feat(rds): instance engine lifecycle support

[phuhung273]

Issue # (if applicable)

Closes #34492

Reason for this change

Cluster has this param but Instance doesn't

Description of changes

• Instance engine lifecycle support
• Move enum EngineLifecycleSupport to props as it is shared across cluster and instance

Describe any new or updated permissions being added

Description of how you validated changes

Unit + Integ

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[go-to-k]

Thanks for the PR. There are almost no problems, but I left a few very minor comments.

[go-to-k]

Is this account ID not AWS official's but yours? In my opinion, tests shouldn't depend on your or someone's account with hard coding.

I know that the way has already used in integ.instance-from-cluster-snapshot.ts, but there is a possibility that the account or the snapshot will be deleted, then developers who run this test will be confused. (Furthermore, although an AWS account ID is not confidential information, it would be good not to disclosed carelessly.)

How about using environment variables or any variables (such as process.env.CDK_INTEG_ACCOUNT || process.env.CDK_DEFAULT_ACCOUNT, stack.account, etc.)?
And it would be better to write a comment to need to create the resource and the snapshot manually before running the test. (Alternatively, we may also create them in preDeploy of hooks in IntegTest and delete them in postDestroy, but it may take a long time and be difficult.)

Or, we could create a custom resource and create a snapshot of sourceInstance within it and return that. But it might be a flaky test so it might be good the first choice.

What do you think?

*Even if this approach is continued, it would be good to add some comments about what this ID refers to and how developers should handle it (whether it is okay to use as is).

[phuhung273]

Thanks for your review. To explain, I don't even know whose snapshot is that. We can find that in RDS console > Snapshot > Public and grab which ever compatible with our setting.

I was doing the same for integ.instance-from-cluster-snapshot.ts, and now that snapshot has been deleted. Agree that this should be improved for future reader.

Also really appreciate your sharing on preDeploy and hooks, will definitely try it out for simpler test.

Detail comment on how to get the snapshot ID added.

[go-to-k]

Thanks for the change. Confirmed it.

/*
 * For simplicity, this integration test uses a public snapshot.
 * By the time you rerun, the snapshot might already be deleted.
 *
 * How to get another compatible public snapshot:
 * * aws rds describe-db-snapshots --include-public --snapshot-type public --query "DBSnapshots[?Engine=='mysql' && EngineVersion=='8.0.40']" --output table
 *
 * Or find one in AWS Console > RDS > Snapshots > Public
 */

However, as far as I can see, there are currently only four snapshots of the relevant engine in public. Furthermore, it is unclear who left them there and for what purpose. In other words, there is a possibility that there will be none when executing this integ in future.

In addition, if the snapshot referenced in the test is deleted and a new snapshot ID is specified, the instance will be replaced with the new one. Then it will cause a destructive change in the integ test. Also, if the original snapshot does not exist, an error will occur when creating a stack with the existing snapshot, causing the test to fail unless you specify --disable-update-workflow or stackUpdateWorkflow: false. Anyway, Tests should be as stable as possible.

https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-dbsnapshotidentifier

If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified DBSnapshotIdentifier property, and the original DB instance is deleted.

Therefore, I prefer the following approaches. How about trying different approaches?

How about using environment variables or any variables (such as process.env.CDK_INTEG_ACCOUNT || process.env.CDK_DEFAULT_ACCOUNT, stack.account, etc.)?
And it would be better to write a comment to need to create the resource and the snapshot manually before running the test. (Alternatively, we may also create them in preDeploy of hooks in IntegTest and delete them in postDestroy, but it may take a long time and be difficult.)

Or, we could create a custom resource and create a snapshot of sourceInstance within it and return that. But it might be a flaky test so it might be good the first choice.

[phuhung273]

Found an existing implementation of another integ, so I made it general for any later work requiring snapshot.

Also tried to do the same for integ.instance-from-cluster-snapshot, but the problem is DB instance can only be restored from a MultiAZ DB cluster - which is currently not yet supported by L2 construct as L2 DBCluster only support Aurora. It is still possible with L1 and some modifications on the Snapshoter. Please let me know if you want me to do so.

[go-to-k]

I see. Then, let's revert the current change in packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-from-cluster-snapshot.ts. That change could be considered separately from this PR.

[phuhung273]

Yeah sure thanks for understanding, integ.instance-from-cluster-snapshot reverted

[go-to-k]

This setting applies only to RDS for MySQL and RDS for PostgreSQL.

It would be good to write it in description or validate it if possible.

https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-enginelifecyclesupport

[phuhung273]

Thank you for this, engine validation added.

[go-to-k]

This would be more helpful.

Suggested change

	throw new ValidationError(`Engine '${engineType}' does not support engine lifecycle support`, this);
	throw new ValidationError(`'engineLifecycleSupport' can only be specified for RDS for MySQL and RDS for PostgreSQL, got: '${engineType}'`, this);

[phuhung273]

Thanks this is updated

[go-to-k]

Same as above

[phuhung273]

Thanks this is updated

[go-to-k]

Could you please change the following together?

    const instance = new CfnDBInstance(this, 'Resource', {
      // ...
      // ...
-     engine: shouldPassEngine ? props.sourceDatabaseInstance.engine?.engineType : undefined,
+     engine: shouldPassEngine ? engineType : undefined,
      // ...
      // ...

[phuhung273]

Sure this is updated

[go-to-k]

I see. Then, let's revert the current change in packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance-from-cluster-snapshot.ts. That change could be considered separately from this PR.

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 9bf5663
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[go-to-k]

Thanks. Approved!

[phuhung273]

Thanks for your review @go-to-k 💯