We have previously deployed an RDS instance manually through the AWS console. We now want to manage this instance using AWS CDK for IaC benefits.
Problem
When trying to import the existing RDS instance into a CDK stack (either new or existing), I encounter the error: "The following resource types are not supported for resource import: AWS::SecretsManager::SecretTargetAttachment"
I'm following the AWS CDK import documentation: import existing resources into AWS CDK Stacks
Questions
How can I successfully import my existing RDS instance into my CDK stack?
Are there workarounds for the AWS::SecretsManager::SecretTargetAttachment error?
My cdk stack is
export default class VpcStack extends cdkl.Stack {
constructor(scope: Construct, id: string, props: cdkl.StackProps) {
super(scope, id, props);
let gvars = util.getGvars(this)
new s3.Bucket(this, 'MyExampleBucket');
// defining existing rds cluster with exactly same configuration
const pvtdbkey = secretsmanager.Secret.fromSecretNameV2(this, 'pvtdbki', 'pvtdbki');
let instanceType = ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MEDIUM)
let instances: number | undefined = 1; // By default, create a cluster with only one writer instance
const ParameterGroup = rds.ParameterGroup.fromParameterGroupName(this, 'DefaultParameterGroup', 'default.aurora-mysql8.0');
const backup = {
retention: cdkl.Duration.days(1),
preferredWindow: '06:15-06:45',
}
const pvtdb = new rds.DatabaseCluster(this, 'ffdev', {
clusterIdentifier: 'ffdev-cluster',
engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_3_06_0 }),
credentials: rds.Credentials.fromSecret(pvtdbkey),
port: 6549,
instances,
instanceProps: {
vpc: gvars.vpc,
instanceType,
vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_ISOLATED },
securityGroups: [gvars.pvtdbsg]
},
parameterGroup: ParameterGroup,
backup,
removalPolicy: cdkl.RemovalPolicy.RETAIN
})