cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard
verified publisher icon aws-cloudformation

[AWS::RDS::GlobalCluster] - False positive drift on 'SourceDBClusterIdentifer' property

Open Waqiah opened this issue 1 year ago • 0 comments

Name of the resource

AWS::RDS::GlobalCluster

Resource Name

No response

Issue Description

The 'AWS::RDS::GlobalCluster' resource is showing as false positive drift for the 'SourceDBClusterIdentifer' property where the ARN is being passed instead of the cluster identifier/physical resource ID.

According to this AWS documentation, the "SourceDBClusterIdentifier" value should be the Amazon Resource Name (ARN) to use as the primary cluster of the global database. We see that the template is using a Reference to the "AWS::RDS::DBCluster" resource and according to this documentation Ref should be returning the name (DBClusterIdentifier) of the DB cluster, however, is it seen that even if the identifier/name is being passed (either via ref or hardcoded), it is being converted automatically to an ARN causing a false positive drift in CFN.

Expected Behavior

When using Ref or hardcoding the value for the SourceDBClusterIdentifer property, it should not show as Drifted as no manual changes were made outside of CFN

Observed Behavior

When the identifier/name is being passed (either via ref or hardcoded), it is being passed as an ARN causing a false positive drift in CFN: [ { "Type": "AWS::RDS::GlobalCluster", "Resource": "GlobalCluster", "Status": "MODIFIED", "Diff": [ { "PropertyPath": "/SourceDBClusterIdentifier", "ExpectedValue": "name-of-cluster", "ActualValue": "arn:aws:rds:us-east-1:123456789123:cluster:name-of-cluster", "DifferenceType": "NOT_EQUAL" } ] } ]

Test Cases

Create a Global Database cluster for Aurora PostgreSQL, you may use the template from this example in the docs: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html#aws-resource-rds-globalcluster--examples--Creating_a_Global_Database_cluster_for_Aurora_PostgreSQL

Once the stack has created successfully, run drift detection on the stack and the stack will show as drifted with the AWS::RDS::GlobalCluster showing as modified for the SourceDBClusterIdentifier property

Other Details

No response

Waqiah avatar Oct 10 '24 05:10 Waqiah