Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Issue with creating a Postgres RDS in Cloudformation Template

Tags:

postgresql

amazon-web-services

amazon-cloudformation

I have the following YML in my cloud formation template:

MyDB:
  Type: "AWS::RDS::DBInstance"
  Properties:
    DBInstanceIdentifier: !Ref DBInstanceName
    DBName: !Ref DBName
    AllocatedStorage: "100"
    DBInstanceClass: !Ref DBInstanceType
    Engine: "postgres"
    EngineVersion: "9.6.2"
    MasterUsername: !Ref DBUsername
    MasterUserPassword: !Ref DBPassword
    PubliclyAccessible: false
    StorageType: standard
    VPCSecurityGroups:
      - !Ref PrivateAccess
    MultiAZ: true
  DeletionPolicy: "Snapshot"

It is failing due to "The DB instance and EC2 security group are in different VPCs. The DB instance is in vpc-7c99881b and the EC2 security group is in vpc-34ef9c4d"

I tried adding a DBSecurityGroup

DbSecurityByEC2SecurityGroup:
  Type: "AWS::RDS::DBSecurityGroup"
  Properties:
  GroupDescription: "Ingress for Amazon EC2 security group"
  DBSecurityGroupIngress:
    - EC2SecurityGroupId: !Ref PrivateAccess

and changed the MyDB:

      DBSecurityGroups:
    - !Ref DbSecurityByEC2SecurityGroup

but it now says "EC2 security group sg-7debfb0c is in a different VPC vpc-34ef9c4d. It cannot be authorized to RDS DBSecurityGroup dbsecuritybyec2securitygroup-1whvh0xi93cke for VPC vpc-7c99881b."

vpc-34ef9c4d is the vpc i am wanting this RDS in, how do I specify which VPC the DB should be located in?

Updated Template:

MyDB:
  Type: "AWS::RDS::DBInstance"
  Properties:
    DBInstanceIdentifier: !Ref DBInstanceName
    DBName: !Ref DBName
    AllocatedStorage: "100"
    DBInstanceClass: !Ref DBInstanceType
    Engine: "postgres"
    EngineVersion: "9.6.2"
    MasterUsername: !Ref DBUsername
    MasterUserPassword: !Ref DBPassword
    PubliclyAccessible: false
    DBSubnetGroupName: !Ref myDBSubnetGroup
    StorageType: standard
    VPCSecurityGroups:
      - !Ref PrivateAccess
    MultiAZ: true
  DeletionPolicy: "Snapshot"

myDBSubnetGroup:
  Type: "AWS::RDS::DBSubnetGroup"
  Properties:
    DBSubnetGroupDescription: "description"
    SubnetIds:
      - !Ref PrivateSubnet
like image 868
jaekie Avatar asked Aug 01 '17 18:08

jaekie

1 Answers

Use DBSubnetGroupName (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsubnetgroupname). That determines the VPC. If nothing is specified, RDS is created in the default vpc

like image 151
krishna_mee2004 Avatar answered Sep 30 '22 14:09

krishna_mee2004
Sign in to Comment

Related questions

How to create a postgres column with a default timestamp value of epoch?
PHP Connect to PostgreSQL using ssh2_tunnel
How to create a Postgres table with unique combined primary key?
How to save a hash or json string into a jsonb field
PostgreSQL update JSONB column with value from another column
What are differences between SQL queries?
Sequelize upsert() never updates and only inserts
Postgres 'if not exists' fails because the sequence exists
How to partition Spark RDD when importing Postgres using JDBC?
PostgreSQL JDBC Error Code Enumeration
How to fix "Error: the locale requested by the environment is invalid" during postgresql cluster upgrade (pg_upgradecluster)
mix deps.get fails (dependency issue)
error inserting values to db with psycopg2 module
Retrieve data in chunks in postgresql
Django fails to find psycopg2 module
Using PostgreSQL, how do I escape "\" in json columns?
array_agg with distinct works in postgres 9.4 but not in postgres 9.6
how to call PostgreSQL function with parameter using node JS?
How can I continue a transaction in Spring Boot with PostgreSQL after an Exception occured?
Postgres CREATEROLE limit to specific db

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!