Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

(aws-cloudtrail): stack not updated to single-region

See original GitHub issue

What is the problem?

Creating Cloud Trail with default options results in a multi-region trail. Changing the options to single region does not have any effect.

Workaround:

remove the trail definition, deploy, re-add with a multiRegion set to false

Reproduction Steps

Create Trail with:

const trail = new Trail(this, 'Trail', { });

and deploy.

Then update the CDK to:

    const trail = new Trail(this, 'Trail', {
      isMultiRegionTrail: false,
    });

and check cdk diff, it will report no diff.

What did you expect to happen?

Trail to be changed to single-region by replacement or options change.

What actually happened?

Nothing.

CDK CLI Version

1.129.0

Framework Version

No response

Node.js Version

OS

MacOS

Language

Typescript

Language Version

4.0

Other information

No response

Issue Analytics

State:
Created 2 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

1reaction

rix0rrrcommented, Oct 27, 2021

I don’t disagree with you, I’m just saying practically that you can achieve the same effect today if you must. BPA on a per-bucket basis can and should probably be implemented as an Aspect. We don’t have this available readily, but you can implement it yourself.

Bucket deletion cannot be implemented as an Aspect, but would be covered by this: https://github.com/aws/aws-cdk-rfcs/issues/25. In the mean time, you are going to have to create a bucket that is configured for proper cleanup yourself and pass it to the trail, rather than rely on the automatically created bucket. In the same way you can set up BPA for the one bucket, rather than implement it as an Aspect.

Tags are an implementation detail of CloudFormation. I do not know why CloudFormation is not tagging the trail appropriately, but unfortunately we can not do anything about that. Get in touch with CloudFormation to report this to them: https://github.com/aws-cloudformation/cloudformation-coverage-roadmap

I cannot reproduce the original issue around isMultiRegionTrail not producing any diffs. It does for me.

I don’t think there’s anything actionable for us in this issue that is not covered elsewhere, right? And if you want to open a feature request for a BPA Aspect, I feel that should be a separate issue.

Are you alright with me closing this one out?

0reactions

github-actions[bot]commented, Oct 27, 2021

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

Top Results From Across the Web

AWS::CloudTrail::Trail - AWS CloudFormation

Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.

Troubleshoot CloudFormation stacks that are stuck in progress

Open the CloudFormation console. In the navigation pane, choose Stacks, and then select the stack that's in a stuck state.

Troubleshooting CloudFormation - AWS Documentation

When you create or update an AWS CloudFormation stack, your stack can fail due to invalid input parameters, unsupported resource property names, or...

Logging AWS CloudFormation API calls with AWS CloudTrail

A trail enables CloudTrail to deliver log files to an Amazon S3 bucket. By default, when you create a trail in the console,...

Integrating existing AWS CloudTrail configurations when ...

Step 2: Setup temporary multi-Region trails in all of your accounts · Navigate to the Stacks option in the AWS CloudFormation console in...