我一直在尝试使用terraform创建RDS实例。最奇怪的是,要解决这个问题,我只需要用AWS控制台把实例类改成其他类,比如从db.t2.small改成db.t2.micro,然后它就突然开始工作了。
resource "aws_db_subnet_group" "dbSubnetGroup" {
name = "${var.prefix}-db-subnet-group"
subnet_ids = concat(aws_subnet.publicSubnet.*.id, aws_subnet.privateSubnet.*.id)
tags = var.defaultTags
}
resource "aws_security_group" "rdsSecurityGroup" {
name = "${var.prefix}-rds-sg"
vpc_id = aws_vpc.vpc.id
ingress {
from_port = 1433
to_port = 1433
protocol = "tcp"
security_groups = [aws_eks_cluster.eksCluster.vpc_config[0].cluster_security_group_id]
}
ingress {
from_port = 1433
to_port = 1433
protocol = "tcp"
cidr_blocks = [var.myIP]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
tags = var.defaultTags
}
resource "random_password" "rdsPassword" {
length = 32
special = true
override_special = "!#$%&*()-_=+[]{}<>:?"
}
resource "aws_db_instance" "dbInstance" {
allocated_storage = 20
storage_type = "gp2"
engine = var.dbInstanceEngine
license_model = "license-included"
instance_class = var.dbInstanceType
identifier = "${var.prefix}-db-instance"
username = var.dbUserName
password = random_password.rdsPassword.result
tags = var.defaultTags
db_subnet_group_name = aws_db_subnet_group.dbSubnetGroup.name
vpc_security_group_ids = [aws_security_group.rdsSecurityGroup.id]
skip_final_snapshot = true
allow_major_version_upgrade = true
copy_tags_to_snapshot = true
performance_insights_enabled = true
max_allocated_storage = 1000
enabled_cloudwatch_logs_exports = ["error"]
publicly_accessible = true
}
是我做错了什么,还是AWS提供者的错误?
如果想让RDS可连接,DB子网组必须在公共子网中才行