Amazon Quantum Ledger Database (QLDB)

 

• Fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log ‎owned by a central trusted authority.
• Used to track all application data changes, and maintain a complete and verifiable history of changes over time
• Amazon QLDB is serverless.  No capacity provisioning required or setting read/write limits.
• QLDB transactions are ACID (atomicity, consistency, isolation, and durability) compliant.
• Amazon QLDB uses PartiQL as its query language.

How it Works

Common Use Cases

• Finance
  • Banks can use Amazon QLDB to easily store an accurate and complete record of all financial transactions, instead of building a custom ledger with complex auditing functionality.
• Insurance
  • Insurance companies can use Amazon QLDB to track the entire history of claim transactions. Whenever a conflict arises, Amazon QLDB can cryptographically verify the integrity of the claims data.

Components Of QLDB

• Ledger
  • Consists of tables and journals that keep all of the immutable histories of changes in the table.
• Tables 
  • Contains a collection of document revisions.
• Journal
  • An immutable transactions log where transactions are appended as a sequence of blocks that are cryptographically chained together to provide a secure verification and immutability of the history of changes to your ledger data.
  • Only the data’s history of change cannot be altered and not the data itself.
• Current State
  • The current state is similar to a traditional database where you can view and query the latest data.
• History
  • The history is a table where you can view and query the history of all the data and every change ever made to the data.

Performance

• Amazon QLDB can execute 2 – 3X as many transactions than ledgers in common blockchain frameworks.

Scalability

• Amazon QLDB automatically scales based on the workloads of your application.

Reliability

• Multiple copies of QLDB ledger are replicated across availability zones in a region. You can still continue to operate QLDB even in the case of zone failure.
• Ensures redundancy within a region.
• Also ensures full recovery when an availability zone goes down.

Backup and Restore

• You can export the contents of your QLDB journals to S3 as a backup plan.

Security

• Amazon QLDB uses SHA-256 hash function to make a secure file representation of your data’s change history called digest. The digest serves as a proof of your data’s change history, enabling you to go back at a point in time to verify the validity and integrity of your data changes.
• All data in transit and at rest are encrypted by default.
• Uses AWS-owned keys for encryption of data.
• The authentication is done by attaching a signature to the HTTP requests. The signature is then verified using the AWS credentials.
• Integrated with AWS Private Link.

Pricing

• You are billed based on five categories
  • Write I/Os
    • Pricing per 1 million requests
  • Read I/Os
    • Pricing per 1 million requests
  • Journal Storage Rate
    • Pricing per GB-month
  • Indexed Storage Rate
    • Pricing per GB-month
  • Data Transfer OUT From Amazon QLDB To Internet
    • You are charged based on the amount of data transferred per month. The rate varies for different regions.

Limitations

• Amazon QLDB does not support Backup and Restore. But you can export your data from QLDB to S3.
• Does not support Point-in-time restore feature.
• Does  not support cross-region replication.
• Does not support the use of customer managed CMKs (Customer Managed Keys).