aws-cdk icon indicating copy to clipboard operation
aws-cdk copied to clipboard

Published 20 hours ago verified publisher icon aws

cloudfront example fails deployment

Open ezrover opened this issue 3 years ago • 5 comments

Describe the bug

The sample for adding a custom ResponseHeaderPolicy doesnt not work. Apply the example from

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.ResponseHeadersPolicy.html

results in 6:52:43 PM | CREATE_FAILED | AWS::CloudFront::ResponseHeadersPolicy | dev2Respo...dersPolicy75419A62 Resource handler returned message: "Invalid request provided: AWS::CloudFront::ResponseHeadersPolicy" (RequestToken: ****, HandlerErrorCode: InvalidRequest)

Expected Behavior

Work as described in the document https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.ResponseHeadersPolicy.html

Current Behavior

results in 6:52:43 PM | CREATE_FAILED | AWS::CloudFront::ResponseHeadersPolicy | dev2Respo...dersPolicy75419A62 Resource handler returned message: "Invalid request provided: AWS::CloudFront::ResponseHeadersPolicy" (RequestToken: ****, HandlerErrorCode: InvalidRequest)

Reproduction Steps

build a simple cdk application with the sample from https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.ResponseHeadersPolicy.html

Possible Solution

No response

Additional Information/Context

"dependencies": { "aws-cdk-lib": "^2.30.0", "constructs": "^10.1.43", "cff-tools": "0.6.0" }, "devDependencies": { "@types/aws-lambda": "^8.10.101", "@types/jest": "^28.1.4", "@types/node": "^17.0.23", "@typescript-eslint/eslint-plugin": "^5.29.0", "@typescript-eslint/parser": "^5.29.0", "aws-cdk": "^2.30.0", "aws-lambda": "^1.0.7", "esbuild": "^0.14.48", "eslint-config-airbnb-base": "^15.0.0", "eslint-config-prettier": "^8.5.0", "eslint-import-resolver-typescript": "^3.1.1", "eslint-plugin-import": "^2.26.0", "eslint-plugin-jest": "^26.5.3", "eslint-plugin-prettier": "^4.2.1", "jest": "^28.1.2", "prettier": "^2.7.1", "ts-jest": "^28.0.5", "ts-node": "^10.8.1", "typescript": "^4.7.4",

"@aws-cdk/assert": "2.30.1"

}

CDK CLI Version

"aws-cdk": "^2.30.0",

Framework Version

No response

Node.js Version

v17.9.0

OS

Mac

Language

Typescript

Language Version

4.7.4

Other information

import * as iam from 'aws-cdk-lib/aws-iam'; import * as s3 from 'aws-cdk-lib/aws-s3'; import * as cdk from 'aws-cdk-lib';

import * as cloudfront from 'aws-cdk-lib/aws-cloudfront';

import * as origins from 'aws-cdk-lib/aws-cloudfront-origins'; import * as wafv2 from 'aws-cdk-lib/aws-wafv2';

import * as acm from 'aws-cdk-lib/aws-certificatemanager'; import * as route53 from 'aws-cdk-lib/aws-route53'; import * as targets from 'aws-cdk-lib/aws-route53-targets';

ezrover avatar Jul 02 '22 02:07 ezrover

@comcalvi I created a sample project for you to try https://github.com/ezrover/aws-cdk-ResponseHeadersPolicy-sample

ezrover avatar Jul 03 '22 14:07 ezrover

The error CloudFormation is throwing here isn't helpful in determining what's actually wrong with the template, so it's hard to say if there's an actual error here.

What I think is happening is that you aren't replacing the dummy values in our example and CloudFormation is detecting this, or CloudFormation doesn't like some combination of values seen in the example. Could you try to deploy this with values that you'd realistically use and see if you're still running into errors?

peterwoodworth avatar Jul 07 '22 17:07 peterwoodworth

Hi Peter, thanks for your email, I updated https://github.com/ezrover/aws-cdk-ResponseHeadersPolicy-sample to remove the generic example headers and even tried to comment out corsBehavior and securityHeadersBehavior thus only leaving the shell :

const myResponseHeadersPolicy = new cloudfront.ResponseHeadersPolicy(this, ${id}-MyPolicy, { responseHeadersPolicyName: ${id}-MyPolicy, comment: 'A default policy', });

but it still fails!!! Can you provide an actual working sample or repo on Github to reference?

On Thu, Jul 7, 2022 at 10:51 AM Peter Woodworth @.***> wrote:

The error CloudFormation is throwing here isn't helpful in determining what's actually wrong with the template, so it's hard to say if there's an actual error here.

What I think is happening is that you aren't replacing the dummy values in our example and CloudFormation is detecting this, or CloudFormation doesn't like some combination of values seen in the example. Could you try to deploy this with values that you'd realistically use and see if you're still running into errors?

— Reply to this email directly, view it on GitHub https://github.com/aws/aws-cdk/issues/20962#issuecomment-1177997202, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALH3DA6OVFYTFK76VO7O2TVS4KINANCNFSM52OJR72Q . You are receiving this because you authored the thread.Message ID: @.***>

ezrover avatar Jul 07 '22 22:07 ezrover

You might be running into this issue I recently reported: https://github.com/aws/aws-cdk/issues/21524

blimmer avatar Aug 09 '22 19:08 blimmer

It's possible these are separate issues. I'm unable to deploy just a minimal responseheaderspolicy with just a name. I'm reporting to cloudformation to implement better error handling

peterwoodworth avatar Aug 09 '22 22:08 peterwoodworth