fix(rds): cannot delete a stack with DbCluster set to 'Retain'

When the DatabaseCluster has its deletion policy set to 'Retain', an attempt to delete the stack containing it fails, as the DbSubnetGroup cannot be removed if it still points to an existing Cluster. To fix that, set the retention policy of DbSubnetGroup to 'Retain' if it is 'Retain' on the DatabaseCluster. Fixes aws#5282
skinny85 · Jun 1, 2020 · aa04312 · aa04312
1 parent 2d83328
commit aa04312
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts
@@ -354,6 +354,9 @@ export class DatabaseCluster extends DatabaseClusterBase {
       dbSubnetGroupDescription: `Subnets for ${id} database`,
       subnetIds,
     });
+    if (props.removalPolicy === RemovalPolicy.RETAIN) {
+      subnetGroup.applyRemovalPolicy(RemovalPolicy.RETAIN);
+    }
 
     const securityGroup = props.instanceProps.securityGroup !== undefined ?
       props.instanceProps.securityGroup : new ec2.SecurityGroup(this, 'SecurityGroup', {

diff --git a/packages/@aws-cdk/aws-rds/test/test.cluster.ts b/packages/@aws-cdk/aws-rds/test/test.cluster.ts
@@ -1,4 +1,4 @@
-import { ABSENT, countResources, expect, haveResource, ResourcePart, SynthUtils } from '@aws-cdk/assert';
+import { ABSENT, countResources, expect, haveResource, haveResourceLike, ResourcePart, SynthUtils } from '@aws-cdk/assert';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import { ManagedPolicy, Role, ServicePrincipal } from '@aws-cdk/aws-iam';
 import * as kms from '@aws-cdk/aws-kms';
@@ -148,6 +148,28 @@ export = {
     test.done();
   },
 
+  "sets the retention policy of the SubnetGroup to 'Retain' if the Cluster is created with 'Retain'"(test: Test) {
+    const stack = new cdk.Stack();
+    const vpc = new ec2.Vpc(stack, 'Vpc');
+
+    new DatabaseCluster(stack, 'Cluster', {
+      masterUser: { username: 'admin' },
+      engine: DatabaseClusterEngine.AURORA,
+      instanceProps: {
+        instanceType: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.LARGE),
+        vpc,
+      },
+      removalPolicy: cdk.RemovalPolicy.RETAIN,
+    });
+
+    expect(stack).to(haveResourceLike('AWS::RDS::DBSubnetGroup', {
+      DeletionPolicy: 'Retain',
+      UpdateReplacePolicy: 'Retain',
+    }, ResourcePart.CompleteDefinition));
+
+    test.done();
+  },
+
   'creates a secret when master credentials are not specified'(test: Test) {
     // GIVEN
     const stack = testStack();