CertificateNotFound: Certificate not found: rds-ca-2019


When running the terraform script to set up your Iglu stack I get the error:

│ Error: error modifying DB Instance (sp-iglu-rds-20230705080014606500000001): CertificateNotFound: Certificate not found: rds-ca-2019
│ status code: 404, request id: 5dff62e1-8af3-4540-8093-ed3fe22c764b

│ with module.iglu_rds.aws_db_instance.instance,
│ on .terraform/modules/iglu_rds/main.tf line 29, in resource “aws_db_instance” “instance”:
│ 29: resource “aws_db_instance” “instance” {

I am installing in the region af-south-1, and from the AWS console I see if I manually try and create a DB instance that the allowed certificates are “rds-ca-2019-af-south-1” and “rds-ca-2019” is not in the list. I’m not sure what I need to change (or where I could even change) the ca_cert_identifier?


I had to clone the project terraform-aws-rds-0.1.4 and edit main.tf, where I changed

ca_cert_identifier = "rds-ca-2019-af-south-1"

And then thereafter change the main.tf in the snowplow quickstart example to:

# 1. Deploy an Iglu Server stack
module "iglu_rds" {
#  source  = "snowplow-devops/rds/aws"
  source  = "./terraform-aws-rds-0.1.4"
#  version = "0.1.4"

And could successfuly run terraform apply. It would be great if the ca_cert_identifier could use a variable in the terraform-aws-rds project so that this can be overwritten from the snowplow quickstart example main.tf

Hi @Laichzeit0 thanks for reporting and for providing the solution here! If you are open to submitting a PR to this repo (GitHub - snowplow-devops/terraform-aws-rds) it would certainly expedite getting the fix into the system.

In the meantime have opened this ticket to track the issue.