[nlitened]

> What do you want AWS to do here? Keep running software that won't get security updates? That seems a bit wild to me.

PostgreSQL is open source, so they could keep patching the old version with security fixes.

Or... they could keep using just the community-supplied free-of-charge version and pocket all the money from not maintaining security patches themselves.

[watermelon0]

They are providing easier maintenance and monitoring for open source DBs. You can always avoid RDS and install Postgres manually on EC2, if you so desire.

I'm not saying RDS couldn't be better, but I wouldn't expect them to maintain unsupported versions of 3rd party software.

[scoopertrooper]

I agree AWS should be contributing back to the open source projects and they are listed as a 'sponsor' (though not a major one) on the Postgres website.

https://www.postgresql.org/about/policies/sponsorship/

But AWS should not have to take responsibility for providing indefinite updates to every version of every managed open source project it operates. The only way I could see this working would be if AWS charged the holdouts the cost of keeping them supported.

However, performing RDS Postgres upgrades is relatively quick and painless process. If a company doesn't have the capacity to do that every five years, then it shouldn't be running its own infrastructure.

[nlitened]

> The only way I could see this working would be if AWS charged the holdouts the cost of keeping them supported.

That actually sounds like a great idea. They could charge more for use of older versions, so that people could calculate their tradeoffs, and migrate when they decide themselves.