Skip to content

aws-rds: cannot use connections in rds.DatabaseInstance.fromLookup #35192

New issue
New issue
Open
#35193
Open
aws-rds: cannot use connections in rds.DatabaseInstance.fromLookup#35192
#35193
Labels
@aws-cdk/aws-rdsRelated to Amazon Relational DatabasebugThis issue is a bug.effort/smallSmall work item – less than a day of effortp2
@mazyu36

Description

@mazyu36
mazyu36
opened on Aug 8, 2025

Describe the bug

When importing an RDS instance using rds.DatabaseInstance.fromLookup and attempting to use the connections property, the following error occurs:

CfnSynthesisError: Resolution error: Supplied properties not correct for "CfnSecurityGroupIngressProps"
  fromPort: "3306" should be a number
  toPort: "3306" should be a number.
    at ValidationResult.assertSuccess (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/runtime.js:1:2876)
    at convertCfnSecurityGroupIngressPropsToCloudFormation (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/aws-ec2/lib/ec2.generated.js:1:710632)
    at CfnSecurityGroupIngress.renderProperties (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/aws-ec2/lib/ec2.generated.js:1:708378)
    at PostResolveToken.Resources (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/cfn-resource.js:1:7982)
    at PostResolveToken.postProcess (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/util.js:1:1648)
    at Object.postProcess (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/private/resolve.js:1:1313)
    at DefaultTokenResolver.resolveToken (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/resolvable.js:1:1554)
    at resolve (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/private/resolve.js:1:2909)
    at Object.resolve (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/private/resolve.js:1:1187)
    at resolve (/Users/ykmatsud/Documents/git/cdk-conf-2025/node_modules/aws-cdk-lib/core/lib/private/resolve.js:1:3218) {
  type: 'CfnSynthesisError'
}

Regression Issue

  • Select this option if this issue appears to be a regression.

Last Known Working CDK Library Version

No response

Expected Behavior

The connections property should be usable with an RDS instance imported via rds.DatabaseInstance.fromLookup.

Current Behavior

Unable to use the connections property with an RDS instance imported via rds.DatabaseInstance.fromLookup.

Reproduction Steps

const clientSecurityGroup = new ec2.SecurityGroup(
  this,
  'ClientSecurityGroup',
  {
    vpc,
  },
);

const rdsInstanceFromLookup = rds.DatabaseInstance.fromLookup(
  this,
  'RdsInstanceFromLookup',
  {
    instanceIdentifier,
  },
);

rdsInstanceFromLookup.connections.allowDefaultPortFrom(
  clientSecurityGroup,
);

Possible Solution

The port property in the fromLookup method of rds.DatabaseInstance should be cast to Number. This is not currently done, resulting in the error.

https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/instance.ts#L191

In contrast, the fromLookup method in rds.DatabaseCluster does cast the port to a number, which works correctly.

https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L1391

Additional Information/Context

No response

AWS CDK Library version (aws-cdk-lib)

v2.210.0

AWS CDK CLI version

2.1024.0

Node.js Version

v22.14.0

OS

OSX

Language

TypeScript

Language Version

No response

Other information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-rdsRelated to Amazon Relational DatabasebugThis issue is a bug.effort/smallSmall work item – less than a day of effortp2

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions