Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

RDS for PostgreSQL Constraints

Updated on 2025-01-24 GMT+08:00

The following tables list the constraints designed to ensure the stability and security of RDS for PostgreSQL.

Specifications and Performance

Table 1 Specifications

Item

Constraints

Description

Storage space

  • Cloud SSD: 40 GB to 4,000 GB
  • Extreme SSD: 40 GB to 4,000 GB

-

Maximum connections

It depends on the value of max_connections.

For more information, see What Is the Maximum Number of Connections to an RDS DB Instance?

IOPS

  • Cloud SSD: a maximum of 50,000
  • Extreme SSD: a maximum of 128,000

The input/output operations per second (IOPS) supported depends on the I/O performance of Elastic Volume Service (EVS) disks. For details, see the description about ultra-high I/O and extreme SSDs in Disk Types and Performance of Elastic Volume Service Service Overview.

Quotas

Table 2 Quotas

Item

Constraints

Description

Read replica

A maximum of five read replicas can be created for a DB instance.

For more information, see Introducing Read Replicas.

Tags

A maximum of 20 tags can be added for a DB instance.

For more information, see Managing Tags.

Free backup space

RDS provides free backup space of the same size as your purchased storage space.

After you pay for the storage space of your DB instance, you will get a backup space of the same size for free. For more information, see How Is RDS Backup Data Billed?

Retention period of automated backups

The default value is 7 days. The value ranges from 1 to 732 days.

For more information, see Configuring an Intra-Region Backup Policy.

Log query

  • Error log records: 2,000
  • Slow query log records: 2,000

For more information, see Log Management.

Naming

Table 3 Naming

Item

Constraints

Instance name

  • 4 to 64 characters long
  • Must start with a letter. Only letters (case sensitive), digits, hyphens (-), and underscores (_) are allowed.

Database name

  • 1 to 63 characters long
  • Only letters, digits, and underscores (_) are allowed. It cannot start with pg or a digit, and must be different from RDS for PostgreSQL template database names. RDS for PostgreSQL template databases include postgres, template0, and template1.

Account name

  • 1 to 128 characters long
  • Only letters, digits, hyphens (-), and underscores (_) are allowed. It must be different from system accounts. System accounts include rdsadmin, rdsuser, rdsbackup, and rdsmirror.

Backup name

  • 4 to 64 characters long
  • Must start with a letter. Only letters (case sensitive), digits, hyphens (-), and underscores (_) are allowed.

Parameter template name

  • 1 to 64 characters long
  • Only letters (case sensitive), digits, hyphens (-), underscores (_), and periods (.) are allowed.

Security

Table 4 Security

Item

Constraints

root permissions

Only the root user is available on the instance creation page. RDS for PostgreSQL supports root privilege escalation in specific scenarios. For details, see Privileges of the root User.

root password

  • 8 to 32 characters long
  • Must contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~!@#%^*-_=+?,).

For more information, see Resetting the Administrator Password to Restore Root Access.

Database port

2100 to 9500

For more information, see Changing a Database Port.

Disk encryption

If you enable disk encryption during instance creation, the disk encryption status and the key cannot be changed later.

For more information, see Performing a Server-Side Encryption.

VPC

The VPC where a DB instance is located cannot be changed after the instance is created.

Security group

  • By default, you can create a maximum of 100 security groups in your cloud account.
  • By default, you can add up to 50 security group rules to a security group. For more information, see Configuring Security Group Rules.
  • One RDS DB instance can be associated with multiple security groups, and one security group can be associated with multiple RDS DB instances.
  • When creating a DB instance, you can select multiple security groups. For better network performance, you are advised to select no more than five security groups. For more information, see Changing a Security Group.

System account

To provide O&M services, the system automatically creates system accounts when you create RDS for PostgreSQL DB instances. These system accounts are unavailable to you.

  • rdsAdmin: a management account with the highest permission. It is used to query and modify instance information, rectify faults, migrate data, and restore data.
  • pg_execute_server_program: an account that allows executing programs on the database server as the user the database runs as with COPY and other functions which allow executing a server-side program.
  • pg_read_all_settings: an account that reads all configuration variables.
  • pg_read_all_stats: an account that reads all pg_stat_* views and uses various extension-related statistics.
  • pg_stat_scan_tables: an account that executes monitoring functions that may take ACCESS SHARE locks on tables, potentially for a long time.
  • pg_signal_backend: an account that signals another backend to cancel a query or terminate its session.
  • pg_read_server_files: an account that allows reading files from any location the database can access on the server with COPY and other file-access functions.
  • pg_write_server_files: an account that allows writing to files in any location the database can access on the server with COPY and other file-access functions.
  • pg_monitor: an account that reads and executes various monitoring views and functions. This role is a member of pg_read_all_settings, pg_read_all_stats, and pg_stat_scan_tables.
  • rdsRepl: a replication account, used to synchronize data from the primary instance to the standby instance or read replicas.
  • rdsBackup: a backup account, used for backend backup.
  • rdsMetric: a metric monitoring account used by watchdog to collect database status data.

Instance parameter

To ensure the optimal performance of RDS, you can modify parameters in the parameter template you created as needed.

For more information, see Suggestions on RDS for PostgreSQL Parameter Tuning.

Instance Operations

Table 5 Instance operations

Item

Constraints

Instance deployment

ECSs where DB instances are deployed are not directly visible to you. You can only access the DB instances through IP addresses and database ports.

Data migration

You can migrate data from self-managed PostgreSQL databases, PostgreSQL databases built on other clouds, self-managed Oracle databases, RDS for MySQL, self-managed MySQL databases, or MySQL databases built on other clouds to RDS for PostgreSQL, or from one RDS for PostgreSQL instance to another RDS for PostgreSQL instance.

Data migration tools include Data Replication Service (DRS), pg_dump, and Data Admin Service (DAS). You are advised to use DRS because it is easy to use and can complete a migration task in minutes. DRS facilitates data transfer between databases, helping you reduce DBA labor costs and hardware costs.

For more information, see Migration Solutions.

Primary/Standby replication

RDS for PostgreSQL uses a primary/standby dual-node replication cluster. You do not need to set up replication additionally. The standby DB instance is not visible to you and therefore you cannot access it directly.

High CPU usage

If the CPU usage is high or close to 100%, data read/write and database access will become slow, and an error will be reported during data deletion.

For details, see High CPU Usage of RDS for PostgreSQL DB Instances.

Rebooting a DB instance

DB instances cannot be rebooted through commands. They must be rebooted through the RDS console.

Stopping or starting a DB instance

  • You can temporarily stop pay-per-use instances to save money. For more information, see Stopping an Instance.
  • After stopping your instance, you can restart it to begin using it again.

Viewing backups

You can download automated and manual backups for local storage. To download a backup, you can use OBS Browser+, the current browser, or the download URL.

For more information, see Downloading a Full Backup File.

Log management

RDS for PostgreSQL logging is enabled by default and cannot be disabled.

Recycle bin

RDS allows you to move unsubscribed yearly/monthly DB instances and deleted pay-per-use DB instances to the recycle bin. You can rebuild a DB instance that was deleted up to 7 days ago from the recycle bin.

Privileges of the root User

RDS for PostgreSQL provides permissions for the root user. To create objects on an RDS for PostgreSQL database without operation risks, escalate your account to root privileges when necessary.

The following table describes root privilege escalation in different versions.

Table 6 Privileges of the root user

Version

Whether to Escalate Privileges

Initial Version for Privilege Escalation

pgcore9

No

N/A

pgcore10

No

N/A

pgcore11

Yes

11.11

pgcore12

Yes

12.6

pgcore13

Yes

13.2

pgcore14

Yes

14.4

pgcore15

Yes

15.4

pgcore16

Yes

16.2

Escalate to root privileges when you need to:

  • Create an event trigger.
  • Create a wrapper.
  • Create a logical replication publication.
  • Create a logical replication subscription.
  • Query and maintain replication sources.
  • Create a replication user.
  • Create a full-text index template and parser.
  • Run the vacuum command on a system table.
  • Run the analyze command on a system table.
  • Create an extension.
  • Grant an object permission to a user.

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback