This message was deleted.

What I'm trying to do:

import * as pulumi from '@pulumi/pulumi';
import * as mysql from '@pulumi/mysql';
import * as aws from '@pulumi/aws';
import { vpc, sg, pulumiTags } from './vpc';

const config = new pulumi.Config();
const mysqlUser = config.require('mysqlUsername');
const mysqlPassword = config.requireSecret('mysqlPassword');
const instanceClass = config.requireSecret('mysqlInstanceClass');

const subnetGroup = new aws.rds.SubnetGroup('magento2-subnet', {
  subnetIds: vpc.privateSubnetIds.then(),
});
const currentRegion = pulumi.output(aws.getRegion());

const defaultCluster = new aws.rds.Cluster('default', {
  availabilityZones: [
    pulumi.interpolate`${currentRegion.name}a`,
    pulumi.interpolate`${currentRegion.name}b`,
  ],
  backupRetentionPeriod: 5,
  clusterIdentifier: 'aurora-cluster-demo',
  masterUsername: mysqlUser,
  masterPassword: mysqlPassword,
  preferredBackupWindow: '07:00-09:00',
  deletionProtection: false,
  vpcSecurityGroupIds: [sg.id],
  dbSubnetGroupName: subnetGroup.name,
  tags: pulumiTags,
});

const instance = new aws.rds.ClusterInstance(`cluster_instances-1`, {
  clusterIdentifier: defaultCluster.id,
  identifier: `aurora-cluster-demo-1`,
  instanceClass,
  publiclyAccessible: true,
  tags: pulumiTags,
});

const mysqlProvider = new mysql.Provider('mysql', {
  endpoint: defaultCluster.endpoint,
  username: defaultCluster.masterUsername,
  password: defaultCluster.masterPassword.apply((p) => p!.toString()),
});

const database = new mysql.Database(
  'magento2-db',
  {
    name: 'MAGENTO',
  },
  {
    provider: mysqlProvider,
  },
);

const user = new mysql.User(
  'magento2',
  {
    user: 'magento2',
    host: '%',
    plaintextPassword: 'magento2-secret',
  },
  {
    provider: mysqlProvider,
  },
);

new mysql.Grant(
  'magento2',
  {
    user: user.user,
    host: user.host.apply((h) => h!.toString()),
    database: database.name,
    privileges: ['SELECT', 'UPDATE'],
  },
  {
    provider: mysqlProvider,
  },
);

This should be possible as far as I know. Are you getting an error?

@gentle-diamond-70147 this one:

mysql:index:Database (magento2-db):
    error: Could not connect to server: dial tcp 15.236.150.22:3306: connect: operation timed out

That seems like a network connectivity error. Wherever your Pulumi application is running from will need to have appropriate network access (routes and open security group rules) to connect to the database directly. It's possible the RDS database just took too long to provision and Pulumi gave up trying or you need to open up security group rules so that the Pulumi client can connect to it.

Thanks. I created the cluster before adding that so it's definitely up. I also have this:

awsx.ec2.SecurityGroupRule.ingress(
  'ingress-access',
  sg,
  new awsx.ec2.AnyIPv4Location(),
  new awsx.ec2.AllTcpPorts(),
  'allow all ports',
);

but I'm not sure on the routing. I will check if I can find that out. Thank you!