search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.68k stars 3.92k forks source link

aws_elasticache: setting logDeliveryConfigurations in clusterMode: "Disabled" fails #26294

Open YishaqG opened 1 year ago

YishaqG commented 1 year ago

Describe the bug

From the following configuration of Redis Cluster

    this.cfnInstance = new CfnReplicationGroup(scope, "CacheReplicationGroup", {
      replicationGroupDescription: "Repliaction group description",
      atRestEncryptionEnabled: false,
      authToken: undefined,
      autoMinorVersionUpgrade: true,
      automaticFailoverEnabled: false,
      cacheNodeType: "cache.t3.micro",
      cacheSubnetGroupName: cfnSubnetGroup.ref,
      clusterMode: "Disabled",
      engine: "redis",
      engineVersion: "7.0",
      multiAzEnabled: false,
      numNodeGroups: 1,
      securityGroupIds: [this.securityGroup.securityGroupId],
      snapshotRetentionLimit: 1,
      snapshotWindow: undefined
    });

Adding the following logDeliveryConfigurations either with engine-log or slow-log causes a deployment failure with the message UPDATE_ROLLBACK_COMPLETE: Cluster mode updates are not supported while attempting to update additional properties.

      logDeliveryConfigurations: [{
        destinationDetails: {
          cloudWatchLogsDetails: {
            logGroup: 'redis-elasticache',
          },
        },
        destinationType: 'cloudwatch-logs',
        logFormat: 'json',
        logType: 'engine-log',
      }],

Expected Behavior

A Redis cluster update with a log delivery configuration enabled.

Current Behavior

Deployment fails

Reproduction Steps

1Add logDeliveryConfiguration to the following redis replication group config

    this.cfnInstance = new CfnReplicationGroup(scope, "CacheReplicationGroup", {
      replicationGroupDescription: "Repliaction group description",
      atRestEncryptionEnabled: false,
      authToken: undefined,
      autoMinorVersionUpgrade: true,
      automaticFailoverEnabled: false,
      cacheNodeType: "cache.t3.micro",
      cacheSubnetGroupName: cfnSubnetGroup.ref,
      clusterMode: "Disabled",
      engine: "redis",
      engineVersion: "7.0",
      multiAzEnabled: false,
      numNodeGroups: 1,
      securityGroupIds: [this.securityGroup.securityGroupId],
      snapshotRetentionLimit: 1,
      snapshotWindow: undefined
    });

Possible Solution

No response

Additional Information/Context

Thank you for your help

CDK CLI Version

2.85.0

Framework Version

2.85.0

Node.js Version

16.18.0

OS

macOS 13.4.1

Language

Typescript

Language Version

4.9.5

Other information

No response

pahud commented 1 year ago

UPDATE_ROLLBACK_COMPLETE: Cluster mode updates are not supported while attempting to update additional properties.

This seems to be a restrict from CloudFormation or Elasticache for Redis. And you might have to change the cluster mode enabled(CME) to cluster mode disabled(CMD) before you are allowed to modify the properties but I am not 100% sure about that and I would suggest to try it in a testing environment first.

https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/modify-cluster-mode.html

github-actions[bot] commented 1 year ago

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

YishaqG commented 1 year ago

Hi @pahud, thank you for your help. I try deleting the cluster and creating it with the logs configuration, and it failed but with another error:

 CREATE_FAILED        | AWS::ElastiCache::ReplicationGroup          | CacheReplicationGroup
Failed to enable log delivery for log type engine-log. Error: Destination log group redis-elasticache does not exist.

I would try adding the log destination. But I believe that this is a bug, enabling log configuration from the AWS Console works without problem

darylgraham commented 5 months ago

This is an old issue, but for anyone else experiencing the same problem it can be resolved by ensuring your clusterMode parameter is completely lowercase.

https://repost.aws/questions/QUj6IF3l-qSsKKkD3yxY_EDw/elasticache-cluster-mode-updates-are-not-supported-while-attempting-to-update-additional-properties

It appears to be inaccurate CFN documentation for ClusterMode:

The schema resource type AWS::ElastiCache::ReplicationGroup handles looks like using lower case values "enabled or disabled" instead of documented "Enabled or Disabled".

I tested using lower case "enabled" in template allows required update of other properties to be invoked...