Restore RDS backup
This guide shows you how to restore a database backup to a new database cluster.
Before you begin
You need to:
- Complete Configure AWS Backup
- Have at least one snapshot available (by default a database backup is completed nightly)
- Configure RDS bastion to be able to verify your restored database
- Have
psql
installed to connect to your database
Step 1: Find a snapshot to restore
In the AWS console find the Amazon RDS service. Under Snapshots > Backup service select a DB snapshot to restore.
Under Actions select Restore snapshot.
Step 2: Configure your new database
Under Settings provide a name for the new database. The default from Golden Path is ${local.environment}-main
. If you chose the name pirates-dev
a cluster with the name pirates-dev-cluster
will be created.
Under Instance configuration select "Serverless v2". Update "Maximum capacity (ACUs)" as needed.
Under Connectivity > Existing VPC security groups remove the default security group.
Instead of the default security group we need the DB security group. You can find the name of this security group under your existing database Amazon RDS > Databases. Select your current DB instance (not cluster). Review the Security group rules to find the name of the current security group. Select the security group used for your current database like this:
Finally, select Restore DB cluster. Restoring a database takes some time (approx. 30min for an empty database). While restoring the database will be listed as creating. Before continuing the database status must be "Available".
Step 3: Verify database backup
Assumption
In order to do this step you must already have RDS bastion configured. If you do not have RDS bastion configure, see Connect to a database from your computer
Using the ok
tool enable access to the database from your local machine with:
In another terminal type:
The master password will be the same as for the old database. If you do not know the old password, you can update it to a known value from the console Amazon RDS > Databases > (Select restored DB) > (Modify). Set a new master password and apply the configuration.
You should now be able to verify that the content of your database is as expected and can proceed to connect your application to the new database.
Step 4: Connect app to new database
This step assumes that you are following the Golden Path and details may vary depending on your setup.
In your application stack, create a new SSM parameter as follows:
resource "aws_ssm_parameter" "db_endpoint" {
name = "/${local.environment}/database/${local.db_name}/restored_db_endpoint"
type = "String"
value = "To be set in console"
tags = local.common_tags
lifecycle {
ignore_changes = [
value
]
}
}
Create the new resource by running terraform apply
.
Locate the database endpoint in the console under Amazon RDS > Databases > (Select your restored DB instance). Copy the database endpoint.
Update the value of the newly created parameter under AWS Systems Manager > Parameter Store > (Search for restored_db_endpoint
).
Step 5: Update the App DB endpoint
Create a new file called __gp_dependencies_override.tf
with the following:
data "aws_ssm_parameter" "db_endpoint" {
name = "/${local.environment}/database/${local.db_name}/restored_db_endpoint"
with_decryption = false
}
Run terraform apply
again to update your application.
Next step
Warning
The above approach assumes that the username and password for the database will remain the same. If you rotate the password on the old database you will experience connectivity issues with the restored database.
Once you have restored your application to a working state you should import the new database into your Terraform configuration for easier management.