RDS Restore
Restore an RDS instance from a snapshot into your selected VPC and network configuration
1
Select Snapshot
2
Instance Configuration
Letters, numbers, hyphens. Must start with a letter.
Enable Multi-AZ
Standby replica in a second AZ — recommended for production
3
Network
Select a VPC first
4
Engine & Encryption
Leave blank to use the engine default.
Leave blank to use the engine default.
Select your CMK here before using Copy to Manual Snapshot. The restore operation inherits encryption from the snapshot directly.
Zero-ETL Integration
Guided runbook for re-creating the Aurora → Redshift Zero-ETL integration (Production account)
1
Step 1 — Delete existing integration
In Aurora and RDS → Zero-ETL-Integration page → delete the integration. All actions in the Production account.
Navigate to the RDS Zero-ETL Integrations page in the AWS Console, find the existing integration, and delete it before proceeding.
2a
Step 2a — Check active connections
Run in Redshift Query Editor to find active connections to frauddb.
SELECT *
FROM pg_stat_activity
WHERE datname = 'frauddb'
AND usename = 'hcp';
Identify any active
procpid values from the results — you will need them in the next step.2b
Step 2b — Terminate connections
Enter the procpid values found above to generate terminate statements.
Enter the procpid values from Step 2a, comma-separated (e.g.
12345, 67890). If there were no results, skip directly to Mark Complete.2c
Step 2c — Drop database
Drop frauddb in Redshift. Must succeed before recreating from integration.
DROP DATABASE frauddb;
This must succeed before you can create the database from the new integration. If it fails, revisit Step 2b to ensure all connections are terminated.
3a
Step 3a — Create integration
In RDS → Zero-ETL Integration → Create Integration. Target the prod DB (state: available).
Go to the RDS console, navigate to Zero-ETL Integrations, and click Create Integration. Provide an integration name and target the production Aurora cluster (state must be available).
3b
Step 3b — Configure filtering
Choose Custom filtering, then set include and exclude patterns.
Select Custom filtering in the integration wizard. Copy the include and exclude patterns below, then click Next, select the Redshift cluster, and click Create integration.
Include
frauddb.*,codes.*,npi.*
Exclude
frauddb./.*_seq$/,npi./.*_seq$/,frauddb.certificaterequest,frauddb.certificate,codes.service_codes,codes.score_category_remap,codes.schemaversion,codes.provider_taxonomy,codes.medicare,codes.drgs,codes.diagnosis_codes,frauddb.namedlock,frauddb.filerecordcontent
3c
Step 3c — Wait for integration creation
Integration will be created and begin syncing. Typical duration: 3–4 hours.
The integration has been submitted. Wait for it to reach Active status in the RDS console before proceeding. This typically takes 3–4 hours.
0h 0m
elapsed
Estimated: 3–4 hours
4a
Step 4a — Open integration in Redshift
Go to Redshift → Zero-ETL-Integration and select the integration.
The integration should show as Active in Redshift, but the database does not exist yet — that is expected at this stage.
4b
Step 4b — Create DB from integration
Click Create DB from integration and enter frauddb.
When prompted to connect, choose any DB other than frauddb. Then click Create DB from integration and enter
frauddb as the database name. If frauddb was not successfully dropped in Step 2c, this step will fail.4c
Step 4c — Wait for DB creation
Watch progress in the Zero-ETL Integration view in Redshift. Typical duration: 2–3 hours.
Monitor the sync progress in the Redshift Zero-ETL integration view. The database will populate as data syncs from Aurora.
0h 0m
elapsed
Estimated: 2–3 hours
5a
Step 5a — Grant schema usage
Grant USAGE on all three schemas to readonly_group.
GRANT USAGE ON SCHEMA frauddb TO GROUP readonly_group;
GRANT USAGE ON SCHEMA npi TO GROUP readonly_group;
GRANT USAGE ON SCHEMA codes TO GROUP readonly_group;
5b
Step 5b — Grant table access
Grant SELECT on all tables in each schema to readonly_group.
GRANT SELECT ON ALL TABLES IN SCHEMA frauddb TO GROUP readonly_group;
GRANT SELECT ON ALL TABLES IN SCHEMA codes TO GROUP readonly_group;
GRANT SELECT ON ALL TABLES IN SCHEMA npi TO GROUP readonly_group;
5c
Step 5c — Default privileges
Set default privileges so future tables are automatically accessible.
ALTER DEFAULT PRIVILEGES IN SCHEMA frauddb GRANT SELECT ON TABLES TO GROUP readonly_group;
ALTER DEFAULT PRIVILEGES IN SCHEMA codes GRANT SELECT ON TABLES TO GROUP readonly_group;
ALTER DEFAULT PRIVILEGES IN SCHEMA npi GRANT SELECT ON TABLES TO GROUP readonly_group;
5d
Step 5d — Language usage grant
Grant USAGE on exfunc language to individual users.
GRANT USAGE ON LANGUAGE exfunc TO bmccurdy;
GRANT USAGE ON LANGUAGE exfunc TO hcp;
6
Step 6 — Communicate completion
Post an update in the Redshift group.
Copy the message below and post it in the Redshift Slack channel.
✅ Zero-ETL Integration runbook complete.
frauddb is now syncing to Redshift from Aurora.
Schemas: frauddb, codes, npi — all accessible to readonly_group.