DB Subnet Group doesn't meet availability zone coverage requirement. Please add subnets to cover at least 2 availability zones. Current coverage: 1

Asked 20/9, 2020 at 2:10 Answered 28/7 at 14:16

Solved amazon-web-services terraform amazon-rds

I have created two subnets for rds but still, I am getting error DB Subnet Group doesn't meet the availability zone coverage requirement. Please add subnets to cover at least 2 availability zones. Current coverage: 1, As I can check my both subnets, even all of my subnets are getting created in the same availability zone. Can you Please guide me

resource "aws_db_subnet_group" "rdssubnet" {
  name       = "database subnet"
  subnet_ids = ["${aws_subnet.rds_subnet.id}","${aws_subnet.rds_subnet1.id}"]
}


#provision the database
resource "aws_db_instance" "database" {
  identifier             = "database"
  instance_class         = var.db_instance_type
  allocated_storage      = var.db_size
  engine                 = "mysql"
  multi_az               =  false
  name                   = "Database "
  password               = var.rds_password
  username               = var.rds_user
  engine_version         = "5.7.00"
  skip_final_snapshot    = true
  db_subnet_group_name   = aws_db_subnet_group.rdssubnet.name
  vpc_security_group_ids = [aws_security_group.rds.id]

Dacey answered 20/9, 2020 at 2:10 Comment(0)

When you create your aws_subnet, you have to specify AZs where to place them. There is a special attribute for that called availability_zone. For example:

resource "aws_subnet" "rds_subnet" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"
}

resource "aws_subnet" "rds_subnet1" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.2.0/24"
  availability_zone = "us-east-1b"
}

Wycoff answered 20/9, 2020 at 3:22 Comment(4)

Region thank you for your response but region is variable in my script and is passed at run time so its not possible to hardcore availability zone in code. is there any other way. – Dacey 20/9, 2020 at 5:43

@AnkitSingh Hi. You can automatically get the AZs using aws_availability_zones. – Wycoff 20/9, 2020 at 5:49

I don't understand why multi_az can be false but this requirement still obtains? it seems like github.com/terraform-community-modules/tf_aws_vpc/pull/58 and the vpc module's single_nat_gateway flag would imply that we should be able to have non-HA rds instances in a single AZ... – Dramamine 10/1, 2022 at 18:14

@Wycoff also, " You can set up Amazon RDS in a Single-AZ database (DB) instance or a Multi-AZ DB instance for high availability requirements." aws.amazon.com/blogs/database/… – Dramamine 10/1, 2022 at 18:20

Basically this means you have to create at least two subnets with different availability zones to proceed with subnet_group.

So I created two subnets -

variables.tf -

variable "private_subnet_cidr_blocks" {
  type        = list(string)
  default     = ["10.0.65.0/28", "10.0.66.0/28"]
  description = "CIDR blocks for private subnets"
}

variable "availability_zones" {
  type        = list(string)
  default     = ["ap-southeast-1a", "ap-southeast-1b"]
  description = "A list of availability zones where resources will be deployed"
}

vpc.tf -

resource "aws_subnet" "private_subnets" {
  count                   = length(var.private_subnet_cidr_blocks)
  vpc_id                  = aws_vpc.vpc.id
  cidr_block              = var.private_subnet_cidr_blocks[count.index]
  availability_zone       = element(var.availability_zones, count.index)
  map_public_ip_on_launch = false
}

Finally in rds.tf -

resource "aws_db_subnet_group" "db_subnet_group" {
  name       = local.db_sub_grp
  subnet_ids = aws_subnet.private_subnets[*].id
}

resource "aws_db_instance" "db_instance" {
  allocated_storage      = var.rds_storage
  storage_type           = var.rds_storage_type
  engine                 = "postgres"
  engine_version         = "15"
  instance_class         = var.rds_instance_class
  identifier             = local.db_name
  username               = var.db_uname
  password               = var.db_pass
  multi_az               = false
  publicly_accessible    = false
  skip_final_snapshot    = true
  parameter_group_name   = "default.postgres15"
  vpc_security_group_ids = [aws_security_group.db_security_group.id]
  db_subnet_group_name   = aws_db_subnet_group.db_subnet_group.name

  lifecycle {
    prevent_destroy = false # true for prod
  }
}

Hope this helps someone.

Illstarred answered 28/7 at 14:16 Comment(0)

Recommended topics

Hot tags