Scribd Logo
Upload

Welcome to Scribd!

  • RDS Performance 231129-001959-231130170115

    Uploaded by

    chuzu123
    5 views10 pages
    This document contains information about a Postgres database instance named Lakefront-EDC including the database name, instance name, version, port, number of tables, records, size, and whether it contains large objects or materialized views. It also provides details about the backup and restore speeds, encryption status, authentication method, installed utility versions, and if the database was migrated from on-premise. The attached IAM role has permissions for EC2, RDS, EBS, S3, DynamoDB, KMS and other services.

    Original Description:

    Original Title

    RDS_performance_231129-001959-231130170115

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains information about a Postgres database instance named Lakefront-EDC including the database name, instance name, version, port, number of tables, records, size, and whether it contains large objects or materialized views. It also provides details about the backup and restore speeds, encryption status, authentication method, installed utility versions, and if the database was migrated from on-premise. The attached IAM role has permissions for EC2, RDS, EBS, S3, DynamoDB, KMS and other services.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    5 views10 pages

    RDS Performance 231129-001959-231130170115

    Uploaded by

    chuzu123
    This document contains information about a Postgres database instance named Lakefront-EDC including the database name, instance name, version, port, number of tables, records, size, and whether it contains large objects or materialized views. It also provides details about the backup and restore speeds, encryption status, authentication method, installed utility versions, and if the database was migrated from on-premise. The attached IAM role has permissions for EC2, RDS, EBS, S3, DynamoDB, KMS and other services.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 10

    What is the database name?

    Lakefron-EDC
    What is the database instance name?
    aws-rds-us-gov-west-1-818199694861-edl-adsd-edc-dev
    What is the version of the database?
    Engine version
    14.7
    What port is used for the database?
    Port
    5432
    Does database have a large object? If yes, then what is the type of large object?
    It seems like user might have created these large objects as part of AWS DMS job -- converting Oracle
    tables to Postgres
    total count of large object varies per database, the one we are testing has 4750 count.
    • Psql client utility version
    PSQL client utility version for what? the one I used for pg_restore? if so, its version 15.2
    • PostgreSQL Database user who created large object and Backup username
    user: lord0306 created large object and backup service account we are using is:
    svc_ebb_veritas_netbk, one example below
    oid lomowner lomacl
    156486 16455 {lord0306=rw/lord0306,webui_admin=r/lord0306,svc_ebb_veritas_netbk=r/
    lord0306}
    Does the user have a materialized view on the database?
    Yes
    Is the database encrypted?
    Encryption
    Enabled
    What is the average amount of time that it takes to backup this database?
    5 MB/s
    What is the average amount of time that it takes to restore this database?
    5 MB/s

    What is the count of tables in a dd? --> 1000+ tables


    What is the database size used? --> Lakefront-EDC is 17815184163 bytes
    What is the count of records in the database? --> hard to determine, each table has different
    number of records
    What is the count of databases in database instance? --> there are total of 8 databases in this
    RDS, including the one we restored on 11/06
    Is this database from on-premise to cloud? NO
    This is a moving target.
    What is the size of the largest database the user is planning to protect?
    In the TBs
    Current Configuration Information:
    Is instant-access-object-store enabled?
    Yes
    Is universal-share-object-store enabled?
    Yes
    What is the password authentication method?
    IAM

    For AWS IAM/Azure AMI based authentication:


    Is that attached to media, and if it is the same as that attached to the NSM server?
    YES
    What is the list of permission present in the Azure AMI or AWS IAM?
    For user and password based authentication:
    See end of Doc

    Are there any special characters in the password?


    NO
    Is the user able to connect from media server to database on default database ports?
    YES
    What is the version of installed third party database utility (sqlpackage, psql, mysql)?
    Did the user restart NetBackup services on media server or has the media server been rebooted after
    installing and configuring path for third party database utility?
    YES
    postgresql14-14.6-1PGDG.rhel8.x86_64
    postgresql14-libs-14.6-1PGDG.rhel8.x86_64
    postfix-3.5.8-7.el8.x86_64
    Is the customer using a Government cloud?
    YES
    Is the volume used in storage-unit and ushare the same?
    YES
    Is this a migrated database from on-premise to cloud?
    NO
    Is there any AWS CLI configured on media server used for backup?
    YES
    Does the user have NBU/NSM in one account/subscription and workload db in a different
    account/subscription?
    YES
    Did we check the trust setup between IAM role on NSM server and the role to access workload database
    in a different account?
    YES
    Is there any proxy configured on media server for cloud access? What type of proxy?
    [root@csvd-nbmedia001-infra seymo309]# env | grep -i prox
    [root@csvd-nbmedia001-infra seymo309]#

    "Statement": [

    "Action": [

    "autoscaling:UpdateAutoScalingGroup",

    "autoscaling:TerminateInstanceInAutoScalingGroup",
    "autoscaling:DescribeScalingActivities",

    "autoscaling:AttachInstances"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "EC2AutoScaling"

    },

    "Action": [

    "kms:ReEncryptTo",

    "kms:ReEncryptFrom",

    "kms:ListKeys",

    "kms:ListAliases",

    "kms:GenerateDataKeyWithoutPlaintext",

    "kms:GenerateDataKey",

    "kms:Encrypt",

    "kms:DescribeKey",

    "kms:Decrypt",

    "kms:CreateGrant"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "KMS"

    },

    "Action": [

    "rds:ModifyDBSnapshotAttribute",

    "rds:ListTagsForResource",

    "rds:DescribeDBSubnetGroups",

    "rds:DescribeDBSnapshots",

    "rds:DescribeDBSnapshotAttributes",

    "rds:DescribeDBInstances",

    "rds:DescribeDBClusters",

    "rds:DescribeDBClusterSnapshots",
    "rds:DeleteDBSnapshot",

    "rds:DeleteDBClusterSnapshot",

    "rds:CreateDBSnapshot",

    "rds:CreateDBClusterSnapshot",

    "rds:CopyDBSnapshot",

    "rds:CopyDBClusterSnapshot",

    "rds:AddTagsToResource"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "RDSBackup"

    },

    "Action": [

    "rds:RestoreDBInstanceToPointInTime",

    "rds:RestoreDBInstanceFromDBSnapshot",

    "rds:RestoreDBClusterToPointInTime",

    "rds:RestoreDBClusterFromSnapshot",

    "rds:ModifyDBInstance",

    "rds:ModifyDBClusterSnapshotAttribute",

    "rds:ModifyDBCluster",

    "rds:DescribeDBClusterParameterGroups",

    "rds:CreateDBSecurityGroup",

    "rds:CreateDBInstance",

    "rds:CreateDBCluster"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "RDSRecovery"

    },

    "Action": [

    "sts:GetCallerIdentity",

    "ec2:ResetSnapshotAttribute",
    "ec2:RegisterImage",

    "ec2:ModifySnapshotAttribute",

    "ec2:ModifyImageAttribute",

    "ec2:DescribeVpcs",

    "ec2:DescribeVolumes",

    "ec2:DescribeVolumeStatus",

    "ec2:DescribeVolumeAttribute",

    "ec2:DescribeSubnets",

    "ec2:DescribeSnapshots",

    "ec2:DescribeSecurityGroups",

    "ec2:DescribeRegions",

    "ec2:DescribeNetworkInterfaces",

    "ec2:DescribeInstances",

    "ec2:DescribeInstanceStatus",

    "ec2:DescribeInstanceAttribute",

    "ec2:DescribeImages",

    "ec2:DescribeHosts",

    "ec2:DescribeAvailabilityZones",

    "ec2:DeregisterImage",

    "ec2:DeleteSnapshot",

    "ec2:CreateSnapshots",

    "ec2:CreateSnapshot",

    "ec2:CreateImage",

    "ec2:CopySnapshot",

    "ec2:CopyImage"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "EC2Backup"

    },

    "Action": [

    "secretsmanager:UpdateSecret",

    "secretsmanager:RestoreSecret",
    "secretsmanager:PutSecretValue",

    "secretsmanager:GetSecretValue",

    "secretsmanager:GetResourcePolicy",

    "secretsmanager:DescribeSecret",

    "secretsmanager:DeleteSecret",

    "ec2:TerminateInstances",

    "ec2:StopInstances",

    "ec2:StartInstances",

    "ec2:RunInstances",

    "ec2:GetEbsEncryptionByDefault",

    "ec2:DetachVolume",

    "ec2:DescribeKeyPairs",

    "ec2:DescribeInstanceTypeOfferings",

    "ec2:DescribeIamInstanceProfileAssociations",

    "ec2:DeleteVolume",

    "ec2:DeleteTags",

    "ec2:CreateVolume",

    "ec2:CreateTags",

    "ec2:AuthorizeSecurityGroupIngress",

    "ec2:AuthorizeSecurityGroupEgress",

    "ec2:AttachVolume",

    "ec2:AttachNetworkInterface",

    "ec2:AssociateIamInstanceProfile",

    "ec2:AssociateAddress"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "EC2Recovery"

    },

    "Action": [

    "ebs:StartSnapshot",

    "ebs:PutSnapshotBlock",

    "ebs:ListSnapshotBlocks",
    "ebs:ListChangedBlocks",

    "ebs:GetSnapshotBlock",

    "ebs:CompleteSnapshot"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "EBS"

    },

    "Action": [

    "sns:Publish",

    "sns:GetTopicAttributes"

    ],

    "Effect": "Allow",

    "Resource": "arn:aws-us-gov:sns:*:*:*",

    "Sid": "SNS"

    },

    "Action": [

    "iam:SimulatePrincipalPolicy",

    "iam:ListAccountAliases"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "IAM"

    },

    "Action": [

    "eks:UpdateNodegroupConfig",

    "eks:ListClusters",

    "eks:DescribeUpdate",

    "eks:DescribeNodegroup",

    "eks:DescribeCluster"

    ],
    "Effect": "Allow",

    "Resource": "*",

    "Sid": "EKS"

    },

    "Action": [

    "dynamodb:UpdateTable",

    "dynamodb:UpdateContinuousBackups",

    "dynamodb:ListTables",

    "dynamodb:ExportTableToPointInTime",

    "dynamodb:DescribeTable",

    "dynamodb:DescribeExport",

    "dynamodb:DescribeContinuousBackups",

    "dynamodb:DeleteTable",

    "dynamodb:CreateTable",

    "dynamodb:BatchWriteItem"

    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "DynamoDB"

    },

    "Action": [

    "s3:RestoreObject",

    "s3:PutObjectTagging",

    "s3:PutObjectAcl",

    "s3:PutObject",

    "s3:ListBucket",

    "s3:ListAllMyBuckets",

    "s3:GetObjectTagging",

    "s3:GetObjectAcl",

    "s3:GetObject",

    "s3:GetBucketLocation",

    "s3:DeleteObject"
    ],

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "S3Permissions"

    },

    "Action": [

    "s3:RestoreObject",

    "s3:PutObjectTagging",

    "s3:PutObjectAcl",

    "s3:PutObject",

    "s3:ListBucket",

    "s3:GetObjectTagging",

    "s3:GetObjectAcl",

    "s3:GetObject",

    "s3:GetBucketVersioning",

    "s3:GetBucketLocation"

    ],

    "Effect": "Allow",

    "Resource": "arn:aws-us-gov:s3:::v-s3-adsd-edl-dev-cdl-athena-818199694861-us-gov-west-1",

    "Sid": "NetbackupS3Access"

    },

    "Action": "s3:ListAllMyBuckets",

    "Effect": "Allow",

    "Resource": "*",

    "Sid": "NetbackupListS3Buckets"

    },

    "Action": "rds-db:connect",

    "Effect": "Allow",

    "Resource": "arn:aws-us-gov:rds-db:us-gov-west-1:818199694861:dbuser:*/svc_ebb_veritas_netbk",

    "Sid": "ServiceAccount"

    }
    ],

    "Version": "2012-10-17"

    You might also like