SAA

• Read Replicas can be within AZ, Cross AZ or Cross Region
• Replication is async, eventually consistent
• New connection endpoint for repliaca, need to update in application

• Transfer data within region, won‘t cost 
• But cross region does

• Multi AZ for DR
• The read replicas can be setup as Multi AZ

• rds.force_ssl=1
• Grant Usage ON *.* To ‘mysqluser‘@‘%‘ REQUIRE SSL
• TDE: for Oracle and MS SQL Server

SAP

• RDS is launched in a private VPC, if you want to access it by using Lambda, you also need to launch the Lambda in the same VPC

• CloudTrail cannot be used to track queries made with RDS

• health check for failover to promote read replica as main DB

• Cross region read replica and multi AZ on main database

[SAA + SAP] 16. RDS

原文：https://www.cnblogs.com/Answer1215/p/15091592.html