(aws-s3-deployment): Bucket Deployment Lambda generation doesn't follow ARN length standards

Arkano22 commented 1 year ago

Describe the bug

** Couldn't find on the module documentation any way to assign/override the name for the lambda function (search on google also didn't throw any particular solution)

From CDK I was able to make use of the BucketDeployment while compiling my project locally; But during the actual deployment on CloudFormation I received an error due to a Lambda layer that gets generated through the BucketDeployment construct which broke the ARN max length.

Expected Behavior

CDK Lib to be either notify of this prior to deploying to CloudFormation, or for the module to be smart enough to appropriately shorten the name length to fit within the ARN standards

Current Behavior

Build succeeds locally, but while the deployment of the CDK template occurs on CloudFormation, it fails with the following error

Resource handler returned message: "1 validation error detected: Value '[arn:aws:lambda:us-west-2:123456789012:layer:SomeNameConcatenationThatIsLongerThan80CharactersLongAwsCliLayer3DA59007:1]' at 'layers' failed to satisfy constraint: Member must satisfy constraint: [Member must have length less than or equal to 140, Member must have length greater than or equal to 1, Member must satisfy regular expression pattern: (arn:[a-zA-Z0-9-]+:lambda:[a-zA-Z0-9-]+:\d{12}:layer:[a-zA-Z0-9-_]+:[0-9]+)|(arn:[a-zA-Z0-9-]+:lambda:::awslayer:[a-zA-Z0-9-_]+), Member must not be null] (Service: Lambda, Status Code: 400, Request ID: 7fbbe2e6-b5cf-4d93-a437-449c5ee2f4f9)" (RequestToken: d8304a82-526c-11f1-ab7f-7cf639c790d5, HandlerErrorCode: InvalidRequest)

The above layer is created as part of the Bucket Deployment utility provided by the CDK module

Reproduction Steps

Create a stack which includes a construct with an id with the following setup

this.customUploader = new Uploader(this,IdIsANameWithALengthOfAtLeast58Characters, {...})

Length should be defined only by [A-Z][a-z] characters as special characters i.e. - are removed from the concatenation.

Inside the construct include the BucketDeployment with a setup similar to

const bucketDeployment = new BucketDeployment(this, 'IdIsANameWithALengthOfAtLeast24Characters', {...})

The above will generate during the CloudFormation deployment a Lambda function with the following concatenation

arn:aws:lambda:region:123456789012:layer:IdIsANameWithALengthOfAtLeast58CharactersIdIsANameWithALengthOfAtLeast24CharactersAwsCliLayerRandomIDDisambiguator

Which then fails the generation of the stack due to the error mentioned above

Possible Solution

Couple of possible choices:

Allow customers to provide the names of the lambdas to be generated over the construct definition as optionals
Review the concatenation length of the Id to trim/truncate on it as to avoid surpassing the Lambda standard for ARN generation

Additional Information/Context

No response

CDK CLI Version

2.46.0

Framework Version

No response

Node.js Version

14

OS

MacOS Ventura 13.3.1

Language

Typescript

Language Version

4.8.4

Other information

No response

peterwoodworth commented 1 year ago

Thanks for reporting, I was able to reproduce this.

I don't think this is a bug with our constructs, but rather with the CloudFormation implementation of the LayerVersion resource. We aren't manually setting the physical name, we're leaving it up to CloudFormation to decide the physical name here. CloudFormation ends up deciding on a physical name that is identical to the logical ID, when they should truncate if necessary.

I have reported this internally, and will provide updates as they become available P88281898

SatyadevGolla commented 1 year ago

Hey! Is there a temporary solution for this? I currently ran into the same issue.

Justinon commented 1 year ago

Also running into this issue, would love a workaround.

BwL1289 commented 10 months ago

@SatyadevGolla I made the logical Id very short and it worked. Hope that helps

aws / aws-cdk