Second Task : Unable to create db instance using db security group

[srinivle]

2. Create db instance using db security group

Unable to create db instance using db security group parameter . Below is the output log:

aws rds create-db-instance --db-name mydb1 --db-instance-identifier mydb1 --allocated-storage 20 --db-instance-class db.t2.micro --engine mysql --master-username mydb --master-user-password Srinivas881985 --availability-zone us-east-1a --backup-retention-period 0 --db-security-groups mydbsecuritygroup --db-subnet-group-name dbsubnet --port 3306

An error occurred (InvalidParameterCombination) when calling the CreateDBInstance operation: DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17.

However, with VPC security group id, we are able to create the db instance....

[srinivle]

hello srinivle please check once security-groups and DB subnet-group are in the same vpc or not?

Yes. They are in the same VPC only...

Here it is::: "DBSubnetGroup": { "DBSubnetGroupName": "dbsubnet", "DBSubnetGroupDescription": "This is a DataBase Subnet", "VpcId": "vpc-0054c8493b7a85ad4", "SubnetGroupStatus": "Complete", "Subnets": [ { "SubnetIdentifier": "subnet-0e596165ae4ff90dc", "SubnetAvailabilityZone": { "Name": "us-east-1b" }, "SubnetStatus": "Active" }, { "SubnetIdentifier": "subnet-0442ab17f3ef0421a", "SubnetAvailabilityZone": { "Name": "us-east-1a" }, "SubnetStatus": "Active" } ] },

[srinivle]

Create read replica is also failing ....

PS C:\Users\Leela\Downloads\AzureRM> aws rds create-db-instance-read-replica --db-instance-identifier mydb2 --source-db-instance-identifier mydb1

An error occurred (InvalidDBInstanceState) when calling the CreateDBInstanceReadReplica operation: Automated backups are not enabled for this database instance. To enable automated backups, use ModifyDBInstance to set the backup retention period to a non-zero value.

Still Searching over internet..... !

[srinivle]

Create Read Replica and Promote read replica both are not working ..... still working and searching on Internet.... but no gain....

[srinivle]

1. Create db instance using db security group

Unable to create db instance using db security group parameter . Below is the output log:

aws rds create-db-instance --db-name mydb1 --db-instance-identifier mydb1 --allocated-storage 20 --db-instance-class db.t2.micro --engine mysql --master-username mydb --master-user-password Srinivas881985 --availability-zone us-east-1a --backup-retention-period 0 --db-security-groups mydbsecuritygroup --db-subnet-group-name dbsubnet --port 3306

An error occurred (InvalidParameterCombination) when calling the CreateDBInstance operation: DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17.

However, with VPC security group id, we are able to create the db instance....

PS C:\Users\Leela\Downloads\AzureRM> aws rds create-db-instance --db-name mydb --db-instance-identifier mydb --allocated-storage 20 --db-instance-class db.t2.micro --engine mysql --master-username mydb --master-user-password Srinivas881985 --backup-retention-period 0 --db-security-groups rdsdbsecuritygroup --db-subnet-group-name rdssubnetgroup --port 3306 --multi-az

An error occurred (InvalidParameterCombination) when calling the CreateDBInstance operation: DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17.

As per the above error message, it looks like after the time period of "API versions 2012-01-15 through 2012-09-17" , there is a significant changes has happened and we only need to use VPC security groups to create RDS instances because it clearly states that 'DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17'. Hence we need to use VPC security groups when creating the RDS instances....

[srinivle]

aws rds create-db-instance --db-name mydb --db-instance-identifier mydb --allocated-storage 20 --db-instance-class db.t2.micro --engine mysql --master-username mydb --master-user-password Srinivas881985 --backup-retention-period 0 --vpc-security-group-ids sg-0418b8daa0c803488 --db-subnet-group-name rdssubnetgroup --port 3306 --multi-az { "DBInstance": { "DBInstanceIdentifier": "mydb", "DBInstanceClass": "db.t2.micro", "Engine": "mysql", "DBInstanceStatus": "creating", "MasterUsername": "mydb", "DBName": "mydb", "AllocatedStorage": 20, "PreferredBackupWindow": "09:26-09:56", "BackupRetentionPeriod": 0, "DBSecurityGroups": [], "VpcSecurityGroups": [ { "VpcSecurityGroupId": "sg-0418b8daa0c803488", "Status": "active" } ], "DBParameterGroups": [ { "DBParameterGroupName": "default.mysql5.7", "ParameterApplyStatus": "in-sync" } ], "DBSubnetGroup": { "DBSubnetGroupName": "rdssubnetgroup", "DBSubnetGroupDescription": "This is a RDS Subnet Group", "VpcId": "vpc-0054c8493b7a85ad4", "SubnetGroupStatus": "Complete", "Subnets": [ { "SubnetIdentifier": "subnet-0e596165ae4ff90dc", "SubnetAvailabilityZone": { "Name": "us-east-1b" }, "SubnetStatus": "Active" }, { "SubnetIdentifier": "subnet-0442ab17f3ef0421a", "SubnetAvailabilityZone": { "Name": "us-east-1a" }, "SubnetStatus": "Active" } ] }, "PreferredMaintenanceWindow": "sat:04:41-sat:05:11", "PendingModifiedValues": { "MasterUserPassword": "****" }, "MultiAZ": true, "EngineVersion": "5.7.22", "AutoMinorVersionUpgrade": true, "ReadReplicaDBInstanceIdentifiers": [], "LicenseModel": "general-public-license", "OptionGroupMemberships": [ { "OptionGroupName": "default:mysql-5-7", "Status": "in-sync" } ], "PubliclyAccessible": false, "StorageType": "gp2", "DbInstancePort": 0, "StorageEncrypted": false, "DbiResourceId": "db-DMN2IIQHGCZ4HIU3GP2A35C7MA", "CACertificateIdentifier": "rds-ca-2015", "DomainMemberships": [], "CopyTagsToSnapshot": false, "MonitoringInterval": 0, "DBInstanceArn": "arn:aws:rds:us-east-1:713051151333:db:mydb", "IAMDatabaseAuthenticationEnabled": false, "PerformanceInsightsEnabled": false, "DeletionProtection": false, "AssociatedRoles": [] } } PS C:\Users\Leela\Downloads\AzureRM>

[srinivle]

Successfully completed the below tasks after a thorough brain storming & thorough research over internet:

1. Create db instance using vpc security groups - Completed
2. create db instance using db security group - Except this one
3. create db with multi az - Completed
4. create a read replica from (2 or 1) - Completed
5. promote read replica - Completed

PFA file with the output logs ....

AWS_RDS_Creation.txt

[srinivle]

In order to create a read replica from any source instance, the source rds instance must and should have the '--backup-retention-period = 1' created accordingly. Then only, the read replica will create a replicated RDS DB instance running MySQL, MariaDB, Oracle, or PostgreSQL. However, Amazon Aurora doesn't support this action. You must create a new DB instance action for an Aurora DB cluster.

[ghost]

hi srinivas (your issue is db instance is not creating using db-security group , but creating with vpc-security-group ) please check supported platforms whether VPC OR EC2 , VPC if the supported platform is VPC we cant create using db-security-group , but we can create with vpc-security-group or EC2 , VPC we can create with both

[srinivle]

hi srinivas (your issue is db instance is not creating using db-security group , but creating with vpc-security-group ) please check supported platforms whether VPC OR EC2 , VPC if the supported platform is VPC we cant create using db-security-group , but we can create with vpc-security-group or EC2 , VPC we can create with both

Hi Sir,

Perfect. You are absolutely right, which is why I am able to create using VPC group id and not with database security group. Here it is from my end:

[ghost]

ok srinivas please close the issue

[srinivle]

ok srinivas please close the issue

Naresh garu, you are awesome and fantabulous sir .... Thank you very much for all your help, support and efforts and time and co-operation.