AWS::RDS::DBInstance - [Coverage] - Missing parameters for `AutomaticBackupReplicationRegion`

[azatoth]

Name of the resource

AWS::RDS::DBInstance

Resource name

No response

Description

The recently added AutomaticBackupReplicationRegion property for AWS::RDS::DBInstance are missing a few parameters that are useful or required for proper function of the feature:

• "Replicated backup retention period" - In the UI it's a different field from the normal backup retention field, so it should be exposed.

• "AWS KMS key" - Is needed when you are using encrypted databases; Not specifying it results in following error:

  Encrypted instances require a valid KMS key ID

  where in this case, the database is encrypted using default aws/rds KMS key

Other Details

Screenshot from the Console to show the current properties:

[acosta-edgar]

CloudFormation supports AutomaticBackupReplicationKmsKeyId for DbInstance, but cdk does not, and without it there is no use for the automatic backup region parameter: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-automaticbackupreplicationkmskeyid

Automatic Backup Retention Period is already supported in CDK: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_rds.CfnDBInstance.html#backupretentionperiod

[azatoth]

Automatic Backup Retention Period is already supported

There are two different backup retention periods; I never screenshotted the other retention period but I realize I should have done that.

Above is the "normal" backup retention period entry. So we can conclude it's meant to be two separate periods; which makes sense.