Skip to main content
Warning This document has not been updated for a while now. It may be out of date.
Last updated: 9 Jun 2020

govuk-aws: 18. Use RDS instead of provisioned EC2 databases

Date: 2017-08-01




We use both MySQL and PostgreSQL in our stack for different applications. These have been traditionally provisioned as VM instances and managed with Puppet.

Puppet manages every aspect of these instances:

  • Server configuration and tuning
  • CRUD actions on databases
  • Users and permissions
  • Replication/clustering
  • Backups

AWS offers the Relational Database Service (RDS).

Using RDS would remove the following away from being managed by Puppet:

  • Server configuration and tuning
  • Replication/clustering
  • Backups

Terraform code would be required to ensure the above is configured correctly.


We are going to use RDS to remove a significant portion of our Puppet code that traditionally managed both PostgreSQL and MySQL.

To manage databases, users, data loading and long-term offsite backups, we will create a new type of node class named "db_admin". This will be able to connect and configure each RDS instance in a stack.


New code will need to be written to create the "db_admin" class, and some rewriting of our logic will be required in Puppet.

We will need to understand and create relevant monitoring for RDS instances.

We will eventually be able to remove the large amount of Puppet code related to the management and provisioning of both MySQL and PostgreSQL servers.