feat(aws-rds): make serverless-cluster vpc required if vpc related pa…

…rams are used
aws · Feb 18, 2022 · 77d67b3 · 77d67b3
1 parent 74f4061
commit 77d67b3
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 22 deletions.
diff --git a/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts b/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts
@@ -356,8 +356,16 @@ abstract class ServerlessClusterNew extends ServerlessClusterBase {
   constructor(scope: Construct, id: string, props: ServerlessClusterNewProps) {
     super(scope, id);
 
-    if (props.vpc === undefined && props.vpcSubnets !== undefined) {
-      throw new Error('A VPC is required to use vpcSubnets in ServerlessCluster. Please add a VPC or remove vpcSubnets');
+    if (props.vpc === undefined) {
+      if (props.vpcSubnets !== undefined) {
+        throw new Error('A VPC is required to use vpcSubnets in ServerlessCluster. Please add a VPC or remove vpcSubnets');
+      }
+      if (props.subnetGroup !== undefined) {
+        throw new Error('A VPC is required to use subnetGroup in ServerlessCluster. Please add a VPC or remove subnetGroup');
+      }
+      if (props.securityGroups !== undefined) {
+        throw new Error('A VPC is required to use securityGroups in ServerlessCluster. Please add a VPC or remove securityGroups');
+      }
     }
 
     let subnetGroup: ISubnetGroup | undefined = props.subnetGroup;

diff --git a/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts b/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts
@@ -822,41 +822,29 @@ describe('serverless cluster', () => {
     });
   });
 
-  test('can create a Serverless cluster without vpc but with imported security group', () => {
+  test("can't create a Serverless cluster without VPC but with an imported security group", () => {
     // GIVEN
     const stack = testStack();
     const sg = ec2.SecurityGroup.fromSecurityGroupId(stack, 'SG', 'SecurityGroupId12345');
 
-    // WHEN
-    new ServerlessCluster(stack, 'Database', {
+    // THEN
+    expect(() => new ServerlessCluster(stack, 'Database', {
       engine: DatabaseClusterEngine.AURORA_MYSQL,
       securityGroups: [sg],
-    });
-
-    // THEN
-    Template.fromStack(stack).hasResourceProperties('AWS::RDS::DBCluster', {
-      VpcSecurityGroupIds: ['SecurityGroupId12345'],
-      DbSubnetGroupName: ABSENT,
-    });
+    })).toThrow(/A VPC is required to use securityGroups in ServerlessCluster. Please add a VPC or remove securityGroups/);
   });
 
-  test('can create a Serverless cluster without VPC but with imported subnet group', () => {
+  test("can't create a Serverless cluster without VPC but with imported subnet group", () => {
     // GIVEN
     const stack = testStack();
     const SubnetGroupName = 'SubnetGroupId12345';
     const subnetGroup = SubnetGroup.fromSubnetGroupName(stack, 'SubnetGroup12345', SubnetGroupName);
 
-    // WHEN
-    new ServerlessCluster(stack, 'Database', {
+    // THEN
+    expect(() => new ServerlessCluster(stack, 'Database', {
       engine: DatabaseClusterEngine.AURORA_MYSQL,
       subnetGroup,
-    });
-
-    // THEN
-    Template.fromStack(stack).hasResourceProperties('AWS::RDS::DBCluster', {
-      DBSubnetGroupName: SubnetGroupName,
-      VpcSecurityGroupIds: ABSENT,
-    });
+    })).toThrow(/A VPC is required to use subnetGroup in ServerlessCluster. Please add a VPC or remove subnetGroup/);
   });
 
   test("can't create a Serverless cluster without VPC but with imported VPC subnets", () => {