Menu
I am trying to create RDS that would operate only in intranet (aka some private subnet). The access to it will be provided only to the applications.
I've created vpc configuration in a separate terraform file link
The file contains vpc configuration, routes, nat and so on.
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
....
resource "aws_route_table_association" "intranet" {
subnet_id = "${aws_subnet.intranet.id}"
route_table_id = "${aws_route_table.intranet_routetable.id}"
}
For my RDS configuration I created a separate terraform file with the similar content
terraform {
backend "s3" {
bucket = "s3-terraform-state-backend"
region = "eu-central-1"
key = "common/terraform.tfstate"
}
}
provider "aws" {
region = "eu-central-1"
}
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
# should contain configuration for common components (rds, sqs etc.)
resource "aws_db_subnet_group" "db_subnet" {
name = "intranet"
subnet_ids = ["${aws_subnet.intranet.id}"]
}
resource "aws_db_instance" "core" {
name = "gj-core-db"
engine = "postgres"
allocated_storage = 10
storage_type = "gp2"
instance_class = "db.t2.micro"
db_subnet_group_name = "${aws_db_subnet_group.db_subnet.name}"
}
Basically I duplicated the subnet and vpc configuration from another file (as I need it here too). File itself is here link
When I try to apply the configuration I get the error
* aws_db_subnet_group.db_subnet: Error creating DB Subnet Group: DBSubnetGroupDoesNotCoverEnoughAZs: DB Subnet Group doesn't meet availability zone coverage requirement
. Please add subnets to cover at least 2 availability zones. Current coverage: 1
status code: 400, request id: 44e37b59-1db1-4519-847f-d35f5d150592
I have only one subnet. What is the problem? Should I created more subnets? Or make this intranet subnet to cover more zones?
698
One subnet can not span multiple-AZ. You should create multiple subnets and assign them to the subnet group that you are creating. This is to ensure HA. If you configure multi-AZ RDS DB instance and your primary database fails, RDS will ensure that your database is moved to a different AZ (with the same endpoint).
In case of subnet groups, AWS makes it mandatory that every subnet group should have subnets spread across multiple availability zones. More details can be found here.
Below is the relevant section from the AWS documentation.
Each DB subnet group should have subnets in at least two Availability Zones in a given region. When creating a DB instance in VPC, you must select a DB subnet group. Amazon RDS uses that DB subnet group and your preferred Availability Zone to select a subnet and an IP address within that subnet to associate with your DB instance. If the primary DB instance of a Multi-AZ deployment fails, Amazon RDS can promote the corresponding standby and subsequently create a new standby using an IP address of the subnet in one of the other Availability Zones
83
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
