System Requirements for Amazon Aurora PostgreSQL

To back up and restore PostgreSQL data on an Amazon application, verify that your environment meets the requirements.

Before Configuring Backups, Verify Backup Gateway Region and Access to the Database

Before configuring backups of the database, do the following:

Verify that the AWS backup gateway is deployed in the same region and VPC as the AWS database.
Verify that the AWS backup gateway can access the AWS databases. For more information, go to Automatically connecting an EC2 instance and an RDS database on the Amazon RDS website.
See the following:
- System Requirements for AWS Backup Gateways
- For instructions to create an AWS backup gateway, which is part of configuring backups, see the "Configuring Backups" page for the database, under AWS Cloud Databases. For example, Configuring Backups for Amazon DocumentDB Instances.

Software Requirements

Packages required on access nodes:
- Virtual Server Agent
- PostgreSQL Agent
For information on supported Amazon EC2 instances as access nodes, see Supported Amazon EC2 Instance Families.
Access nodes that you run backup and restore operations on must have one of the following operating systems:

Operating system	Processor architecture
Amazon Linux 2023 AMI	64-bit (Arm) (recommended) 64-bit (x86)
Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type	64-bit (Arm) (recommended) 64-bit (x86)
CentOS 9.x, 8.x	x64 Compatible processors
Oracle Linux Enterprise 9.x, 8.x	x64 Compatible processors
Red Hat Enterprise Linux (RHEL) 9.x, 8.x	x64 Compatible processors
Rocky Linux 9.x, 8.x	x64 Compatible processors
Windows 2022, 2019, 2016	x64 Compatible processors

Note

If you have network configuration enabled on the access nodes, before you deploy a Windows or a Linux proxy, configure a firewall on the cloud proxy and on-premises. For more information, see Configuring a Firewall to Install the Virtual Server Agent on a Cloud VM or Instance.
Amazon Linux 2023 on 64-bit (Arm) and 64-bit (x86) are supported for PostgreSQL 15.x, 16.x and 17.x only. For more information, go to AWS documentation on supported packages.
Containers can serve as access nodes as long as the PostgreSQL server is accessible from the container environment. For more information about setting up an access node container, see Installing Commvault Packages in Kubernetes Using Helm.

Hard Drive

A minimum of 100 GB of disk space is recommended. If a staging directory is required on the access node, the actual space needed will depend on the database being backed up and the configured settings.

Network Connectivity

Access nodes must have Layer 3 network connectivity to the upstream MediaAgent on port 8403. If the MediaAgent and the access node are in different accounts or in different Virtual Private Clouds (VPCs), you can configure Amazon VPC peering. For information, see VPC peering basics in the AWS documentation.
Access nodes must have connectivity to regional and global AWS service endpoints. For information, see Requirements for Connectivity to AWS Service Endpoints.
Access node machines must be able to connect to the RDS instance over its database port (For example, 5432 for PostgreSQL), unless a custom port is configured.

Note

If you have network configuration enabled on the access nodes, before you deploy a Windows or a Linux proxy, configure a firewall on the cloud proxy and on-premises.
Amazon Linux 2023 on 64-bit (Arm) and 64-bit (x86) are supported for PostgreSQL 15.x and 16.x only. For more information, go to AWS documentation on supported packages.
Containers can serve as access nodes as long as the PostgreSQL server is accessible from the container environment.

Supported PostgreSQL Versions

From PostgreSQL version 12.x to version 17.x.

User Account Requirements

For DumpBasedBackupSet, verify that the PostgreSQL instance has a user account with sufficient privileges to perform the following:
- Perform backup and restore operations of the database objects as part of the subclient content
  
  The following table illustrates the necessary privileges the user account should have to perform backup and restore operations:
  
  Operations
  
  Privileges PostgreSQL User Should Have
  
  Backup
  
  CREATEDB, CREATEROLE
  
  Restore
  
  CREATEDB, CREATEROLE, INHERIT, LOGIN
  
  CONNECTION LIMIT, if set, should at least have a value of 2.
  
  Initially, the user account credentials are provided during the instance configuration after the installation of the agent. You can change the user account at the instance level.
  
  You may need to grant other privileges to the PostgreSQL backup user to secure the objects in the database. To know more about database roles and privileges, see PostgreSQL documentation.
You require SELECT privileges on all tables and objects within the schema or databases being backed up.

The following statements are valid for PostgreSQL:
- Version 14 or above
  - GRANT pg_read_all_data to user_name;
- Version 13 or below
  - GRANT SELECT ON ALL TABLES IN SCHEMA schema_name TO user_name;

Operations	Privileges PostgreSQL User Should Have
Backup	CREATEDB, CREATEROLE
Restore	CREATEDB, CREATEROLE, INHERIT, LOGIN

SSL and TLS Support

The supported TLS versions to create Amazon SSL encrypted PostgreSQL instances are TLS 1.0, 1.1 and 1.2.