aws-cdk icon indicating copy to clipboard operation
aws-cdk copied to clipboard

Published 20 hours ago verified publisher icon aws

aws_s3: BucketNotification in owning stack deletes BucketNotifications from other stacks

Open sebastian-fredriksson-bernholtz opened this issue 8 months ago • 1 comments

Describe the bug

When making changes to the S3 event notifications in the stack that owns an S3 Bucket (on Bucket), it deletes event notifications for the bucket that have been configured in other stacks (on IBucket).

Expected Behavior

Event notifications configured in other stacks should not be deleted.

Current Behavior

Event notifications configured in other stacks are being deleted.

Reproduction Steps

  1. Create and deploy Bucket in stack 1.
// stack 1
new Bucket(this, 'Bucket', {
    bucketName: 'bucketname',
});
  1. Add and deploy event notification in stack 2
// stack 2
Bucket.fromBucketName(this, 'DataBucket', 'bucketName').addEventNotification(
    EventType.OBJECT_CREATED_PUT,
    new LambdaDestination(lambda)
);
  1. Make a change to event notifications in stack 1 and deploy:
// stack 1
new Bucket(this, 'Bucket', {
    bucketName: 'bucketname',
+   eventBridgeEnabled: true,
});

The event handler configured and deployed in step 2 will be deleted when doing step 3.

Possible Solution

Use the same logic for handling BucketNotifications in the stack that owns the Bucket as in other stack: https://github.com/aws/aws-cdk/blob/7360a885e6282ad28b4ae72f9ae92a6bcda88b15/packages/%40aws-cdk/custom-resource-handlers/lib/aws-s3/notifications-resource-handler/index.py#L37

Additional Information/Context

This is happening for Bucket (unlike IBucket) cdk sets Managed property on the custom resource that manages event notifications to true. https://github.com/aws/aws-cdk/blob/71986ff986d13bbb496b33c0554f657e77dbb2d0/packages/aws-cdk-lib/aws-s3/lib/notifications-resource/notifications-resource.ts#L120 https://github.com/aws/aws-cdk/blob/71986ff986d13bbb496b33c0554f657e77dbb2d0/packages/aws-cdk-lib/aws-s3/lib/notifications-resource/notifications-resource.ts#L135

And the code in the custom resource lambda handler disregards externally set notifications if Managed is set to true. https://github.com/aws/aws-cdk/blob/7360a885e6282ad28b4ae72f9ae92a6bcda88b15/packages/%40aws-cdk/custom-resource-handlers/lib/aws-s3/notifications-resource-handler/index.py#L21

CDK CLI Version

2.146.0 (build b368c78)

Framework Version

2.146.0

Node.js Version

v20.11.0

OS

macOS 14.3.1 (23D60)

Language

TypeScript

Language Version

5.5.2

Other information

Activating eventbridge for our S3 Bucket in cdk caused our site to break because a notification set up in another stack using cdk got deleted.

sebastian-fredriksson-bernholtz avatar Jun 21 '24 04:06 sebastian-fredriksson-bernholtz