Get RDS proxy endpoint to a cross account stack #13683

liveFreeOrCode · 2021-03-19T03:22:23Z

liveFreeOrCode
Mar 19, 2021

Is there a good way to get a proxy endpoint to a cross account stack?

import * as cdk from "@aws-cdk/core";
import * as rds from "@aws-cdk/aws-rds";
import * as ec2 from "@aws-cdk/aws-ec2";
import * as lambda from "@aws-cdk/aws-lambda";
import { PhysicalName } from "@aws-cdk/core";

const app = new cdk.App();

const stack1 = new cdk.Stack(app, "Stack1", {
  env: { account: "111111111", region: "us-east-1" },
});

const vpc = new ec2.Vpc(stack1, "Vpc");
const cluster = new rds.DatabaseCluster(stack1, "Database", {
  engine: rds.DatabaseClusterEngine.auroraMysql({
    version: rds.AuroraMysqlEngineVersion.VER_2_08_1,
  }),
  credentials: rds.Credentials.fromGeneratedSecret("clusteradmin"), // Optional - will default to 'admin' username and generated password
  instanceProps: { vpc },
});
const proxy = cluster.addProxy("Proxy", {
  dbProxyName: PhysicalName.GENERATE_IF_NEEDED,
  vpc,
  secrets: [cluster.secret!],
});

const stack2 = new cdk.Stack(app, "Stack2", {
  env: { account: "222222222", region: "us-west-2" },
});
new lambda.Function(stack2, "MyLayeredLambda", {
  code: new lambda.InlineCode("foo"),
  handler: "index.handler",
  runtime: lambda.Runtime.NODEJS_10_X,
  environment: {
    PROXY_ENDPOINT: proxy.endpoint,
  },
});

Results in

Error: Stack "Stack2" cannot consume a cross reference from stack "Stack1". Cross stack references are only supported for stacks deployed to the same environment or between nested stacks and their parent stack

This makes total sense, but I'm curious if there's a workaround, or a better way to do this? ~~I'm thinking maybe use PhysicalName.GENERATE_IF_NEEDED to dbProxyName and then pass the name to the lambda and use AWS SDK in the lambda to describe endpoints using the dbProxyName?~~ I was just hoping for something cleaner

☝️ well, that idea doesn't work either

Answered by peterwoodworth

Apr 12, 2023

There's a helpful solution described here that can help you create a cross-region reference https://stackoverflow.com/questions/59774627/cloudformation-cross-region-reference

in v2 you can simply enable this prop on your stack https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.Stack.html#crossregionreferences

View full answer

peterwoodworth · 2023-04-12T22:00:50Z

peterwoodworth
Apr 12, 2023

There's a helpful solution described here that can help you create a cross-region reference https://stackoverflow.com/questions/59774627/cloudformation-cross-region-reference

in v2 you can simply enable this prop on your stack https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.Stack.html#crossregionreferences

0 replies

2023-12-02T00:23:51Z

github-actions[bot]
bot Dec 2, 2023

Hello! Reopening this discussion to make it searchable.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Get RDS proxy endpoint to a cross account stack #13683

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Get RDS proxy endpoint to a cross account stack #13683

Uh oh!

Uh oh!

liveFreeOrCode Mar 19, 2021

Replies: 2 comments

Uh oh!

Uh oh!

peterwoodworth Apr 12, 2023

Uh oh!

github-actions[bot] bot Dec 2, 2023

liveFreeOrCode
Mar 19, 2021

peterwoodworth
Apr 12, 2023

github-actions[bot]
bot Dec 2, 2023