数据库实例和EC2安全组位于不同的VPC中,cloudFormation错误

时间:2019-08-16 11:36:32

标签: amazon-web-services amazon-ec2 amazon-cloudformation amazon-vpc amazon-rds-aurora

我想自动化创建RDS的过程。我想创建RDS Aurora。
部署应用程序时,堆栈cloudFormation已通过验证,并且出现错误:

  

发生错误:DatabaseCluster-数据库实例和EC2安全组位于不同的VPC中。

你能说出什么问题吗?

我关注了这篇帖子Issue with creating a Postgres RDS in Cloudformation Template,但这是行不通的。

这是我的serverless.yml文件的一部分

resources:
  Resources:
    DatabaseCluster:
      Type: AWS::RDS::DBCluster
      Properties:
        DatabaseName: name${opt:stage, self:provider.stage}
        Engine: aurora
        MasterUsername: ${ssm:MasterUsername-${opt:stage, self:provider.stage}}
        MasterUserPassword: ${ssm:MasterUserPassword-${opt:stage, self:provider.stage}}
        Port: "3306"
        VpcSecurityGroupIds:
          - !Ref VpcSecurityGroup

    ServerlessRDS:
      Type: AWS::RDS::DBInstance
      Properties:
        Engine: aurora
        DBClusterIdentifier: !Ref "DatabaseCluster"
        DBInstanceIdentifier: db-name-${opt:stage, self:provider.stage}
        DBInstanceClass: db.t2.medium
        VPCSecurityGroups:
          - !Ref VpcSecurityGroup
        DBSubnetGroupName: !Ref myDBSubnetGroup


    VpcSecurityGroup:
      Type: AWS::EC2::SecurityGroup
      Properties:
        VpcId:
          Ref: ServerlessVPC
        GroupDescription: "Allow all traffic"
        SecurityGroupEgress:
          - IpProtocol: -1
            CidrIp: 0.0.0.0/0
        SecurityGroupIngress:
          - IpProtocol: -1
            CidrIp: 0.0.0.0/0

    ServerlessVPC:
      Type: AWS::EC2::VPC
      Properties:
        CidrBlock: "10.0.0.0/16"

    myDBSubnetGroup:
      Type: "AWS::RDS::DBSubnetGroup"
      Properties:
        DBSubnetGroupDescription: "description"
        SubnetIds:
          - !Ref ServerlessSubnetA
          - !Ref ServerlessSubnetB
    ServerlessSubnetA:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId:
          Ref: ServerlessVPC
        AvailabilityZone: "eu-west-1b"
        CidrBlock: "10.0.0.0/24"
    ServerlessSubnetB:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId:
          Ref: ServerlessVPC
        AvailabilityZone: "eu-west-1a"
        CidrBlock: "10.0.1.0/24"

1 个答案:

答案 0 :(得分:0)

您需要向any_of资源添加DBSubnetGroupName参数。

AWS::RDS::DBCluster

另外,您可能希望在DatabaseCluster: Type: AWS::RDS::DBCluster Properties: DatabaseName: name${opt:stage, self:provider.stage} Engine: aurora MasterUsername: ${ssm:MasterUsername-${opt:stage, self:provider.stage}} MasterUserPassword: ${ssm:MasterUserPassword-${opt:stage, self:provider.stage}} Port: "3306" VpcSecurityGroupIds: - !Ref VpcSecurityGroup DBSubnetGroupName: Ref: myDBSubnetGroup 资源中的ServerlessSubnetAServerlessSubnetB上添加显式依赖关系,以通过服务创建组资源并避免任何竞争情况。

VpcSecurityGroup
相关问题
最新问题