Provision RDS

Overview

This section presents the steps to provision the RDS instance and prepare the basic backend connectivity settings.

Implementation steps

1. Before creating the database, open RDS > Subnet groups to prepare a DB subnet group for the private subnets.

2. Create the subnet group lunchsync-rds-subnet, describe it clearly for LunchSync RDS, and choose lunchsync-vpc.

3. Select the two private subnets in ap-southeast-1a and ap-southeast-1b, then add them to the subnet group.

4. Review the subnet group list and confirm that lunchsync-rds-subnet is in Complete status.

5. Open Databases and choose Create database to start provisioning PostgreSQL.

6. Choose PostgreSQL, use Standard create / Full configuration, pick a Dev/Test style template, and keep the deployment Single-AZ.

7. Set DB instance identifier = lunchsync-db, use lunchsync as the master username, and let AWS Secrets Manager manage the credentials.

8. Choose instance class db.t3.micro, storage type gp3, then configure connectivity with lunchsync-vpc, subnet group lunchsync-rds-subnet, Public access = No, and security group rds-sg.

9. Review the additional configuration, backup, and maintenance settings, then submit the database request.

10. When lunchsync-db reaches Available, record the :5432 endpoint, the secret ARN created by RDS, and confirm that the database is not publicly accessible.