Data Protection

Secure Sockets Layer (SSL)

RDS for MySQL and RDS for MariaDB instances support both non-SSL and SSL connections. SSL is recommended for enhanced security.

RDS for PostgreSQL and RDS for SQL Server instances support only SSL connections to ensure data transmission security.

• RDS for MySQL: Configuring an SSL Connection
• RDS for MariaDB: Connecting to a DB Instance Through a Private Network
• RDS for PostgreSQL: Using psql CLI to Connect to an Instance Through a Private Network
• RDS for SQL Server: Connecting to an Instance Through a Private Network

Cross-AZ deployment

To ensure high availability, RDS allows you to deploy primary and standby DB instances across AZs. AZs are physically isolated but interconnected through an internal network.

• RDS for MySQL: Step 1: Buy a DB Instance
• RDS for MariaDB: Step 1: Buy a DB Instance
• RDS for PostgreSQL: Step 1: Buy a DB Instance

Deletion protection

RDS allows you to move unsubscribed yearly/monthly DB instances and deleted pay-per-use DB instances to the recycle bin. You can rebuild a DB instance that was deleted up to 7 days ago from the recycle bin.

• RDS for MySQL: Recycling a DB Instance
• RDS for PostgreSQL: Recycling a DB Instance
• RDS for SQL Server: Recycling a DB Instance

Cross-region backup

RDS can store backups in a different region from the DB instance for disaster recovery. If the DB instance ever fails, you can use backups in the other region to restore data to a new DB instance.

• RDS for MySQL: Setting a Cross-Region Backup Policy