(aws-route53): add logging configuration method

[rantoniuk]

As far as I know, the domain registration in AWS needs to be a manual step via the UI.
That's fine, however we would like then to make sure via CDK that the logging is properly configured for the HostedZone, but the HostedZone only allows the queryLogsLogArn to be done inside a constructor - so we have a chicken-egg problem.

Could a method for configuring the loggingGroup be added for a HostedZone retrieved by fromLookup ?

[njlynch]

To clarify, you are asking if you can lookup an existing HostedZone via fromLookup, and then set the queryLogsLogGroupArn property on the HostedZone? If so, the answer is "unfortunately not".

Imported resources (whether via from...Attributes or fromLookup) cannot be modified, only referenced. To modify existing resources, you'll need to either update them in the Stack where they were created, or create a CustomResource to do the job for you.

I hope that answers your question. Feel free to mention me in any follow-ups!

[rantoniuk]

@njlynch that's exactly what I want to do and I think this is a sensible feature request.
The HostedZone is not created via stack, because it is automatically created when the domain is registered via the UI.
Or maybe I have missed a way to register a domain via CDK together with HostedZone and logging configuration ?

[njlynch]

It is a completely reasonable thing to want, but isn't something currently supported by the CDK.

You can track aws/aws-cdk-rfcs#2 for our RFC on the topic of importing resources into the CDK that were created elsewhere (e.g., the console).

[rantoniuk]

@njlynch uhm, that should remain open as a feature request then IMHO. The RFC you referenced is quite empty I'd say and I don't think it contributes anyhow to getting visibility for this specific request which is specifically labelled as feature-request.

Furthermore, it's not entirely true that CDK doesn't support importing resources, because it does for other resources like S3 Buckets for example

[njlynch]

The RFC you referenced is quite empty I'd say and I don't think it contributes anyhow to getting visibility for this specific request.

It's fair that the RFC doesn't specifically call out Route53 HostedZone QueryLoggingConfig; however, I'd much rather have one issue to track the overall desire to be able to mutate imported resources than one per resource/property combination. It's much harder for us to track impact of hundreds of feature requests with little/no interaction than a single RFC with tens/hundreds of 👍s. The foundational work to allow users to import existing resources into a CDK-owned Stack, and then be able to adjust properties of those resources, is going to be the same for Route53 Hosted Zones, Athena Work Groups, ECS Clusters, etc. Once we've done it for one, all should be supported (or easily incrementally added).

Furthermore, it's not entirely true that CDK doesn't support importing resources

Correct. What we don't support is modifying imported resources, as I said above. You can import a HostedZone today; you just can't change its QueryLoggingConfig. Similarly, you can import a Bucket today, but you can't adjust the bucket encryption.

[rantoniuk]

Thanks for detailed explanation. The only comment I have is that... I don't think that RFC 👍 works - it's there for 2 years and only 1 👍🏻 - I'm sure that there are a lot of other use cases needing this :-)