Open advdv opened 5 months ago
It seems that a work-around for this is setting the attribute on the underly Cfn construct like shown below. For cross-region read replica this needs to be a fully formed ARN.
con.replica = awsrds.NewDatabaseInstanceReadReplica(scope, jsii.String("Replica"),
&awsrds.DatabaseInstanceReadReplicaProps{
SourceDatabaseInstance: sourceInstance,
InstanceType: awsec2.InstanceType_Of(
awsec2.InstanceClass_BURSTABLE4_GRAVITON, awsec2.InstanceSize_MICRO),
Vpc: vpc,
StorageEncryptionKey: con.key,
PerformanceInsightEncryptionKey: con.key,
// Each instance will have performance insight enabled and is publicly accessible
IamAuthentication: jsii.Bool(true),
AutoMinorVersionUpgrade: jsii.Bool(true),
VpcSubnets: &awsec2.SubnetSelection{SubnetType: awsec2.SubnetType_PUBLIC},
PubliclyAccessible: jsii.Bool(true),
SecurityGroups: con.securityGroup.Connections().SecurityGroups(),
EnablePerformanceInsights: jsii.Bool(true),
PerformanceInsightRetention: awsrds.PerformanceInsightRetention_DEFAULT,
// enables enhanced monitoring
MonitoringInterval: awscdk.Duration_Seconds(jsii.Number(monitorIntervalSeconds)),
// update to higher-security RSA certifiacte that doesn't expire in 2024
CaCertificate: awsrds.CaCertificate_RDS_CA_RDS4096_G1(),
// We export postgres logs to cloudwatch so we can add alarms if we want to.
CloudwatchLogsExports: jsii.Strings("postgresql"),
CloudwatchLogsRetention: awslogs.RetentionDays_TWO_WEEKS,
// we only allow tls connections since the password will travel over the public internet
ParameterGroup: con.parameters,
})
dbi, ok := con.replica.Node().DefaultChild().(awsrds.CfnDBInstance)
if !ok {
panic("replica is not awsrds.CfnDbInstance")
}
// we need to make sure to pass an arn, and the source region. See:
//nolint:lll
// https://stackoverflow.com/questions/46639969/how-can-we-create-cross-region-rds-read-replica-using-aws-cloud-formation-templa
// and: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-sourcedbinstanceidentifier
// dbi.SetSourceDbInstanceIdentifier(jsii.String("arn:aws:rds:eu-central-1:860345245734:db:clcorefra-postgresinstance95a4e08e-v383fggzzyhn"))
// dbi.SetSourceDbInstanceIdentifier(dbi.SourceDbInstanceIdentifier())
dbi.SetSourceDbInstanceIdentifier(jsii.Sprintf(
"arn:aws:rds:%s:%s:db:%s",
*sourceStack.Region(),
*sourceStack.Account(),
*sourceInstance.InstanceIdentifier()))
Can you share your synthesized template for the DBInstance resource?
According to the doc:
If the source DB instance is in a different region than the read replica, specify the source region in SourceRegion, and specify an ARN for a valid DB instance in SourceDBInstanceIdentifier. For more information, see Constructing a Amazon RDS Amazon Resource Name (ARN) in the Amazon RDS User Guide.
I think you have to comply with the 2 requirements and looks like you might be missing SourceRegion.
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.
In my reply I've illustrated how this is solved. I did NOT have to provide the SourceRegion. I did have to provide a full ARN to the source instance. The ARN includes the region so maybe it does some trickery to fill in the SourceRegion itself.
I cannot provide the full synthesised template for security reasons but I can provide certain attributes maybe. What do you wanna look at?
In short, I think the NewDatabaseInstanceReadReplica function should look at the the SourceInstance and determine through it's identifier if it's cross region or not. If it is, it should set SourceDbInstanceIdentifier to be the full ARN, if not it can use just the identifier.
Describe the bug
I'm trying to use the AWS CDK to create a read replica (in Singapore) for a database instance in another region (Frankfurt). Since the awsrds.NewDatabaseInstanceReadReplica requires a awsrds.IDatabaseInstance for the SourceDataInstance I'm using DatabaseInstance_FromDatabaseInstanceAttributes to "import" a database instance from the other region. This uses cross-region references to provide the attributes. But when I do this ,the deploy will fail with "DBInstance clcorefra-postgresinstance95a4e08e-v383fggzzyhn not found" when creating the replica instance.
I've test that this is possible by doing it manually in the AWS console, nothing wrong with the source instance.
Expected Behavior
It should create a replica instance in the destination region (Singapore).
Current Behavior
Reproduction Steps
This project uses some of our internal libraries that we use for CDK, it is public: gitHub.com/crewlinker/clgo
/infra/infra.go
infra/infracon/root.go
infra/infracon/postgres.go
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.126.0 (build fb74c41)
Framework Version
No response
Node.js Version
Node.js v20.10.0
OS
Apple M1 Sonoma 14.1
Language
Go
Language Version
go version go1.21.6 darwin/arm64
Other information
No response