Behavior & Limits
Guarantees, limits, and platform-specific notes for Alien Postgres.
Guarantees
Real PostgreSQL. Every platform runs PostgreSQL on the standard wire protocol: full ACID transactions, the complete SQL surface, and your own driver or ORM. Alien provisions and connects it. It does not wrap or subset it.
Private networking. On the clouds (AWS, GCP, Azure), Postgres has no public IP and is reachable only by same-stack workloads — there's no public-exposure option to misconfigure, and Alien auto-creates the Network those workers (Lambda, Cloud Run, Container Apps) attach to. Local listens only on localhost. On Kubernetes the operator provides the database and owns its networking.
pgvector and core extensions. On the clouds and Local, vector (pgvector), pg_trgm, uuid-ossp, and pgcrypto are available — your migrations just run CREATE EXTENSION IF NOT EXISTS …. Vector indexes use pgvector's HNSW and IVFFlat types. Each managed cloud ships its provider's pgvector — AWS Aurora 0.8.x, GCP Cloud SQL 0.8.0, Azure Flexible Server 0.8.2 (the version tracks the engine's minor release and moves over time); Local ships 0.8.1, built by Alien. On Kubernetes, extensions depend on the operator-provided database.
Automated backups on every cloud. The managed clouds keep automated backups with 7-day retention. Local is for development and is not backed up.
Limits
| Limit | Value | Notes |
|---|---|---|
| Engine version | 15, 16, 17 | Fixed after create; changing it is rejected (recreate to move versions). |
| Storage | default 20Gi, grow-only | Shrinking is rejected; Azure rounds up to a 32 GiB minimum. |
Max cpu / memory | GCP 16 vCPU / 60 GiB · Azure 8 vCPU / 32 GiB | GCP/Azure reject a larger request; AWS sizes the ACU ceiling from memory, up to 256 ACU (≈ 512 GiB). |
| Backup retention | 7 days | Managed clouds only; not on Local. |
cpu and memory are sizing hints, applied differently per cloud:
- GCP and Azure pick the smallest tier that satisfies both
cpuandmemory, rounding up (GCP to adb-customtier, Azure to a Flexible Server SKU). - AWS (Aurora Serverless v2, ACU-based) sizes from
memory;cpuis not used.
Changing a live database. cpu and memory resize in place on the managed clouds — AWS adjusts the Aurora ACU ceiling, GCP patches the Cloud SQL machine tier, and Azure re-applies the Flexible Server SKU. Your data is kept, with a brief restart. The major version is fixed after create: an in-place major upgrade isn't supported yet, so changing it is rejected — move to a new version by creating a new resource and migrating the data. On Local, cpu/memory have no effect and the version is pinned at create.
Platform Notes
AWS — Aurora Serverless v2
Auto-pause: while idle, compute scales to zero and you pay for storage only. The first connection after idle waits roughly 15 s while the instance resumes (longer after long idle periods), so use connect retries and a ≥ 30 s connect timeout, and don't point health-check probes at the endpoint — they keep it awake. Private access is a DB subnet group plus a dedicated security group that admits 5432 from the stack only.
GCP — Cloud SQL (Enterprise)
Provisioned instances (no scale-to-zero); cpu/memory map to a db-custom Enterprise tier. highAvailability() maps to a regional configuration. Private access is via a Private Service Connect endpoint.
Azure — Flexible Server
Provisioned instances. highAvailability() maps to zone-redundant HA. Minimum storage is 32 GiB (smaller requests round up). Private access is via a Private Endpoint in a dedicated subnet plus a private DNS zone.
Kubernetes / On-Prem
Postgres is not provisioned by Alien. The cluster operator provides the database, and its guarantees — networking, extensions, backups — depend on that backing service.
Local
A native process from embedded binaries, no Docker required. The data directory persists across restarts; Alien restarts the process on crash and on CLI startup. Backups are out of scope.
Design Decisions
Private only. There is deliberately no public-exposure option: a public database endpoint simply can't be configured, so it can't be misconfigured.
Delete removes the data. Deleting the resource deletes the database and its data, with no final snapshot — consistent with every other Alien resource. Export it first if you need to keep it.
Grow-only storage, fixed version. Storage grows but never shrinks, and the engine version is fixed at create. An in-place major upgrade is significant and hard to reverse, so rather than silently not upgrading or destroying data by recreating, Alien rejects a version change and asks you to migrate to a new resource. cpu and memory, by contrast, resize in place.