Shared Responsibility Model in the Cloud – Part 2

shared model cloud dbaIn an earlier post, I discussed the Shared Responsibility Model in the cloud and how it relates to databases.  With either IaaS or DBaaS deployments, much of the operational and security burden is shifted away from the DBA to the cloud provider.  I also noted that regardless of the deployment method, there is always a need for a DBA. In both cloud deployment models, notice the top user responsibility: customer data.

Let’s review the major tasks of a DBA in the cloud and how that role differs between and IaaS and DBaaS deployment.

DBA Responsibility in the Cloud


With the burden of hardware, OS, and physical security in the cloud, the focus is shifted to the application data and performance.  From the application perspective, here are the top areas of focus:

  • Schema design and review
    • Ensuring optimal data types, indexing, etc
  • Performance tuning
    • Queries, system variables
  • Data archiving
  • Proactive optimization

While these aspects should always be the responsibility of the DBA, they are often overshadowed by operational tasks.  Moving to the cloud allows DBAs to get back to what they should be focused on – the data in the database.


Traditional DBAs were generally tasked with ensuring properly limited access to customer data.  In most cases, this is done with some combination of firewalls and user grants. When moving to a cloud deployment, this will remain a responsibility of the DBA.

The cloud provider can provide you with the tools to manage the firewall (i.e. security groups) and within MySQL, you are still required to manage user grants.  Note that this is NO DIFFERENT when compared to a traditional on-premise deployment.

Monitoring / Alerting

Finally, proper monitoring and alerting is the responsibility of the DBA.  As a best practice, it is advised to capture metrics on everything and alert on as few metrics as needed.  This is done to ensure proper trending can be reviewed (capture everything) while not overwhelming the pager with unactionable alerts (minimal alerts).

Some of this metric data is provided by the cloud provider via various monitor portals (i.e. CloudWatch).  However, it is up to the DBA to determine the proper thresholds and alerts. This can only be properly achieved after a thoughtful review of all the collected historical metrics.  Once baselines are achieved, then proper alerts are able to set up.

I would also note that regardless of the deployment method (IaaS or DBaaS), a tool such as Percona Monitoring and Management (PMM) can be invaluable here.

Cost Control

One of the benefits of the cloud is the elasticity and ease of launching new resources.  This can also lead to quite a headache in the finance department. The DBA should always be reviewing the systems to ensure:

  • You aren’t paying for unused resources
  • You are properly leveraging Reserved Instances where possible
  • Systems are tied to the proper teams for billing (i.e. tags, etc)

Understanding your systems and keeping them right-sized is an important role of the DBA.  Along with right-sizing your instances, proper capacity planning is also critical in controlling cost.  

In a survey of our users, 41% said they had to upgrade 5 times (or more) in the last 2 years, with the cost of the excess moves resulting in a 10x cost increase.  Having the time to properly review your data growth patterns is critical when planning for future growth.

DBA Responsibility in IaaS

When considering an IaaS deployment, there are additional tasks that need to be managed by a DBA.  Along with managing the customer data and access, here are some additional tasks needed in an IaaS environment:

  • Managing backups (verification, restoration, retention, etc)
  • Managing high availability 
  • Patching the guest OS
  • Installing / updating MySQL
  • Verifying DR solution

These responsibilities aren’t unique to an IaaS deployment and generally mirror a traditional DBA (minus the hardware support).  Automation is key to a successful IaaS deployment and having a DBA that truly understands the data access patterns and performance is critical.


Overall, the need for a DBA doesn’t go away when moving to a cloud environment (even when looking at a DBaaS deployment as noted by AWS).  The benefit of the cloud does not lie in eliminating the position of a DBA, but rather allowing the DBA to focus on what is most important to your organization: the data.  By removing the operational headaches and burdens from the team, you free up time to ensure the system is running at the optimal level.

Contact Percona today to see how we can help your team if you are moving or considering a move to the cloud.  We have experts in both databases and cloud deployments that can advise and help in all phases of migration.  How can we help you?


Companies are increasingly embracing database automation and the advantages offered by the cloud.  Our new white paper discusses common database scenarios and the true cost of downtime to your business, including the potential losses that companies can incur without a well-configured database and infrastructure setup.

Download “The Hidden Costs of Not Properly Managing Your Databases”

Share this post

Comment (1)

  • legendzradio Reply

    The @HostListener decorator is used to set up an event binding on the host element and is applied to a method. The example directive relies on the browser’s DOM API to manipulate its host element, both to add and remove class memberships and to receive the click…. Read More

    January 3, 2020 at 10:21 pm

Leave a Reply