Description

Using the DatabaseCluster construct, I would like to specify that I want Auto Minor Version Upgrade to be enabled. This is inline with the security checks provided by the cdk-nag. This feature makes it so that projects using the construct are deemed invalid, as per the AWS Solutions Library rules.

More details about the feature can be found at the AWS Documentation.

Use Case

I need this feature for security purposes. Particularly, this is required in order to pass the AwsSolutions-N2 check by the cdk-nag tool. More information on rules can be found here.

Proposed Solution

I see the following approaches:

1. Provide the auto_minor_version_upgrade property directly under the DatabaseCluster construct as a boolean. If True then every Instance on the cluster would have auto_minor_version_upgrade set to True
2. Provide the auto_minor_version_upgrade property under the DatabaseClusterProps construct. The rest follows as in (1).
3. Provide auto_minor_version_upgrade property under the DatabaseInstanceProps construct and, in addition, provide a way for this property to be passed to the DatabaseCluster construct.

Other information

No response

Acknowledge

• I may be able to implement this feature request
• This feature might incur a breaking change