On Amazon RDS Custom, a Managed Database Service with full access and control. Q&A with Kambiz Aghili

“Our goal is to help our customers where they are today and where they want to be in the future. RDS Custom helps customers modernize and accelerate the pace of innovation through its automation and flexibility. “

Q1. What is Amazon RDS Custom? Why did you build it?
Amazon Relational Database Service (RDS) is a series of managed services that tens of thousands of our customers utilize to simply set up, operate, and scale their databases and hence grow their businesses in the cloud. Customers use our solutions to eliminate heavy-lifting of running a database such as with provisioning, backups, scaling, and high availability. 

Amazon RDS Custom is our complementary database service to further empower support for legacy, custom, and packaged applications that strictly require elevated and privileged access to the underlying operating system and database environment. It offers customers the flexibility and control they currently utilize with Amazon EC2 (self-managed) but rather complemented with the value-add of RDS automations (managed service). Amazon RDS Custom is supported for the Oracle and Microsoft SQL Server database engines.

The 10+ years of experience in continuously managing millions of workloads as the trusted partner in our customers’ cloud migration journey have taught us the technical and commercial challenges with scaling, patching, delivering high availability and cross-region disaster recovery at scale. Amazon RDS Custom solves the major requirement for vendor or custom applications to be able to access the operating system to install and operate them directly on the host. 

Q2. Why are you excited about Amazon RDS Custom?
Amazon RDS Custom opens the door for a wealth of applications to take advantage of our managed database services while retaining control. For RDS SQL Server, customers can now utilize applications such as SharePoint, Microsoft Dynamics, features such as common language runtime (CLR), and/or use RDS Custom as a disaster recovery site for their on-premises environment using Always On Availability Groups. For RDS Oracle, customers can run E-Business Suite, use features such as database vault, and/or similarly setup disaster recovery using Oracle Data Guard. RDS Custom is unlocking new workloads every day as customers explore emerging ways to adopt the service, such as using RDS Custom to manage their disaster recovery and resiliency requirements.

Q3. Why should customers consider Amazon RDS services, or RDS Custom in specific?
RDS is optimized to accelerate the pace of innovation for our customers and has invested heavily in security, automation, reliability and performance of our services at scale. A recent IDC study found that customers utilizing Amazon RDS had 39% lower database operation costs versus on-premises and a 264% return on investment over three years. 

Some of the key RDS Custom use cases include the ability to 1) connect RDS Custom database directly to your on-premises domain, 2) running packaged applications such as E-Business Suite and SharePoint, 3) applying one-off patches, and 4) setting up RDS Custom as a disaster recovery site for your on-premises database. 

Q4. How does Amazon RDS Custom work? What are the main benefits to highlight? 
RDS Custom empowers customers with more control along with the notion of a shared responsibility. We define shared responsibility in two ways: 1) customers own some part of the process when using a feature. For example, with RDS Custom for Oracle, customers provide the media installation files required to create an Oracle database instance. Once the files are provided, we will take care of provisioning. 2) customers are empowered with full access to the feature and it is their responsibility to make sure that any customization they make does not hinder/impact the functionality of that feature. For example, they have full access to the transaction logs, and can use them for a variety of use-cases (e.g. log shipping), but it is their responsibility to not delete the logs as it would break our automated backups. 

To ensure that customers have a managed database experience, but with full access over their environment, we built guardrails (aka ‘support perimeter’), which monitors and validates to ensure that the customizations made by customers do not interfere with the RDS automations that customers value the most. When a customization does impact our automations, we put the customers DB instance outside the perimeter and we send a notification on how to get back into a supported state. For instance, the misconfiguration of transaction logs is one such example that will place the DB instance outside the support perimeter.

Another important functionality of RDS Custom is the ability to pause the RDS automations for up to 24 hours with a single API call, and during that time, our automations such as monitoring, backups, and the database status are all placed on hold waiting to be resumed. For instance, a customer might want to install a software agent on the database instance, but to complete the process they need to do a database reboot. If they did not pause our automation and reboot the database, our monitoring and alerting will detect the triggered action and will attempt to bring the database back online as quickly as possible. This might inadvertently revert the changes that were just performed. Instead, by pausing our automation, the customers can perform the customizations needed with ease and flexibility. Once the automation is resumed, our support perimeter will check and validate those changes to ensure there are no conflicts. Customers find a variety of different use-cases in which they will need to pause and resume automation such as when setting up high availability for SQL Server and Oracle.

Q5. For those technical DBAs, can you briefly explain how is it possible with Amazon RDS Custom to customize and meet the requirements of legacy, custom, and packaged applications? 
RDS Custom grants full access to the underlying OS to our customers so they can customize the database or operating system in order to install third-party applications, apply one-off security patches, or leverage monitoring software agents. For example, to support a legacy application that is dependent on an older database version of Oracle, customers provide the installation media for that version and create an RDS Custom Oracle database from that software. The OS access can also be used to connect with Oracle Identity Management suite of products or install Oracle database vault. With SQL Server, for applications that need OS access via xp_cmdshell which is an external stored procedure in SQL Server, they can now bring those dependent workloads to RDS Custom. Similarly, customers interested to lift-and-shift without making application changes for SQL Server incorporate dependency on Resource Governor, Transactional or Merge replication, running CLR in other than SAFE mode (Amazon RDS for SQL Server has limited support for CLR).

Q6. Anything else you would like to add? 
We recognize that moving away from self-managed and commercially licensed databases, such as Microsoft SQL Server and Oracle, is a big decision. We have helped hundreds of thousands of customers follow various cloud migration journeys with us, from migrating their data centers to managed services to accelerate their business growth, to finally breaking free with full modernization of purpose-built microservices. Our goal is to help our customers where they are today and where they want to be in the future. RDS Custom helps customers modernize and accelerate the pace of innovation through its automation and flexibility. 

Lastly, I would like to invite the readers of this article to think about the database environments they work on or support, do you have an application that requires elevated privileges? Do you need to install an agent on the host? Are there features not supported on RDS today that you absolutely need? Are you looking to fine-tune your workloads but also have the need for the benefits of a managed service?

Q7: Following up to that question. How can others learn more about Amazon RDS Custom?
We have several resources, including our product page and for more technical details, our Working with Amazon RDS Custom User Guide.


Kambiz Aghili is the General Manager of Commercial Relational Database Services (RDS) at AWS. Prior to joining AWS, he was advisor to various startups including the chairman of the board at Kymeta Corporation (pioneer in satellite communication), and CEO/investor at Blue Sky Network (a leader in command & control geospatial software), which was acquired by ACR Group. He has taught numerous courses in entrepreneurship at UCLA Anderson School of Management in the past decade. Kambiz started his career at Teradata Corporation early as a software engineer and eventually as the head of product strategy where he helped lead two major acquisitions, namely Aster Data and KickFire, in Hadoop/SQL MapReduce and database hardware acceleration. Kambiz holds a Ph.D. in computer science and an MBA in general management and finance.

Sponsored by Amazon Web Services

You may also like...