search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.57k stars 3.88k forks source link

cfn-include: CFN function not working with tags #23934

Open agp28 opened 1 year ago

agp28 commented 1 year ago

Describe the bug

Using CfnInclude to use a cloudformation template having cfn functions like "Fn::If" gives an error.

Simplified sample cloudformation temlate:-

    "V2UserLoadBalancer": {
      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
      "Properties": {
        "Tags": [
          {
            "Fn::If": [
              "SomeCondition",
              {
                "Key": "SomeKey",
                "Value": "SomeValue"
              },
              {
                "Ref": "AWS::NoValue"
              }
            ]
          }
        ]
      }
    }

Error Message:-

Error: Resolution error: Supplied properties not correct for "CfnLoadBalancerProps"
  tags: element 0: {} should have a 'key' and a 'value' property.

When trying to use CFN function with tags for

Similar bug that was filed in past, but it looks https://github.com/aws/aws-cdk/pull/19923 it only worked for a certain set of tag properties.

Expected Behavior

It should have worked without giving any errors related to tags.

Current Behavior

CfnInclude is not supporting Tag properties with conditions for certain resources due to which it becomes impossible to consume such templates.

Reproduction Steps

Added in issue description.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.60.0

Framework Version

No response

Node.js Version

16

OS

macOS

Language

Typescript

Language Version

No response

Other information

No response

peterwoodworth commented 1 year ago

Thanks for reporting this, I'm able to confirm the same error with a template I can verify successfully deploys.

My guess as to why this is happening is because the other fix addressed an atypical way to tag resources in CloudFormation. i.e. the resource addressed in the other PR doesn't use the Tags universal type, and instead a TagProperty type. Since it uses a unique type, my theory is that the tag property doesn't go through validateCfnTag() check like it does for most resources, but instead goes through the validateObject() check. I could be wrong however, and even if I'm right I'm not sure how we should fix this.

ozeebee commented 1 year ago

Hello, I'm experiencing same issue ... Any chance to have this fixed ? Or any clue to work-around this ? Thanks !

BrandonShutter commented 1 year ago

Bump, running into this as well.

jamestelfer commented 11 months ago

This issue causes the Buildkite Elastic Stack template to fail to import: https://github.com/buildkite/elastic-ci-stack-for-aws/blob/main/templates/aws-stack.yml

Errors are of the form:

CfnSynthesisError: Resolution error: Supplied properties not correct for "CfnBucketProps"
  tags: element 0: {} should have a 'key' and a 'value' property.

Commenting out the offending tag specifications allows this to work:

        TagSpecifications:
          - ResourceType: instance
            Tags:
              - Key: Role
                Value: buildkite-agent
              - Key: Name
                Value: !Ref InstanceName
              - Key: BuildkiteAgentRelease
                Value: !Ref BuildkiteAgentRelease
              - Key: BuildkiteQueue
                Value: !Ref BuildkiteQueue
              - !If
                - UseCostAllocationTags
                - Key: !Ref CostAllocationTagName
                  Value: !Ref CostAllocationTagValue
                - !Ref "AWS::NoValue"

Hopefully this gives a further real world test subject for any fix.