AWS Database Blog

Schedule Amazon RDS stop and start using AWS Systems Manager

Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. Traditional relational databases require time spent on capacity planning, maintenance, backup, and recovery; a substantial amount of a database administrator’s time is lost to these tasks. Amazon RDS helps DBAs time spent on other important tasks that add value to the organization by automating most routine tasks.

In a typical development environment, dev and test databases are mostly utilized for 8 hours a day and sit idle when not in use. However, the databases are billed for the compute and storage costs during this idle time. To reduce the overall cost, Amazon RDS allows instances to be stopped temporarily. While the instance is stopped, you’re charged for storage and backups, but not for the DB instance hours. Please note that a stopped instance will automatically be started after 7 days.

This post presents a solution using AWS Systems Manager State Manager that automates the process of keeping RDS instances in a start or stop state.

Amazon RDS database auto shutdown and startup can be scheduled either by AWS systems manager or AWS Lambda (presented in part 1). You can pick either one of this strategy depending on standards, availability of these services, and best practices put forth by your organization.

Solution overview

AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services. Systems Manager enables you to automate operational tasks across your AWS resources to help make your teams more efficient. With automated playbooks along with rich text descriptions, you can reduce human error and simplify maintenance and deployment tasks on AWS resources. You can use predefined automation playbooks or build your own to share for common operational tasks such as stopping and restarting an RDS instance.

State Manager is a secure and scalable service that automates the process of keeping your Amazon RDS and hybrid infrastructure in a state that you define.

To implement our solution, we complete the following high-level steps:

  1. Configure an AWS Identity and Access Management (IAM) policy for State Manager.
  2. Create an IAM role for the new policy.
  3. Update the trust relationship of the role so Systems Manager can use it.
  4. Set up the automatic stop with State Manager.
  5. Set up the automatic start with State Manager.

Configure an IAM policy for State Manager

We first need to create an IAM policy that allows State Manager to stop, start, and reboot RDS instances.

  1. On the IAM console, under Access Management in the navigation pane, choose Policies.
  2. Choose Create policy.
  3. On the JSON tab, enter the following policy code:
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "rds:Describe*",
                    "rds:Start*",
                    "rds:Stop*",
                    "rds:Reboot*"
                ],
                "Resource": "*"
            }
        ]
    }
  4. Choose Review policy.
  5. Name the policy StopStartRebootRDS.
  6. Choose Create policy.

Create an IAM role

Next, we create an IAM role that allows the use of the policy we just created.

  1. On the IAM console, under Access management in the navigation pane, choose Roles.
  2. Choose Create role.
  3. For Select type of trusted entity, choose AWS service.
  4. For Common use cases, choose EC2.
  5. Choose Next: Permissions.
  6. Search for and select the policy you created (StopStartRebootRDS).
  7. Choose Next: Tags.
  8. Enter any optional tags and choose Next: Review.
  9. For Role name, enter StopStartRebootRDS.
  10. Choose Create role.

Update the trust relationship

We now update the trust relationship so that Systems Manager can assume the role we created.

  1. On the IAM console, choose Roles in the navigation pane.
  2. Search for and choose the role you created (StopStartRebootRDS).
  3. On the Trust relationships tab, choose Edit trust relationship.
  4. Enter the following policy code:
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Principal": {
            "Service": "ssm.amazonaws.com"
          },
          "Action": "sts:AssumeRole"
        }
      ]
    }
  5. Choose Update Trust Policy.

Set up automatic stop with State Manager

To set up an automatic stop with State Manager, complete the following steps:

  1. On the Systems Manager console, under Instances & Nodes in the navigation pane, choose State Manager.
  2. Choose Create association.
  3. For Name, enter StopInstanceRDS.
  4. In the Document section, select the document you want to use (for this post, AWS-StopRdsInstance).

Single instance

If you’re using a single instance, it will error out if you use multiple instances.

  1. Select Simple execution.
  2. For InstanceId, enter the instance ID you want to run against.
  3. For AutomationAssumeRole, enter the role to assume (StopStartRebootRDS).
  4. In the Specify schedule section, configure the schedule you want to use (for this post, daily at 10 PM GMT).
  5. Choose Create Association.

Multiple instances

If you want to use multiple instances, complete the following steps:

  1. Repeat Steps 1–4 to set up your automatic stop.
  2. Select Rate control.
  3. For Parameter, choose InstanceId.
  4. For Targets, choose Tags.
  5. Tag all the instances you want State Manager to impact with appropriate tags.
  6. For Concurrency, enter 100 (starts all instances at the same time).
  7. For Error threshold, enter 100 (ignores errors).

Set up automatic start with State Manager

To set up your automatic start, complete the following steps:

  1. On the Systems Manager console, under Instances & Nodes in the navigation pane, choose State Manager.
  2. Choose Create association.
  3. For Name, enter StartInstanceRDS.
  4. In the Document section, select the document you want to use (AWS-StartRdsInstance).

Single instance

To use a single instance, complete the following steps:

  1. Select Simple execution.
  2. For InstanceId, enter the instance ID you want to run against.
  3. For AutomationAssumeRole, enter the role to assume (StopStartRebootRDS).
  4. In the Specify schedule section, configure the schedule you want to use (for this post, daily at 6 AM GMT).
  5. Choose Create Association.

Multiple instances

To use multiple instances, complete the following steps:

  1. Repeat Steps 1–4 to set up the automatic start.
  2. Select Rate control.
  3. For Parameter, choose InstanceId.
  4. For Targets, choose Tags.
  5. Tag all the instances you want State Manager to impact with appropriate tags.
  6. For Concurrency, enter 100 (starts all instances at the same time).
  7. For Error threshold, enter 100 (ignores errors).

Summary

This post demonstrated how to stop and start RDS databases in dev and test environments when they’re not in use, thereby leading to a compute cost savings. The solution used Systems Manager and State Manager to automatically start and stop the RDS databases. However, keep in mind that although we’re stopping the databases, the storage costs for the databases still apply.

We encourage you to try this solution and take advantage of all the benefits of using AWS Systems Manager and Amazon RDS. You can also accomplish Amazon RDS Stop and Start using AWS Lambda, check out the blog post “Schedule Amazon RDS stop and start using AWS Lambda“.

Please feel free to reach out with questions or requests in the comments.


About the authors

Varun Mahajan is a Solutions Architect at Amazon Web Services. He works with enterprise customers helping them align their business goals with the art of the possible using cloud-based technologies. He enjoys working with data and solving problems using the AWS database and analytics portfolio.
 

 

Sharath Lingareddy is a Database Architect with the Professional Services team at Amazon Web Services. He has provided solutions using relational databases including Amazon RDS. His focus area is homogeneous and heterogeneous migrations of on-premise databases to Amazon RDS and Aurora PostgreSQL.

 

 

 

Yesh Tanamala is a Database Migration Consultant with AWS Professional Services. He works as a database migration specialist to help internal and external Amazon customers move their on-premises database environment to AWS data stores.