Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_redshiftserverless.CfnWorkgroup: creation of Redshift-managed VPC endpoints not working #26585

Closed
davyto opened this issue Aug 1, 2023 · 7 comments
Closed

aws_redshiftserverless.CfnWorkgroup: creation of Redshift-managed VPC endpoints not working #26585

davyto opened this issue Aug 1, 2023 · 7 comments
Labels
@aws-cdk/aws-athena Related to AWS Athena bug This issue is a bug.

Comments

@davyto
Copy link

davyto commented Aug 1, 2023
edited
Loading

Describe the bug

Hi, we are trying to create a Redshift-managed VPC endpoints in our Redshift Serverless workgroup, but this does not seem to be supported with CDK. There is no option in CfnWorkgroup to create one, while the VpcEndpointProperty and WorkgroupProperty are ignored at deploy.

Expected Behavior

The vpc endpoint creation should be triggered by VpcEndpointProperty, or something that calls this API https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateEndpointAccess.html

Current Behavior

The creation of the endpoint gets ignored by cdk deploy.

Reproduction Steps

    # create workgroup
    workgroup = redshiftserverless.CfnWorkgroup(self, "workgroup",
        workgroup_name = "workgroup",
        # the properties below are optional
        base_capacity = 24,
        enhanced_vpc_routing = True,
        namespace_name = namespace.namespace_name,
        security_group_ids = [ security_group_id ],
        subnet_ids = subnets_ids
        )
          
    workgroup_property = redshiftserverless.CfnWorkgroup.WorkgroupProperty(
        endpoint=redshiftserverless.CfnWorkgroup.EndpointProperty(
            port=5439,
            vpc_endpoints=[redshiftserverless.CfnWorkgroup.VpcEndpointProperty(
                network_interfaces=redshiftserverless.CfnWorkgroup.NetworkInterfaceProperty(
                    subnet_id=subnet_id ),
                vpc_endpoint_id="endpoint",
                vpc_id=vpc.vpc_id
            )]
        ),
        workgroup_arn=workgroup.attr_workgroup_workgroup_arn
    )

Possible Solution

The construct should use this api https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateEndpointAccess.html

Additional Information/Context

No response

CDK CLI Version

2.87.0

Framework Version

No response

Node.js Version

16.20

OS

mac and linux

Language

Python

Language Version

No response

Other information

No response
@davyto davyto added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 1, 2023
@github-actions github-actions bot added the @aws-cdk/aws-athena Related to AWS Athena label Aug 1, 2023
@peterwoodworth
Copy link
Contributor

We are simply generating the CloudFormation template here directly as you've defined it. Be sure to check if the template that's deploying is synthesizing correctly. Please share the template synthesized if you're not sure

If it is synthing correctly, and you're finding issues after deployment with a Cfn resource, you'll want to report that to the Cloudformation coverage roadmap repository https://github.com/aws-cloudformation/cloudformation-coverage-roadmap

@peterwoodworth peterwoodworth added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed needs-triage This issue or PR still needs to be triaged. labels Aug 1, 2023
@peterwoodworth
Copy link
Contributor

If this snippet is exactly what you used then you'll need to actually specify the properties in the construct constructor, or use escape hatches on the construct after the fact

@peterwoodworth peterwoodworth added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. labels Aug 1, 2023
@pietrocarbo
Copy link

I'm working alongside @davyto and I'm experiencing the same issue.

The synthetized Cloudformation code for the above snippet is the following:

  "redshiftworkgroup": {
   "Type": "AWS::RedshiftServerless::Workgroup",
   "Properties": {
    "WorkgroupName": "redshift-workgroup",
    "BaseCapacity": 24,
    "EnhancedVpcRouting": true,
    "NamespaceName": "redshift-namespace",
    "SecurityGroupIds": [
     {
      "Fn::GetAtt": [
       "RedshiftSsSg1A2DB58F",
       "GroupId"
      ]
     }
    ],
    "SubnetIds": [
     {
      "Fn::ImportValue": "SharedInfraStack:ExportsOutputRefSharedInfraVpcRedshiftServerlessSubnet1Subnet8A5BC66334236308"
     },
     {
      "Fn::ImportValue": "SharedInfraStack:ExportsOutputRefSharedInfraVpcRedshiftServerlessSubnet2SubnetEC3C9E5B7744B006"
     },
     {
      "Fn::ImportValue": "SharedInfraStack:ExportsOutputRefSharedInfraVpcRedshiftServerlessSubnet3Subnet936BBE9D2CBE133E"
     }
    ]
   },
   "DependsOn": [
    "redshiftnamespace"
   ],
   "Metadata": {
    "aws:cdk:path": "RedshiftServerlessStack/redshift-workgroup"
   }
  }

The problem is that in the generated Cloudformation resource there is no Endpoint property being created

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Aug 2, 2023
@peterwoodworth
Copy link
Contributor

The problem is that in the generated Cloudformation resource there is no Endpoint property being created

Yeah, you aren't specifying this property with the snippet you gave

If this snippet is exactly what you used then you'll need to actually specify the properties in the construct constructor, or use escape hatches on the construct after the fact

    # create workgroup
    workgroup = redshiftserverless.CfnWorkgroup(self, "workgroup",
        workgroup_name = "workgroup",
        # the properties below are optional
        base_capacity = 24,
        enhanced_vpc_routing = True,
        namespace_name = namespace.namespace_name,
        security_group_ids = [ security_group_id ],
        subnet_ids = subnets_ids,
        endpoint=redshiftserverless.CfnWorkgroup.EndpointProperty(
            port=5439,
            vpc_endpoints=[redshiftserverless.CfnWorkgroup.VpcEndpointProperty(
                network_interfaces=redshiftserverless.CfnWorkgroup.NetworkInterfaceProperty(
                    subnet_id=subnet_id ),
                vpc_endpoint_id="endpoint",
                vpc_id=vpc.vpc_id
            )]
        ),
        workgroup_arn=workgroup.attr_workgroup_workgroup_arn
        )

@github-actions
Copy link

github-actions bot commented Aug 3, 2023

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@davyto
Copy link
Author

davyto commented Aug 21, 2023

@peterwoodworth the endpoint property does not seem to exist in CfnWorkgroup. I tried your snippet and I got
TypeError: __init__() got an unexpected keyword argument 'endpoint' .

The cdk documentation also does not show it https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_redshiftserverless/CfnWorkgroup.html

@github-actions github-actions bot mentioned this issue Sep 1, 2023
Closed
@ozggumus-aws
Copy link

ozggumus-aws commented Apr 26, 2024
edited
Loading

I have exactly the same problem with [davyto], can we reopen this issue? @peterwoodworth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-athena Related to AWS Athena bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@pietrocarbo @peterwoodworth @davyto @ozggumus-aws