AWS CLI で RDS メンテナンスウィンドウ変更してみた
はじめに
こんにちは、アノテーション クラウド運用チームの原澤です。
今回は AWS CLI で RDS メンテナンスウィンドウを変更してみました。
弊社サービスの一貫で AWS CLI での作業が必要になり作成しました。
復習も兼ねて、書き記します。
Amazon RDS メンテナンスウィンドウ
Amazon RDS メンテナンスウィンドウにつきましては、下記公式ドキュメントをご参照ください。
前提条件
- 適切な IAM 権限があること
- DB を作成済み
- DB 識別子:test-maintenance-window
- 初期メンテナンスウィンドウ日時:September 08, 2025 04:38 - 05:08 (UTC+09:00)
使用するコマンド
DB が存在しているか確認するために使用
aws rds describe-db-instances \
--db-instance-identifier "$RDS_INSTANCE_IDENTIFIER" \
--output json \
--no-cli-pager
メンテナンスウィンドウ日時を確認するコマンド
aws rds describe-db-instances \
--db-instance-identifier "$RDS_INSTANCE_IDENTIFIER" \
--query 'DBInstances[*].PreferredMaintenanceWindow'
メンテナンスウィンドウ日時を変更するコマンド
aws rds modify-db-instance \
--db-instance-identifier $RDS_INSTANCE_IDENTIFIER \
--preferred-maintenance-window "$SET_TIME" \
--no-cli-pager
通しでやってみた
1. 変更したい DB の DB インスタンス識別子を変数に格納
RDS_INSTANCE_IDENTIFIER=test-maintenance-window
2. 念の為、DB が存在しているか確認
aws rds describe-db-instances \
--db-instance-identifier "$RDS_INSTANCE_IDENTIFIER" \
--output json \
--no-cli-pager
出力結果
{
"DBInstances": [
{
"DBInstanceIdentifier": "test-maintenance-window",
"DBInstanceClass": "db.t3.micro",
"Engine": "mysql",
"DBInstanceStatus": "available",
"MasterUsername": "admin",
"Endpoint": {
"Address": "test-maintenance-window.xxxxxxxxxxxxx.ap-northeast-1.rds.amazonaws.com",
"Port": 3306,
"HostedZoneId": "XXXXXXXXXXXXXXXXX"
},
"AllocatedStorage": 20,
"InstanceCreateTime": "2025-09-03T08:48:30.083000+00:00",
"PreferredBackupWindow": "14:37-15:07",
"BackupRetentionPeriod": 0,
"DBSecurityGroups": [],
"VpcSecurityGroups": [
{
"VpcSecurityGroupId": "sg-xxxxxxxxxxxxxxxxx",
"Status": "active"
}
],
"DBParameterGroups": [
{
"DBParameterGroupName": "default.mysql8.0",
"ParameterApplyStatus": "in-sync"
}
],
"AvailabilityZone": "ap-northeast-1a",
"DBSubnetGroup": {
"DBSubnetGroupName": "default-vpc-xxxxxxxxxxxxxxxxx",
"DBSubnetGroupDescription": "Created from the RDS Management Console",
"VpcId": "vpc-xxxxxxxxxxxxxxxxx",
"SubnetGroupStatus": "Complete",
"Subnets": [
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1a"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1a"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1d"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1d"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
}
]
},
"PreferredMaintenanceWindow": "sun:19:38-sun:20:08",
"PendingModifiedValues": {},
"MultiAZ": false,
"EngineVersion": "8.0.42",
"AutoMinorVersionUpgrade": true,
"ReadReplicaDBInstanceIdentifiers": [],
"LicenseModel": "general-public-license",
"OptionGroupMemberships": [
{
"OptionGroupName": "default:mysql-8-0",
"Status": "in-sync"
}
],
"PubliclyAccessible": false,
"StorageType": "gp2",
"DbInstancePort": 0,
"StorageEncrypted": true,
"KmsKeyId": "arn:aws:kms:ap-northeast-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"DbiResourceId": "db-XXXXXXXXXXXXXXXXXXXXXXXXXX",
"CACertificateIdentifier": "rds-ca-rsa2048-g1",
"DomainMemberships": [],
"CopyTagsToSnapshot": true,
"MonitoringInterval": 0,
"DBInstanceArn": "arn:aws:rds:ap-northeast-1:xxxxxxxxxxxx:db:test-maintenance-window",
"IAMDatabaseAuthenticationEnabled": false,
"DatabaseInsightsMode": "standard",
"PerformanceInsightsEnabled": false,
"DeletionProtection": false,
"AssociatedRoles": [],
"MaxAllocatedStorage": 1000,
"TagList": [],
"CustomerOwnedIpEnabled": false,
"ActivityStreamStatus": "stopped",
"BackupTarget": "region",
"NetworkType": "IPV4",
"StorageThroughput": 0,
"MasterUserSecret": {
"SecretArn": "arn:aws:secretsmanager:ap-northeast-1:xxxxxxxxxxxx:secret:rds!db-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-xxxxxx",
"SecretStatus": "active",
"KmsKeyId": "arn:aws:kms:ap-northeast-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
},
"CertificateDetails": {
"CAIdentifier": "rds-ca-rsa2048-g1",
"ValidTill": "2026-09-03T08:47:02+00:00"
},
"DedicatedLogVolume": false,
"IsStorageConfigUpgradeAvailable": false,
"EngineLifecycleSupport": "open-source-rds-extended-support-disabled"
}
]
}
存在していない場合は、以下エラーが出力されます
An error occurred (DBInstanceNotFound) when calling the DescribeDBInstances operation: DBInstance <DB インスタンス識別子> not found.
3. 現状のメンテナンスウィンドウ日時を確認
aws rds describe-db-instances \
--db-instance-identifier "$RDS_INSTANCE_IDENTIFIER" \
--query 'DBInstances[*].PreferredMaintenanceWindow'
- 出力結果(UTC 時間で出力されます)
[
"sun:19:38-sun:20:08"
]
4. 変更したい時間を変数に格納
- 今回は日曜日の 5 時 ‐ 6 時で設定していきます
- JST の日曜日 05:00-06:00 = UTC の日曜日 20:00-21:00
※ AWS CLI では UTC 時間で指定します
- JST の日曜日 05:00-06:00 = UTC の日曜日 20:00-21:00
SET_TIME="Tue:20:00-Tue:21:00"
echo "$SET_TIME"
- 出力結果
Sun:20:00-Sun:21:00
5. メンテナンスウィンドウ時間を変更
aws rds modify-db-instance \
--db-instance-identifier $RDS_INSTANCE_IDENTIFIER \
--preferred-maintenance-window "$SET_TIME" \
--no-cli-pager
出力結果
{
"DBInstance": {
"DBInstanceIdentifier": "test-maintenance-window",
"DBInstanceClass": "db.t3.micro",
"Engine": "mysql",
"DBInstanceStatus": "available",
"MasterUsername": "admin",
"Endpoint": {
"Address": "test-maintenance-window.xxxxxxxxxxxxx.ap-northeast-1.rds.amazonaws.com",
"Port": 3306,
"HostedZoneId": "XXXXXXXXXXXXXXXXX"
},
"AllocatedStorage": 20,
"InstanceCreateTime": "2025-09-03T08:48:30.083000+00:00",
"PreferredBackupWindow": "14:37-15:07",
"BackupRetentionPeriod": 0,
"DBSecurityGroups": [],
"VpcSecurityGroups": [
{
"VpcSecurityGroupId": "sg-xxxxxxxxxxxxxxxxx",
"Status": "active"
}
],
"DBParameterGroups": [
{
"DBParameterGroupName": "default.mysql8.0",
"ParameterApplyStatus": "in-sync"
}
],
"AvailabilityZone": "ap-northeast-1a",
"DBSubnetGroup": {
"DBSubnetGroupName": "default-vpc-xxxxxxxxxxxxxxxxx",
"DBSubnetGroupDescription": "Created from the RDS Management Console",
"VpcId": "vpc-xxxxxxxxxxxxxxxxx",
"SubnetGroupStatus": "Complete",
"Subnets": [
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1a"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1a"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1d"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
},
{
"SubnetIdentifier": "subnet-xxxxxxxxxxxxxxxxx",
"SubnetAvailabilityZone": {
"Name": "ap-northeast-1d"
},
"SubnetOutpost": {},
"SubnetStatus": "Active"
}
]
},
"PreferredMaintenanceWindow": "tue:20:00-tue:21:00",
"PendingModifiedValues": {},
"MultiAZ": false,
"EngineVersion": "8.0.42",
"AutoMinorVersionUpgrade": true,
"ReadReplicaDBInstanceIdentifiers": [],
"LicenseModel": "general-public-license",
"OptionGroupMemberships": [
{
"OptionGroupName": "default:mysql-8-0",
"Status": "in-sync"
}
],
"PubliclyAccessible": false,
"StorageType": "gp2",
"DbInstancePort": 0,
"StorageEncrypted": true,
"KmsKeyId": "arn:aws:kms:ap-northeast-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"DbiResourceId": "db-XXXXXXXXXXXXXXXXXXXXXXXXXX",
"CACertificateIdentifier": "rds-ca-rsa2048-g1",
"DomainMemberships": [],
"CopyTagsToSnapshot": true,
"MonitoringInterval": 0,
"DBInstanceArn": "arn:aws:rds:ap-northeast-1:xxxxxxxxxxxx:db:test-maintenance-window",
"IAMDatabaseAuthenticationEnabled": false,
"DatabaseInsightsMode": "standard",
"PerformanceInsightsEnabled": false,
"DeletionProtection": false,
"AssociatedRoles": [],
"MaxAllocatedStorage": 1000,
"TagList": [],
"CustomerOwnedIpEnabled": false,
"BackupTarget": "region",
"NetworkType": "IPV4",
"StorageThroughput": 0,
"MasterUserSecret": {
"SecretArn": "arn:aws:secretsmanager:ap-northeast-1:xxxxxxxxxxxx:secret:rds!db-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-xxxxxx",
"SecretStatus": "active",
"KmsKeyId": "arn:aws:kms:ap-northeast-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
},
"CertificateDetails": {
"CAIdentifier": "rds-ca-rsa2048-g1",
"ValidTill": "2026-09-03T08:47:02+00:00"
},
"DedicatedLogVolume": false,
"EngineLifecycleSupport": "open-source-rds-extended-support-disabled"
}
}
6. 変更されているか確認
- まずは AWS CLI で確認
aws rds describe-db-instances \
--db-instance-identifier $RDS_INSTANCE_IDENTIFIER \
--query 'DBInstances[*].PreferredMaintenanceWindow'
- 出力結果(UTC で出力されます)
[
"tue:20:00-tue:21:00"
]
- 次にコンソール画面で確認(JST で表示されてます)
無事以下のように変更されました!
- 9 月 8 日 → 9 月 10 日
- 04:38 - 05:08 (UTC+09:00) → 05:00 - 06:00 (UTC+09:00)
最後に
コンソール画面で行うほうが楽だと思いますが、AWS CLI で行うのも楽しくて好きです。
最後までご覧いただき、ありがとうございました!
参考
公式ドキュメント
Amazon RDS メンテナンスウィンドウ
DB インスタンスの適切なメンテナンスウィンドウの調整
アノテーション株式会社について
アノテーション株式会社はクラスメソッドグループのオペレーション専門特化企業です。サポート・運用・開発保守・情シス・バックオフィスの専門チームが、最新 IT テクノロジー、高い技術力、蓄積されたノウハウをフル活用し、お客様の課題解決を行っています。当社は様々な職種でメンバーを募集しています。「オペレーション・エクセレンス」と「らしく働く、らしく生きる」を共に実現するカルチャー・しくみ・働き方にご興味がある方は、[アノテーション株式会社 採用サイト][4] をぜひご覧ください。