search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.1k stars 53 forks source link

AWS::S3::Bucket - ObjectLockConfiguration-ExistingAttribute causes new buckets to be stuck in CREATE_IN_PROGRESS #626

Open russell-dot-js opened 3 years ago

russell-dot-js commented 3 years ago

Scope of request

Creating a new S3 Bucket with ObjectLockConfiguration can lead to Cloudformation stuck in CREATE_IN_PROGRESS, and eventually giving up with "Internal Error".

The bucket actually creates successfully, but Cloudformation thinks something went wrong. Per the docs, there are redundant properties (ObjectLockConfiguration.ObjectLockEnabled, and ObjectLockEnabled).

Expected behavior

Cloudformation should acknowledge that the bucket was created successfully.

Suggest specific test cases

Example bad request:

"S3BucketWithObjectLock": {
      "Type": "AWS::S3::Bucket",
      "DeletionPolicy": "Retain",
      "Properties": {
        "ObjectLockConfiguration": {
          "ObjectLockEnabled": "Enabled"
        }
      }
}

Example good request:

"S3BucketWithObjectLock": {
      "Type": "AWS::S3::Bucket",
      "DeletionPolicy": "Retain",
      "Properties": {
        "ObjectLockEnabled": true
      }
}

Since only the latter actually works, perhaps remove the former?

Helpful Links to speed up research and evaluation

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockconfiguration.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-objectlockenabled

Category (required) - Will help with tagging and be easier to find by other users to +1

Storage S3

botchniaque commented 1 year ago

I just hit the same problem. Very confusing behavior. The fix you suggest did the magic. Thanks