aws-solutions-constructs icon indicating copy to clipboard operation
aws-solutions-constructs copied to clipboard

Published 20 hours ago verified publisher icon awslabs

SnsToSqs minimal deployable pattern barfs loud red warnings

Open revanshine opened this issue 9 months ago • 3 comments

The minimal deployable pattern for SnsToSqs barfs loud red warnings making it difficult to understand and adopt.

Reproduction Steps

Create a CDK project and add the code from the minimal deployable pattern definition here: https://constructs.dev/packages/@aws-solutions-constructs/aws-sns-sqs/v/2.57.0?lang=typescript

Error Log

WARN AWS_SOLUTIONS_CONSTRUCTS_WARNING: Ignoring enableEncryptionWithCustomerManagedKey because one of topicProps.masterKey, encryptionKey, or encryptionKeyProps was already specified WARN AWS_SOLUTIONS_CONSTRUCTS_WARNING: Ignoring enableEncryptionWithCustomerManagedKey because one of WARN AWS_SOLUTIONS_CONSTRUCTS_WARNING: queueProps.encryptionMasterKey, encryptionKey, or encryptionKeyProps was already specified [Warning at /MyStack/SnsToSqsPattern/queue] encryption: Automatically changed to QueueEncryption.KMS, was: QueueEncryption.KMS_MANAGED When encryptionMasterKey is provided, always set encryption: QueueEncryption.KMS [ack: @aws-cdk/aws-sqs:queueEncryptionChangedToKMS]

Environment

  • CDK CLI Version : 2.140.0 (build 46168aa)
  • CDK Framework Version: 2.140.0 (build 46168aa)
  • AWS Solutions Constructs Version : 2.57.0
  • OS : MacOS
  • Language : Typescript

Other

This is :bug: Bug Report

revanshine avatar May 08 '24 20:05 revanshine

Also, the minimal deployable pattern won't deploy:

Circular dependency between resources: [SnsToSqsPatternqueueFBC4436B, SnsToSqsPatternqueueMyStackSnsToSqsPatternSnsTopic372915C855A347C7, SnsToSqsPatternSnsTopic4E90E51B, SnsToSqsPatternKeyE8ABAEAE, SnsToSqsPatternqueuePolicy56BD807B, SnsToSqsPatternSnsTopicPolicyA2F69F7F]

Please fix.

revanshine avatar May 08 '24 22:05 revanshine

Thanks, we'll check it out.

biffgaut avatar May 09 '24 14:05 biffgaut

We're still looking into this, but we have found that the circular reference was introduced with a feature change in CDK v2.32.0 and is controlled by a feature flag. For the moment, you can turn off this change by setting the feature flag to false in cdk.json:

    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": false,

That will allow you to move forward while we continue to examine the issue.

biffgaut avatar May 09 '24 16:05 biffgaut