white-secretary-18260
03/22/2021, 1:54 PMiamRoles
property I get an error saying:
DBClusterRoleNotFound: Role ARN arn:aws:iam::xxx:role/xxx-xxx cannot be found for DB Cluster: xxx. Verify your role ARN and try again. You might need to include the feature-name parameter.
if I use RoleAssociation
which has feature name I get an error like:
error associating RDS DB Instance (api-rds-cluster-dev) IAM Role (arn:aws:iam::xxx:role/xxx): DBInstanceNotFound: DBInstance not found: xxx
What’s a good working example of creating an RDS cluster with a role associated to it?* error associating RDS DB Instance (xxx) IAM Role (arn:aws:iam::xxx:role/xxx): InvalidDBInstanceState: The xxx DB instance is associated with a database cluster. Manage the arn:aws:iam::xxx:role/xxx IAM role from the cluster instead of from the DB instance.
little-cartoon-10569
03/22/2021, 8:05 PMwhite-secretary-18260
03/22/2021, 8:51 PMnew aws.rds.Cluster
input options only has a role input that takes an array of arns, I can not set the feature
for the role.salmon-ghost-86211
03/22/2021, 10:12 PM<http://rds.amazonaws.com|rds.amazonaws.com>
?
Or maybe this isn't a good error message indicating what is actually wrong since you can manually assign the role. This <https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBInstance.html>
says
InvalidDBInstanceState
The DB instance isn't in a valid state.
HTTP Status Code: 400
white-secretary-18260
03/22/2021, 10:36 PMYou might need to include the feature-name parameter.
part of the error and the fact that when adding it to the cluster (not instance) in the console it asks for a feature name that confuses me. There is no way to associate a role to an RDS cluster with a feature name. There is a way to include a feature name when associating a role to a DBInstance, but that fails (I was using the cluster name in the error I posted) because there is an error that says role can not be associated to DB Instance that belongs to a cluster.Trusted entities
The identity provider(s) <http://rds.amazonaws.com|rds.amazonaws.com>
little-cartoon-10569
03/25/2021, 7:50 PMbillowy-army-68599
03/25/2021, 7:51 PMwhite-secretary-18260
03/25/2021, 11:32 PMfunction build (environment: string, config: Config, roles: aws.iam.Role[]): {cluster: aws.rds.Cluster, instances: aws.rds.ClusterInstance[]} {
// API RDS AURORA POSTGRESQL DATABASE
const database: string = config.require('database')
const password = config.requireSecret('password')
const username: string = config.require('apiUsername')
const name = `database-${environment}`
const databaseName = `database_${environment}`
const cluster = new aws.rds.Cluster(name, {
availabilityZones: AVAILABILITY_ZONES,
backupRetentionPeriod: BACKUP_RETENTION,
clusterIdentifier: name,
skipFinalSnapshot: true,
databaseName,
engine: ENGINE,
masterPassword: password,
masterUsername: username,
iamRoles: roles.map(r => r.arn),
preferredBackupWindow: BACKUP_WINDOW,
tags: {
Environment: environment,
Name: name
}
})
this code results in the following error:
* InvalidParameterValue: The feature-name parameter must be provided with the current operation for the Aurora (PostgreSQL) engine.
status code: 400, request id: c1ac5864-f2b9-48c3-a8c7-e2152f34f0c5
in the console there is a feature
value used to associate roles.billowy-army-68599
03/29/2021, 7:27 PMiamRoles
and use that insteadwhite-secretary-18260
03/29/2021, 7:33 PM* error associating RDS DB Instance (xxx) IAM Role (arn:aws:iam::xxx:role/xxx): InvalidDBInstanceState: The xxx DB instance is associated with a database cluster. Manage the arn:aws:iam::xxx:role/xxx IAM role from the cluster instead of from the DB instance.
billowy-army-68599
03/29/2021, 7:34 PMwhite-secretary-18260
03/29/2021, 7:41 PMbillowy-army-68599
04/05/2021, 4:35 PM