Hi,
I’m trying to create an encrypted RDS PostgreSQL cross-region replica between us-west-2 and us-west-1. The original instance in usw2 is encrypted. I keep getting the error below after a few days of troubleshooting and I’m wondering if I’m missing something:
Error: Error creating DB Instance: InvalidParameterCombination: Cannot create a cross region unencrypted read replica from encrypted source.
We use v0.14 and our config is split in directories for each region.
Here’s what the main.tf looks like for the replica in us-west-1:
module "rds_cluster_testrollback" {
source = "../../.."
admin_password = null
cluster = "dev-test-migration001"
database_name = "testmigration"
rds_subnet_group_name = var.database_subnet_group
vpc_id = var.vpc_id
domain = var.domain_name
zone_id = var.zone_id
storage_encrypted = true
aliases = ["dev-test001"]
storage_size = "100"
iops = "0"
storage_type = var.storage_type
follower_count = "0"
rds_apply_immediately = var.apply_immediately
rds_engine_version = var.rds_engine_version
rds_parameter_group = var.rds_parameter_group_name
backup_retention_period = null
skip_final_snapshot = true
replicate_from = "arn:aws:rds:us-west-2:****"
kms_key_id = "arn:aws:kms:us-west-1:****"
leader_instance_type = "db.t4g.small"
}
This is my first post on this forum; so please let me know if I should share additional information. Thanks!