aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
Apache License 2.0
11.55k stars 3.87k forks source link

aws-mwaa: CfnEnvironment logging configuration required parameters set to optional #30645

Open simond opened 3 months ago

simond commented 3 months ago

Describe the bug

When trying to instantiate a new CfnEnvironment with logging configuration set to the following:

loggingConfiguration: {
    taskLogs: {enabled: false},
    webserverLogs: {enabled: false},
    schedulerLogs: {enabled: false},
    workerLogs: {enabled: false},
    dagProcessingLogs: {enabled: false}

I get an error when running CDK deploy:

4:23:16 pm | CREATE_FAILED        | AWS::MWAA::Environment      | MwaaEnvironment
Resource handler returned message: "Invalid request provided: 5 validation errors detected: Value null at 'loggingConfiguration.schedulerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfigur
ation.dagProcessingLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.webserverLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfigurati
on.workerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.taskLogs.logLevel' failed to satisfy constraint: Member must not be null (Service: Mwaa, Status Code: 400, Request ID: 916

The error is due to the logLevel attribute not being passed into the logging options. The following fixes the issue:

loggingConfiguration: {
    taskLogs: {enabled: false, logLevel: 'INFO'},
    webserverLogs: {enabled: false, logLevel: 'INFO'},
    schedulerLogs: {enabled: false, logLevel: 'INFO'},
    workerLogs: {enabled: false, logLevel: 'INFO'},
    dagProcessingLogs: {enabled: false, logLevel: 'INFO'},

The issue is that that logLevel is not a required parameter according to the TypeScript interface:

 * Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .
 * @see
readonly logLevel?: string;

Expected Behavior

CDK should either:

Current Behavior

Error message asking me to provide the logLevel

Reproduction Steps

        const mwaaEnvironment = new mwaa.CfnEnvironment(this, "MwaaEnvironment", {
            name: 'MyMwaaEnvironment',
            airflowVersion: '2.0.2',
            environmentClass: 'mw1.small',
            maxWorkers: 1,
            minWorkers: 1,
            dagS3Path: 'dags',
            sourceBucketArn: {some bucket arn},
            executionRoleArn: {some role arn},
            requirementsS3Path: 'requirements.txt',
            pluginsS3Path: "",
            networkConfiguration: {
                securityGroupIds: [securityGroup.securityGroupId],
                subnetIds: vpc.selectSubnets({subnetType: ec2.SubnetType.PUBLIC}).subnetIds.slice(0, 2)
            webserverAccessMode: 'PUBLIC_ONLY',
            loggingConfiguration: {
                taskLogs: {enabled: false, logLevel: 'INFO'},
                webserverLogs: {enabled: false},
                schedulerLogs: {enabled: false},
                workerLogs: {enabled: false},
                dagProcessingLogs: {enabled: false},

Possible Solution

Provide a logLevel

Additional Information/Context

No response

CDK CLI Version

2.145.0 (build fdf53ba)

Framework Version

No response

Node.js Version






Language Version


Other information

No response

ashishdhingra commented 3 months ago


However, deploying the following CDK stack:

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as mwaa from 'aws-cdk-lib/aws-mwaa';

export class Issue30645Stack extends cdk.Stack {
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const mwaaEnvironment = new mwaa.CfnEnvironment(this, "MwaaEnvironment", {
      name: 'MyMwaaEnvironment',
      loggingConfiguration: {
          taskLogs: {enabled: false, logLevel: 'INFO'},
          webserverLogs: {enabled: false},
          schedulerLogs: {enabled: false},
          workerLogs: {enabled: false},
          dagProcessingLogs: {enabled: false},

gives the below validation error from CloudFormation:

11:23:22 AM | CREATE_FAILED        | AWS::MWAA::Environment | MwaaEnvironment
Resource handler returned message: "Invalid request provided: 8 validation errors detected: Value null at 'dagS3Path' failed to satisfy constraint: Member must not be null; Value nu
ll at 'loggingConfiguration.schedulerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.dagProcessingLogs.logLevel' failed to
satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.webserverLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggin
gConfiguration.workerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'networkConfiguration' failed to satisfy constraint: Member must not be null
; Value null at 'sourceBucketArn' failed to satisfy constraint: Member must not be null; Value null at 'executionRoleArn' failed to satisfy constraint: Member must not be null (Serv
ice: Mwaa, Status Code: 400, Request ID: 8319e3d0-4320-4748-8ff1-c873cb413650)" (RequestToken: b6c7274d-c040-c02e-b1d6-f43c071438d3, HandlerErrorCode: InvalidRequest)

 ❌  Issue30645Stack failed: Error: The stack named Issue30645Stack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: 8 validation errors detected: Value null at 'dagS3Path' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.schedulerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.dagProcessingLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.webserverLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.workerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'networkConfiguration' failed to satisfy constraint: Member must not be null; Value null at 'sourceBucketArn' failed to satisfy constraint: Member must not be null; Value null at 'executionRoleArn' failed to satisfy constraint: Member must not be null (Service: Mwaa, Status Code: 400, Request ID: 8319e3d0-4320-4748-8ff1-c873cb413650)" (RequestToken: b6c7274d-c040-c02e-b1d6-f43c071438d3, HandlerErrorCode: InvalidRequest)
    at FullCloudFormationDeployment.monitorDeployment (/usr/local/lib/node_modules/aws-cdk/lib/index.js:451:10568)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.deployStack2 [as deployStack] (/usr/local/lib/node_modules/aws-cdk/lib/index.js:454:199716)
    at async /usr/local/lib/node_modules/aws-cdk/lib/index.js:454:181438

 ❌ Deployment failed: Error: The stack named Issue30645Stack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: 8 validation errors detected: Value null at 'dagS3Path' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.schedulerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.dagProcessingLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.webserverLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.workerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'networkConfiguration' failed to satisfy constraint: Member must not be null; Value null at 'sourceBucketArn' failed to satisfy constraint: Member must not be null; Value null at 'executionRoleArn' failed to satisfy constraint: Member must not be null (Service: Mwaa, Status Code: 400, Request ID: 8319e3d0-4320-4748-8ff1-c873cb413650)" (RequestToken: b6c7274d-c040-c02e-b1d6-f43c071438d3, HandlerErrorCode: InvalidRequest)
    at FullCloudFormationDeployment.monitorDeployment (/usr/local/lib/node_modules/aws-cdk/lib/index.js:451:10568)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.deployStack2 [as deployStack] (/usr/local/lib/node_modules/aws-cdk/lib/index.js:454:199716)
    at async /usr/local/lib/node_modules/aws-cdk/lib/index.js:454:181438

The stack named Issue30645Stack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: 8 validation errors detected: Value null at 'dagS3Path' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.schedulerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.dagProcessingLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.webserverLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'loggingConfiguration.workerLogs.logLevel' failed to satisfy constraint: Member must not be null; Value null at 'networkConfiguration' failed to satisfy constraint: Member must not be null; Value null at 'sourceBucketArn' failed to satisfy constraint: Member must not be null; Value null at 'executionRoleArn' failed to satisfy constraint: Member must not be null (Service: Mwaa, Status Code: 400, Request ID: 8319e3d0-4320-4748-8ff1-c873cb413650)" (RequestToken: b6c7274d-c040-c02e-b1d6-f43c071438d3, HandlerErrorCode: InvalidRequest)

Same goes for SourceBucketArn which is specified as not required at AWS::MWAA::Environment.

Most likely an issue with CloudFormation resource specification.

ashishdhingra commented 3 months ago

Internal tracking ticket: P137161118

Another internal ticket (from above ticket): P137427298