Skip to content

feat(database): enable Data API and connection logging#123

Merged
konokenj merged 2 commits intomainfrom
feature/122
Mar 20, 2026
Merged

feat(database): enable Data API and connection logging#123
konokenj merged 2 commits intomainfrom
feature/122

Conversation

@konokenj
Copy link
Contributor

@konokenj konokenj commented Mar 20, 2026

Issue

close #122

Problem

The Aurora Serverless v2 cluster lacks operational tooling for debugging and diagnostics:

  • No Data API: Operators must use SSH tunneling via Bastion Host to run ad-hoc SQL queries, which is cumbersome during incident response.
  • No connection logging: Diagnosing unexpected auto-pause resumes or connection pool exhaustion requires guesswork, as PostgreSQL connection events are not recorded.

Solution

Add three CDK-native properties to the existing DatabaseCluster construct:

  1. enableDataApi: true — Enables the RDS Data API, allowing direct SQL execution from AWS CLI/Console without SSH tunneling.
  2. log_connections / log_disconnections — Standard PostgreSQL parameters that record connection open/close events in the PostgreSQL log.
  3. cloudwatchLogsExports: ["postgresql"] with 1-week retention — Exports PostgreSQL logs to CloudWatch Logs for centralized analysis (Aurora PostgreSQL CloudWatch Publishing).

Changes

  • cdk/lib/constructs/database.ts:
    • Added import * as logs from "aws-cdk-lib/aws-logs"
    • Added enableDataApi: true to DatabaseCluster
    • Added cloudwatchLogsExports: ["postgresql"] and cloudwatchLogsRetention: logs.RetentionDays.ONE_WEEK
    • Added log_connections: "1" and log_disconnections: "1" to the existing ParameterGroup

Verification

  • npm run build passes in cdk/
  • After deployment:
    • aws rds-data execute-statement can run SQL against the cluster
    • CloudWatch log group /aws/rds/cluster/<cluster-name>/postgresql is created
    • Connection/disconnection events appear in the log stream

konokenj added 2 commits March 20, 2026 13:07
@konokenj
feat(database): enable Data API and connection logging (#122)
8943259 
Why: The Aurora Serverless v2 cluster lacks operational tooling for
debugging and diagnostics. Without Data API, operators must use SSH
tunneling via Bastion Host to run ad-hoc queries. Without connection
logs, diagnosing unexpected auto-pause resumes or connection pool
exhaustion requires guesswork.

What:
- Enable RDS Data API for direct SQL execution from AWS CLI/Console
- Add log_connections and log_disconnections parameters
- Export PostgreSQL logs to CloudWatch Logs with 1-week retention
@konokenj
test: update CDK snapshots
2313cf6
@konokenj konokenj merged commit e32dc7a into main Mar 20, 2026
5 checks passed
@konokenj konokenj deleted the feature/122 branch March 20, 2026 04:10
@github-actions github-actions bot mentioned this pull request Mar 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat(database): Aurora Serverless v2 の Data API 有効化と接続ログの追加

1 participant

@konokenj