Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
(aws-codepipeline): Asset from BucketDeployment not deployed to cross-account bucket
See original GitHub issueDescribe the bug
This is going to be tricky to describe without all the code, but I’ll do my best.
I have a pipeline that is using Pipeline from CodePipeline, CDKv2, current version. Since all components were upgraded to CDKv2, I’m assuming it’s using newStyleSynthesis by default and I can see some hints of that in the generated CloudFormation template (checking for Bootstrap version, referencing the bootstrap S3 asset bucket).
Now, there is a deployment step defined like this:
actions: [
new CloudFormationCreateUpdateStackAction({
runOrder: 1,
actionName: 'DeployCF',
stackName: props.deployedStackName,
adminPermissions: false,
role: this.integrationDevOpsRole,
deploymentRole: this.integrationChangeSetRole,
parameterOverrides: {
s3LambdaLayerCodeBucketName: lambdaLayerArtifact.bucketName,
s3LambdaLayerCodeBucketKey: lambdaLayerArtifact.objectKey,
s3LambdaCodeBucketName: lambdaArtifact.bucketName,
s3LambdaCodeBucketKey: lambdaArtifact.objectKey,
},
extraInputs: [lambdaArtifact, lambdaLayerArtifact],
templatePath: cdkNoMonitoring.artifact.atPath(`${templatePath}`),
cfnCapabilities: [CfnCapabilities.NAMED_IAM, CfnCapabilities.AUTO_EXPAND],
In the cdkNoMonitoring Stack there is a definition of:
new BucketDeployment(this, 'TemplatesDeploy', {
sources: [Source.asset(path.join(__dirname, 'templates'))],
destinationBucket: aBucket,
destinationKeyPrefix: 'templates',
});
and that step fails in the cross-account target AWS account deployment, because:
Error occurred while GetObject. S3 Error Code: NoSuchKey. S3 Error Message: The specified key does not exist. (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException;
And indeed, when I check the cdkNoMonitoring CloudFormation template, I can see that CDK generates a reference to the S3 asset bucket on the pipeline account correctly:
TemplatesDeployAwsCliLayer21CBB3EE:
Type: AWS::Lambda::LayerVersion
Properties:
Content:
S3Bucket:
Fn::Sub: cdk-XXX-assets-${AWS::AccountId}-${AWS::Region}
S3Key: XXX.zip
Description: /opt/awscli/aws
Metadata:
aws:cdk:path: ...
aws:asset:path: asset.02927fd0ce5bb130cbc8d11f17469e74496526efe5186a9ab36e8a8138e9a557.zip
aws:asset:is-bundled: false
aws:asset:property: Content
If I check the artefact of the cdkNoMonitoring build, I can see that the asset.02927fd0ce5bb130cbc8d11f17469e74496526efe5186a9ab36e8a8138e9a557 is there.
However, that asset is not being indeed deployed to the cdk-XXX-assets-${AWS::AccountId}-${AWS::Region} and if I understand correct, that’s the moment when that asset should be placed in that cross-account S3 bucket.
I know I could do probably the magic with parameterOverrides but I thought that CDKv2 and new bootstrap solved this usecase out of the box, doesn’t it?
Am I missing some step? property?
Expected Behavior
as above
Current Behavior
as above
Reproduction Steps
as above
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.26.0 (build a409d63)
Framework Version
2.27.0
Node.js Version
14.19.3
OS
MacOS
Language
Typescript
Language Version
No response
Other information
No response
Issue Analytics
- State:
- Created a year ago
- Reactions:1
- Comments:14 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Hey, thanks for all this info @rantoniuk. I’ll take a look at this on monday 🙂
Sorry I haven’t gotten to this yet, will do my best by tomorrow