RDS is a fantastic option for hosting your database. It has automatic database backups and logging built in and you can scale your instance as you get more users. A well suited database instance for your application ensures that you aren't paying for server costs that you don't need. While RDS is not as hands-off as DynamoDB because you will need to still scale it up and down as your needs adjust, MySQL and Postgres are more popular database options so they tend to be better supported.
In this post we will go through how you can create your very own RDS MySQL instance that’s hosted by AWS and all set up for connecting to the Zeit Now service. You’ll need this setup if you’d like to serverlessly deploy your Prisma 2 backend like we will show in our next post, but this option is also needed for other backend ORM packages such as
sequelize for connecting to a database. After setting the database up, we will also go through how you can configure your security groups so that you can connect to it from the outside world or your lambda function.
Video for this post:
Go to the AWS console and then the RDS page. In the resources panel click on the DB Instances link. Then click the create DB button.
Step 2: Configure the RDS instance and template type
Create a MySQL RDS type and then click on the free tier. This probably will be more than good enough for your purposes to start. It will only run one database instance which means that it will not be fault tolerant in the event that the server dies. In the future you can always bump this up to have redundancy across three or more database instances in different availability zones.
Step 3: Configure the RDS settings
We can pick the instance identifier, which is what we will call this database from within. Note that this is not the database name- we will be setting that later. Next, we can set the root username and password. We can always create more users in the future with more scoped down permissions that limit which tables we can write to.
We can also disable storage autoscaling and allocate 20 GB to start.
Step 4: Configure the VPC settings
A VPC is a closed off section of the cloud. We want to create a new VPC so this database instance can live in its own little world and we want to make sure we go into the advance settings and set it open to the world. If we don’t take that additional step, we won’t be able to access it from our development machine and the Now backend instance won’t be able to reach it.
Next, we have to set the security group- think of this as a firewall. We can control access to the database by selectively opening ports and also specify which IP addresses that the requests are allowed to come from. By default all traffic is allowed out, but only port 3306 is allowed from our dev machine’s IP address. We will need to fix that later in the tutorial.
Step 5: Additional Configuration
Here we can create a default database. In our case I want to make one called prisma because that’s what I’m telling the prisma 2 service to write to in my configuration. We can also specify whether we’d like automatic backups. You’d certainly want this for a production database, but this is for dev purposes so I won’t worry about it.
Step 6: Create the database
After creating the database, AWS tells you that it will take several minutes to finish.
Step 7: Open up your incoming RDS IPs to the world
Next we need to change the security group so that it is open to the world. By default it will only be open to your current IP address, which is great for debugging, but it won’t work for Zeit’s Now service because it is up on AWS so the IP will be different. To further complicate issues, Zeit doesn’t adhere to a particular subset of IP addresses which is unfortunate because it means that we need to open up our RDS instance to the entire world and we can’t limit it to the just Zeit lambda functions. This means that it is super critical that we choose a very secure username and password so others can’t get in even if the port is exposed.
Step 8: Connect to our database
Finally we can now connect to our database. We can copy the database URL from the RDS pane. It will be something like:
With the username and password we set previously and a port of 3306. You can connect to it with whatever program you like but I’m a fan of the (free!) Sequel Pro.
When you want to create a connection string it will be of the following form:
That’s it! Make sure that if you use this connection string in Zeit Now that you never, ever, ever commit the string to Github. If you accidentally do compromise your connection string on Github or anywhere else, make sure that you immediately change your password. Instead, use
now secrets to manage your connection string. We discuss this in our post about serverless deployment, so be sure to check it out!