docs(06-02): create Diátaxis documentation for Lab 05 Database & RDS

Documentation (6 files, 1500+ lines):
Tutorials (3):
- 01-deploy-rds-database.md: Deploy PostgreSQL in private network
- 02-data-persistence.md: Data persistence with named volumes
- 03-security-compliance.md: INF-01/02/03/04 compliance

How-to Guides (1):
- connect-to-postgresql.md: Connection methods

Reference (1):
- postgresql-commands.md: PostgreSQL command reference

Explanation (1):
- database-rds-parallels.md: Docker↔RDS parallels with architecture diagrams

Key concepts:
- PostgreSQL container → RDS Instance
- Private network → VPC Private Subnet
- Named volume → EBS volume
- Resource limits → DB instance class

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

labs/lab-05-database/explanation/database-rds-parallels.md

@@ -0,0 +1,157 @@
+# Explanation: Docker Database ↔ RDS Parallels
+
+## Architettura a Confronto
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                    AWS Cloud Architecture                   │
+├─────────────────────────────────────────────────────────────┤
+│                                                             │
+│   ┌───────────────┐         ┌──────────────────┐           │
+│   │  EC2 Instance │         │   RDS Instance   │           │
+│   │   (Web/App)   │────────▶│   PostgreSQL     │           │
+│   │               │ VPC     │   Private Subnet │           │
+│   └───────────────┘         └──────────────────┘           │
+│         │                            │                      │
+│         │                         EBS Volume                │
+│      Internet                         │                      │
+│                                        ▼                     │
+│                                  Persistent Data            │
+└─────────────────────────────────────────────────────────────┘
+
+┌─────────────────────────────────────────────────────────────┐
+│                    Local Docker Architecture                 │
+├─────────────────────────────────────────────────────────────┤
+│                                                             │
+│   ┌───────────────┐         ┌──────────────────┐           │
+│   │  Container    │         │   Container      │           │
+│   │   (nginx)     │────────▶│   PostgreSQL     │           │
+│   │   lab05-app   │ Bridge  │   lab05-db       │           │
+│   └───────────────┘ Network └──────────────────┘           │
+│         │                    Private Network                │
+│      Host                        │                         │
+│   (127.0.0.1)                   │                         │
+│                                Named Volume                │
+│                                    │                        │
+│                                    ▼                        │
+│                              Persistent Data               │
+└─────────────────────────────────────────────────────────────┘
+```
+
+## Mapping Componenti
+
+| Docker Locale | AWS Cloud | Spiegazione |
+|---------------|-----------|-------------|
+| PostgreSQL container | RDS Instance | Database gestito |
+| Private bridge network | VPC Private Subnet | Isolamento di rete |
+| Named volume | EBS volume | Persistenza dati |
+| Resource limits (cpus, memory) | DB instance class | Allocazione risorse |
+| docker-compose up | RDS create | Deploy command |
+| docker logs | CloudWatch logs | Logging e monitoring |
+| pg_isready | RDS health check | Verifica disponibilità |
+| Non-root user | IAM authentication | Controllo accessi |
+
+## Differenze Chiave
+
+### Gestione
+
+**RDS (AWS):**
+- Completamente managed
+- Patch automatiche
+- Backup automatici
+- Multi-AZ per HA
+- Scaling orizzontale Read Replicas
+
+**PostgreSQL Docker:**
+- Self-managed
+- Patch manuali
+- Backup manuali (pg_dump)
+- HA con repliche manuali
+- Read repliche configurate manualmente
+
+### Sicurezza
+
+**RDS:**
+- IAM authentication
+- Security groups VPC
+- Encryption at rest (KMS)
+- SSL/TLS obbligatorio
+- Audit logging
+
+**PostgreSQL Docker:**
+- Username/password
+- Bridge network isolation
+- Filesystem encryption (host)
+- TLS configurato manualmente
+- PostgreSQL logging
+
+### Costi
+
+**RDS:**
+- Costo orario instance
+- Costo storage GB/mese
+- Costo data transfer
+- Costo backup storage
+
+**PostgreSQL Docker:**
+- Costo VM host
+- Nessun costo aggiuntivo
+- Storage incluso
+- Nessun data transfer cost
+
+## Quando Usare Quale
+
+### Usa RDS quando:
+- Servizio production mission-critical
+- Requltiamo alta disponibilità (99.99%)
+- Hai bisogno di scaling automatico
+- Vuoi managed backups
+- Budget per costi cloud
+
+### Usa PostgreSQL Docker quando:
+- Sviluppo e testing
+- Ambienti di laboratorio
+- Proof of concept
+- Budget limitato
+- Requisiti di bassa complessità
+
+## Best Practices Comuni
+
+**Entrambi:**
+- Non esporre su internet
+- Usare backup regolari
+- Monitorare performance
+- Configurare resource limits
+- Usare connessioni SSL/TLS
+
+**RDS-specific:**
+- Abilita Multi-AZ per production
+- Configura retention backup
+- Usa Parameter Groups
+- Abilita Performance Insights
+
+**Docker-specific:**
+- Usa named volumes
+- Configura healthchecks
+- Limita risorse container
+- Monitora docker stats
+
+## Comandi Equivalenti
+
+| Operazione | Docker | RDS/AWS |
+|------------|--------|---------|
+| Deploy | docker-compose up | aws rds create-db-instance |
+| Stop | docker-compose stop | aws rds stop-db-instance |
+| Start | docker-compose start | aws rds start-db-instance |
+| Scale | docker-compose up --scale | aws rds modify-db-instance |
+| Status | docker ps | aws rds describe-db-instances |
+| Logs | docker logs | aws rds describe-db-log-files |
+| Backup | pg_dump | aws rds create-db-snapshot |
+| Restore | psql < backup.sql | aws rds restore-db-instance |
+
+## Percorso di Apprendimento
+
+1. **Inizia con Docker:** Impara concetti base PostgreSQL
+2. **Pratica con Docker:** Sperimenta in sicurezza locale
+3. **Passa a RDS:** Applica conoscenze al cloud
+4. **Approfondisci:** Managed services e ottimizzazione