Aurora Serverless v1 with CFN

Aurora Serverless is a managed database service provided by AWS.

Amazon Aurora Serverless is an on-demand, autoscaling configuration for Amazon Aurora. It automatically starts up, shuts down, and scales capacity up or down based on your application’s needs. You can run your database on AWS without managing database capacity.

Amazon Aurora Serverless

Our goal is to build Aurora Serverless v1 with CloudFormation and access it from an EC2 instance.

There are two versions of Aurora Serverless, but we will focus on v1.

For more information on Aurora Serverless v2, please see the following page.

Aurora Serverless v2 creation using CloudFormation 【Aurora Serverless v2 creation using CloudFormation】 In the following pages, we have shown you how to create Aurora Serverless v1 using CloudFormation. htt...


Diagram of Aurora Serverless

Create three subnets in the VPC.
All of them are private subnets with no access to the Internet.

Create Aurora Serverless and associate it with two subnets with different AZs.
Specify the latest version of the MySQL type.

Create an EC2 instance.
Use it as a client to connect to Aurora Serverless.
Specify the latest version of Amazon Linux 2 as the OS.

Create an SSM endpoint.
This is for remote access to the EC2 instance using SSM Session Manager.

Also create an S3 endpoint.
This is used to access the yum repository that will be built on the S3 bucket.

CloudFormation template files

Build the above configuration with CloudFormation.
The CloudFormation templates are located at the following URL

Explanation of key points of the template files

Security Group

Check the security groups for the EC2 instance and Aurora Serverless.

    Type: AWS::EC2::SecurityGroup
      GroupName: !Sub "${Prefix}-InstanceSecurityGroup"
      GroupDescription: Deny All.
      VpcId: !Ref VPC

    Type: AWS::EC2::SecurityGroup
      GroupName: !Sub "${Prefix}-DBSecurityGroup"
      GroupDescription: DBSecurityGroup.
      VpcId: !Ref VPC
        - IpProtocol: tcp
          FromPort: !Ref MySQLPort
          ToPort: !Ref MySQLPort
          SourceSecurityGroupId: !Ref InstanceSecurityGroup
Code language: YAML (yaml)

The former is for instances.
It does not specify the inbound communication to be allowed.
In this configuration, there is no inbound communication to the instance.

The latter is for Aurora Serverless.
This time, since Aurora Serverless of the MySQL type is created, the port for MySQL communication (tcp/3306) is permitted.
For the source, set the aforementioned security group for the instance.

Aurora Serverless

    Type: AWS::RDS::DBSubnetGroup
      DBSubnetGroupName: dbsubnetgroup
      DBSubnetGroupDescription: test subnet group
        - !Ref PrivateSubnet2
        - !Ref PrivateSubnet3

    Type: AWS::RDS::DBCluster
      DatabaseName: !Ref DBName
      DBClusterIdentifier: !Ref DBClusterIdentifier
      DBSubnetGroupName: !Ref DBSubnetGroup
      Engine: !Ref DBEngine
      EngineMode: serverless
      EngineVersion: !Ref DBEngineVersion
      MasterUsername: !Ref DBMasterUsername
      MasterUserPassword: !Ref DBMasterUserPassword
      StorageEncrypted: true
        - !Ref DBSecurityGroup

  #  Type: AWS::RDS::DBInstance
  #  Properties:
  #    ...
Code language: YAML (yaml)

To create Aurora Serverless, at least two resources must be defined.

The first is the DB subnet group.
There are requirements for the subnets to be associated with RDS.

Create subnets in different Availability Zones for the DB subnet group that you use for your Aurora Serverless v1 DB cluster.

Configuration requirements for Aurora Serverless v1

Specify the subnets created for each of the two AZs to meet the above requirements.

The second is a DB cluster.
The key point is the EngineMode property.
Specify “serverless” to create Aurora Serverless.

Specify the engine and version of the DB to be created in the Engine and EngineVersion properties.
In this case, we will specify the most recent MySQL version as of July 2022, so specify “aurora-mysql” for the former and “5.7.mysql_aurora.2.07.1” for the latter.
Please note that “aurora” must be specified in the Engine property when selecting MySQL 5.6 series.

Please refer to the following page for the engine versions supported by Aurora Serverless v1.

When creating Aurora Serverless, it is sufficient to define a DB cluster.
Since Aurora Serverless is a managed service, you do not need to define any internally generated DB instances.

EC2 Instance

    Type: AWS::EC2::Instance
      IamInstanceProfile: !Ref InstanceProfile
      ImageId: !Ref ImageId
      InstanceType: !Ref InstanceType
        - DeviceIndex: 0
          SubnetId: !Ref PrivateSubnet
            - !Ref InstanceSecurityGroup
      UserData: !Base64 |
        #!/bin/bash -xe
        yum update -y
        yum install -y mariadb
Code language: YAML (yaml)

2 instance is used to verify the connection to Aurora Serverless.
Therefore, in the UserData property, as part of the initialization process of the instance, we specify package installation by yum.
This time, since we are creating a MySQL type Aurora Serverless, we will install the client for MySQL (mysql) by installing the mariadb package.

For more information on the initialization process, please refer to the following page

Four ways to initialize Linux instance 【Four ways to initialize a Linux instance】 Consider how to perform the initialization process when an EC2 instance is started. We will cover the following ...

For more information on how to connect to RDS from Amazon Linux 2, please refer to the following page

Amazon Linux 2 How to Connect to RDS – ALL Engines 【How to connect to all RDS DB engines from Amazon Linux 2】 As of 2022, RDS offers the following seven DB engines aurora(PostgreSQL) aurora(MySQL) PostgreSQ...

For information on how to run yum in a private subnet, please refer to the following page

yum/dnf on private subnet instances 【Configuration for running yum/dnf on instance in private subnet】 We will check how to run yum/dnf on an instance in a private subnet. In this case, the fo...


Use CloudFormation to build this environment and check the actual behavior.

Create CloudFormation stacks and check resources in stacks

Create CloudFormation stacks.
For information on how to create stacks and check each stack, please refer to the following page

CloudFormation’s nested stack 【How to build an environment with a nested CloudFormation stack】 Examine nested stacks in CloudFormation. CloudFormation allows you to nest stacks. Nested ...

After checking the resources in each stack, information on the main resources created this time is as follows

  • EC2 instance: i-096b962150f8473aa
  • DB cluster for Aurora Serverless: fa-058-dbcluster
  • Aurora Serverless endpoint:
  • Master user name for Aurora Serverless: testuser
  • Password for the master user of Aurora Serverless: Passw0rd
  • Database name to be created in Aurora Serverless: testdb

We also check the creation status of Aurora Serverless from the AWS Management Console.

Detail of Aurora Serverless.

We can see that the DB cluster is indeed in Aurora Serverless mode and the engine type is the MySQL type.
We can also see that the endpoint mentioned above has been created and the communication port is 3306.

Check Action

Now that everything is ready, let’s access the EC2 instance.
Use SSM Session Manager to access the instance.

% aws ssm start-session --target i-096b962150f8473aa

Starting session with SessionId: root-08ee1c5f1155eb7dd
Code language: Bash (bash)

For more information on SSM Session Manager, please see the following page

Accessing Linux instance via SSM Session Manager 【Configure Linux instances to be accessed via SSM Session Manager】 We will check a configuration in which an EC2 instance is accessed via SSM Session Manag...

Check the installation status of mariadb.

sh-4.2$ yum list installed | grep mariadb
mariadb.x86_64                        1:5.5.68-1.amzn2                 @amzn2-core
mariadb-libs.x86_64                   1:5.5.68-1.amzn2                 installed
Code language: Bash (bash)

Installed successfully.

Next, check mysql client.

sh-4.2$ mysql -V
mysql  Ver 15.1 Distrib 5.5.68-MariaDB, for Linux (x86_64) using readline 5.1
Code language: Bash (bash)

The client is now installed.

Now that the client installation has been confirmed, connect to Aurora Serverless.
Specify the Aurora Serverless endpoint and pass the port number, user name, and password as arguments.

$ mysql -h -P 3306 -u testuser -p testdb
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.12 MySQL Community Server (GPL)

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MySQL [testdb]>
Code language: Bash (bash)

You have successfully connected.
You can see that Aurora Serverless has been successfully created.


We have confirmed how to create Aurora Serverless with CloudFormation.