AWS CDK : snapshot restore an existing RDS Aurora database cluster? - amazon-rds

I'd like to restore an Aurora PostgreSQL cluster from a snapshot. The cluster was created using the AWS CDK rds.DatabaseCluster construct.
The CDK version is 1.139.0 using Typescript and the db cluster is 11.9
For an existing cluster created with rds.DatabaseCluster there doesn't appear to be a way to specify a snapshot should you wish to trigger a snapshot restore of the cluster through CDK.
In the past I have restored clusters that have been deployed using CloudFormation (CF) by adding the snapshotIdentifier to the AWS::DB::Cluster resource in the CF template. This property can be seen in the CDK CfnDBCluster & CfnDBInstance resources.
I'm aware of the rds.DatabaseClusterFromSnapshot construct which offers the ability to create the database (and restore?) by specifying a snapshot name. However as mentioned the database cluster that I'd like to restore has already been created and is associated in CDK with the rds.DatabaseCluster constuct.
I'd rather not restore the database cluster outside of CDK (using console/cli) as the new cluster this results in would not be associated with the CDK stack.
Is it possible to perform a snapshot restore of a RDS Aurora PostgreSQL cluster in anyway purely from within the existing CDK stack/code? Specifically if the cluster was created using the rds.DatabaseCluster construct?
Thank you

You can access the underlying CloudFormation resource as an L1 construct.
const cluster = new rds.DatabaseCluster(this, 'Database', {
engine: rds.DatabaseClusterEngine.AURORA,
instanceProps: { vpc },
});
const cfnCluster = cluster.node.defaultChild as rds.CfnDBCluster;
cfnCluster.snapshotIdentifier = "arn:snapshot";
cfnCluster.masterUsername = undefined;
cfnCluster.masterUserPassword = undefined;
Updating this value would terminate your cluster and create a new one to replace it.
Parameter documentation: https://docs.aws.amazon.com/cdk/api/v1/docs/#aws-cdk_aws-rds.CfnDBCluster.html#snapshotidentifier
Edit: Updated to set masterUsername and masterUserPassword to undefined

Related

Creating aws aurora with 'require_secure_transport'

According to this doc :
You can require that all user connections to your Aurora MySQL DB cluster use SSL/TLS by using the require_secure_transport DB cluster parameter.
Been looking through terraform docs and samples. Not seeing if this setting is available.
Does terraform have a method to set arbitrary values if they aren't supported as module params?
#ethrbunny If my guess is not wrong, you are trying to set SSL/TLS connection for mysql DB cluster in aws aurora using terraform? I guess for this first you need to create custom DB cluster parameter group in aws aurora and specify that group name in your terraform module.
Reference :
Terraform Registery Look for 'db_cluster_parameter_group_name' tag
Terraform aws aurora github link
As per AWS document we can set this parameter in a custom DB cluster parameter group. The parameter isn't available in DB instance parameter groups.
Reference : aws aurora documentation refer 'Notes' section
The require_secure_transport parameter is only available for Aurora MySQL version 5.7. You can set this parameter in a custom DB cluster parameter group. The parameter isn't available in DB instance parameter groups.

RDS: How to promote a replica (MariaDB) to be a standalone DB instance using terraform script?

I use the terraform module, terraform-aws-modules/rds/aws (version: 2.20.0) provisioned MariaDB master and a replica. I would like to promote the replica to be a standalone DB instance. The document at https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html gives instruction of how to do it via AWS console. I would like to do it use terraform script. Anyone has idea of how to promote a replica to be a standalone DB instance using terraform script? My terraform version is v01.3.5.
I a guessing you have the read replica resource via terraform.
From docs:
Removing the replicate_source_db attribute from an existing RDS
Replicate database managed by Terraform will promote the database to a
fully standalone database.
You can make a condition there to switch it on and off.

aws_emr_cluster - is it possible to retrieve the instance identifiers

I am creating an EMR cluster using the aws_emr_cluster resource in terraform.
I need to get access to the instance ID of the underlying EC2 hardware, specifically the MASTER node.
It does not appear in the attributes and neither when I perform an terraform show
The data definitely exists and is available in AWS.
Does anyone know how I can get at this value and how to do it it using terraform?
You won't be able to access the nodes (EC2 Instances) in an EMR Cluster through terraform. It is the same case for AutoScaling Groups too.
If terraform includes EMR or ASG nodes, state file will be changed everytime a change happens in EMR/ASG. So, storing the instance information won't be ideal for terraform.
Instead, you can use AWS SDK/CLI/boto3 to see them.
Thanks.

DynamoDB PowerShell: can't create local table in selected region

I'm trying to create a table in a local instance of DynamoDB using PowerShell cmdlets. In VS AWS Explorer I created a DDB instance and bound it to port:10000. Right after that, the new DB was created where name is KEYID_us-east-1.db
In the PS script, I'm setting up the AWS context and the table to create it in eu-central-1 region. Despite this, the new table is created in us-east-1 db, so the PS cmdlet ignored my region settings and used default one.
In the mean time, when I specify a different region in NodeJS, but the same endpoint that I use in PS script, after accessing the db, the new DB appears with region that I specified.
Why does this happen?
Please refer the "Notes" section on the below link. Looks like the local dynamodb instance use the region to create the database file. However, the local instance is not using the region effectively in the same way as AWS remote dynamodb instance.
"Bullet Point : 2 - The values that you supply for the AWS access key and the Region are only used to name the database file."
https://aws.amazon.com/blogs/aws/dynamodb-local-for-desktop-development/

Listing tags for Amazon Aurora DB cluster snapshots

I have an Amazon Aurora DB cluster with snapshots enabled.
I am adding tags to the snapshots and I am having trouble retrieving them, both through the aws cli and the Java API.
The tags are successfully added to the snapshots, and are visible in the Amazon RDS Dashboard Snapshots section.
Looking at the documentation here, I have to compose the ARN for the snapshot instance, and use that in the call.
So if the snapshot name (as displayed in the dashboard) is mysnapshot-1234, the ARN should look something like this:
arn:aws:rds:my_region:my_customer_id:snapshot:mysnapshot-1234
The aws cli call looks like this:
aws rds list-tags-for-resource --resource-name arn:aws:rds:my_region:my_customer_id:snapshot:mysnapshot-1234
and it results in:
A client error (InvalidParameterValue) occurred when calling the
ListTagsForResource operation: Unable to find a snapshot matching the
resource name: mysnapshot-1234
Am I composing the ARN properly? Any other idea how to get this to work?
I'm thinking I'm either using the wrong snapshot ID or there is a bug in their API.
The documentation was updated in the meantime, and the culprit was the fact that I was using the "snapshot" selector instead of "cluster-snapshot" (Aurora snapshots are created at a cluster level, not at a DB level).
So using the right selector I am able to list the tags:
arn:aws:rds:my_region:my_customer_id:cluster-snapshot:mysnapshot-1234

Resources