Posted On: Mar 25, 2016
Starting today, Amazon RDS supports two new features for RDS for PostgreSQL database instances: the option to enforce only SSL connections to your instance, and near-realtime access to a set of 56 system and process metrics for your instance.
Last year, we announced support for Enhanced Monitoring of your RDS instances operating on MySQL, MariaDB and Amazon Aurora. Starting today, Enhanced Monitoring is also available for all RDS for PostgreSQL instances. Enhanced Monitoring gives you deeper visibility into the health of your Amazon RDS instances in real time. It provides a comprehensive set of over 50 new system metrics and aggregated process information for your instances, at granularity of up to 1 second. You can visualize the metrics on the RDS console, and also integrate them with CloudWatch and third-party applications.
For a complete list of available metrics and more information on how to use Amazon CloudWatch with this feature, see Enhanced Monitoring documentation. You can seamlessly integrate Enhanced Monitoring with third-party applications to monitor your RDS instances. See Amazon CloudWatch Documentation for more details on this integration.
Enhanced Monitoring is available for all RDS for PostgreSQL instances across all supported instance types except t1.micro and m1.small. Once you enable Enhanced Monitoring, you may incur standard CloudWatch Logs charges. For more details on pricing, go to CloudWatch Logs pricing.
Enhanced Monitoring is available today in the US East (Northern Virginia), US West (Northern California), US West (Oregon), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Seoul), and Asia Pacific (Tokyo) regions.
Enforce SSL connections
RDS for PostgreSQL has always supported SSL connections to database instances, but lacked the ability to enforce only SSL connections. Starting today, you can choose to allow only SSL connections to your RDS for PostgreSQL database instance. To enforce SSL, simply enable the newly introduced rds.force_ssl parameter ("0" by default) through the Parameter Groups page on the RDS Console, or through the CLI. Database instances that have this parameter enabled will only accept SSL connections. For more details on using this feature, please refer to the RDS Documentation.