Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Can't configure an RDS without Private subnets in a VPC

See original GitHub issue

Via the AWS Management Console I created a VPC from scratch with two public subnets. Then I created a DB Instance in that VPC. Everything worked smoothly. When I replicated the same configuration in CDK I got the following error:

There are no ‘Private’ subnet groups in this VPC. Available types: Public

When I added two extra Private subnets (with natGateways=0) to the VPC, I got another error:

CommonVpc/CommonPrivateSubnetGroupSubnet2/DefaultRoute (CommonVpcCommonPrivateSubnetGroupSubnet2DefaultRoute30057064) Exactly one of [InstanceId, NetworkInterfaceId, EgressOnlyInternetGatewayId, VpcPeeringConnectionId, GatewayId, TransitGatewayId, NatGatewayId] must be specified and not empty

Reproduction Steps

    const vpc = new Vpc(this, 'CommonVpc', {
      enableDnsSupport: true,
      natGateways: 0,
      cidr: '10.0.0.0/16',
      maxAzs: 2,
      subnetConfiguration: [
        {
          cidrMask: 19,
          name: 'CommonPublicSubnetGroup',
          subnetType: SubnetType.PUBLIC,
        },
        // {
        //   cidrMask: 19,
        //   name: 'CommonPrivateSubnetGroup',
        //   subnetType: SubnetType.PRIVATE,
        // },
      ]
    });

    const dbInstance = new DatabaseInstance(this, 'DbInstance', {
      engine: DatabaseInstanceEngine.MYSQL,
      masterUsername: 'root',
      databaseName: 'RootDb',
      instanceClass: InstanceType.of(InstanceClass.T2, InstanceSize.MICRO),
      vpc,
      allocatedStorage: 10,
      vpcPlacement: {
        subnetType: SubnetType.PUBLIC,
      },
    });

Environment

CLI Version : 1.14.0
Framework Version: 1.14.0
OS : Windows 10
Language : TS

This is 🐛 Bug Report

Issue Analytics

State:
Created 4 years ago
Comments:8 (4 by maintainers)

Top GitHub Comments

1reaction

rix0rrrcommented, Nov 8, 2019

If you want to connect to your RDS instance from your PC it will need to be routable from the internet.

That means it is itself in a public subnet with a public IP address, or it has a publicly routable computer in front of it (typically a load balancer in the form of an ALB with a TCP connection or an NLB).

0reactions

nikita-sheremet-clearscalecommented, Aug 21, 2021

vpcSubnets selector must be provided to fix the error There are no 'Private' subnet groups in this VPC. Available types: Public like that (java):

import software.amazon.awscdk.core.RemovalPolicy;
import software.amazon.awscdk.core.SecretValue;
import software.amazon.awscdk.services.ec2.InstanceClass;
import software.amazon.awscdk.services.ec2.InstanceSize;
import software.amazon.awscdk.services.ec2.InstanceType;
import software.amazon.awscdk.services.ec2.SubnetSelection;
import software.amazon.awscdk.services.ec2.SubnetType;
import software.amazon.awscdk.services.ec2.Vpc;
import software.amazon.awscdk.services.ec2.VpcLookupOptions;
import software.amazon.awscdk.services.rds.AuroraPostgresClusterEngineProps;
import software.amazon.awscdk.services.rds.AuroraPostgresEngineVersion;
import software.amazon.awscdk.services.rds.Credentials;
import software.amazon.awscdk.services.rds.DatabaseCluster;
import software.amazon.awscdk.services.rds.DatabaseClusterEngine;
import software.amazon.awscdk.services.rds.DatabaseClusterProps;
import software.amazon.awscdk.services.rds.InstanceProps;

class Scratch {
  public static void main(String[] args) {
    var cluster = new DatabaseCluster(this, "PostgresDb",
        DatabaseClusterProps.builder()
            .clusterIdentifier("aurora-postgresql-cluster")
            .instanceIdentifierBase("aurora-postgresql-cluster")
            .engine(DatabaseClusterEngine.auroraPostgres(
                AuroraPostgresClusterEngineProps.builder()
                    .version(
                        AuroraPostgresEngineVersion.VER_12_4
                    )
                    .build()))
            .removalPolicy(RemovalPolicy.DESTROY)
            .deletionProtection(false)
//            .credentials(Credentials.fromSecret(databaseSecret))
            .credentials(Credentials.fromPassword("somename", SecretValue.plainText("password")))
            .instanceIdentifierBase("aurora-postgresql-instance")

            .instanceProps(
                InstanceProps.builder()
                    .instanceType(
                        InstanceType.of(InstanceClass.MEMORY4, InstanceSize.LARGE)
                    )
                    .vpc(Vpc.fromLookup(this, "DefaultVpc", VpcLookupOptions.builder().isDefault(true).build()))
                    .vpcSubnets(SubnetSelection.builder().subnetType(SubnetType.PUBLIC).build()) // <- here fixed the error
                    .publiclyAccessible(true)
                    .build())
            .build()
    );
  }
}