Updated on 2024-03-19 GMT+08:00

RDS for PostgreSQL Constraints

The following tables list the constraints designed to ensure the stability and security of RDS for PostgreSQL.


Table 1 Specifications



Storage space

  • Cloud SSD: 40 GB to 4,000 GB
  • Extreme SSD: 40 GB to 4,000 GB


  • Cloud SSD: a maximum of 50,000
  • Extreme SSD: a maximum of 128,000


Table 2 Naming



Instance name

  • 4 to 64 characters long
  • Must start with a letter. Only letters (case sensitive), digits, hyphens (-), and underscores (_) are allowed.

Database name

  • 1 to 63 characters long
  • Only letters, digits, and underscores (_) are allowed. It cannot start with pg or a digit, and must be different from RDS for PostgreSQL template database names. RDS for PostgreSQL template databases include postgres, template0, and template1.

Account name

  • 1 to 128 characters long
  • Only letters, digits, hyphens (-), and underscores (_) are allowed. It must be different from system accounts. System accounts include rdsadmin, rdsuser, rdsbackup, and rdsmirror.

Backup name

  • 4 to 64 characters long
  • Must start with a letter. Only letters (case sensitive), digits, hyphens (-), and underscores (_) are allowed.

Parameter template name

  • 1 to 64 characters long
  • Only letters (case sensitive), digits, hyphens (-), underscores (_), and periods (.) are allowed.


Table 3 Security



root password

  • 8 to 32 characters long
  • Must contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~!@#%^*-_=+?,).

Database port

2100 to 9500

Disk encryption

If you enable disk encryption during instance creation, the disk encryption status and the key cannot be changed later.


The VPC where a DB instance is located cannot be changed after the instance is created.

Security group

  • By default, you can create a maximum of 100 security groups in your cloud account.
  • By default, you can add up to 50 security group rules to a security group.
  • One RDS DB instance can be associated with multiple security groups, and one security group can be associated with multiple RDS DB instances.
  • When creating a DB instance, you can select multiple security groups. For better network performance, you are advised to select no more than five security groups.

System account

To provide O&M services, the system automatically creates system accounts when you create RDS for PostgreSQL DB instances. These system accounts are unavailable to you.

  • rdsAdmin: a management account with the highest permission. It is used to query and modify instance information, rectify faults, migrate data, and restore data.
  • pg_execute_server_program: an account that allows executing programs on the database server as the user the database runs as with COPY and other functions which allow executing a server-side program.
  • pg_read_all_settings: an account that reads all configuration variables.
  • pg_read_all_stats: an account that reads all pg_stat_* views and uses various extension-related statistics.
  • pg_stat_scan_tables: an account that executes monitoring functions that may take ACCESS SHARE locks on tables, potentially for a long time.
  • pg_signal_backend: an account that signals another backend to cancel a query or terminate its session.
  • pg_read_server_files: an account that allows reading files from any location the database can access on the server with COPY and other file-access functions.
  • pg_write_server_files: an account that allows writing to files in any location the database can access on the server with COPY and other file-access functions.
  • pg_monitor: an account that reads and executes various monitoring views and functions. This role is a member of pg_read_all_settings, pg_read_all_stats, and pg_stat_scan_tables.
  • rdsRepl: a replication account, used to synchronize data from the primary instance to the standby instance or read replicas.
  • rdsBackup: a backup account, used for backend backup.
  • rdsMetric: a metric monitoring account used by watchdog to collect database status data.

Instance parameter

To ensure the optimal performance of RDS, you can modify parameters in the parameter template you created as needed.

Instance Operations

Table 4 Instance operations



Instance deployment

ECSs where DB instances are deployed are not directly visible to you. You can only access the DB instances through IP addresses and database ports.

Data migration

You can migrate data from self-managed PostgreSQL databases, PostgreSQL databases built on other clouds, self-managed Oracle databases, RDS for MySQL, self-managed MySQL databases, or MySQL databases built on other clouds to RDS for PostgreSQL, or from one RDS for PostgreSQL instance to another RDS for PostgreSQL instance.

Data migration tools include Data Replication Service (DRS), pg_dump, and Data Admin Service (DAS). You are advised to use DRS because it is easy to use and can complete a migration task in minutes. DRS facilitates data transfer between databases, helping you reduce DBA labor costs and hardware costs.

Primary/Standby replication

RDS for PostgreSQL uses a primary/standby dual-node replication cluster. You do not need to set up replication additionally. The standby DB instance is not visible to you and therefore you cannot access it directly.

Rebooting a DB instance

DB instances cannot be rebooted through commands. They must be rebooted through the RDS console.

Viewing backups

You can download automated and manual backups for local storage. To download a backup, you can use OBS Browser+, the current browser, or the download URL.

Log management

RDS for PostgreSQL logging is enabled by default and cannot be disabled.

Recycle bin

RDS allows you to move unsubscribed yearly/monthly DB instances and deleted pay-per-use DB instances to the recycle bin. You can rebuild a DB instance that was deleted up to 7 days ago from the recycle bin.