search

aws-samples / amazon-mwaa-examples

Amazon Managed Workflows for Apache Airflow (MWAA) Examples repository contains example DAGs, requirements.txt, plugins, and CloudFormation templates focused on Amazon MWAA.
MIT No Attribution
106 stars 61 forks source link

Create variable for VPC Endpoint creation if already created #76

Closed skpune closed 4 months ago

skpune commented 5 months ago

Hi Team,

We are encountering an issue while deploying the start-stop solution in an account that has multiple MWAA environments. When we try to deploy the start-stop solution for another environment, the CloudFormation stack creation is failing and going into a rollback state.

The error message we are receiving is:

"Resource handler returned message: "private-dns-enabled cannot be set because there is already a conflicting DNS domain for states.us-east-1.amazonaws.com in the VPC vpc-0d301afa40a5768ca (Service: Ec2, Status Code: 400, Request ID: ccc14144-39f2-4078-b7e4-8f8dfc0b6d26)" (RequestToken: 3dc89c65-c60e-9c5c-6bf8-b261ab1a9fb7, HandlerErrorCode: GeneralServiceException)"

Could you please help us create a variable for the VPC endpoint creation, in case it already exists? This would allow us to handle the conflict and successfully deploy the start-stop solution for the additional MWAA environment.

Please let me know if you need any further information or assistance from our end.

Thanks, Shubham

crupakheti commented 5 months ago

Thank you, @skpune for your feature request! We plan to merge this feature in subsequent PRs.

crupakheti commented 5 months ago

Hey @skpune, while you are waiting on the enhancement, you can modify mwaa-main-stack.ts as follows: https://github.com/aws-samples/amazon-mwaa-examples/blob/80d36fce0bc6e8b34ce385f75a0b9e3b5abd284e/usecases/start-stop-mwaa-environment/lib/infrastructure/mwaa-main-stack.ts#L80C1-L102C1

...
  lookupVpc(props: MwaaMainStackProps): MwaaVpc {
    if (props.vpcId) {
      const vpc = ec2.Vpc.fromLookup(this, `${props.mainStackName}-external-vpc`, {
        vpcId: props.vpcId,
      });

      const subnets = props.subnetIds.map((id) => ec2.Subnet.fromSubnetId(this, id, id));
      const vpcSubnets = { subnets };

      const securityGroups = props.securityGroups.map((sg) => ec2.SecurityGroup.fromSecurityGroupId(this, sg, sg));

//      const vpce = vpc.addInterfaceEndpoint(`${props.mainStackName}-sf-vpce`, {
//        service: ec2.InterfaceVpcEndpointAwsService.STEP_FUNCTIONS,
//        subnets: vpcSubnets,
//        securityGroups: securityGroups,
//      });

//      return { vpc, vpcSubnets, securityGroups, vpce };
      return { vpc, vpcSubnets, securityGroups };
    }

    return {};
  }
...