Explanation: DB Security Groups vs. VPC Security Groups
The following table shows the key differences between DB security groups and VPC security groups.
DB Security Group Controls access to DB instances outside a VPC Uses Amazon RDS APIs or Amazon RDS page of the AWS Management Console to create and manage group or rules When you add a rule to a group, you do not need to specify port number or protocol. Groups allow access from EC2 security groups in your AWS account or other accounts. Security Group Scenario
VPC Security Group Controls access to DB instances in VPC. Uses Amazon EC2 APIs or Amazon VPC page of the AWS Management Console to create and manage group or rules. When you add a rule to a group, you should specify the protocol as TCP, and specify the same port number that you used to create the DB instances (or Options) you plan to add as members to the group. Groups allow access from other VPC security groups in your VPC only.
A common use of an RDS instance in a VPC is to share data with an application server running in an EC2 instance in the same VPC and that is accessed by a client application outside the VPC. For this scenario, you would do the following to create the necessary instances and security groups. You can use the RDS and VPC pages on the AWS Console or the RDS and EC2 APIs.
Create a VPC security group (for example, "sg-appsrv1") and define inbound rules that use as source the IP addresses of the client application. This security group allows your client application to connect to EC2 instances in a VPC that uses this security group.
Create an EC2 instance for the application and add the EC2 instance to the VPC security group ("sg-appsrv1") you created in the previous step. The EC2 instance in the VPC shares the VPC security group with the DB instance.
Create a second VPC security group (for example, "sg-dbsrv1") and create a new rule by specifying the VPC security group you created in step 1 ("sg-appsrv1") as the source.
Create a new DB instance and add the DB instance to the VPC security group ("sg-dbsrv1") you created in the previous step. When you create the instance, use the same port number as the one specified for the VPC security group ("sg-dbsrv1") rule you created in step 3.
Question : RDS allows you to restore a database engine to a "point in time" (InnoDB for MySQL).
Explanation: The PointIn Time Restore and Snapshot Restore features of Amazon RDS for MySQL require a crash recoverable storage engine and are supported for InnoDB storage engine only. While MySQL supports multiple storage engines with varying capabilities, not all of them are optimized for crash recovery and data durability. For example, MyISAM storage engine does not support reliable crash recovery and may result in lost or corrupt data when MySQL is restarted after a crash, preventing Point In Time Restore or Snapshot restore from working as intended.
Read Replicas require a transactional storage engine and are only supported for the InnoDB storage engine.
Non transactional engines such as MyISAM might prevent Read Replicas from working as intended. However, if you still choose to use MyISAM with Read Replicas, we advise you to watch the Amazon CloudWatch Replica Lag metric (available via the AWS Management Console or Amazon CloudWatch APIs) carefully and recreate the Read Replica should it fall behind due to replication errors. The same considerations apply to the use of temporary tables and any other non transactional engines.
Question : In the Amazon Elastic Compute Cloud (Amazon EC) console you have setup the Alarm as given setting, what would it implies 1. Create an alarm that terminates an instance that runs BigData MapReduce when it is no longer sending results data. 2. Create an alarm that stop an instance that runs BigData MapReduce when it is no longer sending results data. 3. Access Mostly Uused Products by 50000+ Subscribers
1. Change the Disable button for notification to "Yes" in the RDS console 2. Set the send mail flag to false in the DB event notification console 3. Access Mostly Uused Products by 50000+ Subscribers 4. Change the Enable button for notification to "No" in the RDS console