/
Prepare to work with AWS RDS SQL Server

Prepare to work with AWS RDS SQL Server

Owned by Michael Litner
Last updated: Apr 29, 2025

Architecture

AWS RDS MSSQL architecture.drawio-20241105-081133.png

Actions

  1. Backup of the RDS database to S3 bucket

  2. Mount the S3 bucket as a directory on the staging host

  3. Mount Accelario disk to the staging server

  4. Restore from the mounted directory to staging SQL Server instance (the instance is located on Accelario disk that was mounted in the previous action)

  5. Create standard VDB

Prerequisites

  1. RDS SQL Server instance

  2. Staging EC2 Windows server(where the source agent is installed) with SQL Server instance up and running - same version as the RDS database

Preparations

  1. Go to S3 service
    Create S3 bucket with name accelario_rds_bucket.

  2. Go to IAM service.

  3. Click the Roles from left menu and then click the Create role.

    • Under Select type of trusted entity, select the AWS service.

    • Under Choose a use case (that will use this role), select the RDS 

    • In Use cases for other AWS services choose RDS - Add Role to Database

    • Click the Next: Permissions.

    • Click the Next: Tags.

    • Click the Next: Review.

    • Enter the Role name.

    • Click the Create role. The Role is created successfully. You will be navigated to create role page with newly created role.

  4. In the role list, click on the newly created role. Now, let’s add an inline policy to the role. This policy grants access to the S3 bucket.

    1. Under Permissions tab, click the Create inline policy.

    2. Click the JSON tab

    3. Copy the below policy and set ${s3_bucket_name} to the name of your bucket (e.g., accelario_rds_bucket). Note: The policy in the JSON can be changed as per your requirement.

      {     "Version": "2012-10-17",     "Statement": [         {             "Effect": "Allow",             "Action": [                 "s3:ListBucket"             ],             "Resource": [                 "arn:aws:s3:::${accelario_rds_bucket}"             ]         },         {             "Effect": "Allow",             "Action": [                 "s3:PutObject",                 "s3:GetObject",                 "s3:DeleteObject",                 "s3:PutObjectAcl"             ],             "Resource": [                 "arn:aws:s3:::${accelario_rds_bucket}/*"             ]         }     ]

    4. Click the Review Policy.

    5. Enter the Policy name.

    6. Click the Create policy.

    7. In the role summary, copy the Instance Profile ARNs.
      e.g.: arn:aws:iam::680471277400:role/Accelario_RDS_S3

  1. Assign created IAM role to RDS instance

    1. Go to your RDS instance

    2. Scroll down to Manage IAM Roles

    3. Click “Add role” button and choose the role you created

  2. Create a user with permissions RDS_full_access, S3_full_access.
    Make sure, the user has access key and secret key

    image-20240715-102741.png

  3. On the intermediate server(called “source server”, where the source agent is installed), create an empty directory, that will be used to store backups copied from S3

  4. On the intermediate server, install s3fs

  5. On the RDS MSSQL database, setup transaction log copy to s3, use the same bucket as point 1 above

    exec msdb.dbo.rds_tlog_copy_setup @target_s3_arn='arn:aws:s3:::accelario_rds_bucket/mynewfolder';