To manage a database, you can either use an existing instance or add a new instance.
Before You Begin
Configure the permissions to access AWS resources. Download the amazon_rds_dumpbased_backup_restore_permissions.json file and use it on the AWS command line to apply all the permissions.
Procedure
-
From the Command Center navigation pane, go to Protect > Databases.
The Overview page appears.
-
In the upper-right area of the page, click Add instance, and then click Cloud database service.
The Add Cloud DB instance page appears.
-
Select Amazon Web Services, and then click Next.
The Select A Database Service page appears.
-
Select RDS (Export), and then click Next.
The Select Database page appears.
-
Select Aurora MySQL, and then click Next.
The Configure permissions pages appears.
-
Select Use hosted infrastructure or Use your access nodes for backups as per requirement.
-
If you select Use hosted infrastructure, do the following:
-
Click Launch the CloudFormation Stack to launch the CloudFormation stack that creates CommvaultTenantRole in your account. If it already exists in your account, you can skip this step.
-
From the Credential list, select an existing credential or add a new one. To add a credential, do the following:
Steps to create credential
-
Click +.
The Add credential dialog box appears.
-
From the Credential Vault, select a credential vault.
-
In the Credential name box, Enter a name for the credentials that you are creating.
-
In the Role ARN box, enter the full IAM role Amazon Resource Name (ARN) of the account.
-
In the External ID box, enter the external ID for the tenant.
-
In the Description box, enter a description of the credentials.
-
Click Save.
-
-
If you select Use your access nodes for backups, do the following:
-
From the Authentication method, select one of the following authentication methods:
-
AWS STS AssumeRole (recommended)
-
IAM Role
-
Access keys for IAM users (not recommended)
-
Note
If you select IAM Role, the CloudFormation template will create IAM policies for all supported data sources and attach them to a new IAM Role called CommvaultRole by default.
-
Click Launch the CloudFormation Stack to launch the CloudFormation stack that creates CommvaultTenantRole in your account. If it already exists in your account, you can skip this step.
-
From the Credential list, select an existing credential or add a new one. To add a credential, do the following:
Steps to create credential
-
Click +.
The Add credential dialog box appears.
-
From the Credential Vault, select a credential vault.
-
In the Credential name box, Enter a name for the credentials that you are creating.
-
In the Role ARN box, enter the full IAM role Amazon Resource Name (ARN) of the account.
-
In the External ID box, enter the external ID for the tenant.
-
In the Description box, enter a description of the credentials.
-
Click Save.
-
-
Click Next.
The Configure access nodes section appears.
-
Make the following selections:
-
If you select Launch the CloudFormation Stack, from the Region list, select the region to store backups.
-
If you select Use your access nodes for backups, from the Access nodes list, select an access node or access node group.
-
-
Click Next.
The Plan page appears.
-
Select an existing plan or add a new plan add a plan.
-
Click Next.
The Cloud account page appears.
-
From the Cloud account list, select an existing cloud account. To add a new cloud account, do the following:
-
Click +.
The Add cloud account dialog box appears.
-
In the Name box, enter the cloud account name.
-
Click Save.
-
-
Click Next.
The Backup content page appears.
-
From the Instance name list, select an instance.
-
Under the Connection details section, enter the following details:
-
From the Credential list, select a saved credential or add a new credential. To add a new credential, do the following:
Steps to create credential
-
Click +.
The Add Credential dialog box appears.
-
From Account type list, select a database account.
-
From the Database credential type, select a database.
-
From the Credential Vault list, select a credential vault to store credentials for different types of accounts.
-
In the Credential name box, enter a name for the credential.
-
In the Username box, enter the user name to access the cloud database for MySQL application.
-
In the Password box, enter the password to access the cloud database for MySQL application.
-
The SSL certificate toggle key is unselected by default. By moving this toggle key to the right, you can perform the following actions:
-
In the SSL CA file field, provide the SSL CA file path on the proxy computer.
-
In the SSL Cert file field, provide the SSL certificate file path on the proxy computer.
-
In the SSL Key file field, provide the SSL key file path on the proxy computer.
-
-
In the Description box, enter the details of the credential.
-
Click Save.
-
-
To specify the endpoint, in the Endpoint box, enter the name of the endpoint to connect to the database instance.
The endpoint value is automatically discovered and displayed, based on the instance you previously selected. By default, the discovered endpoint is the cluster endpoint and is used for both read-only access (backups) and write access (restores). For more information, refer to the Amazon Aurora endpoint connections documentation.
Note
For Multi-AZ DB cluster, enter the endpoint name of the cluster with writer access.
-
-
Click Next.
A summary page is displayed to show the instance information.
-
Click Finish.
Results
The new instance contains a default database group. The default database group includes all the data in the Amazon Aurora MySQL database. You cannot delete the default database group.