Skip to content

Use Provisioned Aurora Clusters Over Serverless

Description

Amazon Aurora Serverless v1 (Amazon Aurora Serverless version 1) is an on-demand autoscaling configuration for Amazon Aurora. An Aurora Serverless DB cluster is a DB cluster that scales compute capacity up and down based on your application's needs. This contrasts with Aurora provisioned DB clusters, for which you manually manage capacity. Aurora Serverless v1 provides a relatively simple, cost-effective option for infrequent, intermittent, or unpredictable workloads.

For extra information about Amazon RDS Aurora Serverless V1 refer to the Amazon RDS Guide for Aurora.

Rationale

If possible, use a provisioned capacity type for your Amazon Aurora cluster over a serverless cluster. Serverless databases have these limitations:

  • AWS Identity and Access Management (IAM) database authentication not available
  • It is not possible to export Aurora Serverless v1 snapshots to Amazon S3 buckets.
  • Aurora Serverless v1 DB clusters TLS/SSL support isn’t currently available in the China (Beijing) AWS Region.
  • It is not possible to modify the default port

To learn about the limitations of Amazon Aurora serverless V1 refer to the Amazon RDS Guide for Aurora.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/resource-type cluster

Default Rule

const { isAwsRdsCluster, isAwsRdsClusterServerless } = aws

/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if database instance engine version is not serverless v1
 */
function validate(databaseSettings) {
    const serverlessVersions = ['5.6.10a', '2.07.1', '10.12', '10.14']
    const success = isAwsRdsCluster(databaseSettings) && (
                        !isAwsRdsClusterServerless(databaseSettings) ||
                        !serverlessVersions.includes(databaseSettings.awsDatabaseInstance.rdsCluster.engineVersion)
                    )

    return {
        success,
    }
}

// invoke
validate(databaseSettings);