fix(rds): propagate RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETE to helper resources#37856
Open
jasdeepbhalla wants to merge 3 commits into
Open
fix(rds): propagate RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETE to helper resources#37856jasdeepbhalla wants to merge 3 commits into
jasdeepbhalla wants to merge 3 commits into
Conversation
Three places in the RDS private utilities compared removal policies against RemovalPolicy.RETAIN only, silently dropping RETAIN_ON_UPDATE_OR_DELETE through to DESTROY for subnet groups and cluster instances. - helperRemovalPolicy: pass RETAIN_ON_UPDATE_OR_DELETE through rather than collapsing to DESTROY. RetainExceptOnCreate still allows cleanup if the helper own creation fails during a rollback. - defaultDeletionProtection: extend the condition to also enable deletion protection when removalPolicy is RETAIN_ON_UPDATE_OR_DELETE, consistent with RETAIN behaviour. - serverless-cluster.ts: replace the inline comparison with the shared helperRemovalPolicy + renderUnless helpers, consistent with DatabaseCluster and DatabaseInstance. closes aws#37780
jasdeepbhalla
had a problem deploying
to
automation
GitHub Actions
Failure
github-actions
Bot
added
valued-contributor
aws-cdk-automation
requested changes
May 13, 2026
Collaborator
aws-cdk-automation
left a comment
aws-cdk-automation
left a comment
There was a problem hiding this comment.
The pull request linter fails with the following errors:
❌ Fixes must contain a change to an integration test file and the resulting snapshot.
If you believe this pull request should receive an exemption, please comment and provide a justification. A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed, add Clarification Request to a comment.
…TE_OR_DELETE tests CDK core sets DeletionPolicy=RetainExceptOnCreate but UpdateReplacePolicy=Retain for RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETE. The test assertions in cluster, instance, and serverless-cluster tests incorrectly expected RetainExceptOnCreate for both policies.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue
Closes #37780.
Reason for this change
RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETEwas not propagated to the helper resources (subnet groups, cluster instances) created byDatabaseCluster,DatabaseInstance, andServerlessCluster. Three places in the RDS private utilities compared againstRemovalPolicy.RETAINonly —RETAIN_ON_UPDATE_OR_DELETEsilently fell through toDESTROY, leaving those child resources with no explicit deletion policy at all (CloudFormation default:Delete).Description of changes
packages/aws-cdk-lib/aws-rds/lib/private/util.tshelperRemovalPolicy: extended the condition to passRETAIN_ON_UPDATE_OR_DELETEthrough as-is instead of collapsing it toDESTROY.RetainExceptOnCreateis correct here: it still permits cleanup of the helper if its own creation fails during a rollback, while retaining it on normal updates and deletes.defaultDeletionProtection: extended the condition to also auto-enable deletion protection whenremovalPolicyisRETAIN_ON_UPDATE_OR_DELETE, consistent with the existingRETAINbehaviour.packages/aws-cdk-lib/aws-rds/lib/serverless-cluster.tsprops.removalPolicy === RemovalPolicy.RETAIN ? props.removalPolicy : undefinedcheck withrenderUnless(helperRemovalPolicy(props.removalPolicy), RemovalPolicy.DESTROY), bringing it in line withDatabaseClusterandDatabaseInstance. Also added the missinghelperRemovalPolicyandrenderUnlessimports.Describe any new or updated permissions being added
None. This is a pure bug fix with no IAM or AWS service interaction.
Description of how you validated changes
Unit tests (
packages/aws-cdk-lib/aws-rds/test/):cluster.test.ts: addedRETAIN_ON_UPDATE_OR_DELETErow to both existingtest.eachblocks that coverDeletionPolicy/UpdateReplacePolicyon the cluster, instance, and subnet group. Added a newtest.eachblock verifyingDeletionProtectionis auto-enabled for bothRETAINandRETAIN_ON_UPDATE_OR_DELETE.instance.test.ts: same additions —RETAIN_ON_UPDATE_OR_DELETErow in the existing policy propagation test, plus a newDeletionProtectionauto-enable test.serverless-cluster.test.ts: new test asserting the subnet group getsRetainExceptOnCreatewhen the cluster is created withRETAIN_ON_UPDATE_OR_DELETE.Integration test (
packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-instance-removal-policy.ts):Creates a
DatabaseClusterand aDatabaseInstanceeach withremovalPolicy: RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETEand verifies CDK synthesis succeeds. The snapshot needs to be generated by a maintainer usingcdk-integ— I was unable to run a live deployment to produce it. Please see CONTRIBUTING.md for instructions.Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license