search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.11k stars 54 forks source link

AWS::ApiGateway::VpcLink implicit dependency not working #1951

Open Onolisk opened 7 months ago

Onolisk commented 7 months ago

Name of the resource

AWS::ApiGateway::VpcLink

Resource Name

AWS::ElasticLoadBalancingV2::LoadBalancer

Issue Description

When a stack is deployed containing an "AWS::ApiGateway::VpcLink" resource which references an "AWS::ElasticLoadBalancingV2::LoadBalancer" created in the same stack via "Ref", the VpcLink resource proceeds to provision before the LoadBalancer resource has returned a success.

Adding an explicit dependency solves this.

Issue: resource not respecting implicit dependency. Results in failed deployment "Failed to stabilize Vpc Link with id * Status Message NLB is not in active state. If you recently created this NLB, please wait for it to become active and try again.."

Expected Behavior

Deploy template containing AWS::ApiGateway::VpcLink which implicitly refers to an AWS::ElasticLoadBalancingV2::LoadBalancer resource. CloudFormation waits for CREATE_COMPLETE before from LoadBalancer before starting VpcLink CREATE_IN_PROGRESS.

Observed Behavior

CloudFormation starts the LoadBalancer resource deployment then starts the VpcLink deployment before receiving success. This creates a race condition where often stack deployment fails. Implicit dependency is not observed.

Test Cases

SAMPLE TEMPLATE: 

{
    "Resources": {

        "MyNLB": {
            "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
            "Properties": {
                "LoadBalancerAttributes": [{
                        "Key": "deletion_protection.enabled",
                        "Value": "false"
                    }
                ],
                "Name": "MyNLB",
                "Scheme": "internal",
                "Subnets": [
                    "<INSERT SUBNET 1>",
                    "<INSERT SUBNET 2>"
                ],
                "Type": "network"
            }
        },

        "MyVpcLink": {
            "Type": "AWS::ApiGateway::VpcLink",
            "Properties": {
                "Name": "my-vpc-link",
                "TargetArns": [{
                        "Ref": "MyNLB"
                    }
                ]
            }
        }
    }
}