empty PREFIX_LISTS is not supported by Custom-Destinations, invalid value for parameter destination-cidr-block:

[jwiechmann]

Describe the bug

After the approve step via the cognito GUI the state machine causes an error: "An error occurred (InvalidParameterValue) when calling the CreateRoute operation: invalid value for parameter destination-cidr-block:" This means, the lambda is trying to add a route with an empty CIDR parameter. This is caused by trying to read the PREFIX_LISTS but this list is empty. The step to use CIDR_BLOCK is working well.

To Reproduce

This environment is used:

variable	value
CIDR_BLOCKS	10.0.0.0/8
DEFAULT_ROUTE	Custom-Destinations
PREFIX_LISTS

With this workaround it's running well: PREFIX_LISTS=10.0.0.0/8

Expected behavior

Request can be approved.

Please complete the following information about the solution:

• [v3.2.1] Version: [e.g. v1.0.0]

To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "(SO0009) - The AWS CloudFormation template for deployment of the aws-centralized-logging. Version v1.0.0". You can also find the version from releases

• [eu-central-1 ] Region: [e.g. us-east-1]
• [no] Was the solution modified from the version published on this repository?
• [no] If the answer to the previous question was yes, are the changes available on GitHub?
• [yes] Have you checked your service quotas for the sevices this solution uses?
• [yes] Were there any errors in the CloudWatch Logs? How to enable debug mode?

Screenshots If applicable, add screenshots to help explain your problem (please DO NOT include sensitive information).

Additional context

*** Source Code

    def _update_route_table_with_prefix_lists(self, ec2, existing_routes):
        prefix_lists = environ.get("PREFIX_LISTS").split(",")         ## <------ this returns 1 and not 0 if the variable exists
        if len(prefix_lists) > 0:
            for prefix_list_id in prefix_lists:
                self.logger.info(f"Adding prefix list id: {prefix_list_id}")
                self._find_existing_default_route(existing_routes, prefix_list_id)
                self._update_route_table(ec2, prefix_list_id).           ## <---- this cannot work with the undefined route

*** CloudWatch

"error-info": {
            "Error": "ClientError",
            "Cause": "{\"errorMessage\":\"An error occurred (InvalidParameterValue) when calling the CreateRoute operation: invalid value for parameter destination-cidr-block:\",\"errorType\":\"ClientError\",\"requestId\":\"de5388cf-b914-4fa3-8c2a-4ca32fac2a96\",\"stackTrace\":[\"  File \\\"/var/task/state_machine/index.py\\\", line 45, in lambda_handler\\n    return vpc(event, function_name)\\n\",\"  File \\\"/var/task/state_machine/index.py\\\", line 116, in vpc\\n    response = vpc.default_route_crud_operations()\\n\",\"  File \\\"/var/task/state_machine/lib/handlers/vpc_handler.py\\\", line 649, in default_route_crud_operations\\n    self._update_route_table_with_prefix_lists(ec2, existing_routes)\\n\",\"  File \\\"/var/task/state_machine/lib/handlers/vpc_handler.py\\\", line 677, in _update_route_table_with_prefix_lists\\n    self._update_route_table(ec2, prefix_list_id)\\n\",\"  File \\\"/var/task/state_machine/lib/handlers/vpc_handler.py\\\", line 600, in _update_route_table\\n    self._create_route(ec2, route)\\n\",\"  File \\\"/var/task/state_machine/lib/handlers/vpc_handler.py\\\", line 520, in _create_route\\n    ec2.create_route_cidr_block(\\n\",\"  File \\\"/var/task/state_machine/lib/clients/ec2.py\\\", line 95, in create_route_cidr_block\\n    response = self.ec2_client.create_route(\\n\",\"  File \\\"/var/task/botocore/client.py\\\", line 530, in _api_call\\n    return self._make_api_call(operation_name, kwargs)\\n\",\"  File \\\"/var/task/botocore/client.py\\\", line 960, in _make_api_call\\n    raise error_class(parsed_response, operation_name)\\n\"]}"
        }

[jwiechmann]

The implementation in v301 is using this:

state_machine/utils/string_manipulation.py

###############################################################################
# !/bin/python
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""State Machine Handler module"""

def convert_string_to_list(comma_delimited_list: str) -> list:
    """
    Converts the comma delimited list of string to a list type and skips adding
    empty strings to the list.
    :param comma_delimited_list:
    :return: list
    """
    empty_string = ''
    return [value.strip() for value in comma_delimited_list.split(',')
            if value != empty_string]

[groverlalit]

Thanks for opening this issue. We will test and fix this in the next release planned for Q2 2023. Thanks.

[groverlalit]

Thanks for raising this issue. This bug will be resolved in the next release.