Amplify build failing with Resource XXXXX must be in ARN format or "*"

[jimjoes]

Describe the bug Amplify console build is failing with the following error after adding a storage category and creating a trigger for it.

2021-03-17T15:26:54.616Z [WARNING]: Error updating cloudformation stack
2021-03-17T15:26:59.620Z [INFO]: Following resources failed
                                 Resource Name: ampli-batc-1OX21FKOVDKP8 (AWS::IAM::Policy)
                                 Event Type: update
                                 Reason: Resource storagebatchJobStateArn must be in ARN format or "*". (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: fa959ce9-327b-4dd7-bec2-a276456e0133; Proxy: null)
                                 URL: XXXXX
                                 Resource Name: userManager (AWS::Lambda::Function)
                                 Event Type: update
                                 Reason: Resource update cancelled
                                 URL: XXXXX

Steps to reproduce the behavior:

1. Add storage
2. Configure trigger
3. push
4. build fails

Expected behavior A clear and concise description of what you expected to happen. The build should work.

Desktop (please complete the following information):

• OS: MacOS
• Browser: Chrome
• Version: Version 89.0.4389.82 (Official Build) (x86_64)

Additional context This issue happened locally first, and I fixed it by adding the storage resource to the 'dependsOn' array in the Trigger definition in the amplify/backend/amplify-meta.json file (as described here: https://github.com/aws-amplify/amplify-cli/issues/5333). I've tried removing the amplify-meta.json file from gitignore and pushing again, but the same results.

[dfrkp]

Same issue here, specifically the issue comes from adding the permission to the trigger. (amplify 4.46.1)

[kevinlam92]

Here's a workaround that worked for me, and by no means this is a fix.

1.) I removed the trigger with amplify storage update 2.) In my trigger function's cloud formation template I hardcoded the trigger stream arn's default value to the dynamoDB stream arn.

The stream works and successfully calls my lambda function. However, this will break if the stream arn ever changes (ie. disable/re-enable), and you will have to reupdate it in the cloud formation template.

At least my amplify push works and unblocks me.

[jimjoes]

FYI. What I'm doing now is a front-end only build with Amplify console and deploying the backend using CLI, which lets me deploy, but obviously, the problem is still extant.

[realityworks]

Same thing happens here. Doesn't need to be a trigger or stream. Seems like it's the update causing the problem. Breaks on my 4.52.0 version.

[realityworks]

Still a bug, now this issue has somehow been propagated into the existing AWS hosted version, completely breaking any possible updates.

This is now taking weeks to fix, wish we never touched Amplify. Stick with GCP or Azure!!!!

[jimjoes]

Amplify is pretty good, but only for basic proofs of concept or prototypes. Do not use in in production would be my hard learned advice due to long-lived issues like this (the 2+ years old Apollo client issue as an example). The underlying AWS services are great, with a few caveats, but as an OSS project, Amplify is a bit under resourced for its ambitions.

[blanchma]

Same issue. No solution neither answer from Amplify team.