Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws_rds): DatabaseCluster s3ImportRole fails with Aurora MySQL 3 #19126

Closed
vobarian opened this issue Feb 23, 2022 · 2 comments · Fixed by #19145
Closed

(aws_rds): DatabaseCluster s3ImportRole fails with Aurora MySQL 3 #19126

vobarian opened this issue Feb 23, 2022 · 2 comments · Fixed by #19145
Assignees
@skinny85
Labels
@aws-cdk/aws-rds Related to Amazon Relational Database bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. p1

Comments

@vobarian
Copy link

What is the problem?

Creating a DatabaseCluster with the property s3ImportRole or s3ImportBuckets fails when the engine version is Aurora MySQL 3 (MySql 8.0). Using these properties on the construct causes it to add aurora_load_from_s3_role to the cluster parameter group; however this parameter is not supported for engine version 3 and aws_default_s3_role must be used instead (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Reference.html).

Additionally, although I can set up the correct IAM role and aws_default_s3_role property in the cluster parameter group myself, I do not see any way with the DatabaseCluster construct to associate a role with the cluster without also triggering the failing behavior that modifies the parameter group, so I am really stuck. How can I just associate a role with the cluster?

Reproduction Steps

    const engine = DatabaseClusterEngine.auroraMysql({
          version: AuroraMysqlEngineVersion.of("8.0.mysql_aurora.3.01.0","8.0")
    });

    const auroraRole = this.createAuroraRole(); // has assume role for rds with s3 read inline policy

    const parameterGroup = new ParameterGroup(this, "ClusterParameterGroup", {
      engine,
      parameters: {
        // this works for the parameter group but does not associate the role with the cluster:
        //aws_default_s3_role: auroraRole.roleArn
      }
    });

    const cluster = new DatabaseCluster(this, "Database", {
      clusterIdentifier: "mycluster",
      defaultDatabaseName: "mydatabase",
      engine,
      credentials: Credentials.fromGeneratedSecret("...", { secretName: "..." }),
      storageEncrypted: true,
      instances: 2,
      backup: {
        retention: Duration.days(7)
      },
      instanceProps: {
        instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.MEDIUM),
        vpc,
        vpcSubnets: vpc.selectSubnets({ subnetGroupName: "Private" }),
        securityGroups: [securityGroup]
      },
      parameterGroup,
      s3ImportRole: auroraRole,
    });

What did you expect to happen?

Add the role to the cluster and associate the parameter group with the given parameters with the cluster.

What actually happened?

4:52:02 PM | UPDATE_FAILED        | AWS::RDS::DBClusterParameterGroup           | xxx...meterGroup3F9810FA
Invalid / Unsupported DB Parameter: aurora_load_from_s3_role

CDK CLI Version

2.1.0 (build f4f18b1)

Framework Version

2.1.0

Node.js Version

v14.16.0

OS

macOS 12.2.1

Language

Typescript

Language Version

3.9.10

Other information

No response
@vobarian vobarian added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Feb 23, 2022
@github-actions github-actions bot added the @aws-cdk/aws-rds Related to Amazon Relational Database label Feb 23, 2022
@ryparker ryparker added the p1 label Feb 24, 2022
@skinny85
Copy link
Contributor

Hey @vobarian,

thanks for opening the issue. I'm working on a fix.

skinny85 added a commit to skinny85/aws-cdk that referenced this issue Feb 24, 2022
@skinny85
fix(rds): MySQL Cluster version 8.0 uses wrong Parameter for S3 import
bb2910e 
There was recently a new major version of the Aurora MySQL released (8.0).
Apparently, it requires a different Parameter for S3 imports (`aws_default_s3_role`)
than `aurora_load_from_s3_role`, which the pre-8.0 versions use.

Fixes aws#19126
@skinny85 skinny85 mentioned this issue Feb 24, 2022
Merged
@mergify mergify bot closed this as completed in #19145 Feb 25, 2022
mergify bot pushed a commit that referenced this issue Feb 25, 2022
@skinny85
fix(rds): MySQL Cluster version 8.0 uses wrong Parameter for S3 import (
96b2034 
#19145)

There was recently a new major version of the Aurora MySQL released (8.0).
Apparently, it requires a different Parameter for S3 imports (`aws_default_s3_role`)
than `aurora_load_from_s3_role`, which the pre-8.0 versions use.

Fixes #19126

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@vkemthur-luna vkemthur-luna mentioned this issue Apr 2, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@skinny85 skinny85

Labels
@aws-cdk/aws-rds Related to Amazon Relational Database bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(rds): MySQL Cluster version 8.0 uses wrong Parameter for S3 import skinny85/aws-cdk
3 participants
@skinny85 @vobarian @ryparker