Practice Now
PostgreSQL
Amazon Linux AMI
installation guide
database setup
cloud computing

How to Install Postgresql 11 in Amazon Linux AMI?

Master System Design with Codemia

Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.

Start PracticingLearn More

Introduction

Installing PostgreSQL 11 on Amazon Linux AMI is mostly a package-repository and service-configuration task. The exact commands differ slightly between Amazon Linux generations, but the workflow is consistent: enable the right repository, install server packages, initialize data, and secure access. This guide focuses on a predictable command sequence that works well for EC2-based deployments.

Check OS Version and Prepare the Host

Before installing, confirm which Amazon Linux variant your instance runs. Repository commands fail silently or install the wrong version if this step is skipped.

bash
cat /etc/os-release
uname -a

Update baseline packages:

bash
sudo yum clean all
sudo yum -y update

Install utility tools you will need for diagnostics and service checks:

bash
sudo yum -y install wget curl jq

If this server is production-bound, also verify clock sync and disk layout before database initialization.

Enable PostgreSQL 11 Repository and Install Packages

On Amazon Linux 2, the PostgreSQL upstream repository is commonly used for version-specific installs.

bash
sudo yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
sudo yum -y install postgresql11 postgresql11-server

If you see dependency conflicts, check enabled repos and disable conflicting module streams.

Verify binaries:

bash
/usr/pgsql-11/bin/psql --version

This should print a version starting with 11.

Initialize Data Directory and Start Service

PostgreSQL must initialize cluster metadata once before first start.

bash
1sudo /usr/pgsql-11/bin/postgresql-11-setup initdb
2sudo systemctl enable postgresql-11
3sudo systemctl start postgresql-11
4sudo systemctl status postgresql-11 --no-pager

Check local connectivity as the postgres user:

bash
sudo -iu postgres psql -c "SELECT version();"

If this command fails, inspect logs first rather than repeatedly restarting:

bash
sudo journalctl -u postgresql-11 -n 100 --no-pager

Configure Authentication and Network Access

Default settings usually allow only local socket connections. For remote access, update both postgresql.conf and pg_hba.conf carefully.

Set listen address:

bash
sudo sed -i "s/^#listen_addresses.*/listen_addresses = '*'/'" /var/lib/pgsql/11/data/postgresql.conf

Add CIDR-based client rule. Use your VPC subnet, not unrestricted access.

bash
echo "host    all    all    10.0.0.0/16    md5" | sudo tee -a /var/lib/pgsql/11/data/pg_hba.conf

Restart service:

bash
sudo systemctl restart postgresql-11

Now create an application user and database:

bash
1sudo -iu postgres psql <<'SQL'
2CREATE ROLE app_user WITH LOGIN PASSWORD 'change_me_now';
3CREATE DATABASE app_db OWNER app_user;
4GRANT ALL PRIVILEGES ON DATABASE app_db TO app_user;
5SQL

Security Group and Host Firewall Requirements

Even if PostgreSQL listens correctly, EC2 security groups can still block traffic.

Minimum checks:

  • allow TCP 5432 from only trusted source CIDR
  • avoid public 0.0.0.0/0 exposure
  • keep instances in private subnets when possible

Quick socket check on host:

bash
sudo ss -ltnp | grep 5432

Remote connectivity test from an approved client:

bash
psql "host=your-db-host port=5432 dbname=app_db user=app_user sslmode=prefer"

If this times out, inspect security groups and network ACLs before changing PostgreSQL settings again.

Operational Baseline After Installation

A working install is only the start. Add backups, monitoring, and resource safeguards.

Recommended first-day tasks:

  • configure daily logical backups with pg_dump
  • set up disk and memory alerts
  • track slow query logs
  • rotate credentials and store secrets in a secure manager

Example backup command:

bash
PGPASSWORD='change_me_now' pg_dump -h 127.0.0.1 -U app_user app_db > /tmp/app_db.sql

Automate and test restore, not just backup creation.

Common Pitfalls

  • Installing default PostgreSQL package and getting wrong major version.
  • Forgetting initdb before starting the service.
  • Opening 5432 broadly in security groups.
  • Editing postgresql.conf without matching pg_hba.conf rules.
  • Assuming service restart errors are fixed without checking journalctl logs.

Summary

  • Confirm OS details before selecting repository commands.
  • Install explicit PostgreSQL 11 packages and initialize cluster data.
  • Configure listen address, authentication rules, and EC2 networking together.
  • Validate local and remote connectivity with targeted checks.
  • Add backup and monitoring baseline immediately after install.
Course illustration
Course illustration
Codemia
© 2026 Codemia
Resources
Legal
Social
All Rights Reserved.