问题
I have this code below to create a RDS instance in aws:
import boto.rds
REGION="us-east-1"
INSTANCE_TYPE="db.t1.micro"
ID = "MySQL-db-instance-database-test2"
USERNAME="root"
PASSWORD = "pass"
DB_PORT = 3306
DB_SIZE = 5
DB_ENGINE = "MySQL5.1"
DB_NAME = "databasetest2"
SECGROUP_HANDLE="default"
print "Connecting to RDS"
conn = boto.rds.connect_to_region(REGION)
print "Creating a RDS Instance"
instance = conn.create_dbinstance(ID, DB_SIZE, INSTANCE_TYPE, USERNAME, PASSWORD, port=DB_PORT, engine=DB_ENGINE,db_name=DB_NAME, security_groups = [SECGROUP_HANDLE],)
print instance
But I am having always this error related to security groups:
DB Security Groups can only be associated with VPC DB Instances using API versions 2012-01-15 through 2012-09-17.
Can anyone please help solve this issue?
If I use vpc_security_groups instead of security_groups Im having:
<Message>Invalid security group , groupId= f, u, d, t, e, a, l, groupName=.</Message>
回答1:
RDS instances in VPCs can not be members of RDS security groups. Instead, a RDS within a VPC should be in a VPC security group. In boto, use the vpc_security_groups parameter (with the VPC security group ID as its value) rather the security_groups parameter. See also the boto RDS docs for create_dbinstance().
回答2:
Boto is migrating RDSConnection from version 1 to version 2. You can check this -
Earlier we could have got all the db_instances using get_all_dbinstances()but now we can only fetch using describe_db_instances().
Try using vpc_security_group().
The official doc for new version of RDS, i.e. RDS2 is here.
回答3:
this may work. I'm not getting the error with my script but my client is. I'm guessing it's because I have a default VPC security group, which AWS is silently using, and he does not.
boto.rds.RDSConnection.APIVersion = '2012-09-17'
the idea being that, since this API is within (at the end of) the specified range, the error will not apply.
I got the idea from https://github.com/boto/boto/issues/2923
来源:https://stackoverflow.com/questions/29434025/db-security-groups-can-only-be-associated-with-vpc-db-instances-using-api-versio