Skip to content

[aws-rds] When moving from DatabaseCluster to DatabaseClusterFromSnapshot, lose ability to rotate master passwords #12877

Closed
#20020
Closed
[aws-rds] When moving from DatabaseCluster to DatabaseClusterFromSnapshot, lose ability to rotate master passwords#12877
#20020
Labels
@aws-cdk/aws-rdsRelated to Amazon Relational Databaseeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.feature/enhancementA new API to make things easier or more intuitive. A catch-all for general feature requests.p1
@jonahbeckford

Description

@jonahbeckford
jonahbeckford
opened on Feb 4, 2021

If I start with a DatabaseCluster and then need to switch it to DatabaseClusterFromSnapshot, I am forced to weaken security because DatabaseClusterFromSnapshot does not have addRotationSingleUser().

Reproduction Steps

Starting point was:

const vpc = ...
const cluster = new DatabaseCluster(this, 'Database', {
    engine: DatabaseClusterEngine.auroraPostgres({ version: AuroraPostgresEngineVersion.VER_11_9 }),
    instanceProps: {
        vpc: vpc,
    },
})
cluster.addRotationSingleUser({ automaticallyAfter: Duration.days(2) })

Then, after removing the cluster (which creates a snapshot) and recreating it with:

const vpc = ...
const cluster = new DatabaseClusterFromSnapshot(this, 'Database', {
    snapshotIdentifier: "",
    engine: DatabaseClusterEngine.auroraPostgres({ version: AuroraPostgresEngineVersion.VER_11_9 }),
    instanceProps: {
        vpc: vpc,
    },
})
// The next line fails to compile!
cluster.addRotationSingleUser({ automaticallyAfter: Duration.days(2) })

the last line cannot be used.

What did you expect to happen?

I expected DatabaseClusterFromSnapshot to have the same API as DatabaseCluster.

What actually happened?

error TS2339: Property 'addRotationSingleUser' does not exist on type 'DatabaseClusterFromSnapshot'.

Environment

  • CDK CLI Version : 1.88.0 (build f65009b)
  • Framework Version: aws-cli/2.1.8 Python/3.7.3 Linux/4.19.128-microsoft-standard exe/x86_64.ubuntu.18 prompt/off
  • Node.js Version: v12.20.1
  • OS : Ubuntu 18.04 on WSL 2
  • Language (Version): TypeScript 3.9.7

Other

I would suggest pulling DatabaseCluster.addRotationSingleUser and DatabaseCluster.addRotationMultiUser up into DatabaseClusterNew (which is the shared superclass of DatabaseClusterFromSnapshot)

This is 🐛 Bug Report

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-rdsRelated to Amazon Relational Databaseeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.feature/enhancementA new API to make things easier or more intuitive. A catch-all for general feature requests.p1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions