-
Notifications
You must be signed in to change notification settings - Fork 597
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add W3693 for aurora cluster properties (#3695)
* Add W3693 for aurora cluster properties * Update W3693 to only warn on aurora serverless v1
- Loading branch information
Showing
4 changed files
with
142 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 changes: 30 additions & 0 deletions
30
src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/aurora_warning.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| { | ||
| "if": { | ||
| "properties": { | ||
| "Engine": { | ||
| "enum": [ | ||
| "aurora-mysql", | ||
| "aurora-postgresql" | ||
| ], | ||
| "type": "string" | ||
| }, | ||
| "EngineMode": { | ||
| "enum": [ | ||
| "serverless" | ||
| ], | ||
| "type": "string" | ||
| } | ||
| }, | ||
| "required": [ | ||
| "Engine", | ||
| "EngineMode" | ||
| ] | ||
| }, | ||
| "then": { | ||
| "properties": { | ||
| "PerformanceInsightsEnabled": false, | ||
| "PerformanceInsightsKmsKeyId": false, | ||
| "PerformanceInsightsRetentionPeriod": false | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| """ | ||
| Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
| SPDX-License-Identifier: MIT-0 | ||
| """ | ||
|
|
||
| from __future__ import annotations | ||
|
|
||
| from typing import Any | ||
|
|
||
| import cfnlint.data.schemas.extensions.aws_rds_dbcluster | ||
| from cfnlint.jsonschema import ValidationResult, Validator | ||
| from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails | ||
|
|
||
|
|
||
| class DbClusterAuroraWarning(CfnLintJsonSchema): | ||
| id = "W3693" | ||
| shortdesc = "Validate Aurora DB cluster configuration for ignored properties" | ||
| description = ( | ||
| "When creating an Aurora DB Cluster there are fields that " | ||
| "will allow for successful deployment but are ignored" | ||
| ) | ||
| tags = ["resources"] | ||
| source_url = "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-engineversion" | ||
|
|
||
| def __init__(self) -> None: | ||
| super().__init__( | ||
| keywords=["Resources/AWS::RDS::DBCluster/Properties"], | ||
| schema_details=SchemaDetails( | ||
| module=cfnlint.data.schemas.extensions.aws_rds_dbcluster, | ||
| filename="aurora_warning.json", | ||
| ), | ||
| all_matches=True, | ||
| ) | ||
|
|
||
| def validate( | ||
| self, validator: Validator, keywords: Any, instance: Any, schema: dict[str, Any] | ||
| ) -> ValidationResult: | ||
| for err in super().validate(validator, keywords, instance, schema): | ||
| if err.schema is False: | ||
| err.message = ( | ||
| "Additional properties are not allowed " | ||
| f"{err.path[0]!r} when creating Aurora cluster" | ||
| ) | ||
|
|
||
| yield err |
67 changes: 67 additions & 0 deletions
67
test/unit/rules/resources/rds/test_db_cluster_aurora_warning.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| """ | ||
| Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
| SPDX-License-Identifier: MIT-0 | ||
| """ | ||
|
|
||
| from collections import deque | ||
|
|
||
| import pytest | ||
|
|
||
| from cfnlint.jsonschema import ValidationError | ||
| from cfnlint.rules.resources.rds.DbClusterAuroraWarning import DbClusterAuroraWarning | ||
|
|
||
|
|
||
| @pytest.fixture(scope="module") | ||
| def rule(): | ||
| rule = DbClusterAuroraWarning() | ||
| yield rule | ||
|
|
||
|
|
||
| @pytest.mark.parametrize( | ||
| "instance,expected", | ||
| [ | ||
| ( | ||
| {"Engine": "aurora-mysql", "EngineMode": "serverless"}, | ||
| [], | ||
| ), | ||
| ( | ||
| { | ||
| "Engine": "aurora-mysql", | ||
| "EngineMode": "provisioned", | ||
| "PerformanceInsightsEnabled": True, | ||
| }, | ||
| [], | ||
| ), | ||
| ( | ||
| { | ||
| "Engine": "aurora-mysql", | ||
| "PerformanceInsightsEnabled": True, | ||
| }, | ||
| [], | ||
| ), | ||
| ( | ||
| { | ||
| "Engine": "aurora-mysql", | ||
| "EngineMode": "serverless", | ||
| "PerformanceInsightsEnabled": True, | ||
| }, | ||
| [ | ||
| ValidationError( | ||
| ( | ||
| "Additional properties are not allowed " | ||
| "'PerformanceInsightsEnabled' when creating Aurora cluster" | ||
| ), | ||
| rule=DbClusterAuroraWarning(), | ||
| path=deque(["PerformanceInsightsEnabled"]), | ||
| validator=None, | ||
| schema_path=deque( | ||
| ["then", "properties", "PerformanceInsightsEnabled"] | ||
| ), | ||
| ), | ||
| ], | ||
| ), | ||
| ], | ||
| ) | ||
| def test_validate(instance, expected, rule, validator): | ||
| errs = list(rule.validate(validator, "", instance, {})) | ||
| assert errs == expected, f"Expected {expected} got {errs}" |