(aws-s3-deployment): BucketDeployment creates Lambda function with unsupported runtime

[matheushent]

Describe the bug

Basically what happens is the class BucketDeployment from the aws-s3-deployment creates a Lambda function (a child in this case) which has as its runtime Python 3.6 but Lambda doesn't support this version anymore. So, when deploying the stack, CloudFormation raises the following error:

Resource handler returned message: "The runtime parameter of python3.6 is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (python3.9) while creating or updating functions.

The problem is also the fact I cannot set the runtime I want to neither in CDK v1 nor CDK v2.

Expected Behavior

I'd expect CDK to set a supported Runtime by Lambda

Current Behavior

CDK is setting Python 3.6 as default runtime and not allowing me to specify another runtime

Reproduction Steps

The following python code reproduces the bug. Note that, when listing, synthing and deploying, CloudFormation won't point out any error. In fact, is Lambda that indicates the error when the stack is deployed.

from aws_cdk import (
    core,
    aws_s3 as s3,
    aws_route53 as route53,
    aws_cloudfront as cloudfront,
    aws_certificatemanager as cm,
    aws_s3_deployment as s3_deploy,
    aws_route53_targets as targets,
    aws_lambda as _lambda,
)

from typing import Dict

class Stack(core.Stack):
    def __init__(self, app: core.App, id: str, props: Dict, **kwargs):
        super().__init__(app, id, **kwargs)

        site_domain = "your-hosted-zone.com"

        hosted_zone = route53.HostedZone.from_hosted_zone_attributes(
            self,
            "HostedZone",
            hosted_zone_id="your hosted zone id",
            zone_name="your-hosted-zone.com",
        )

        bucket = s3.Bucket(
            self,
            "TestingBucket",
            bucket_name=site_domain,
            website_index_document="index.html",
            website_error_document="index.html",
            removal_policy=core.RemovalPolicy.RETAIN,
            cors=[
                s3.CorsRule(
                    allowed_origins=["*"],
                    allowed_methods=[
                        s3.HttpMethods.GET,
                        s3.HttpMethods.HEAD,
                        s3.HttpMethods.POST,
                        s3.HttpMethods.PUT,
                        s3.HttpMethods.DELETE,
                    ],
                    allowed_headers=["*"],
                )
            ],
            public_read_access=True,
        )

        certificate = cm.Certificate(
            self,
            "Certificate",
            domain_name=site_domain,
            validation=cm.CertificateValidation.from_dns(hosted_zone=hosted_zone),
        )

        distribution = cloudfront.CloudFrontWebDistribution(
            self,
            "Distribution",
            alias_configuration=cloudfront.AliasConfiguration(
                acm_cert_ref=certificate.certificate_arn,
                names=[site_domain],
                ssl_method=cloudfront.SSLMethod.SNI,
                security_policy=cloudfront.SecurityPolicyProtocol.TLS_V1_1_2016,
            ),
            origin_configs=[
                cloudfront.SourceConfiguration(
                    custom_origin_source=cloudfront.CustomOriginConfig(
                        domain_name=bucket.bucket_website_domain_name,
                        origin_protocol_policy=cloudfront.OriginProtocolPolicy.HTTP_ONLY,
                    ),
                    behaviors=[
                        cloudfront.Behavior(
                            is_default_behavior=True,
                            max_ttl=core.Duration.seconds(0),
                            min_ttl=core.Duration.seconds(0),
                            default_ttl=core.Duration.seconds(0),
                        )
                    ],
                )
            ],
        )

        record = route53.ARecord(
            self,
            "ARecord",
            target=route53.RecordTarget.from_alias(
                targets.CloudFrontTarget(distribution=distribution)
            ),
            zone=hosted_zone,
            record_name=site_domain,
        )

        s3_deployment = s3_deploy.BucketDeployment(
            self,
            "BucketDeployment",
            sources=[s3_deploy.Source.asset("./build")],
            destination_bucket=bucket,
            memory_limit=512,
            distribution=distribution,
        )

The snippet above was teste in both CDK versions: v1 and v2.

Possible Solution

A possible solutions is to allow the runtime specification in the BucketDeployment class. Another solution (not the one I prefer) is to hardcode the runtime as it currently is but use one supported instead.

Additional Information/Context

No response

CDK CLI Version

2.35.0

Framework Version

No response

Node.js Version

16.15.1

OS

macOS Monterey 12.5

Language

Python

Language Version

Python (3.9.13)

Other information

No response

[s1mrankaur]

same issue. Is there a solution here?

[jumic]

@matheushent @s1mrankaur In #21148 the Python version for aws-s3-deployment was upgraded from 3.7 to 3.9.

Are using the latest version of AWS CDK in your project? I think your CDK CLI version is up-to-date. Did you also check the CDK version in your project (package.json in Typescript, requirements.txt in Python)?

Maybe the version 3.6 issue is related to outdated dependencies because the latest PR changes version 3.7 to 3.9. Therefore I would expect minimum version 3.7 in the Lambda handler.

CC @kaizencc

[matheushent]

@jumic indeed, it seems I do have the CLI up to date but not the packages, that's the problem

[matheushent]

Indeed, missing to upgrade the packages was the problem for me. I shall solve since my issue is fixed.

[github-actions[bot]]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

[s1mrankaur]

@matheushent
This is what I have in package.json . I upgraded cdk already. Do I also need to update @aws-cdk/aws-s3 ?

 "devDependencies": {
    "@aws-cdk/aws-codebuild": "1.119.0",
    "@aws-cdk/aws-codecommit": "1.119.0",
    "@aws-cdk/aws-codepipeline": "1.119.0",
    "@aws-cdk/aws-codepipeline-actions": "1.119.0",
    "@aws-cdk/aws-ec2": "1.119.0",
    "@aws-cdk/aws-ecr": "^1.119.0",
    "@aws-cdk/aws-events-targets": "1.119.0",
    "@aws-cdk/aws-iam": "1.119.0",
    "@aws-cdk/aws-lambda": "1.119.0",
    "@aws-cdk/aws-s3": "1.119.0",
    "@aws-cdk/aws-sns": "1.119.0",
    "@aws-cdk/aws-sns-subscriptions": "1.119.0",
    "@aws-cdk/core": "1.119.0",
    "@types/node": "15.6.1",
    "aws-cdk": "2.35.0",
    "aws-sdk": "^2.792.0",
    "husky": "^4.3.0",
    "ts-node": "^10.3.0",
    "tsort": "0.0.1",
    "typescript": "^4.0.5"
  },
  "dependencies": {
    "@aws-cdk/aws-s3-deployment": "1.119.0",
    "@aws-cdk/aws-secretsmanager": "1.119.0",
    "@aws-cdk/aws-ssm": "1.119.0",
    "@aws-cdk/cloudformation-diff": "^1.119.0",
    "cdk-assets": "^1.124.0",
    "source-map-support": "^0.5.19"
  }
}

[matheushent]

@s1mrankaur the missing piece you have (the same as I had) is you don't need to define the 1.x packages. Just defining aws-cdk 2.35.0 should work

[s1mrankaur]

@matheushent Thanks for your response. I have these imports everywhere for all of the modules.

import * as s3deploy from '@aws-cdk/aws-s3-deployment';

What should these be replaced with?

[jumic]

@s1mrankaur There is a migration guide that describes the steps: https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html#migrating-v2-v1-uppgrade Search for "Change your imports to import" on this page, there you will find an example.

import { aws_s3_deployment as s3deploy } from 'aws-cdk-lib';