search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.38k stars 3.78k forks source link

(rds): DatabaseInstanceFromSnapshot ignoring enhanced monitoring and performance insights #24726

Open scottbisker opened 1 year ago

scottbisker commented 1 year ago

Describe the bug

When creating a Database Instance from a snapshot, CDK appears to properly creating the CFN object correctly. However, when the DB instance is created, Enhanced Monitoring is not enabled and Performance Insights is not enabled. No errors seem to

Expected Behavior

The expected behavior is that when the DB Instance is created, Enhanced Monitoring is enabled and Performance Insights is enabled.

Current Behavior

Enhanced Monitoring is disabled and Performance Insights is disabled.

Reproduction Steps

Create a DB Instance with the following definition.

rds_instance_size = ec2.InstanceSize.MEDIUM
rds_instance_class = ec2.InstanceClass.BURSTABLE4_GRAVITON

db_instance = rds.DatabaseInstanceFromSnapshot(self, "Db",
            instance_identifier = "db-{}".format(env_context),
            engine = rds.DatabaseInstanceEngine.mysql(
                version = rds.MysqlEngineVersion.VER_8_0_32,
            ),
            storage_type=rds.StorageType.IO1,
            iops=nonessential_iops,
            allocated_storage=1000, 
            max_allocated_storage=2000,
            vpc=vpc,
            vpc_subnets = ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS),
            security_groups = [
                mysql_security_group
            ],
            removal_policy = RemovalPolicy.DESTROY,
            snapshot_identifier = self.node.try_get_context(env_context)["DBSnapshotArn"],
            instance_type = ec2.InstanceType.of(
                rds_instance_class,
                rds_instance_size    
            ),
            auto_minor_version_upgrade=True,
            credentials= rds.SnapshotCredentials.from_generated_secret(
                username = "admin",
                exclude_characters = ".-=\\(@\" %+~`#$&()|[]{}:;<>?!'/)*,"
            ),
            monitoring_interval=Duration.minutes(1),
            cloudwatch_logs_exports= [ 'error', 'slowquery', 'audit' ],
            cloudwatch_logs_retention = logs.RetentionDays.SIX_MONTHS,
            enable_performance_insights = True,
        )

This is the DatabaseInstance portion of the synth of the template .

Db74F67513": {
   "Type": "AWS::RDS::DBInstance",
   "Properties": {
    "AllocatedStorage": "1000",
    "AutoMinorVersionUpgrade": true,
    "CopyTagsToSnapshot": true,
    "DBInstanceClass": "db.t4g.medium",
    "DBInstanceIdentifier": "db-test",
    "DBSnapshotIdentifier": "arn:aws:rds:us-west-2:<acct>:snapshot:db-snapshot",
    "DBSubnetGroupName": {
     "Ref": "DbSubnetGroup96467FE5"
    },
    "EnableCloudwatchLogsExports": [
     "error",
     "slowquery",
     "audit"
    ],
    "EnablePerformanceInsights": true,
    "Engine": "mysql",
    "EngineVersion": "8.0.32",
    "Iops": 3500,
    "MasterUserPassword": {
     "Fn::Join": [
      "",
      [
       "{{resolve:secretsmanager:",
       {
        "Ref": "StackDbSecret27A88B9D97d2022154130aa861a3bb7feab61e3c"
       },
       ":SecretString:password::}}"
      ]
     ]
    },
    "MaxAllocatedStorage": 2000,
    "MonitoringInterval": 60,
    "MonitoringRoleArn": {
     "Fn::GetAtt": [
      "DbMonitoringRoleAE3F4B7B",
      "Arn"
     ]
    },
    "PerformanceInsightsRetentionPeriod": 7,
    "PubliclyAccessible": false,
    "StorageType": "io1",
    "VPCSecurityGroups": [
     {
      "Fn::GetAtt": [
       "MySQLSecGrp93698302",
       "GroupId"
      ]
     }
    ]
   },
   "UpdateReplacePolicy": "Delete",
   "DeletionPolicy": "Delete",
   "Metadata": {
    "aws:cdk:path": "Stack/Db/Resource"
   }

Possible Solution

No response

Additional Information/Context

By examining CloudTrail for the [RestoreDBInstanceFromDBSnapshot] event, it does not appear that either setting is passed.

CDK CLI Version

2.68

Framework Version

No response

Node.js Version

18.15

OS

Linux

Language

Python

Language Version

3.10.6

Other information

No response

pahud commented 1 year ago

Thank you for your report and the reference link to CFN coverage roadmap. I am assuming this is not relevant to CDK but I'll keep this open for tracking.

https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/1569

pahud commented 1 year ago

Looks like it's available now from CFN https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/1569

I am removing needs-cfn label and we appreciate PRs from the community to get it supported in CDK.