When creating a RDS in a VPC, the RDS Security Group cannot be created

[RaitoBezarius]

First of all, thank you for this project, it has been great so far.

When I try to create an RDS Security Group and an RDS instance, nixops deploy exits and fails with:

botocore.exceptions.ClientError: An error occurred (InvalidParameterValue) when calling the CreateDBSecurityGroup operation: The vpc none does not exist.

Though I only specified the SecurityGroupId in my rules (using the key-format specified in the code) because all of my stuff lives in VPCs.

Any idea?

[RaitoBezarius]

Okay, after reading some docs (i.e. Boto2 and Boto3), I understood:

(1) RDS SG is for EC2-Classic, a legacy product of AWS
(2) The correct stuff to do seems to combine a DB Subnet Group Name AND an EC2 SG name
(3) It looks like there is a VPC Security Group parameter which is not used
(4) Better: we can create default subnets & stuff like this, but it requires Boto3 and I'm not sure if we can use it in this code

Can someone give me pointers regarding the usage of Boto3 in this codebase? Is there any "easy way" to patch it locally so that I can test it and submit a PR to fix this?