Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-cdk/aws-s3: cdk can generate an invalid lifecycle configuration for s3:Bucket #25824

Closed
cloventt opened this issue Jun 1, 2023 · 3 comments · Fixed by #25841
Closed

aws-cdk/aws-s3: cdk can generate an invalid lifecycle configuration for s3:Bucket #25824

cloventt opened this issue Jun 1, 2023 · 3 comments · Fixed by #25841
Labels
@aws-cdk/aws-s3 Related to Amazon S3 bug This issue is a bug. effort/small Small work item – less than a day of effort good first issue Related to contributions. See CONTRIBUTING.md p2

Comments

@cloventt
Copy link

cloventt commented Jun 1, 2023
edited
Loading

Describe the bug

Synthed buckets can end up with an invalid lifecycle configuration which fails to be applied by CFN when adding the expiredObjectDeleteMarker configuration.

For example, according to the CFN docs for ExpiredObjectDeleteMarker:

This cannot be specified with ExpirationInDays, ExpirationDate, or TagFilters.

However, if the developer sets expire and expiredObjectDeleteMarker, CDK synths the code with no errors.

Expected Behavior

An invalid lifecycle configuration should fail to synth.

Current Behavior

When an invalid lifecycle configuration is specified, CDK synths the artifacts without raising any warning or errors. The error only occurs when applying the template in CFN. You get this fantastically cryptic error in the CFN logs, and the stack rolls back:

The XML you provided was not well-formed or did not validate against our published schema (Service: Amazon S3; Status Code: 400; Error Code: MalformedXML;)

Reproduction Steps

This code would generate a template that would fail to be applied in CFN:

new s3.Bucket(this, 'bucket', {
      lifecycleRules: [
        {
          enabled: true,
          expiration: Duration.days(14),
          noncurrentVersionExpiration: Duration.days(7),
          abortIncompleteMultipartUploadAfter: Duration.days(1),
          expiredObjectDeleteMarker: true,
        },
      ],
    });

Possible Solution

If the user adds an invalid combination of lifecycle configurations, we could do any of these:

  • prominently warn the user that the configuration will fail in CFN
  • just fail the build completely

Additional Information/Context

No response

CDK CLI Version

2.79.1

Framework Version

No response

Node.js Version

19.1.0

OS

Linux

Language

Typescript

Language Version

4.9.5

Other information

No response
@cloventt cloventt added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Jun 1, 2023
@github-actions github-actions bot added the @aws-cdk/aws-s3 Related to Amazon S3 label Jun 1, 2023
@peterwoodworth
Copy link
Contributor

peterwoodworth commented Jun 1, 2023
edited
Loading

This should fail at synth, should be easy to fix up, we accept contributions. Thanks for reporting!

@peterwoodworth peterwoodworth added good first issue Related to contributions. See CONTRIBUTING.md p1 effort/small Small work item – less than a day of effort p2 and removed needs-triage This issue or PR still needs to be triaged. p1 labels Jun 1, 2023
@Zishanwang1992 Zishanwang1992 mentioned this issue Jun 3, 2023
Merged
@Zishanwang1992
Copy link
Contributor

Zishanwang1992 commented Jun 3, 2023
edited
Loading

I would like to take this task if no one takes it yet. Please help review.

@mergify mergify bot closed this as completed in #25841 Jun 14, 2023
mergify bot pushed a commit that referenced this issue Jun 14, 2023
@Zishanwang1992
fix(s3): fail fast for s3 lifecycle configuration when ExpiredObjectD…
1a82d85 
…eleteMarker specified with ExpirationInDays, ExpirationDate, or TagFilters. (#25841)

Closes #25824.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

This was referenced Jul 26, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-s3 Related to Amazon S3 bug This issue is a bug. effort/small Small work item – less than a day of effort good first issue Related to contributions. See CONTRIBUTING.md p2
Projects
None yet
Milestone
No milestone
3 participants
@cloventt @Zishanwang1992 @peterwoodworth