Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
(aws_docdb): addRotationSingleUser() not consistent with aws_rds.Cluster.addRotationSingleUser()
See original GitHub issueWhat is the problem?
https://docs.aws.amazon.com/cdk/api/latest/docs/aws-rds-readme.html#rotating-credentials describes the aws_rds.Cluster.addRotationSinglerUser(), as implemented by aws_docdb there is no support for excludeCharacters. And sure enough, I went to update a stack containing a
const cluster = aws_docdb.DatabaseCluster(...);
cluster.addRotationSingleUser();
and got
The parameter MasterUserPassword is not a valid password. Only printable ASCII characters besides '/', '@', '"', ' ' may be used. (Service: AmazonRDS; Status Code:
400; Error Code: InvalidParameterValue; Request ID: 38bc6735-286e-41f2-89d4-3d2c8cb78ef9; Proxy: null)
Reproduction Steps
I’m not sure how to reliably repro this one. The problem, I think, is that the secret rotator generates an illegal password. The deeper problem is that the secret rotator doesn’t follow the good example in aws_rds and allow for configurable excludeCharacters, so there’s no simple way to fix this. This might be the root cause of https://github.com/aws/aws-cdk/issues/17288 (I’m imagining if the rotator generates an illegal password and DocDB refuses to accept it).
What did you expect to happen?
I expect to never have to think about the (unfortunately named) masterUser’s password. The rotation should Just Work.
What actually happened?
First try: (pulled from the CloudFormation console)
The parameter MasterUserPassword is not a valid password. Only printable ASCII characters besides '/', '@', '"', ' ' may be used. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 38bc6735-286e-41f2-89d4-3d2c8cb78ef9; Proxy: null)
Second try:
❯ npx cdk deploy --require-approval never Whiteboard
Deploying to "euDev" in "eu-central-1".
defaultRegion: "eu-central-1"
Whiteboard: deploying...
[0%] start: Publishing 5cc75ebf91260fff71aff7bfd82508a3d015ff54fefac979088541de57bb66ad:414375883647-eu-central-1
[100%] success: Published 5cc75ebf91260fff71aff7bfd82508a3d015ff54fefac979088541de57bb66ad:414375883647-eu-central-1
Whiteboard: creating CloudFormation changeset...
❌ Whiteboard failed: Error [ValidationError]: Stack:arn:aws:cloudformation:eu-central-1:414375883647:stack/Whiteboard/ee1bf3f0-3d9a-11ec-9fae-021733604472 is in UPDATE_ROLLBACK_FAILED state and can not be updated.
at Request.extractError (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/protocol/query.js:50:29)
at Request.callListeners (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/request.js:686:14)
at Request.transition (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/request.js:688:12)
at Request.callListeners (/Users/ahammond/Documents/ClickUp/whiteboard-cdk/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
code: 'ValidationError',
time: 2021-11-05T01:17:48.814Z,
requestId: '8ec0b437-4a02-41df-8637-5e698c28e3b5',
statusCode: 400,
retryable: false,
retryDelay: 30.455530850638013
}
Stack:arn:aws:cloudformation:eu-central-1:414375883647:stack/Whiteboard/ee1bf3f0-3d9a-11ec-9fae-021733604472 is in UPDATE_ROLLBACK_FAILED state and can not be updated.
CDK CLI Version
2.0.0-rc.27 (build 435e6f6)
Framework Version
2.0.0-rc.27 (build 435e6f6)
Node.js Version
v14.17.5
OS
MacOS
Language
Typescript
Language Version
4.4.4
Other information
No response
Issue Analytics
- State:
- Created 2 years ago
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@skinny85 dude, fixed it before I even reported it? That’s pretty next level. Thanks!!!
⚠️COMMENT VISIBILITY WARNING⚠️
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.