Amazon Adds Cross Region and Encrypted Replication Support for Aurora
In a recent blog post, Amazon announced updates to its MySQL-compatible Database Engine, Aurora. In this update, Amazon is including support for cross region snapshot copy, cross region replication for encrypted databases, cross account encrypted snapshot sharing, adding a region where Aurora can be provisioned and a new instance size called T2.Small.
Cross Region Snapshot Copy
Copying a snapshot from Amazon region to region was previously supported and can be either an automatic or manual operation performed from the AWS Management Console. Encryption of the database snapshot is now supported as of this update. If you do choose to enable encryption, there are some constraints involving the AWS KMS encryption key:
If you copy an encrypted snapshot within the same region, you can encrypt the copy with the same KMS encryption key as the original snapshot, or you can specify a different KMS encryption key. If you copy an encrypted snapshot across regions, you can't use the same KMS encryption key for the copy as used for the source snapshot, because KMS keys are region-specific. Instead, you must specify a KMS key valid in the destination AWS Region.
Cross Region Replication for Encrypted Databases
When provisioning a new Aurora DB instance, developers previously had the ability to enable encryption. As part of this recent update, developers can now enable a read replica of the encrypted database in another region. Jeff Barr, chief evangelist at AWS, explains some of the benefits of using this feature:
You can use cross region replication for encrypted databases to build multi-region, highly available systems or to move the data closer to the user.
Developers can enable this feature by selecting an existing DB Instance and choose Create Cross Region Read Replica from the menu and then choose a destination region which must include a DB Subnet Group that includes two or more Availability Zones.
Cross Account Encrypted Snapshot Sharing
Configuring periodic or automated snapshots is nothing new when provisioning Amazon Aurora DB instances. As of this recent update, developers can now share encrypted snapshots with other AWS accounts provided the database is encrypted with a Master Key that is not the default RDS key.
US West (Northern California Region) Availability
Amazon Aurora DB instances may now be provisioned in the US West (Northern California) Region in addition to the existing regions:
- US East (Northern Virginia)
- US East (Ohio)
- US West (Oregon)
- Canada (Central)
- EU (Ireland)
- EU (London)
- Asia Pacific (Tokyo)
- Asia Pacific (Sydney)
- Asia Pacific (Seoul)
- Asia Pacific (Mumbai)
T2.Small Instance Support
Aurora can be deployed in several different CPU and Memory configurations. Amazon is now introducing a small instance, which:
Are a great fit for dev & test environments and for light production workloads. You can also use them to gain some experience with Amazon Aurora.
Pricing info for Aurora DB instances can be found on the Amazon pricing page.