Lab1: Creating a New Aurora Cluster Manually

This lab will walk you through the steps of creating an Amazon Aurora PostgreSQL cluster manually, and configuring the parameters required for the cluster components. At the end of this lab, you will have a database cluster ready to be used in subsequent labs.

This lab is needed only if you followed Setup the lab without Aurora cluster in Prerequisites section.
If you are familiar with the basic concepts of Amazon Aurora PostgreSQL and have created a DB cluster in the past, you may skip this lab by using Setup the lab with Aurora cluster in Prerequisites section.
If you are running these labs in a formal instructional event, the Aurora DB Cluster may also have been setup on your behalf. In this case also, you can skip this lab.


This lab requires the following lab modules to be completed first:

Creating the DB cluster

Open the Amazon RDS service console.

Ensure you are working in the correct AWS region.

Click Create database to start the configuration process

The RDS console database creation workflow has been simplified recently. Depending on your previous usage of the RDS console UI, you may see the old workflow or the new one, you may also be presented with a prompt to toggle between them. In this lab we are using the new workflow for reference, although the steps will work similarly in the old console workflow as well, if you are more familiar with it.

Create Database

In the first configuration section of the Create database page, called Choose a database creation method ensure Standard Create radio button is selected.

Next, in the Engine options section, choose the Amazon Aurora engine type, the Amazon Aurora with PostgreSQL compatibility Edition, Provisioned Capacity type, the Aurora PostgreSQL (Compatible with PostgreSQL 11.9) Version.

Engine Options

In the Templates section, select Production.

In the Settings section give your database cluster a recognizable identifier, such as aupg-labs-cluster.

Configure the name and password of the master database user, which has the most elevated permissions in the database. We recommend to use the username masteruser for consistency with subsequent labs. An AWS Secrets Manager secret was automatically created for you as part of the foundational CloudFormation Stacks. You can find the secrets ARN by opening Cloudformation Console in another browser tab, choosing the stack with description “Amazon Aurora PostgreSQL Labs Stackset” and referring to the Value for key secretArn from the Outputs tab on right.

Next, go to the Secrets Manager Console and select the same secret. Scroll down and Click on the Retrieve secret value.

Copy the password.

Paste the password into the Master password input screen back on the RDS Console. Ensure that the check box Auto generate a password is not checked.

Database Settings

For the DB Instance size choose the default DB Instance class: db.r5.large. For the Availability and durability choose the default option to deploy Multi-AZ deployment by choosing Create an Aurora Replica/Reader node in a different AZ (recommended for scaled availability).

Database Settings In the Connectivity section, expand the sub-section called Additional connectivity configuration. This section allows you to specify where the database cluster will be deployed within your defined network configuration. To simplify the labs, the CloudFormation stack you deployed in the preceding Prerequisites module, has configured a VPC that includes all resources needed for an Aurora database cluster. This includes the VPC itself, subnets, DB subnet groups, security groups and several other networking constructs. All you need to do is select the appropriate existing connectivity controls in this section.

  • Pick the Virtual Private Cloud (VPC) named after the CloudFormation stack name, such as aupg-labs-vpc.
  • Similarly make sure the selected Subnet Group also matches the stack name (e.g. apg-labstack-aupglabsrdsstack-[hash]-dbsubnets-[hash]).
  • Make sure the cluster Publicly accessible option is set to No.
  • The lab environment also configured a VPC security group that allows your lab workspace Cloud9 instance to connect to the database. Make sure the Choose existing security group option is selected and from the dropdown pick the security group aupg-labs-aupf-internal. Please remove any other security groups, such as default from the selection.

For Database authentication, leave the default option.

Next, expand the Additional configuration section.

  • Set the Initial database name to mylab.
  • The lab environment also configured a DB cluster parameter group and DB parameter group for you. Select the parameter group with name similar to apg-labstack-aupglabsrds-apgcustomclusterparamgro-[hash] (where apg-labs is Stack name you chose before). For DB parameter group selectors, choose apg-labstack-aupglabsrds-[hash]-apgcustomdbparamgroup-[hash].
  • Choose a 7 days Backup retention period.
  • Check the box to Enable encryption and select the [default] aws/rds for the Master key.
  • Check the box to Enable Performance Insights with a Retention period of Default (7 days) and use the [default] aws/rds Master key for monitoring data encryption.
  • Next, check the Enable Enhanced Monitoring box, and select a Granularity of 1 second.
  • For Log exports check the Postgresql log boxes.

Advanced configuration

In the Advanced configuration section, de-select the check box Enable delete protection. In a production use case, you will want to leave that option checked, but for testing purposes, un-checking this option will make it easier to clean up the resources once you have completed the labs.

Before continuing, let’s summarize the configuration options selected. You will create a database cluster with the following characteristics:

  • Aurora PostgreSQL 11.9 compatible cluster on a db.r5.large DB instance class
  • Cluster composed of a writer and a reader DB instance in different availability zones (highly available)
  • Deployed in the VPC in private subnets using the network configuration of the lab environment
  • Automatically backed up continuously, retaining backups for 7 days
  • Using data at rest encryption
  • With Enhanced Monitoring and Performance Insights enabled
  • With PostgreSQL database log being exported to CloudWatch
  • With deletion protection turned off

Click Create database to provision the DB cluster.

Advanced configuration - end

It will take 5-10 minutes to create the Aurora cluster with a writer and a reader node.

Once the Aurora cluster is ready, proceed to Configure Cloud9 and Initialize Database to configure Cloud9 workstation and complete the required prerequisites for the other labs.