Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AWS::Redshift::Cluster] Drift Detection issue for Classic property under AWS::Redshift::Cluster resource #131

Open
FarrOut opened this issue Apr 20, 2023 · 1 comment
Open

[AWS::Redshift::Cluster] Drift Detection issue for Classic property under AWS::Redshift::Cluster resource #131

FarrOut opened this issue Apr 20, 2023 · 1 comment

Comments

@FarrOut
Copy link

FarrOut commented Apr 20, 2023

There is an issue with this resource type whereby false-positive drift is reported for the Classic property. A similar ticket has been opened in the Cloudformation roadmap, but opening another here as this team is responsible for this resource type handler.

Will be happy to provide any further info as required.

Name of the resource
AWS::Redshift::Cluster

Issue Description
The Classic property for the AWS::Redshift::Cluster resource is marked as drifted when its value is specified as false.

Expected Behavior
The Classic property should be IN_SYNC or NOT_CHECKED status.

Observed Behavior
The Classic property is marked as REMOVE with

expected = false
actual = -

Test Cases

Steps to reproduce -

  • Create Stack using following template -
Resources:
    myCluster:
      Type: 'AWS::Redshift::Cluster'
      Properties:
        DBName: mydb
        MasterUsername: master
        MasterUserPassword: xxxxxxxxxx
        NodeType: ds2.xlarge
        ClusterType: single-node
        Classic: false
  • Run drift detection
  • View drift results
@FarrOut
Copy link
Author

FarrOut commented Apr 20, 2023

Retested and confirmed.

CDK v2.76.0

        key = kms.Key(self, "MyKey",
                      removal_policy=RemovalPolicy.DESTROY,
                      )

        cluster = CfnCluster(self, 'ClusterMitKmsId',
                             cluster_type='single-node',
                             db_name='dev',
                             master_username='bevelvoerder',
                             master_user_password='Wagw00rdEen',
                             node_type='dc2.large',
                             encrypted=True,
                             kms_key_id=key.key_id,
                             classic=True,
                             )
        cluster.apply_removal_policy(RemovalPolicy.DESTROY)

Expected

{
  "KmsKeyId": "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
  "Encrypted": true,
  "NodeType": "dc2.large",
  "MasterUsername": "bevelvoerder",
  "DBName": "dev",
  "ClusterType": "single-node",
  "Classic": true
}

Actual

{
  "KmsKeyId": "arn:aws:kms:eu-central-1:00000000000:key/xxxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "Encrypted": true,
  "NodeType": "dc2.large",
  "MasterUsername": "bevelvoerder",
  "DBName": "dev",
  "ClusterType": "single-node"
}

@FarrOut FarrOut mentioned this issue Apr 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@FarrOut