Skip to content

chore(rds): inherit RemovalPolicy in auto-created DatabaseCluster ParameterGroup #35275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

chore(rds): inherit RemovalPolicy in auto-created DatabaseCluster ParameterGroup #35275

wants to merge 2 commits into from

Conversation

@pahud
Copy link
Contributor

@pahud pahud commented Aug 19, 2025
edited
Loading

Issue # (if applicable)

Closes #35273.

Reason for this change

When a DatabaseCluster is configured with custom parameters using the parameters property, the CDK automatically creates a ParameterGroup resource. However, this auto-created ParameterGroup was not inheriting the cluster's RemovalPolicy setting, causing CloudFormation stack deletion failures.

Problem: If a DatabaseCluster has removalPolicy: RemovalPolicy.RETAIN and uses the parameters property, the auto-created ParameterGroup would have the default deletion policy. When attempting to delete the CloudFormation stack, the deletion would fail with an error like "Parameter Group is still in use by database instances" because the cluster was retained but the parameter group was being deleted.

Impact: This prevents users from successfully deleting CloudFormation stacks containing RDS clusters with custom parameters and retention policies, requiring manual cleanup of parameter groups.

Description of changes

This change ensures that auto-created ParameterGroup resources inherit the parent DatabaseCluster's RemovalPolicy by adding a single line to the parameter group creation logic:

  • Core Change: Added removalPolicy: helperRemovalPolicy(props.removalPolicy) to the auto-created ParameterGroup constructor in DatabaseCluster
  • Pattern Consistency: Uses the existing helperRemovalPolicy() utility function, following the same pattern used for other auto-created resources like SubnetGroup
  • Scope: Only affects auto-created parameter groups (when parameters prop is used without explicit parameterGroup)
  • Backward Compatibility: No changes to existing explicit ParameterGroup behavior or public APIs

Design Decision: The implementation follows the established CDK pattern where helper resources inherit policies from their parent constructs. This ensures consistent behavior across all auto-created resources in the RDS module.

Alternative Considered: We could have made this configurable via a separate property, but that would complicate the API unnecessarily when the inheritance behavior is the expected and logical default.

Describe any new or updated permissions being added

N/A - This change only affects CloudFormation resource deletion policies, not IAM permissions.

Description of how you validated changes

Unit Tests: Added comprehensive test coverage for RemovalPolicy inheritance:

  • Test case for RemovalPolicy.RETAIN → Parameter Group gets DeletionPolicy: Retain
  • Test case for RemovalPolicy.SNAPSHOT → Parameter Group gets DeletionPolicy: Delete
  • Test case for RemovalPolicy.DESTROY → Parameter Group gets DeletionPolicy: Delete
  • All 228 existing cluster tests continue to pass, ensuring no regressions

Unit Testing: Unit tests verify that the generated CloudFormation templates include the correct DeletionPolicy and UpdateReplacePolicy attributes on auto-created AWS::RDS::DBClusterParameterGroup resources.

Regression Testing: Ran the complete RDS test suite to ensure existing functionality remains unchanged, including:

  • Explicit parameter group behavior (unchanged)
  • Other auto-created resource policies (SubnetGroup, etc.)
  • All RemovalPolicy scenarios for clusters and instances

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@pahud
fix(aws-rds): inherit RemovalPolicy in auto-created DatabaseCluster P…
d788fe4 
…arameterGroup

When DatabaseCluster creates a ParameterGroup automatically (via the `parameters` prop),
the ParameterGroup now inherits the cluster's RemovalPolicy setting. This ensures
consistent deletion behavior and prevents CloudFormation stack deletion failures.

Changes:
- Add removalPolicy inheritance to auto-created ParameterGroup in cluster.ts
- Add comprehensive unit tests for RemovalPolicy inheritance behavior

Fixes aws#35273
@aws-cdk-automation aws-cdk-automation requested a review from a team August 19, 2025 20:19
@github-actions github-actions bot added bug This issue is a bug. effort/medium Medium work item – several days of effort p2 labels Aug 19, 2025
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Aug 19, 2025
@pahud pahud marked this pull request as ready for review August 27, 2025 01:04
@github-actions github-actions bot mentioned this pull request Sep 1, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug This issue is a bug. contribution/core This is a PR that came from AWS. effort/medium Medium work item – several days of effort p2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

rds: DatabaseCluster auto-created Parameter Group doesn't inherit RemovalPolicy

1 participant

@pahud