fix(cloudformation-include): parse MinActiveInstancesPercent in AutoScalingRollingUpdate policy #33852
Conversation
…calingRollingUpdate policy When using CfnInclude to import existing CloudFormation templates, the MinActiveInstancesPercent property in AutoScaling group update policies was being silently dropped because there was no parser for it in the parseAutoScalingRollingUpdate function in cfn-parse.ts. This fix adds the missing property parser to ensure that the MinActiveInstancesPercent property is correctly preserved when importing templates with AutoScalingRollingUpdate policies. The CfnAutoScalingRollingUpdate interface in cfn-resource-policy.ts already included the minActiveInstancesPercent property, but the parser was missing. Added a comprehensive test that verifies all properties of AutoScalingRollingUpdate are correctly parsed.
github-actions
bot
added
bug
|
Exemption Request: this fix is focused on the correct parsing and preservation of a CloudFormation property during template import, which is fully testable with unit tests. |
aws-cdk-automation
added
the
pr-linter/exemption-requested
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #33852 +/- ##
==========================================
+ Coverage 82.43% 83.98% +1.55%
==========================================
Files 120 120
Lines 6975 6976 +1
Branches 1178 1178
==========================================
+ Hits 5750 5859 +109
+ Misses 1120 1005 -115
- Partials 105 112 +7
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
aws-cdk-automation
added
the
pr/needs-maintainer-review
There was a problem hiding this comment.
Thanks @scorbiere for your contribution. I have left some comments with some concerns. Please help to check once.
There was a problem hiding this comment.
I understand we are doing this only for CfnInclude construct. Not a blocker, but may be it would be good we support this in the rollingUpdate method in aws-autoscaling module which will be used when UpdatePolicy.rollingUpdate() is called.
We could have it as a separate PR. But just calling this out here.
| * updates old instances. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. | ||
| * For example, if you update five instances with a minimum active percentage of 50, three instances must remain in service. | ||
| */ | ||
| readonly minActiveInstancesPercent?: number; |
There was a problem hiding this comment.
I have some concerns about potential breaking changes:
Based on the CFN doc as indicated below,
Setting MinActiveInstancesPercent in your UpdatePolicy will also affect instances launched when the DesiredCapacity property of the AWS::AutoScaling::AutoScalingGroup resource is set higher than the current desired capacity of that Auto Scaling group.
Currently, minActiveInstancesPercent is silently ignored when parsing templates in CfnInclude, which means customers are effectively getting the default behavior (100% active instances). By adding direct support for this property, we could potentially impact existing customers in the following ways:
- Customers who have
MinActiveInstancesPercentspecified in their templates but it's currently being ignored would suddenly see different scaling behavior when theirDesiredCapacityincreases - This could affect application availability during scaling events and might break assumptions in their deployment processes
// Example scenario
// Template has:
UpdatePolicy: {
AutoScalingRollingUpdate: {
MinActiveInstancesPercent: 50
}
}
// Current behavior: 100% instances stay active
// New behavior with this change: Only 50% instances stay active
I think we should handle this with feature flag since it will change existing behaviour. Please help to check.
There was a problem hiding this comment.
While I don’t believe this will cause an immediate traffic disruption for customers—since it only affects the update behavior—users will only notice the change in the number of active instances during an update operation, not during regular traffic on the auto-scaling group. However, the impact could be on operations where previously 100% of in-service instances were required for success, but now will be marked as successfully updated earlier with fewer instances. To be cautious, we can introduce a feature flag, but even then, the default behavior should be to consider the minActiveInstancesPresent field.
There was a problem hiding this comment.
While I don't anticipate availability issues during rolling updates with this change, I think it will be good to verify the behaviour when enforcing the MinActiveInstancesPercent property during rolling updates. This property specifies the percentage of instances that must be in InService state relative to the ASG's desired capacity for an update to succeed. Currently, since this property is silently ignored, it effectively defaults to 100%. I'm thinking if an existing customer has specified MinActiveInstancesPercent as 50% with a desired capacity of 4, will enforcing this property allow the rolling update to proceed with only 2 active instances (50% of desired capacity), whereas currently it might be maintaining more instances in service during the update process?
I feel it is good to compare the current rolling update behavior against the behavior with this property enforced, specifically focusing on the number of InService instances available during the update process. For example, if the current behavior maintains 3 active instances during a rolling update, but with MinActiveInstancesPercent: 50 only maintains 2 active instances, this would indicate reduced availability as fewer instances would be handling the application traffic during the rolling update period. To be clear, this concern is specifically about availability during the rolling update event, not about the general availability of the application after the update.
If we can verify there's no reduction in the number of available instances during rolling updates compared to current behavior, I'm comfortable proceeding without a feature flag. However, if we cannot conclusively verify the availability impact, it would be better to implement this with a feature flag as a safety measure. Given that rolling update behavior is also influenced by multiple other UpdatePolicy properties working in combination (MinInstancesInService, MaxBatchSize, etc.), it's challenging to predict all possible scenarios.
There was a problem hiding this comment.
TL;DR I agree to stay on the safe side and implement a feature flag, because we cannot guarantee the potential drop in availability will not negatively impact existing services.
Here is the analysis summary.
Current Behavior (Before Fix)
Currently, when a customer imports a CloudFormation template with MinActiveInstancesPercent using CfnInclude, this property is silently dropped during parsing. When the CDK app synthesizes the template, this property is missing from the output, effectively using the default value of 100%.
New Behavior (After Fix)
After the fix, when a customer imports a CloudFormation template with MinActiveInstancesPercent using CfnInclude, this property will be correctly parsed and included in the synthesized template, using the value specified in the original template.
Potential Impact
According to the AWS CloudFormation documentation on UpdatePolicy, the MinActiveInstancesPercent property affects:
- During Rolling Updates: It determines the percentage of instances that must remain in service during an update.
- When Scaling Up: It affects instances launched when the desired capacity increases.
If a customer had templates with MinActiveInstancesPercent set to a value lower than 100%, but this property was being dropped by CDK, they were effectively getting 100% active instances during updates. After the fix, they will get the percentage they specified, which could be lower and potentially affect application availability during updates.
Actions That Trigger Rolling Updates
The following actions can trigger a rolling update for an Auto Scaling group:
- Changes to the Launch Template or Launch Configuration
- Changes to the Auto Scaling Group Properties
- Stack Updates with an UpdatePolicy attribute
- Desired Capacity Changes when increased above the current capacity
There was a problem hiding this comment.
Update
There is no need for adding a new feature flag, because the property MinActiveInstancesPercent is automatically added when using CfnInclude since this PR: #32321
For the sake of clarity, I think it is good to keep the changes which include the explicit handling of this property in the CfnParse code and the tests (unit and integ).
There was a problem hiding this comment.
nit: I suggest we have a unit test for this parser here. Atleast for this parseAutoScalingRollingUpdate method
godwingrs22
removed
the
pr-linter/exemption-requested
aws-cdk-automation
removed
the
pr/needs-maintainer-review
… in AutoScalingRollingUpdate This commit adds comprehensive testing for the MinActiveInstancesPercent property in AutoScalingRollingUpdate policies: 1. Adds a unit test in cfn-parse.test.ts that verifies: - Correct parsing when MinActiveInstancesPercent is present - Correct handling when MinActiveInstancesPercent is absent 2. Adds an integration test that: - Imports a CloudFormation template with MinActiveInstancesPercent - Verifies the template can be successfully deployed These tests ensure that the fix for issue aws#33810 correctly handles both cases - when the property is present and when it's absent in the template.
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
4 participants
Issue #33810
Closes #33810.
Reason for this change
When using CfnInclude to import existing CloudFormation templates, the MinActiveInstancesPercent property in AutoScaling
group update policies was being silently dropped because it was missing from both the
CfnAutoScalingRollingUpdateinterface in
cfn-resource-policy.tsand the parser in theparseAutoScalingRollingUpdatefunction incfn-parse.ts.Description of changes
This fix adds:
minActiveInstancesPercentproperty to theCfnAutoScalingRollingUpdateinterface incfn-resource-policy.tsparseAutoScalingRollingUpdatefunction incfn-parse.tsThese changes ensure that the
MinActiveInstancesPercentproperty is correctly preserved when importing templates withAutoScalingRollingUpdatepolicies.Describe any new or updated permissions being added
N/A
Description of how you validated changes
Added a comprehensive test that verifies all properties of
AutoScalingRollingUpdateare correctly parsed, including a newtest template with all properties and explicit assertions for each property.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license