Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cdk migrate: cdk migrate fails with "unreachable" error when template includes "AWS::RDS::DBCluster" that specifies the "ReadEndpoint" property #29293

Open
nelomsmn opened this issue Feb 28, 2024 · 4 comments
Open

cdk migrate: cdk migrate fails with "unreachable" error when template includes "AWS::RDS::DBCluster" that specifies the "ReadEndpoint" property #29293

nelomsmn opened this issue Feb 28, 2024 · 4 comments
Assignees
@colifran
Labels
bug This issue is a bug. cli Issues related to the CDK CLI in-progress This issue is being actively worked on. needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. p1 package/tools Related to AWS CDK Tools or CLI toolkit/migrate Related to cdk migrate

Comments

@nelomsmn
Copy link

nelomsmn commented Feb 28, 2024
edited
Loading

Describe the bug

When using the "cdk migrate" command to migrate an existing template that includes an "AWS::RDS::DBCluster" resource, the command fails if the resource includes the "ReadEndpoint" property. Please see the error below:

cdk migrate --from-path './CDKMigrateExampleTemplate.yml' --stack-name CustomStackName
...
 ❌  Migrate failed for `CustomStackName`: stack generation failed due to error 'unreachable'

stack generation failed due to error 'unreachable'

This issue also occurs when attempting to migrate an "AWS::RDS::DBSecurityGroup" resource when the "DBSecurityGroupIngress" property is specified.

Expected Behavior

We are expecting cdk migrate to support all properties for the "AWS::RDS::DBCluster" resource as this resource is supported by IaC Generator

Current Behavior

Migration command fails when the template includes an "AWS::RDS::DBCluster" that specifies the "ReadEndpoint" property. Commenting out the property results in a successful template migration.

Reproduction Steps

Step 1: Use the below template with the cdk migrate command (should result in a successful run)
Step 2: Uncomment the "ReadEndpoint" property and retry the migrate command

Resources:
  Cluster:
    Type: AWS::RDS::DBCluster
    Properties:
      AllocatedStorage: 0
      AssociatedRoles: 
        - DBClusterRole
      AutoMinorVersionUpgrade: false
      AvailabilityZones: 
        - String
      BacktrackWindow: 0
      BackupRetentionPeriod: 0
      CopyTagsToSnapshot: false
      DatabaseName: String
      DBClusterIdentifier: String
      DBClusterInstanceClass: String
      DBClusterParameterGroupName: String
      DBInstanceParameterGroupName: String
      DBSubnetGroupName: String
      DBSystemId: String
      DeletionProtection: false
      Domain: String
      DomainIAMRoleName: String
      EnableCloudwatchLogsExports: 
        - String
      EnableGlobalWriteForwarding: false
      EnableHttpEndpoint: false
      EnableIAMDatabaseAuthentication: false
      Engine: String
      EngineMode: String
      EngineVersion: String
      GlobalClusterIdentifier: String
      Iops: 0
      KmsKeyId: String
      ManageMasterUserPassword: false
      MasterUsername: String
      MasterUserPassword: String
      MasterUserSecret: 
        MasterUserSecret
      MonitoringInterval: 0
      MonitoringRoleArn: String
      NetworkType: String
      PerformanceInsightsEnabled: false
      PerformanceInsightsKmsKeyId: String
      PerformanceInsightsRetentionPeriod: 0
      Port: 0
      PreferredBackupWindow: String
      PreferredMaintenanceWindow: String
      PubliclyAccessible: false
      # ReadEndpoint: 
      #   Address: String
      ReplicationSourceIdentifier: String
      RestoreToTime: String
      RestoreType: String
      ScalingConfiguration: 
        ScalingConfiguration
      ServerlessV2ScalingConfiguration: 
        ServerlessV2ScalingConfiguration
      SnapshotIdentifier: String
      SourceDBClusterIdentifier: String
      SourceRegion: String
      StorageEncrypted: false
      StorageType: String
      Tags: 
        - Tag
      UseLatestRestorableTime: false
      VpcSecurityGroupIds: 
        - String

Possible Solution

N/a

Additional Information/Context

When creating a template for existing "AWS::RDS::DBCluster" within IaC generator, the "ReadEndpoint" property is always included in the generated template(even if empty). Thus, newly generated templates also present the "unreachable" error.

CDK CLI Version

1.128.0

Framework Version

No response

Node.js Version

v18

OS

MacOs

Language

TypeScript

Language Version

Occurs when generating templates in all languages

Other information

No response
@nelomsmn nelomsmn added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Feb 28, 2024
@github-actions github-actions bot added the package/tools Related to AWS CDK Tools or CLI label Feb 28, 2024
@tim-finnigan tim-finnigan self-assigned this Feb 28, 2024
@tim-finnigan tim-finnigan added investigating This issue is being investigated and/or work is in progress to resolve the issue. toolkit/migrate Related to cdk migrate p1 and removed needs-triage This issue or PR still needs to be triaged. investigating This issue is being investigated and/or work is in progress to resolve the issue. labels Feb 28, 2024
@tim-finnigan
Copy link

Thanks for reporting, I could reproduce the issue. It looks like specifically the Address: String part of ReadEndpoint is causing this to fail. The only other place I found that error reported was in #27709, which was about cdk migrate tests failing - but that issue was closed without more info.

@github-actions github-actions bot mentioned this issue Mar 1, 2024
Closed
@colifran colifran self-assigned this Mar 4, 2024
@TheRealAmazonKendra
Copy link
Contributor

TheRealAmazonKendra commented Mar 4, 2024
edited
Loading

Looks like the issue here is that ReadEndpoint is actually a readonly property and should only be listed as an attribute, not as a property in the CloudFormation template. Since CDK handles it as a readonly property, it doesn't exist in the CDK props. I'll need to reach out to CloudFormation to get this one fixed on their end.

@TheRealAmazonKendra TheRealAmazonKendra added the needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. label Mar 4, 2024
@TheRealAmazonKendra
Copy link
Contributor

In addition to reaching out to CloudFormation for this fix, we have improved our error handling so a better error message is returned cdklabs/cdk-from-cfn#594. I will close this issue once the most up-to-date version of cdk-from-cfn is merged into the aws-cdk.

@TheRealAmazonKendra TheRealAmazonKendra added the in-progress This issue is being actively worked on. label Mar 6, 2024
@TheRealAmazonKendra
Copy link
Contributor

We have released an update to improve the error handling and that change is available as of v2.132. As for the field itself, we are awaiting action from CloudFormation.

@pahud pahud added the cli Issues related to the CDK CLI label Apr 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@colifran colifran

Labels
bug This issue is a bug. cli Issues related to the CDK CLI in-progress This issue is being actively worked on. needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. p1 package/tools Related to AWS CDK Tools or CLI toolkit/migrate Related to cdk migrate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@pahud @TheRealAmazonKendra @tim-finnigan @nelomsmn @colifran