yainoit
commented
1 year ago Invalid request provided: AWS::CloudFront::Distribution: The S3 bucket that you specified for CloudFront logs does not enable ACL access:
Closed yainoit closed 1 year ago
yainoit
commented
1 year ago Invalid request provided: AWS::CloudFront::Distribution: The S3 bucket that you specified for CloudFront logs does not enable ACL access:
bobpskier
commented
1 year ago @yainoit I believe the fix is committed on the development branch and should be released shortly.
atjohns
commented
1 year ago @yainoit What version and what region were you deploying in? We did have to update some things recently because of S3 configuration changes but I thought that all made it into the April release.
atjohns
commented
1 year ago @yainoit I see the issue, the latest release that was published doesn't include that patch. Yes this will be included in the next release, alternatively if you pull directly from main it should work properly.
yainoit
commented
1 year ago which file should i pull
yainoit
commented
1 year ago AWSTemplateFormatVersion: 2010-09-09 Description: > This template creates a CodeBuild project used to configure and deploy the chatbot UI Parameters: CodeBuildRoleArn: Description: > CodeBuild Role Arn. Required Input. Type: String Default: '' CodeBuildStarterLambdaRoleArn: Description: > CodeBuild Starter Lambda Role Arn. Required Input. Type: String Default: '' S3CleanupLambdaRoleArn: Description: S3 Cleanup Lambda Role V2 Arn. Required Input. Type: String Default: ''
CodeBuildName:
Type: String
Description: CodeBuild project used to configure and deploy the Lex Web UI
Default: lex-web-ui-conf-deploy
MinLength: 2
MaxLength: 255
AllowedPattern: '^[A-Za-z0-9][A-Za-z0-9\-_]{1,254}$'
ConstraintDescription: >
Should start with Alphanumeric. May contain alphanumeric, underscore
and dash.
SourceBucket:
Description: S3 bucket where the source is located
Type: String
Default: aws-bigdata-blog
SourcePrefix:
Description: Prefix key to reference yaml templates
Type: String
Default: artifacts
SourceObject:
Description: S3 object zip file containing the project source
Type: String
Default: artifacts/aws-lex-web-ui/artifacts/src.zip
CustomResourceCodeObject:
Type: String
Description: >
S3 object zip file containing Lambda custom resource functions
Default: artifacts/aws-lex-web-ui/artifacts/custom-resources.zip
InitiateChatLambdaCodeObject:
Type: String
Description: >
S3 object zip file containing Lambda custom resource functions
Default: artifacts/aws-lex-web-ui/artifacts/initiate-chat-lambda.zip
CleanupBuckets:
Type: String
Default: true
AllowedValues:
- true
- false
Description: >
If set to True, buckets and their associated data will be deleted on
CloudFormation stack delete. If set to False, S3 buckets will be retained.
ShouldEnableCognitoLogin:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to True, a menu with a login action will be displayed
in the Lex Web Ui. This feature uses Cognito User Pools with
hosted login pages. After login, the menu will switch to logout.
ShouldForceCognitoLogin:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to True, the menu with a login action will not be displayed
in the Lex Web Ui, and the Cognito login will be executed automatically.
EnableMarkdownSupport:
Type: String
Default: true
AllowedValues:
- true
- false
Description: >
If set to True, Markdown formatting in ResponseCards will be enabled.
ReInitSessionAttributesOnRestart:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to True, session attributes sent on each request to Lex are reset. Use a value
of false, if session attributes need to be supported on subsequent Lex requests. The
default is false.
ShouldLoadIframeMinimized:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to True and running embedded as an Iframe on a web page, minimize the
LexWebUi when first launched. If set to False, the Iframe will be maximized
on the hosting page.
ShowResponseCardTitle:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to True, the ResponseCard title is displayed in the UI. When set to false,
a ResponseCard title is not displayed in the UI. Default is false. Note at the
present time this is a global setting. Should the UI need to display some form
of a title, use the optional sub-title property of a ResponseCard.
CognitoIdentityPoolId:
Type: String
Description: >
Cognito Identity Pool Id to used in the web app configuration.
MinLength: 1
MaxLength: 55
AllowedPattern: '^[\w-]+:[0-9a-f-]+$'
ConstraintDescription: >
Alphanumeric followed by a column and ending with a hex uuid type.
CognitoAppUserPoolClientId:
Type: String
Description: >
Cognito App User Pool Client Id to used in the web app configuration.
CognitoUserPoolId:
Type: String
Description: >
Cognito App User Pool Id
ConnectContactFlowId:
Type: String
Description: >
Connect Contract Flow Id
ConnectInstanceId:
Type: String
Description: >
Connect Instance Id
ConnectPromptForNameMessage:
Type: String
Description: >
Message to display prompting the user for a name
ConnectWaitForAgentMessage:
Type: String
Description: >
Message to display every message interval while waiting for an agent to connect
ConnectWaitForAgentMessageIntervalInSeconds:
Type: Number
Description: >
Interval in seconds between successive ConnectWaitForAgentMessage
ConnectLiveChatTerms:
Type: String
Description: >
Command separated list of terms that can be used to start Live Chat mode
ConnectAgentJoinedMessage:
Type: String
Description: >
Message to play when an agent joins the chat. {Agent} will be replaced with the Agent's name.
Default: "{Agent} has joined."
ConnectAgentLeftMessage:
Type: String
Description: >
Message to play when an agent leaves the chat. {Agent} will be replaced with the Agent's name.
Default: "{Agent} has left."
ConnectChatEndedMessage:
Type: String
Description: >
Message to play when a chat session has ended.
Default: "Chat ended."
ConnectAttachChatTranscript:
Type: String
Default: true
AllowedValues:
- true
- false
Description: >
Attach chat transcript as file. This only works if you enable
LexV2BotId:
Description: >
Bot ID (not bot name) of an existing Lex V2 Bot to be used by the web ui. NOTE: You must
also enter your Bot alias ID in the LexV2BotAliasId field below.
Type: String
Default: ''
MaxLength: 50
AllowedPattern: '(^$|^[a-zA-Z0-9]+((_[a-zA-Z0-9]+)*|([a-zA-Z0-9]+_)*|_))'
ConstraintDescription: >
Must conform with the permitted Lex V2 Bot name pattern.
LexV2BotAliasId:
Description: >
Use your Lex V2 bot's alias id (not alias name) here.
Type: String
Default: ''
MinLength: 0
MaxLength: 50
AllowedPattern: '(^$|^[$a-zA-Z0-9]+((_[$a-zA-Z0-9]+)*|([$a-zA-Z0-9]+_)*|_))'
ConstraintDescription: >
Must conform with the permitted Lex V2 Alias name pattern.
LexV2BotLocaleId:
Description: >
Use your bot's locale id here. By default this is en_US. Lex V2 supported values are
en_AU, en_GB, es_419, es_ES, es_US, fr_CA, fr_FR, it_IT.
See "https://docs.aws.amazon.com/lexv2/latest/dg/lex2.0.pdf"
for details on supported languages and locales.
Type: String
Default: 'en_US'
MinLength: 2
MaxLength: 50
BotName:
Description: >
Name of an existing Lex Bot to be used by the web ui. NOTE: You must
also enter your published bot alias in the BotAlias field below.
(If BotName is left empty, a Bot based on the OrderFlowers sample will be
automatically created.)
Type: String
Default: ''
MinLength: 0
MaxLength: 50
BotAlias:
Description: >
WARNING: For production deployments, use your bot's published alias here.
The $LATEST alias should only be used for manual testing. Amazon Lex limits
the number of runtime requests that you can make to the $LATEST version of
the bot.
Type: String
Default: '$LATEST'
MinLength: 2
MaxLength: 50
AllowedPattern: '(^$|^[$a-zA-Z]+((_[$a-zA-Z]+)*|([$a-zA-Z]+_)*|_))'
ConstraintDescription: >
Must conform with the permitted Lex Alias name pattern.
ParentOrigin:
Type: String
Description: >
Browser origin (e.g. http://mysite.example.com:8080) of an
existing site that is allowed to send/receive data and events
from the web ui in an iframe setup. This is an optional
parameter. If left empty, an S3 bucket will be created to
host a sample parent site embedding the webapp as an iframe.
AllowedPattern: '(^$|^https?://[\w\.-]+(:\d+)?$)'
ConstraintDescription: Empty or valid browser origin
WebAppConfBotInitialText:
Type: String
Default: >
You can ask me for help ordering flowers. Just type "Buy
flowers" or click on the mic and say it.
Description: First bot message displayed in the chatbot UI
WebAppConfBotInitialSpeech:
Type: String
Default: Say 'Buy Flowers' to get started.
Description: >
Message spoken by bot when the microphone is first pressed
in a conversation
WebAppConfBotInitialUtterance:
Type: String
Default: ''
Description: >
Text to use to send as first utterance to bot
WebAppConfNegativeFeedback:
Type: String
Default: Thumbs down
Description: >
This optional parameter defines the message to be sent by the user upon pressing
a feedback button signaling a negative feedback.
If left empty feedback buttons will be disabled on the UI.
WebAppConfPositiveFeedback:
Type: String
Default: Thumbs up
Description: >
This optional parameter defines the message to be sent by the user upon pressing
a feedback button signaling a positive feedback.
If left empty feedback buttons will be disabled on the UI.
WebAppConfHelp:
Type: String
Default: Help
Description: >
This is an optional parameter, when defined with a value, a help button will display on the chat bot toolbar.
When pressed the button will send the entered string to the bot as a help message. If left empty
the help button will be disabled.
WebAppConfToolbarTitle:
Type: String
Default: Order Flowers
Description: Title displayed in the chatbot UI toolbar
SaveHistory:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
This is an optional parameter, if set to True, the history of the chat is maintained over sessions.
A item to clean the chat will appear at the menu.
ShouldEnableLiveChat:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
This is an optional parameter, if set to True, the AWS Connect live Chat functionality will be available.
A item to start a live chat will appear at the menu.
HideButtonMessageBubble:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to true, hide the message bubble on a response card button press
MessageMenu:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to true, each message will have an additional clickable menu on
messages sent to the bot allowing you to repeat that message.
BackButton:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
If set to true, will show a back button to go back to a previous message.
MinimizedButtonContent:
Type: String
Default: ''
Description: >
This is an optional parameter, if populated will display provided text when chat window is minimized.
retryOnLexPostTextTimeout:
Type: String
Default: false
AllowedValues:
- true
- false
Description: >
When set to true, operations against the Lex PostText API that result in a timeout
will be retried up the the defined retry count. This is useful to enable if 30 second
timeouts in Lex are frequently observed and subsequent operations will must likely succeed.
retryCountPostTextTimeout:
Type: Number
Default: 1
Description: >
Defines the number of times the lex-web-ui will retry the Lex post text API operation when an exception
is detected.
Timestamp:
Type: Number
Description: >
This is a required parameter. It defines a timestamp allow the codebuild to execute as long as the
timestamp from master.yaml and master-pipeline.yaml varies.
ResourcePrefix:
Type: String
Description: >
This will be a prefix for resources that must have unique names.Conditions: NeedsParentOrigin: !Equals [!Ref ParentOrigin, ''] ShouldCleanupBuckets: !Equals [!Ref CleanupBuckets, true] EnableLiveChat: !Equals [!Ref ShouldEnableLiveChat, true]
Resources:
S3ServerAccessLogs:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Properties:
VersioningConfiguration:
Status: Enabled
AccessControl: "LogDeliveryWrite"
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
# Bucket where the web app is deployed
WebAppBucket:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Properties:
WebsiteConfiguration:
IndexDocument: index.html
VersioningConfiguration:
Status: Enabled
LoggingConfiguration:
DestinationBucketName: !Ref S3ServerAccessLogs
LogFilePrefix: "webappbucket/"
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
CorsConfiguration:
!If
- NeedsParentOrigin
- !Ref AWS::NoValue
- CorsRules:
- AllowedMethods:
- GET
AllowedOrigins:
- !Ref ParentOrigin
# Bucket for CloudFrontDistributionLogs
LexWebUiCloudFrontDistributionLogsBucket:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Properties:
VersioningConfiguration:
Status: Enabled
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
WebAppBucketOriginAccessIdentity:
Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: !Sub "access-identity-${WebAppBucket}"
WebAppBucketBucketPolicy:
Type: "AWS::S3::BucketPolicy"
Properties:
Bucket:
Ref: "WebAppBucket"
PolicyDocument:
Statement:
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource:
- !Sub "arn:aws:s3:::${WebAppBucket}/*"
Principal:
CanonicalUser: !GetAtt WebAppBucketOriginAccessIdentity.S3CanonicalUserId
LexWebUIResponseHeaderPolicy:
Type : "AWS::CloudFront::ResponseHeadersPolicy"
Properties:
ResponseHeadersPolicyConfig:
Comment: "Response header policy for LexWebUI"
Name: !Join ["-", [!Ref ResourcePrefix, "LexWebUIResponseHeaderPolicy"]]
CorsConfig:
AccessControlAllowOrigins:
Items:
- !If
- NeedsParentOrigin
- "*"
- !Ref ParentOrigin
AccessControlAllowHeaders:
Items:
- "*"
AccessControlAllowMethods:
Items:
- "GET"
AccessControlAllowCredentials: False
AccessControlMaxAgeSec: 600
OriginOverride: true
SecurityHeadersConfig:
XSSProtection:
Override: False
Protection: True
ModeBlock: True
ReferrerPolicy:
Override: False
ReferrerPolicy: "strict-origin-when-cross-origin"
ContentTypeOptions:
Override: false
StrictTransportSecurity:
Override: False
IncludeSubdomains: True
Preload: False
AccessControlMaxAgeSec: 47304000
LexWebUiDistribution:
Type: AWS::CloudFront::Distribution
DependsOn:
- WebAppBucket
Properties:
DistributionConfig:
Origins:
- DomainName: !Sub "${WebAppBucket}.s3.${AWS::Region}.amazonaws.com"
S3OriginConfig:
OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${WebAppBucketOriginAccessIdentity}"
Id: webuiorigin
Enabled: True
Comment: cloudfront distribution for lex-web-ui
DefaultRootObject: index.html
Logging:
Bucket: !GetAtt LexWebUiCloudFrontDistributionLogsBucket.DomainName
IncludeCookies: True
Prefix: "lexwebui/"
CustomErrorResponses:
# Send errors to index file
# TODO move TTL to mapping or parameter
- ErrorCachingMinTTL: 300
ErrorCode: 403
ResponseCode: 200
ResponsePagePath: /index.html
- ErrorCachingMinTTL: 300
ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
- OPTIONS
CachedMethods:
- GET
- HEAD
- OPTIONS
Compress: true
TargetOriginId: webuiorigin
CachePolicyId: "658327ea-f89d-4fab-a63d-7e88639e58f6"
OriginRequestPolicyId: "88a5eaf4-2fd4-4709-b370-b4c650ea3fcf"
ViewerProtocolPolicy: redirect-to-https
ResponseHeadersPolicyId: !GetAtt LexWebUIResponseHeaderPolicy.Id
ViewerCertificate:
CloudFrontDefaultCertificate: true
HttpVersion: http2
IPV6Enabled: true
RestApi:
Type: AWS::CloudFormation::Stack
Condition: EnableLiveChat
Properties:
TimeoutInMinutes: 15
TemplateURL: !Sub "https://${SourceBucket}.s3.${AWS::Region}.amazonaws.com/${SourcePrefix}/templates/restapi.yaml"
Parameters:
ParentStackName: !Ref "AWS::StackName"
SourceBucket: !Ref SourceBucket
InitiateChatLambdaCodeObject: !Ref InitiateChatLambdaCodeObject
ConnectContactFlowId: !Ref ConnectContactFlowId
ConnectInstanceId: !Ref ConnectInstanceId
ParentOrigin: !Sub "https://${LexWebUiDistribution.DomainName}"
CodeBuild:
Type: AWS::CodeBuild::Project
Properties:
Name: !Ref CodeBuildName
Description: Used to configure and deploy the Lex Web UI
Artifacts:
Type: NO_ARTIFACTS
Environment:
Type: LINUX_CONTAINER
Image: aws/codebuild/amazonlinux2-x86_64-standard:2.0
ComputeType: BUILD_GENERAL1_SMALL
EnvironmentVariables:
- Name: BUILD_TYPE
Value: dist
- Name: POOL_ID
Value: !Ref CognitoIdentityPoolId
- Name: CONNECT_CONTACT_FLOW_ID
Value: !Ref ConnectContactFlowId
- Name: CONNECT_INSTANCE_ID
Value: !Ref ConnectInstanceId
- Name: CONNECT_API_GATEWAY_ENDPOINT
Value: !If [EnableLiveChat, !Sub "https://${RestApi.Outputs.RestApiId}.execute-api.${AWS::Region}.amazonaws.com/Prod/livechat", ""]
- Name: CONNECT_PROMPT_FOR_NAME_MESSAGE
Value: !Ref ConnectPromptForNameMessage
- Name: CONNECT_WAIT_FOR_AGENT_MESSAGE
Value: !Ref ConnectWaitForAgentMessage
- Name: CONNECT_WAIT_FOR_AGENT_MESSAGE_INTERVAL_IN_SECONDS
Value: !Ref ConnectWaitForAgentMessageIntervalInSeconds
- Name: CONNECT_LIVE_CHAT_TERMS
Value: !Ref ConnectLiveChatTerms
- Name: CONNECT_AGENT_JOINED_MESSAGE
Value: !Ref ConnectAgentJoinedMessage
- Name: CONNECT_AGENT_LEFT_MESSAGE
Value: !Ref ConnectAgentLeftMessage
- Name: CONNECT_CHAT_ENDED_MESSAGE
Value: !Ref ConnectChatEndedMessage
- Name: CONNECT_ATTACH_CHAT_TRANSCRIPT
Value: !Ref ConnectAttachChatTranscript
- Name: APP_USER_POOL_CLIENT_ID
Value: !Ref CognitoAppUserPoolClientId
- Name: APP_USER_POOL_NAME
Value: !Ref CognitoUserPoolId
- Name: WEBAPP_BUCKET
Value: !Ref WebAppBucket
- Name: AWS_DEFAULT_REGION
Value: !Sub "${AWS::Region}"
- Name: V2_BOT_ID
Value: !Ref LexV2BotId
- Name: V2_BOT_ALIAS_ID
Value: !Ref LexV2BotAliasId
- Name: V2_BOT_LOCALE_ID
Value: !Ref LexV2BotLocaleId
- Name: BOT_NAME
Value: !Ref BotName
- Name: BOT_ALIAS
Value: !Ref BotAlias
- Name: BOT_INITIAL_TEXT
Value: !Ref WebAppConfBotInitialText
- Name: BOT_INITIAL_SPEECH
Value: !Ref WebAppConfBotInitialSpeech
- Name: BOT_INITIAL_UTTERANCE
Value: !Ref WebAppConfBotInitialUtterance
- Name: NEGATIVE_INTENT
Value: !Ref WebAppConfNegativeFeedback
- Name: POSITIVE_INTENT
Value: !Ref WebAppConfPositiveFeedback
- Name: HELP_INTENT
Value: !Ref WebAppConfHelp
- Name: HIDE_BUTTON_MESSAGE_BUBBLE
Value: !Ref HideButtonMessageBubble
- Name: MESSAGE_MENU
Value: !Ref MessageMenu
- Name: BACK_BUTTON
Value: !Ref BackButton
- Name: MIN_BUTTON_CONTENT
Value: !Ref MinimizedButtonContent
- Name: UI_TOOLBAR_TITLE
Value: !Ref WebAppConfToolbarTitle
- Name: ENABLE_LOGIN
Value: !Ref ShouldEnableCognitoLogin
- Name: FORCE_LOGIN
Value: !Ref ShouldForceCognitoLogin
- Name: REINIT_SESSION_ATTRIBUTES_ON_RESTART
Value: !Ref ReInitSessionAttributesOnRestart
- Name: ENABLE_MARKDOWN_SUPPORT
Value: !Ref EnableMarkdownSupport
- Name: IFRAME_LOAD_MINIMIZED
Value: !Ref ShouldLoadIframeMinimized
- Name: SHOW_RESPONSE_CARD_TITLE
Value: !Ref ShowResponseCardTitle
- Name: PARENT_ORIGIN
Value: !If
- NeedsParentOrigin
- !Sub "https://${LexWebUiDistribution.DomainName}"
- !Ref ParentOrigin
- Name: IFRAME_ORIGIN
Value: !Sub "https://${LexWebUiDistribution.DomainName}"
- Name: WEBAPP_BUCKET_REGIONALDOMAINNAME
Value: !Sub "${WebAppBucket.RegionalDomainName}"
- Name: CLOUDFRONT_DOMAIN
Value: !Sub "${LexWebUiDistribution.DomainName}"
- Name: SAVE_HISTORY
Value: !Ref SaveHistory
- Name: ENABLE_LIVE_CHAT
Value: !Ref ShouldEnableLiveChat
- Name: BOT_RETRY_ON_LEX_POST_TEXT_TIMEOUT
Value: !Ref retryOnLexPostTextTimeout
- Name: BOT_RETRY_COUNT_POST_TEXT_TIMEOUT
Value: !Ref retryCountPostTextTimeout
- Name: TIMESTAMP
Value: !Ref Timestamp
ServiceRole: !Ref CodeBuildRoleArn
TimeoutInMinutes: 10
Source:
Type: S3
Location: !Sub "${SourceBucket}/${SourceObject}"
BuildSpec: !Sub |
version: 0.1
phases:
pre_build:
commands:
- aws configure set region "$AWS_DEFAULT_REGION"
- make load-current-config
- make config
post_build:
commands:
- make sync-website
- aws cloudfront create-invalidation --distribution-id "${LexWebUiDistribution}" --paths '/*'
# custom resource to start code build project
# parameters apart from ProjectName are not used but are required to trigger codebuild on any param changes
CodeBuildStarter:
Type: Custom::CodeBuildStarter
Properties:
ServiceToken: !GetAtt CodeBuildStarterLambda.Arn
ProjectName: !Ref CodeBuild
CognitoIdentityPoolId: !Ref CognitoIdentityPoolId
CognitoAppUserPoolClientId: !Ref CognitoAppUserPoolClientId
CognitoUserPoolId: !Ref CognitoUserPoolId
ConnectContactFlowId: !Ref ConnectContactFlowId
ConnectInstanceId: !Ref ConnectInstanceId
ConnectPromptForNameMessage: !Ref ConnectPromptForNameMessage
ConnectWaitForAgentMessage: !Ref ConnectWaitForAgentMessage
ConnectWaitForAgentMessageIntervalInSeconds: !Ref ConnectWaitForAgentMessageIntervalInSeconds
ConnectAgentJoinedMessage: !Ref ConnectAgentJoinedMessage
ConnectAgentLeftMessage: !Ref ConnectAgentLeftMessage
ConnectChatEndedMessage: !Ref ConnectChatEndedMessage
ConnectAttachChatTranscript: !Ref ConnectAttachChatTranscript
ConnectLiveChatTerms: !Ref ConnectLiveChatTerms
WebAppBucket: !Ref WebAppBucket
LexV2BotId: !Ref LexV2BotId
LexV2BotAliasId: !Ref LexV2BotAliasId
LexV2BotLocaleId: !Ref LexV2BotLocaleId
BotName: !Ref BotName
BotAlias: !Ref BotAlias
WebAppConfBotInitialText: !Ref WebAppConfBotInitialText
WebAppConfBotInitialSpeech: !Ref WebAppConfBotInitialSpeech
WebAppConfBotInitialUtterance: !Ref WebAppConfBotInitialUtterance
WebAppConfNegativeFeedback: !Ref WebAppConfNegativeFeedback
WebAppConfPositiveFeedback: !Ref WebAppConfPositiveFeedback
WebAppConfHelp: !Ref WebAppConfHelp
HideButtonMessageBubble: !Ref HideButtonMessageBubble
MessageMenu: !Ref MessageMenu
BackButton: !Ref BackButton
MinimizedButtonContent: !Ref MinimizedButtonContent
WebAppConfToolbarTitle: !Ref WebAppConfToolbarTitle
ShouldEnableCognitoLogin: !Ref ShouldEnableCognitoLogin
ShouldEnableLiveChat: !Ref ShouldEnableLiveChat
ShouldForceCognitoLogin: !Ref ShouldForceCognitoLogin
ReInitSessionAttributesOnRestart: !Ref ReInitSessionAttributesOnRestart
EnableMarkdownSupport: !Ref EnableMarkdownSupport
ShouldLoadIframeMinimized: !Ref ShouldLoadIframeMinimized
ShowResponseCardTitle: !Ref ShowResponseCardTitle
SaveHistory: !Ref SaveHistory
ParentOrigin: !Ref ParentOrigin
retryOnLexPostTextTimeout: !Ref retryOnLexPostTextTimeout
retryCountPostTextTimeout: !Ref retryCountPostTextTimeout
Timestamp: !Ref Timestamp
# Lambda function for custom resource
CodeBuildStarterLambda:
Type: AWS::Lambda::Function
Properties:
Code:
S3Bucket: !Ref SourceBucket
S3Key: !Ref CustomResourceCodeObject
Handler: codebuild-start.handler
Role: !Ref CodeBuildStarterLambdaRoleArn
Runtime: python3.7
Timeout: 120
TracingConfig:
Mode: Active
# custom resource to cleanup S3 buckets
S3Cleanup:
Type: Custom::S3Cleanup
Condition: ShouldCleanupBuckets
Properties:
ServiceToken: !GetAtt S3CleanupLambda.Arn
Buckets:
- !Ref WebAppBucketS3CleanupLambda:
Type: AWS::Lambda::Function
Condition: ShouldCleanupBuckets
Properties:
Code:
S3Bucket: !Ref SourceBucket
S3Key: !Ref CustomResourceCodeObject
Handler: s3-cleanup.handler
Role: !Ref S3CleanupLambdaRoleArn
Runtime: python3.7
Timeout: 120
TracingConfig:
Mode: ActiveOutputs: CodeBuildProject: Description: CodeBuild project name Value: !Ref CodeBuild
WebAppUrl:
Value: !Sub "https://${LexWebUiDistribution.DomainName}/index.html"
Description: URL of the web application
WebAppBase:
Value: !Sub "https://${LexWebUiDistribution.DomainName}"
Description: Base url portion of the web application
WebAppDomainName:
Value: !Sub "${LexWebUiDistribution.DomainName}"
Description: DomainName of the web application
ParentPageUrl:
Value: !Sub "https://${LexWebUiDistribution.DomainName}/parent.html"
Description: URL of the sample parent page
LoaderScriptUrl:
Value: !Sub "https://${LexWebUiDistribution.DomainName}/lex-web-ui-loader.min.js"
Description: URL of the loader script
SnippetUrl:
Value: !Sub "https://${LexWebUiDistribution.DomainName}/iframe-snippet.html"
Description: URL of a page showing the snippet to load the chatbot UI as an iframe
WebAppBucket:
Value: !Sub "${WebAppBucket}"
Description: S3 bucket hosting lexwebui artifacts
RestApiId:
Value: !Sub "${RestApi.Outputs.RestApiId}"
Description: Rest API ID if required by other elements
Condition: EnableLiveChatI Have Pasted the code which I am using in Codebuild-deploy template. Could you please help me to update the above code
atjohns
commented
1 year ago You just need to change the LexWebUiCloudFrontDistributionLogsBucket section to the below code. If you haven't made changes just pull the latest from the master branch as well.
LexWebUiCloudFrontDistributionLogsBucket:
Type: AWS::S3::Bucket
UpdateReplacePolicy: Retain
DeletionPolicy: Retain
Properties:
OwnershipControls:
Rules:
- ObjectOwnership: BucketOwnerPreferred
VersioningConfiguration:
Status: Enabled
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256I have pushed out the latest release of Lex Web UI which should resolve this issue.
Invalid request provided: AWS::CloudFront::Distribution: The S3 bucket that you specified for CloudFront logs does not enable ACL access: