I'm trying to create an RDS instance in a non-default Security Group using REST API call. Just before the call, I've crated a custom DB Subnet Group with two subnets in two different AZ linked with the given VPC. The call succeeds but the created DB Instance is placed in the default VPC and the default Security Group. I don't understand why it's not placed into the given Security Group.
This is how I created the VPC, both subnets, security group, DB Subnet Group and the instance (all calls succeeded with no particular error):
https://ec2.ap-southeast-1.amazonaws.com?Action=CreateVpc&CidrBlock=172.31.0.0%2F16&Version=2016-11-15
https://ec2.ap-southeast-1.amazonaws.com?Action=CreateSubnet&AvailabilityZoneId=apse1-az1&CidrBlock=172.31.0.0%2F20&Version=2016-11-15&VpcId=vpc-09b39cdff293eaf1e
https://ec2.ap-southeast-1.amazonaws.com?Action=CreateSubnet&AvailabilityZoneId=apse1-az2&CidrBlock=172.31.20.0%2F20&Version=2016-11-15&VpcId=vpc-09b39cdff293eaf1e
https://rds.ap-southeast-1.amazonaws.com?Action=CreateDBSubnetGroup&DBSubnetGroupDescription=aosdb&DBSubnetGroupName=aos-db-group&SubnetIds.SubnetId
https://ec2.ap-southeast-1.amazonaws.com?Action=CreateSecurityGroup&GroupDescription=AOS_DB_TEST&GroupName=AOS_DB_TEST&Version=2016-11-15&VpcId=vpc-09b39cdff293eaf1e
https://rds.ap-southeast-1.amazonaws.com?Action=CreateDBInstance&AllocatedStorage=15&DBInstanceClass=db.t3.micro&DBInstanceIdentifier=aosDB8e5bb76e&DBSubnetGroupName=aos-db-group&Engine=postgres&EngineVersion=9.6.19&MasterUserPassword=Cloud_123&MasterUsername=postgres&VpcSecurityGroupIds.VpcSecurityGroupId.1=sg-0bd786e045265263f
Any idea what I'm doing wrong? I tried to do the last step (CreateDBInstance) in AWS CLI and the DB was created in my custom SG and VPC with no issues. Thanks, Petr
