Logo of Trend Micro
Use the Conformity Knowledge Base AI to help improve your Cloud Posture

AWS RDS Reserved Instances Purchase Recommendations

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk Level: Medium (should be achieved)

Identify any Amazon RDS instances that can be upgraded to Reserved Instances (RIs) and follow our recommendations for purchasing your RIs in order to receive a significant discount on the hourly charges. RIs represent a pricing model that enables discounted hourly rates for compute capacity in exchange of reserving a certain amount of compute usage upfront. The cost savings when using RDS Reserved Instances over On-Demand Instances are up to 69% when used in steady state (e.g. production database). For example, for a db.r3.large MySQL database instance (Standard/Single-AZ) provisioned in the US-East region you can save roughly $77 per month by upgrading it to a Reserved Instance for a period of 1 year with no upfront costs or save $154 per month (as of October 2016) by reserving it for a period of 3 years with a portion of the cost paid upfront (Partial Upfront).

Cost
optimisation

Reserved Instances represent a good strategy to cut down on RDS costs but purchasing them without a plan can feel like a risky process. The Cloud Conformity purchasing recommendations outlined in this rule will help you optimize your RIs spending and save money by using only what you need." note="Note: In order to verify the current status of purchased reserved capacity and provide accurate recommendations, Cloud Conformity needs access to the AWS payer account (the account designated to pay the bills) or to AWS individual accounts. The following IAM policy allows Cloud Conformity to view all the reserved RDS database instances available in your account(s):


{
  "Version": "2012-10-17",
  "Statement": [{
      "Effect": "Allow",
      "Action": [
        "rds:DescribeReservedDBInstances"
      ],
      "Resource": "*"
    }
  ]
}

Audit

To verify your current Amazon RDS compute capacity and determine if there are any candidates for upgrading to Reserved Instances (RIs), perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to RDS dashboard at https://console.aws.amazon.com/rds/.

03 In the left navigation panel, under RDS Dashboard, click Instances.

04 Select the database instance that you want to examine.

05 Click Instance Actions button from the dashboard top menu and select See Details.

06 Select the Details tab, analyze the database instance attributes and determine the instance role within the application stack. If the selected RDS instance is not the component of an application stack that is about to be decommissioned and the database will be in use for at least 6 months, the instance is stable and qualifies as candidate for the upgrade to a Reserved Instance (RI). To upgrade it you must follow the recommendations outlined in the Remediation/Resolution section and purchase an RDS RI based on the active (On-Demand) instance attributes.

07 Repeat step no. 4 and 5 to determine if other RDS database instances available in the current region are eligible for the upgrade.

08 Change the AWS region from the navigation bar and repeat the process for the other regions.

Using AWS CLI

01 Run describe-db-instances command (OSX/Linux/UNIX) using custom query filters to list the names (identifiers) of all RDS database instances available in the selected AWS region: 

aws rds describe-db-instances
	--region us-east-1
	--output table
	--query 'DBInstances[*].DBInstanceIdentifier'

02 The command output should return a table with the requested identifiers: 

-------------------------
|  DescribeDBInstances  |
+-----------------------+
|  prod-mysql-db        |
|  prod-mysql-aurora    |
|  prod-postgresql-db   |
+-----------------------+

03 Run again describe-db-instances command (OSX/Linux/UNIX) using the ID of the database instance that you want to examine as identifier to describe the selected resource attributes: 

aws rds describe-db-instances
	--region us-east-1
	--db-instance-identifier prod-mysql-db

04 The command output should return the requested information (i.e. instance attributes, configuration details, etc): 

{
    "DBInstance": {
        "PubliclyAccessible": true,
        "MasterUsername": "webappdbusr",
        "MonitoringInterval": 0,
        "LicenseModel": "general-public-license",
        "PendingModifiedValues": {
            "BackupRetentionPeriod": 7
        },
  	   ...


        "DbiResourceId": "db-GDM75IJA2YOGQ3FJUNRK7KFFKL",
        "CACertificateIdentifier": "rds-ca-2015",
        "StorageEncrypted": false,
        "DBInstanceClass": "db.r3.large",
        "DbInstancePort": 3306,
        "DBInstanceIdentifier": "prod-mysql-db"
    }
}

04 Analyze the instance attributes listed at the previous step and determine its role in the application stack. If the selected RDS database instance is not the component of an application stack that is about to be decommissioned and the resource will be in use for at least 6 months, the instance is stable and qualifies as candidate for the upgrade to a Reserved Instance (RI). To upgrade it you must follow the recommendations outlined in the Remediation/Resolution section and purchase an RDS RI based on the active instance attributes.

05 Repeat steps no. 3 - 5 to determine if other RDS database instances available in the current region are eligible for the upgrade.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 6 to perform the audit process for other regions.

Remediation / Resolution

To upgrade your On-Demand RDS instances to Reserved Instances you need to purchase them wisely in order to avoid paying for compute resources that you do not need. To make the RI purchase based on the right pricing model, the right size and DB engine at the right time, follow the recommendations outlined below:

Recommendations

01 Commitment Term - choose carefully the commitment period based on your application(s) requirements because you will be charged for every hour during the entire reservation term that you select, regardless of whether the database instance is running or not. AWS provides two types of commitment terms:

  1. 1-year term - the reservation is made for just 1 year, usually useful for production databases with predictable workloads that do not require often vertical scaling.
  2. 3-year term - the reservation is made for 3 years, it's useful for long-running and stable production databases (steady state) that do not require vertical scaling.

02 Payment Options - decide how you would like to pay for your RDS Reserved Instances throughout the chosen commitment period. There are 3 payment options to choose from:

  1. No Upfront - no upfront payment is required at purchase and but discount is lower (35% over On-Demand pricing model) when compared to other payment options. This option is not available for 3-year term reservations.
  2. Partial Upfront - a portion of the cost must be paid upfront and the remaining hours in the term are billed at the established discounted hourly rate. This option balances the Reserved Instance payments between upfront and hourly.
  3. All Upfront - you are paying for the entire commitment term selected (one or three years) with one upfront payment and get the best effective hourly price when compared to On-Demand model and the biggest discount when compared to other payment options available.

03 Consolidated Billing - using Consolidated Billing is recommended when you own multiple accounts because the AWS billing engine treats all your accounts as a single account for billing purposes (designated payer account), resulting in the lowest possible bill as the applicable discounts are spread across all accounts. For instance, the Reserved Instances purchased in one AWS account can share their reservations with other AWS accounts available in the same billing family. The purchase recommendations are based on the previous calendar month's hour-by-hour usage aggregated across all consolidated billing accounts. For example, if you have two database RIs in the same region with the same attributes, the AWS billing system checks each hour the total number of instances you have running that match those attributes. If there are two instances or less, you will be charged the Reserved Instance rate for each matching instance running that hour. If more than two are running, you will be charged the On-Demand rate for the additional database instance(s).

04 Purchasing Process - is important to review carefully the checkout page details before the purchase. After your purchase is confirmed, it cannot be cancelled so make sure the parameters displayed on the checkout page are accurate.

To upgrade to Reserved Instances just purchase RDS RIs in the same region, using the same attributes as your active On-demand instances and the billing will be automatically changed to reflect the reserved rates. To buy the required reserved database instances, perform the following actions:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to RDS dashboard at https://console.aws.amazon.com/rds/.

03 In the left navigation panel, under RDS Dashboard, click Reserved Purchases.

04 Click Purchase Reserved DB Instance button from the dashboard top menu to start the purchasing process.

05 On the Purchase Reserved DB Instances page, perform the following actions:

  1. From Product Description dropdown list, select the database engine used by the active RDS On-Demand instance that you want to upgrade.
  2. From Instance Class dropdown list, choose the right database instance size/class (e.g. db.r3.large).
  3. For Multi AZ Deployment, choose whether or not you want a Multi-AZ deployment for your instance (must match the specifications of the instance that you want to upgrade).
  4. From Term dropdown list, select the length of time for the new reservation (e.g. 3 years).
  5. From Offering Type dropdown list, choose the preferred offering type (e.g. Partial Upfront).
  6. In the Number of DB Instances box type 1.
  7. Click the Continue button to continue the purchasing process.

06 On the RDS RI summary (checkout) page, verify the instance configuration information then click Purchase to buy the reserved database instance. (!) IMPORTANT: verify the checkout details before the purchase to make sure that the RI parameters are correct.

07 Repeat step no. 4 and 5 to upgrade other On-Demand RDS instances provisioned in the current region by purchasing Reserved Instances that match their configuration.

08 Login to the AWS MChange the AWS region from the navigation bar and repeat the process for other regions.

Using AWS CLI

01 Before you purchase the RDS Reserved Instance run describe-reserved-db-instances-offerings command (OSX/Linux/UNIX) to fetch the pricing details and information about available reserved database instance offerings. Use the command parameters provided in the following example to match the specifications of the On-Demand instance that you want to upgrade to RI: 

aws rds describe-reserved-db-instances-offerings
	--region us-east-1
	--product-description mysql
	--db-instance-class db.r3.large
	--duration 1
	--offering-type "No Upfront"
	--no-multi-az

02 The command output should return the requested offering(s) information (pricing and configuration details): 

{
    "ReservedDBInstancesOfferings": [
        {
            "MultiAZ": false,
            "OfferingType": "No Upfront",
            "FixedPrice": 0.0,
            "UsagePrice": 0.0,
            "ReservedDBInstancesOfferingId":
            "d09f6bbc-8120-491f-afbb-29ab75b7ba9e",
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.065,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "ProductDescription": "mysql",
            "Duration": 31536000,
            "DBInstanceClass": "db.r3.large",
            "CurrencyCode": "USD"
        }
    ]
}

03 Run purchase-reserved-db-instances-offering command (OSX/Linux/UNIX) to purchase an RDS Reserved Instance based on the offering information returned at the previous step. The following command example purchase a reserved database instance using an AWS offering identified by the ID d09f6bbc-8120-491f-afbb-29ab75b7ba9e: 

aws rds purchase-reserved-db-instances-offering
	--region us-east-1
	--reserved-db-instances-offering-id d09f6bbc-8120-491f-afbb-29ab75b7ba9e
	--db-instance-count 1

04 The command output should return the new RDS Reserved Instance metadata: 

{
    "ReservedDBInstance": [
        {
            "ReservedDBInstancesOfferingId":
            "d09f6bbc-8120-491f-afbb-29ab75b7ba9e",
            "DBInstanceClass": "db.r3.large",
            "StartTime ": "2016-11-10T15:20:11.000Z",
            "Duration": 31536000,
            "FixedPrice": 0.0,
            "UsagePrice": 0.0,
            "CurrencyCode": "USD",
            "DBInstanceCount": 1,
            "ProductDescription": "mysql",
            "OfferingType": "No Upfront",
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.065,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "MultiAZ": false,
            "State": "payment-pending"
        }
    ]
}

05 Repeat steps no. 1 - 4 to upgrade other On-Demand RDS instances available in the current region by purchasing Reserved Instances that match their configuration.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 5 to perform the entire process for other regions.

To renew your existing RDS Reserved Instances (RIs), you need to repurchase them using the same configuration attributes (region, instance size/class, database type/engine, etc). The RDS RIs are not renewed automatically so you must repurchase your existing RIs in order to avoid On-Demand rates charges when the current reservations expire. To repurchase them perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to RDS dashboard at https://console.aws.amazon.com/rds/.

03 In the left navigation panel, under RDS Dashboard, click Reserved Purchases.

04 Select the RDS Reserved Instance that you want to renew and note its configuration attributes (i.e. class, database type/product description, offering type and Multi-AZ status).

05 Click Purchase Reserved DB Instance button from the dashboard top menu to start the renewal process.

06 On the Purchase Reserved DB Instances page, perform the following actions:

  1. From Product Description dropdown list, select the database engine used by the RDS Reserved Instance that you want to renew.
  2. From Instance Class dropdown list, choose the database instance size/class (e.g. db.r3.large).
  3. For Multi AZ Deployment, choose whether or not you want a Multi-AZ deployment for your instance (must match the specifications of the RI that you want to renew).
  4. From Term dropdown list, select the length of time for the new reservation (e.g. 1 year).
  5. From Offering Type dropdown list, choose the preferred offering type.
  6. In the Reserved DB Id box, type the reserved database instance identifier that you want to renew (repurchase).
  7. In the Number of DB Instances box type 1.
  8. Click Continue to proceed.

07 On the RDS RI summary page, verify carefully the instance configuration information then click Purchase to repurchase the reserved database instance.

08 Repeat steps no. 4 - 7 to renew (repurchase) other RDS Reserved Instances available in the current region.

09 Change the AWS region from the navigation bar and repeat the process for other regions.

Using AWS CLI

01 Run describe-reserved-db-instances-offerings command (OSX/Linux/UNIX) to get the pricing details and information about available reserved database instance offerings. Use the command parameters provided in the following example to match the specifications of the RI that you want to renew (repurchase): 

aws rds describe-reserved-db-instances-offerings
	--region us-east-1
	--product-description mysql
	--db-instance-class db.r3.large
	--duration 1
	--offering-type "No Upfront"
	--no-multi-az

02 The command output should return the requested offering(s) information: 

{
    "ReservedDBInstancesOfferings": [
        {
            "MultiAZ": false,
            "OfferingType": "No Upfront",
            "FixedPrice": 0.0,
            "UsagePrice": 0.0,
            "ReservedDBInstancesOfferingId":
            "ba5f6bbc-4933-491f-afc9-29ab75b7bde0",
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.065,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "ProductDescription": "mysql",
            "Duration": 31536000,
            "DBInstanceClass": "db.r3.large",
            "CurrencyCode": "USD"
        }
    ]
}

03 Run purchase-reserved-db-instances-offering command (OSX/Linux/UNIX) to purchase an RDS Reserved Instance based on the offering information returned at the previous step. The following command example repurchase a reserved database instance with the identifier cc-reserved-mysql-db, using an instance offering identified by the ID ba5f6bbc-4933-491f-afc9-29ab75b7bde0: 

aws rds purchase-reserved-db-instances-offering
	--region us-east-1
	--reserved-db-instances-offering-id c39f6bbc-8129-491f-afbb-29ab75b7bac7
	--reserved-db-instance-id cc-reserved-mysql-db
	--db-instance-count 1

04 The command output should return the new RDS Reserved Instance metadata: 

{
    "ReservedDBInstance": [
        {
            "ReservedDBInstanceId": cc-reserved-mysql-db,
            "ReservedDBInstancesOfferingId":
            "ba5f6bbc-4933-491f-afc9-29ab75b7bde0",
            "DBInstanceClass": "db.r3.large",
            "StartTime ": "2016-11-11T18:30:05.000Z",
            "Duration": 31536000,
            "FixedPrice": 0.0,
            "UsagePrice": 0.0,
            "CurrencyCode": "USD",
            "DBInstanceCount": 1,
            "ProductDescription": "mysql",
            "OfferingType": "No Upfront",
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.065,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "MultiAZ": false,
            "State": "payment-pending"
        }
    ]
}

05 Repeat steps no. 1 - 4 to renew (repurchase) other RDS Reserved Instances available in the current region.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 5 to perform the entire process for other regions.

References

Publication date Dec 3, 2016

Related RDS rules

Unlock the Remediation Steps

Free 30-day Trial

Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

Confirmity Cloud Platform

No thanks, back to article

You are auditing:

AWS RDS Reserved Instances Purchase Recommendations

Risk Level: Medium