Amazon RDS Custom

for SQL Server-

Technical Overview
Sudhir Amin
Database Specialist SA

© 2022, Amazon Web Services, Inc. or its affiliates. © 2022, Amazon Web Services, Inc. or its affiliates.
Agenda

• Introduction – Amazon RDS Custom for SQL Server

• Use Cases and Benefits
• Technical Overview
– Concepts and Terminology
– Architecture
– Setting up Amazon RDS Custom for SQL Server
• Demo
• Q&A

© 2022, Amazon Web Services, Inc. or its affiliates. 2

Introduction

© 2022, Amazon Web Services, Inc. or its affiliates. 3

Amazon RDS Custom

Amazon RDS Custom is a managed

database service for legacy, custom, and
packaged applications that require
access to the underlying operating
system and database environment.

© 2022, Amazon Web Services, Inc. or its affiliates. 4

Feature overview
• Managed database service

• Granular access to operating system and database system

• SQL Server 2019 (Enterprise, Standard, Web editions)

• Self-managed high availability

• M5/R5 instance types

• Host up to 5,000 databases

• Point-in-time restore (PiTR) for up to 100 databases

• Licensed-included only

© 2022, Amazon Web Services, Inc. or its affiliates. 5

SQL Server deployment options

On-premises EC2 RDS Custom RDS

You manage
High availability High availability High availability High availability

Backups Backups Backups Backups Shared

responsibility
Patching Patching Patching Patching

Scaling Scaling Scaling Scaling AWS

manages
Hardware Hardware Hardware Hardware

NO MANAGEMENT FULL MANAGEMENT

Host-level access and full database permissions Allows 3rd-party applications on the database host
Allows features not currently supported by RDS Initially planned for SQL Server and Oracle

6
© 2022, Amazon Web Services, Inc. or its affiliates.
When to choose RDS Custom for SQL Server?
• Customer wants managed database service
• Already evaluated Amazon RDS for SQL Server

But have additional requirements around:

• Use elevated privileges to access features and options not

available in RDS for SQL Server (e.g., sysadmin, xp_cmdshell) Amazon RDS
Custom for
• Custom or packaged applications require privileged access
(e.g. MSFT Sharepoint) SQL Server
• Hybrid/Multi-Cloud Disaster Recovery
• Flexible migration paths to RDS Custom:
• Always-on availability group, log shipping, SQL replication,
native backup

7
© 2022, Amazon Web Services, Inc. or its affiliates.
Use Cases and Benefits

© 2022, Amazon Web Services, Inc. or its affiliates. 8

Use cases

Granular Control Lift and Shift Business Disaster Recovery

Apps
Install custom drivers,
enable features or Third-party or packaged Setup DR from a self-
applications that require applications with managed environment
elevated privileges minimal changes
Example: Microsoft Example: SQL Server
Example: Extended stored Always On Availability
procedures, CLR, Resource SharePoint, Microsoft
Dynamics Groups, Replication
governor, Linked server
(various DB engines)

© 2022, Amazon Web Services, Inc. or its affiliates. 9

Use Case 1: Granular Control-Supporting 3rd party apps
Customer Data Center
AWS Cloud
AWS Monitor, Audit &
Security

Amazon Cloud Watch

Front Front
End End

App team
AWS CloudTrail

example.com
App App
Sqldba team AWS Direct
Connect AWS Systems Manager

 DB role AWS Trusted Advisor

 App hosting
windows authentication
RDS Custom for
 Enable CLR
Domain Join rdsinstance.example.com
SQL  DB limits 5k AWS Identity and
Active Directory Access Management (IAM)

10
© 2022, Amazon Web Services, Inc. or its affiliates.
Use Case 2: Granular Control -Linked Server
AWS Cloud
AWS Monitor, Audit &
Security

Amazon Cloud Watch

App 1 App 2 App 1 App 2 AWS CloudTrail

App 1 App 2

AWS Systems Manager

EC2 AWS Trusted Advisor

Install custom
RDS Custom for drivers RDS for Oracle
Oracle on EC2
SQL

Linked Server Linked Server AWS Identity and

Access Management (IAM)

11
© 2022, Amazon Web Services, Inc. or its affiliates.
Use Case 3: Flexible Disaster Recovery Or Migration Path
Customer Data Center
AWS Cloud
AWS Monitor, Audit &
Security

AWS Storage Amazon Cloud Watch

Gateway

Apps AWS CloudTrail

App 1 App 2
Tier AWS Direct
Connect

AWS Systems Manager

AWS Trusted Advisor

SQL
Database RDS Custom for SQL
Async replication – manual failover
AAG Secondary
AAG PRIMARY AWS Identity and
Replica
Replica Access Management (IAM)

12
© 2022, Amazon Web Services, Inc. or its affiliates.
Technical Overview

© 2022, Amazon Web Services, Inc. or its affiliates. 13

Concepts and terminology
Automation mode
Controls the Amazon RDS Custom automation
such as monitoring, backups, and database status.
Customers can pause Automation mode when
performing customizations to prevent unintended
interference with RDS Custom automation
© 2022, Amazon Web Services, Inc. or its affiliates.
Support perimeter
Determines if a customization breaks our
automation (once automation mode is resumed if
previously paused).
Customers have full access to the EC2 host. The
action is supported as long as the change does
not put the database outside of the perimeter.
14
Automation mode
• Automation software that runs outside of the DB instance
• Automates common DBA tasks
• Communicates with monitoring agents
• Similar recovery and monitoring features to Amazon RDS

• Primary responsibilities:
 Collect metrics and send notifications
 Perform automatic instance recovery

15
© 2022, Amazon Web Services, Inc. or its affiliates.
Pausing and resuming RDS Custom automation

Pause or resume RDS Custom Automation

for up to 24 hours in order to make
customizations and avoid interfering with
automation.

What gets paused?

• Database status monitoring
• Storage monitoring
• EC2 instance status
• Automated backups
• Manual snapshots
• RDS Custom agent
• Support perimeter
16
© 2022, Amazon Web Services, Inc. or its affiliates.
Support perimeter

• Checks for a list of requirements

• If requirements unmet, instance is
considered Unsupported Configuration
• Address the issue(s) to bring it back to
support perimeter

During Unsupported Configuration state:

• You cannot modify the DB instance
• You cannot take snapshots
Examples of support perimeter checks:
• No automated backups are created • RDS Custom agent is not running
• If the underlying EC2 instance is • SSM agent is not running
impaired, RDS Custom cannot replace it • Database created outside of RDS
managed EBS volume
© 2022, Amazon Web Services, Inc. or its affiliates. 17
Demo

© 2022, Amazon Web Services, Inc. or its affiliates. 18

Learning objectives with demos

• Get you familiar with prerequisites to setup RDS Custom

• Show Integration with AWS System Manager for config management

• Show how to perform changes to RDS Custom Instance – pause

automation, perform the change & resume, etc
• Show how changes affect support perimeter

• Perform change operation using superuser privileges both OS level & DB

level permission

© 2022, Amazon Web Services, Inc. or its affiliates. 19

Setting up Amazon RDS Custom for SQL Server

RDS Custom does not support AWS-managed KMS keys

Create IAM role, Add role to Create RDS Custom

Create KMS key Configure VPC
instance profile instance profile instance

© 2022, Amazon Web Services, Inc. or its affiliates. 20

Architecture
Region
Availability Zone

AWS Services VPC

RDS Custom Instance

CloudWatch
Monitoring Endpoint
agents
Amazon EC2

KMS

Secrets Manager Operating system Amazon RDS

Systems Manager

File system Amazon EBS volume

S3

© 2022, Amazon Web Services, Inc. or its affiliates. 21

Use Case 1: Examples of Granular Control – Linked Server

Operating system level Database level

• Connecting to your RDS Custom • Create Logins with sysadmin role
DB instance using AWS Systems
• Configure linked server between
Manager
Oracle and SQL Server
• Connecting to your RDS Custom
DB instance using RDP
• Join RDS Custom Instance to Self
Managed Active Directory
• Install Oracle client software on
RDS Custom Instance

© 2022, Amazon Web Services, Inc. or its affiliates. 22

Use Case 2 : Flexible Disaster Recovery Or Migration Path
Migration of multiple databases, from a SQL Server on-premises instance to
RDS Custom for SQL Server instance
Technology used
• Active directory (AWS Directory service)
• Windows Server Failover cluster
• Amazon FSx for Windows file server
• Always On Availability Groups
• Primary replica (Amazon EC2)
• Secondary replica (RDS Custom for SQL Server)

© 2022, Amazon Web Services, Inc. or its affiliates. 23

Call to Action
• Reach out to your account team to conduct a workshop
including a deep dive into migration best practices and
workload/license assessment
• Consider a Proof-of-Concept to validate your use case(s)
• Identify workloads that may be a good fit for RDS SQL
Server or RDS Custom for SQL Server
• Watch our recent Amazon RDS Custom videos on RDS Custom for
SQL Server
YouTube Channel
• Download the CloudFormation template to get started
on AWS

24
© 2022, Amazon Web Services, Inc. or its affiliates.
Q&A

© 2022, Amazon Web Services, Inc. or its affiliates. 25

Thank you!
Sudhir Amin

© 2022, Amazon Web Services, Inc. or its affiliates. © 2022, Amazon Web Services, Inc. or its affiliates.