个人中心
gpt4 book ai didi

amazon-web-services - 数据库实例和EC2安全组位于不同的VPC,cloudFormation错误

转载 作者:行者123 更新时间:2023-12-03 14:16:52 28 4
gpt4 key购买 nike

我想自动化创建 RDS 的过程。我想创建 RDS Aurora。
部署应用程序时,堆栈 cloudFormation 已验证,但出现错误:

An error occurred: DatabaseCluster - The DB instance and EC2 security group are in different VPCs.

你能说一下哪里出了问题吗?

我关注了这篇文章Issue with creating a Postgres RDS in Cloudformation Template但这不起作用。

这是我的 serverless.yml 文件的一部分

resources:
  Resources:
    DatabaseCluster:
      Type: AWS::RDS::DBCluster
      Properties:
        DatabaseName: name${opt:stage, self:provider.stage}
        Engine: aurora
        MasterUsername: ${ssm:MasterUsername-${opt:stage, self:provider.stage}}
        MasterUserPassword: ${ssm:MasterUserPassword-${opt:stage, self:provider.stage}}
        Port: "3306"
        VpcSecurityGroupIds:
          - !Ref VpcSecurityGroup

    ServerlessRDS:
      Type: AWS::RDS::DBInstance
      Properties:
        Engine: aurora
        DBClusterIdentifier: !Ref "DatabaseCluster"
        DBInstanceIdentifier: db-name-${opt:stage, self:provider.stage}
        DBInstanceClass: db.t2.medium
        VPCSecurityGroups:
          - !Ref VpcSecurityGroup
        DBSubnetGroupName: !Ref myDBSubnetGroup


    VpcSecurityGroup:
      Type: AWS::EC2::SecurityGroup
      Properties:
        VpcId:
          Ref: ServerlessVPC
        GroupDescription: "Allow all traffic"
        SecurityGroupEgress:
          - IpProtocol: -1
            CidrIp: 0.0.0.0/0
        SecurityGroupIngress:
          - IpProtocol: -1
            CidrIp: 0.0.0.0/0

    ServerlessVPC:
      Type: AWS::EC2::VPC
      Properties:
        CidrBlock: "10.0.0.0/16"

    myDBSubnetGroup:
      Type: "AWS::RDS::DBSubnetGroup"
      Properties:
        DBSubnetGroupDescription: "description"
        SubnetIds:
          - !Ref ServerlessSubnetA
          - !Ref ServerlessSubnetB
    ServerlessSubnetA:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId:
          Ref: ServerlessVPC
        AvailabilityZone: "eu-west-1b"
        CidrBlock: "10.0.0.0/24"
    ServerlessSubnetB:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId:
          Ref: ServerlessVPC
        AvailabilityZone: "eu-west-1a"
        CidrBlock: "10.0.1.0/24"

最佳答案

您需要将 DBSubnetGroupName 参数添加到 AWS::RDS::DBCluster 资源。

DatabaseCluster:
  Type: AWS::RDS::DBCluster
  Properties:
    DatabaseName: name${opt:stage, self:provider.stage}
    Engine: aurora
    MasterUsername: ${ssm:MasterUsername-${opt:stage, self:provider.stage}}
    MasterUserPassword: ${ssm:MasterUserPassword-${opt:stage, self:provider.stage}}
    Port: "3306"
    VpcSecurityGroupIds:
      - !Ref VpcSecurityGroup
    DBSubnetGroupName:
      Ref: myDBSubnetGroup

此外,您可能希望在 VpcSecurityGroup 资源中添加对 ServerlessSubnetAServerlessSubnetB 的显式依赖项,以通过服务创建组资源类型并避免任何竞争条件。

VpcSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    DependsOn: 
    - ServerlessSubnetA
    - ServerlessSubnetB
    Properties:
      VpcId:
        Ref: ServerlessVPC
      GroupDescription: "Allow all traffic"
      SecurityGroupEgress:
        - IpProtocol: -1
          CidrIp: 0.0.0.0/0
      SecurityGroupIngress:
        - IpProtocol: -1
          CidrIp: 0.0.0.0/0

关于amazon-web-services - 数据库实例和EC2安全组位于不同的VPC,cloudFormation错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57523948/

28 4 0
文章推荐: javascript - React 的不可变元素创建和渲染机制不是效率极低吗?
文章推荐: .net - 是否可以用 "weak"引用替换对强名称程序集的引用?
文章推荐: javascript - 在 React Native 中创建阴影设计
文章推荐: visual-studio-code - 如何在 VSCode 中禁用 HTML 自动完成功能?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com