How do you specify from the AWS CLI/API what VPC an RDS Snapshot is restored to?

Question

I have 2 VPCs, one default and one for my DBs. If I run this command:

aws rds restore-db-instance-from-db-snapshot --db-instance-identifier test --db-snapshot-identifier db-arn --vpc-security-group-ids "foo"

It will produce the error below:

An error occurred (InvalidParameterCombination) when calling the RestoreDBInstanceFromDBSnapshot operation: The DB instance and EC2 security group are in different VPCs. The DB instance is in vpc-a and the EC2 security group is in b

Looking at the docs here it outlines

For the CLI and API, you specify the VPC security group IDs.

So how do you actually specify in the API/CLI what VPC to create the DB in? In my scenario, it always attempts to create in the default VPC.

Answer 1

According to the following AWS documention here, you should be able to use --db-subnet-group-name parameter to specify the VPC that the restored RDS instance should be created in.

aws rds restore-db-instance-from-db-snapshot \
  --db-instance-identifier test \
  --db-snapshot-identifier db-arn \
  --db-subnet-group-name my-vpc-subnet-group \
  --vpc-security-group-ids sg-1234567890

Replacing the values withy our own.