that have at least one pending update, use the describe-pending-maintenance-actions Amazon CLI command.

Example

For Linux, macOS, or Unix:

aws rds describe-pending-maintenance-actions \ --resource-identifier arn:aws-cn:rds:us-west-2:001234567890:db:mysql-db

For Windows:

aws rds describe-pending-maintenance-actions ^ --resource-identifier arn:aws-cn:rds:us-west-2:001234567890:db:mysql-db

You can also return a list of resources for a DB instance by specifying the --filters parameter of the describe-pending-maintenance-actions Amazon CLI command. The format for the --filters command is Name=filter-name,Value=resource-id,....

The following are the accepted values for the Name parameter of a filter:

  • db-instance-id – Accepts a list of DB instance identifiers or Amazon Resource Names (ARNs). The returned list only includes pending maintenance actions for the DB instances identified by these identifiers or ARNs.

  • db-cluster-id – Accepts a list of DB cluster identifiers or ARNs for Amazon Aurora. The returned list only includes pending maintenance actions for the DB clusters identified by these identifiers or ARNs.

For example, the following example returns the pending maintenance actions for the sample-instance1 and sample-instance2 DB instances.

Example

For Linux, macOS, or Unix:

aws rds describe-pending-maintenance-actions \ --filters Name=db-instance-id,Values=sample-instance1,sample-instance2

For Windows:

aws rds describe-pending-maintenance-actions ^ --filters Name=db-instance-id,Values=sample-instance1,sample-instance2

To apply an update to a DB instance, call the Amazon RDS API ApplyPendingMaintenanceAction operation.

To return a list of resources that have at least one pending update, call the Amazon RDS API DescribePendingMaintenanceActions operation.

Maintenance for Multi-AZ deployments

Running a DB instance as a Multi-AZ deployment can further reduce the impact of a maintenance event. This result is because Amazon RDS applies operating system updates by following these steps:

  1. Perform maintenance on the standby.

  2. Promote the standby to primary.

  3. Perform maintenance on the old primary, which becomes the new standby.

When you modify the database engine for your DB instance in a Multi-AZ deployment, Amazon RDS upgrades both primary and secondary DB instances at once. In this case, the database engine for the entire Multi-AZ deployment is shut down during the upgrade.

For more information on Multi-AZ deployments, see Multi-AZ deployments for high availability.

The Amazon RDS maintenance window

Every DB instance has a weekly maintenance window during which any system changes are applied. Think of the maintenance window as an opportunity to control when modifications and software patching occur. If a maintenance event is scheduled for a given week, it's initiated during the 30-minute maintenance window you identify. Most maintenance events also complete during the 30-minute maintenance window, although larger maintenance events may take more than 30 minutes to complete.

The 30-minute maintenance window is selected at random from an 8-hour block of time per region. If you don't specify a maintenance window when you create the DB instance, RDS assigns a 30-minute maintenance window on a randomly selected day of the week.

RDS consumes some of the resources on your DB instance while maintenance is being applied. You might observe a minimal effect on performance. For a DB instance, on rare occasions, a Multi-AZ failover might be required for a maintenance update to complete.

Following, you can find the time blocks for each region from which default maintenance windows are assigned.

Region Name Region Time Block
US East (Ohio) us-east-2 03:00–11:00 UTC
US East (N. Virginia) us-east-1 03:00–11:00 UTC
US West (N. California) us-west-1 06:00–14:00 UTC
US West (Oregon) us-west-2 06:00–14:00 UTC
Africa (Cape Town) af-south-1 03:00–11:00 UTC
Asia Pacific (Hong Kong) ap-east-1 06:00–14:00 UTC
Asia Pacific (Jakarta) ap-southeast-3 08:00–16:00 UTC
Asia Pacific (Mumbai) ap-south-1 06:00–14:00 UTC
Asia Pacific (Osaka) ap-northeast-3 22:00–23:59 UTC
Asia Pacific (Seoul) ap-northeast-2 13:00–21:00 UTC
Asia Pacific (Singapore) ap-southeast-1 14:00–22:00 UTC
Asia Pacific (Sydney) ap-southeast-2 12:00–20:00 UTC
Asia Pacific (Tokyo) ap-northeast-1 13:00–21:00 UTC
Canada (Central) ca-central-1 03:00–11:00 UTC
China (Beijing) cn-north-1 06:00–14:00 UTC
China (Ningxia) cn-northwest-1 06:00–14:00 UTC
Europe (Frankfurt) eu-central-1 21:00–05:00 UTC
Europe (Ireland) eu-west-1 22:00–06:00 UTC
Europe (London) eu-west-2 22:00–06:00 UTC
Europe (Paris) eu-west-3 23:59–07:29 UTC
Europe (Milan) eu-south-1 02:00–10:00 UTC
Europe (Spain) eu-south-2 02:00–10:00 UTC
Europe (Stockholm) eu-north-1 23:00–07:00 UTC
Europe (Zurich) eu-central-2 02:00–10:00 UTC
Middle East (Bahrain) me-south-1 06:00–14:00 UTC
Middle East (UAE) me-central-1 05:00–13:00 UTC
South America (São Paulo) sa-east-1 00:00–08:00 UTC
Amazon GovCloud (US-East) us-gov-east-1 17:00–01:00 UTC
Amazon GovCloud (US-West) us-gov-west-1 06:00–14:00 UTC

Adjusting the preferred DB instance maintenance window

The maintenance window should fall at the time of lowest usage and thus might need modification from time to time. Your DB instance is unavailable during this time only if the system changes, such as a change in DB instance class, are being applied and require an outage. Your DB instance is unavailable only for the minimum amount of time required to make the necessary changes.

In the following example, you adjust the preferred maintenance window for a DB instance.

For this example, we assume that a DB instance named mydbinstance exists and has a preferred maintenance window of "Sun:05:00-Sun:06:00" UTC.

To adjust the preferred maintenance window

  1. Sign in to the Amazon Web Services Management Console and open the Amazon RDS console at https://console.amazonaws.cn/rds/.

  2. In the navigation pane, choose Databases, and then select the DB instance that you want to modify.

  3. Choose Modify. The Modify DB Instance page appears.

  4. In the Maintenance section, update the maintenance window.

    Note

    The maintenance window and the backup window for the DB instance cannot overlap. If you enter a value for the maintenance window that overlaps the backup window, an error message appears.

  5. Choose Continue.

    On the confirmation page, review your changes.

  6. To apply the changes to the maintenance window immediately, select Apply immediately.

  7. Choose Modify DB Instance to save your changes.

    Alternatively, choose Back to edit your changes, or choose Cancel to cancel your changes.

To adjust the preferred maintenance window, use the Amazon CLI modify-db-instance command with the following parameters:

  • --db-instance-identifier

  • --preferred-maintenance-window

Example

The following code example sets the maintenance window to Tuesdays from 4:00-4:30AM UTC.

For Linux, macOS, or Unix:

aws rds modify-db-instance \ --db-instance-identifier mydbinstance \ --preferred-maintenance-window Tue:04:00-Tue:04:30

For Windows:

aws rds modify-db-instance ^ --db-instance-identifier mydbinstance ^ --preferred-maintenance-window Tue:04:00-Tue:04:30

To adjust the preferred maintenance window, use the Amazon RDS API ModifyDBInstance operation with the following parameters:

  • DBInstanceIdentifier

  • PreferredMaintenanceWindow

Working with operating system updates

RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL DB instances occasionally require operating system updates. Amazon RDS upgrades the operating system to a newer version to improve database performance and customers’ overall security posture. Typically, the updates take about 10 minutes. Operating system updates don't change the DB engine version or DB instance class of a DB instance.

Operating system updates can be either optional or mandatory.

  • An optional update doesn’t have an apply date and can be applied at any time. While these updates are optional, we recommend that you apply them periodically to keep your RDS fleet up to date. RDS does not apply these updates automatically. To be notified when a new optional update becomes available, you can subscribe to RDS-EVENT-0230 in the security patching event category. For information about subscribing to RDS events, see Subscribing to Amazon RDS event notification.

  • A mandatory update is required and has an apply date. Plan to schedule your update before this date. After the specified apply date, Amazon RDS automatically upgrades the operating system for your DB instance to the latest version. The update is performed in a subsequent maintenance window for the DB instance.

Note

Staying current on all optional and mandatory updates might be required to meet various compliance obligations. We recommend that you apply all updates made available by RDS routinely during your maintenance windows.

You can use the Amazon Web Services Management Console or the Amazon CLI to determine whether an update is optional or mandatory.

To determine whether an update is optional or mandatory using the Amazon Web Services Management Console

  1. Sign in to the Amazon Web Services Management Console and open the Amazon RDS console at https://console.amazonaws.cn/rds/.

  2. In the navigation pane, choose Databases, and then select the DB instance.

  3. Choose Maintenance & backups.

  4. In the Pending maintenance section, find the operating system update, and check the Status value.

In the Amazon Web Services Management Console, an optional update has its maintenance Status set to available and doesn't have an Apply date, as shown in the following image.


                        Optional operating system update

A mandatory update has its maintenance Status set to required and has an Apply date, as shown in the following image.


                        Required operating system update

To determine whether an update is optional or mandatory using the Amazon CLI, call the describe-pending-maintenance-actions command.

aws rds describe-pending-maintenance-actions

A mandatory operating system update includes an AutoAppliedAfterDate value and a CurrentApplyDate value. An optional operating system update doesn't include these values.

The following output shows a mandatory operating system update.

{ "ResourceIdentifier": "arn:aws:rds:us-east-1:123456789012:db:mydb1", "PendingMaintenanceActionDetails": [ { "Action": "system-update", "AutoAppliedAfterDate": "2022-08-31T00:00:00+00:00", "CurrentApplyDate": "2022-08-31T00:00:00+00:00", "Description": "New Operating System update is available" } ] }

The following output shows an optional operating system update.

{ "ResourceIdentifier": "arn:aws:rds:us-east-1:123456789012:db:mydb2", "PendingMaintenanceActionDetails": [ { "Action": "system-update", "Description": "New Operating System update is available" } ] }

Availability of operating system updates

Operating system updates are specific to DB engine version and DB instance class. Therefore, DB instances receive or require updates at different times. When an operating system update is available for your DB instance based on its engine version and instance class, the update appears in the console. It can also be viewed by running Amazon CLI describe-pending-maintenance-actions command or by calling the RDS DescribePendingMaintenanceActions API operation. If an update is available for your instance, you can update your operating system by following the instructions in Applying updates for a DB instance.

Mandatory operating system updates schedule

We plan to use the following schedule for mandatory operating system updates. For each date in the table, the start time is 00:00 Universal Coordinated Time (UTC).

DB engine Apply date

RDS for MySQL

August 31, 2022*

RDS for MariaDB

August 31, 2022

RDS for PostgreSQL

August 31, 2022

* For RDS for MySQL, the date applies to the Asia Pacific (Jakarta) Region only. Mandatory operating system updates are complete for other Amazon Web Services Regions.

After the apply date, Amazon RDS will automatically upgrade the operating system for your DB instances to the latest version in a subsequent maintenance window. To avoid an automatic upgrade, we recommend that you schedule your update before the apply date.