Closed RachelleJanssen closed 4 years ago
When creating a CfnWebACL from @aws-cdk/aws-wafv2 the output is incorrect and results in an Internal Failure when trying to run cdk deploy
cdk deploy
The typedef of CfnWebACL has a "rules" property, which is an object containing another "rules" property, which is an array of actual rules.
CfnWebACL
import * as cdk from "@aws-cdk/core"; import waf = require("@aws-cdk/aws-waf"); import wafv2 = require("@aws-cdk/aws-wafv2"); export class AwsCdkAclStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); const acl = new wafv2.CfnWebACL(this, "ACL2", { defaultAction: { allow: true, }, scope: "CLOUDFRONT", visibilityConfig: { cloudWatchMetricsEnabled: true, metricName: "waf", sampledRequestsEnabled: false, }, rules: { rules: [ // rules go here ], }, }); } }
When running cdk , it outputs a similar wrapper which causes an internal failure on cloudformation
{ "Resources": { "ACL2": { "Type": "AWS::WAFv2::WebACL", "Properties": { "DefaultAction": { "Allow": {} }, "Scope": "CLOUDFRONT", "VisibilityConfig": { "CloudWatchMetricsEnabled": true, "MetricName": "waf", "SampledRequestsEnabled": false }, "Rules": { "Rules": [ // rule objects go here ] } }, "Metadata": { "aws:cdk:path": "AwsCdkAclStack/ACL2" } } } }
AwsCdkAclStack (ACLTestStack): deploying... ACLTestStack: creating CloudFormation changeset... 0/3 | 7:17:31 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | ACLTestStack User Initiated 0/3 | 7:17:35 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata 0/3 | 7:17:35 PM | CREATE_IN_PROGRESS | AWS::WAFv2::WebACL | AwsCdkAclStack/ACL2 (ACL2) 1/3 | 7:17:36 PM | CREATE_FAILED | AWS::WAFv2::WebACL | AwsCdkAclStack/ACL2 (ACL2) Internal Failure 2/3 | 7:17:37 PM | CREATE_FAILED | AWS::CDK::Metadata | CDKMetadata Resource creation cancelled 2/3 | 7:17:37 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | ACLTestStack The following resource(s) failed to create: [ACL2, CDKMetadata]. . Rollback requested by user. 3/3 | 7:17:59 PM | DELETE_COMPLETE | AWS::WAFv2::WebACL | AwsCdkAclStack/ACL2 (ACL2) 3/3 | 7:17:59 PM | DELETE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata 4/3 | 7:18:00 PM | DELETE_COMPLETE | AWS::CDK::Metadata | CDKMetadata 5/3 | 7:18:01 PM | ROLLBACK_COMPLETE | AWS::CloudFormation::Stack | ACLTestStack
By manually removing the object wrapper from the cdk.output file from
"Rules": { "Rules": [] }
to
"Rules": []
I'm able to use the cdk.output file in the cloudformation console to create the stack.
This is :bug: Bug Report
Duplicate of https://github.com/aws/aws-cdk/issues/6056 and the other one has more useful discussion.
When creating a CfnWebACL from @aws-cdk/aws-wafv2 the output is incorrect and results in an Internal Failure when trying to run
cdk deploy
Reproduction Steps
The typedef of
CfnWebACL
has a "rules" property, which is an object containing another "rules" property, which is an array of actual rules.When running cdk , it outputs a similar wrapper which causes an internal failure on cloudformation
Error Log
Environment
Other
By manually removing the object wrapper from the cdk.output file from
to
I'm able to use the cdk.output file in the cloudformation console to create the stack.
This is :bug: Bug Report