Reputation: 1026
Terraform InvalidParameterCombination: DB Security Groups can only be associated with VPC DB Instances
I am trying to provision RDS instance using terraform template and my template looks like this
template.tf
resource "aws_security_group" "web-server-security"{
name = "webserver-sg"
description = "webserver security group"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
tags{
Name = "web-server-sg"
}
resource "aws_security_group" "db-server-sg" {
name = "db-server"
description = "dbserver security group"
ingress {
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups = ["${aws_security_group.web-server-security.id}"]
}
tags{
Name = "db-server-sg"
}
}
resource "aws_db_instance" "echomany_db" {
name = "echomanydb"
engine = "mysql"
engine_version = "5.7"
storage_type = "gp2"
allocated_storage = 20
instance_class = "db.t2.micro"
username = "${var.AWS_DB_USERNAME}"
password = "${var.AWS_DB_PASSWORD}"
parameter_group_name = "default.mysql5.7"
skip_final_snapshot = true
security_group_names = [
"${aws_security_group.db-server-sg.id}"
]
tags{
Name = "db-server"
}
}
However i get this following error:
1 error(s) occurred: * aws_db_instance.echomany_db: 1 error(s) occurred:
- aws_db_instance.echomany_db: Error creating DB Instance: InvalidParameterCombination: DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17. status code: 400, request id: a19ea8ea-8ea0-46e4-97c6-b946419df9a3
i dont know whats the problem and how to fix this issue.
Upvotes: 3
Views: 2829
Answers (3)
Reputation: 11
you can use vpc_security_groups_ids = [ ] instead of security_group_names because it can only be used while using ec2-classic mode
example:
vpc_security_group_ids=["${aws_security_group.rds.id}"]
Upvotes: 0
Reputation: 99
Parameter named
security_group_names = [
"${aws_security_group.db-server-sg.id}"
]
can only be used while using ec2-classic mode or outside VPC. Use vpc_security_group_ids instead.
Upvotes: 1
Reputation: 1478
As mentioned by the documentation vpc_security_group_ids should be used instead of security_group_names which is a deprecated argument.
Upvotes: 5
Related Questions
- terraform the db instance and ec2 security group are in different vpcs
- AWS Security Group not in VPC error with Terraform
- vpc_id argument is not expected here
- Cycle error when trying to create AWS VPC security groups using Terraform
- InvalidParameterCombination: The DB instance and EC2 security group are in different VPCs
- Issue while adding AWS Security Group via Terraform
- Error: "network_interface": conflicts with vpc_security_group_ids
- Security group does not appear to belong to the same VPC as the input subnets
- Unable to create AWS security group via Terraform
- Terraform throws "groupName cannot be used with the parameter subnet" or "VPC security groups may not be used for a non-VPC launch"