search

aws-cloudformation / aws-cloudformation-resource-providers-cloudformation

The CloudFormation Resource Provider Package For AWS CloudFormation
https://aws.amazon.com/cloudformation/
Apache License 2.0
48 stars 35 forks source link

Adding new module/module default version in same template fails if module already existed #49

Closed tylersouthwick closed 3 years ago

tylersouthwick commented 3 years ago

If module was already defined, but all versions were deregistered, adding a new module/module default version in the same template fails.

It seems to fail due to this check: https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudformation/blob/master/aws-cloudformation-moduledefaultversion/src/main/java/software/amazon/cloudformation/moduledefaultversion/CreateHandler.java#L42

I'm assuming that check is there to prevent an implicit "import" of a different default version?

tylersouthwick commented 3 years ago

The issue we've run into is that in this case, you are unable to use the same template to deploy a new version of the module. You have to manage the state external to cloudformation and know whether the stack deployment is the first deployment or the second. This makes using stacksets for multi account deployment really difficult.

Here are the paths I see:

No Default Version

  1. Deploy a ModuleVersion and that is set implicitly as the default
  2. First deploy works
  3. Deploy an update to the cloudformation template pointing to a new s3 location, triggers a new ModuleVersion to be created, but it is not the default
  4. Cloudformation attempts to delete the previous ModuleVersion, but it cannot because it is the default
  5. Stack update fails

Default Version

  1. Deploy a ModuleVersion and a DefaultModuleVersion in the same template
  2. DefaultModuleVersion fails to deploy because the ModuleVersion is already a default
  3. Stack create fails

Hacky Workaround

We have a current workaround, but it is really clunky. The example on https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-moduledefaultversion.html shows 2 different modules defined, but setting the default version only on ModuleVersion2. ModuleVersion1 is essentially only used to define the existence of the module.

Ideally, we could have a single template that defines only a ModuleVersion and a ModuleVersion that can then be updated when the module changes and can also be used for the initial deployment.

priyanka-amzn commented 3 years ago

Hi Tyler, thank you for your patience. We're sorry you have to workaround this issue. We're having discussions with CloudFormation product managers, engineering managers and owners of ResourceDefaultVersion to discuss the path forward for ModuleDefaultVersion.

We understand that removing AlreadyExists in this scenario would be better customer experience. We'll get back to you on this.

priyanka-amzn commented 3 years ago

Hi Tyler, your change has been merged. There was some delay because Travis CI builds were stuck for our repository. Once we migrated to GitHub Actions, that blocker was resolved.

We'll be deploying your change to production soon. I'll inform you once that completes here.

priyanka-amzn commented 3 years ago

Hi Tyler, our deployment is complete. Setting a ModuleDefaultVersion in a template to a version that is already the default version should not report an error now. Thanks for your patience.