CfnDeliveryChannel never completes and blocks deployment

Note: for support questions, please first reference our documentation, then use Stackoverflow. This repository’s issues are intended for feature requests and bug reports.

• I’m submitting a …

  • 🪲 bug report
  • 🚀 feature request
  • 📚 construct library gap
  • ☎️ security issue or vulnerability => Please see policy
  • ❓ support request => Please see note at the top of this template.

• What is the current behavior? If the current behavior is a 🪲bug🪲: Please provide the steps to reproduce

CfnDeliveryChannel causes a deployment to sit idle for >30min and never completes

/** create the config bucket */
        const configRulesDeliveryBucket = new Bucket(this, 'configRulesDeliveryBucket', {
            bucketName: `aws-configrules-${config.accountNumber}-do-not-delete`,
            removalPolicy: cdk.RemovalPolicy.DESTROY
        });

        /** add cloudtrail bucket policies */
        configRulesDeliveryBucket.addToResourcePolicy(new PolicyStatement({
            effect: Effect.ALLOW,
            principals: [ new ServicePrincipal('config.amazonaws.com') ],
            actions: ['s3:*'],
            resources: [`${configRulesDeliveryBucket.bucketArn}`]
        }))


        /** we need a delivery channel for config rules */
        const configDeliveryChannel = new CfnDeliveryChannel(this, 'configDeliveryChannel', {
            s3BucketName: configRulesDeliveryBucket.bucketName,
            name: 'configDeliveryChannel'
        })

 /** create a config recorder so we capture everything first */
        const configRecorder = new CfnConfigurationRecorder(this, 'configRecorder', {
            name: `${config.customerName}ConfigRecorder`,
            roleArn: prototypingConfigServiceRole.roleArn,
            recordingGroup: {
                allSupported: false,
                includeGlobalResourceTypes: false,
                resourceTypes: [
                    "AWS::EC2::EIP",
                    "AWS::EC2::Instance",
                    "AWS::EC2::NetworkAcl",
                    "AWS::EC2::SecurityGroup",
                    "AWS::CloudTrail::Trail",
                    "AWS::EC2::Volume",
                    "AWS::EC2::VPC",
                    "AWS::IAM::User",
                    "AWS::IAM::Policy"
                ]
            }
        })

        configRecorder.node.addDependency(configDeliveryChannel)

• What is the expected behavior (or behavior of feature suggested)?

Creation of a config rules delivery stream followed by a config rules recorder

• Please tell us about your environment:

  • CDK CLI Version: 1.0.0 (build d89592e)
  • Module Version: 1.3.0
  • OS: [ OSX Mojave]
  • Language: [ TypeScript]