(CloudFront): Initial Create Succeeds, Subsequent Updates Fail with Invalid request provided: AWS::CloudFront::PublicKey
See original GitHub issueThe following code will create a proper Cloudfront PublicKey and it is usable to restrict access to private resources.
But, any updates to the stack that update the CloudFront PublicKey will fail with:
Resource handler returned message: "Invalid request provided: AWS::CloudFront::PublicKey" (RequestToken: fd28451c-389a-cdd8-d3f7-2bb76874bfee, HandlerErrorCode: InvalidRequest)
Reproduction Steps
cloudfront_public_key = cloudfront.PublicKey(
self, "cloudfront-public-key",
encoded_key=<generated_public_key>
)
cloudfront_keygroup = cloudfront.KeyGroup(
self, "cloudfront-keygroup",
items=[cloudfront_public_key]
)
What did you expect to happen?
I would expect the PublicKey to update without error.
What actually happened?
Environment
- **CDK CLI Version : ** 1.108.0 (build b23f781)
- Framework Version: 1.108.0 (build b23f781)
- Node.js Version: v12.18.2
- OS : CodeBuild/CodePipeline
- Language (Version): Python 3.7.4
Other
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 2 years ago
- Reactions:10
- Comments:8 (3 by maintainers)
Top Results From Across the Web
Resolve the "InvalidViewerCertificate" error exception when ...
While trying to create or update an Amazon CloudFront distribution, I receive an "InvalidViewerCertificate" error exception.
Read more >You're getting "Invalid request provided: AWS::CloudFront
It works fine at first, but soon you are back at that same error above. ... To update the Key or the Name,...
Read more >AWS cloudfront not updating on update of files in S3
Just ran into the same issue. At first I tried updating the cache control to be 0 and max-age=0 for the files in...
Read more >Invalid Request error when creating a Cloudfront response ...
In this instance, the error was very clear and it was a trivial patch to fix up the Cloudformation template and get ourselves...
Read more >An Introduction To AWS CloudFront Functions - Honeybadger.io
While Lambda@Edge is quite robust, it's not the best choice in many cases, especially those that require a small amount of computation before ......
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
We’re still investigating this issue. A potential workaround now would be to change the logical ID of the public key, which will force a new one to be created with the correct properties.
+1