RDS Auto Minor Version Upgrade does not work as you could probably expect!

I was quite surprised when I found out!

The RDS Auto Minor Version Upgrade doesn't always automatically update the minor version!

Especially since the documentation is misleading with this, saying at the beginning:

A minor engine version is an update to a DB engine version within a major engine version. For example, a major engine version might be 9.6 with the minor engine versions 9.6.11 and 9.6.12 within it.

If you want Amazon RDS to upgrade the DB engine version of a database automatically, you can enable auto minor version upgrades for the database.

And in their blog post regarding this feature:

Auto Minor Version Upgrade is a feature that you can enable to have your database automatically upgraded when a new minor database engine version is available.

And I haven't found any single hint regarding the updates needing to meet any additional conditions to be performed...

So when does the RDS Auto Minor Version Upgrade perform the upgrade?

There are two cases:

  1. The minor version that you currently have is completely deprecated by AWS

  2. The minor version has the AutoUpgrade: True attribute set by AWS

The AutoUpgrade: True attribute is set by AWS under some special circumstances when the new one contains very important cumulative bug fixes and an upgrade is absolutely necessary.

How can you check which minor was tagged with AutoUpgrade: True?
By executing this command:

aws rds describe-db-engine-versions --region YOURREGION --output=table --engine YOURENGINE

You will see that most of the minor versions have the AutoUpgrade: False attribute set. Your current version should be either the newest with AutoUpgrade: True or the one you have manually chosen - depending on which is newer.

Could this be automated?
Probably yes - with Lambda function to seek the most recent minor version and calling RDS API to upgrade to that version in the next maintenance window.

Is it worth automating?
In most cases - no.
The most important bug fixes and security patches will be applied automatically.

Unless you are sure you need this or you already have a stable mechanism to reuse, you will most likely spend more time automating it than you will benefit from the most recent minor.
Remember, that there's always an alternative cost of doing something - not doing something else.

I haven't automated this as in my case the implementation costs outperform potential benefits.

Will there be more storytelling?
I think it doesn't fit into every blog post (like this one), but it may be continued for some in the future - stay tuned!