KMS: addAlias 1.3 ->1.4 upgrade error
See original GitHub issueNote: for support questions, please first reference our documentation, then use Stackoverflow. This repository’s issues are intended for feature requests and bug reports.
-
I’m submitting a …
- 🪲 bug report
- 🚀 feature request
- 📚 construct library gap
- ☎️ security issue or vulnerability => Please see policy
- ❓ support request => Please see note at the top of this template.
-
What is the current behavior? If the current behavior is a 🪲bug🪲: Please provide the steps to reproduce Trying to redeploy a KMS Key alias create pre-1.4.0 with 1.4.0 causes the following error:
1/4 | 3:59:07 PM | CREATE_FAILED | AWS::KMS::Alias | TestKey/Aliasalias--test (TestKeyAliasaliastest5D993A95) alias/test already exists in stack arn:aws:cloudformation:eu-west-3:340369862100:stack/KmsReproStack/a43d42b0-be9a-11e9-af31-0e27f6d248de
new Alias (deploy\node_modules\@aws-cdk\aws-kms\lib\alias.ts:104:22)
\_ Key.addAlias (deploy\node_modules\@aws-cdk\aws-kms\lib\key.ts:71:12)
\_ new KmsReproStack (deploy\lib\kms-repro.ts:17:13)
\_ Object.<anonymous> (deploy\bin\deploy.ts:20:1)
\_ Module._compile (internal/modules/cjs/loader.js:816:30)
\_ Module.m._compile (deploy\node_modules\ts-node\src\index.ts:473:23)
\_ Module._extensions..js (internal/modules/cjs/loader.js:827:10)
\_ Object.require.extensions.(anonymous function) [as .ts] (deploy\node_modules\ts-node\src\index.ts:476:12)
\_ Module.load (internal/modules/cjs/loader.js:685:32)
\_ Function.Module._load (internal/modules/cjs/loader.js:620:12)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:877:12)
\_ Object.<anonymous> (deploy\node_modules\ts-node\src\bin.ts:158:12)
\_ Module._compile (internal/modules/cjs/loader.js:816:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:827:10)
\_ Module.load (internal/modules/cjs/loader.js:685:32)
\_ Function.Module._load (internal/modules/cjs/loader.js:620:12)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:877:12)
\_ findNodeScript.then.existing (Local\nvs\node\11.15.0\x64\node_modules\npm\node_modules\libnpx\index.js:268:14)
CloudFormation attempts to create a new Alias because of the new logical ID because of #3596, but with the same name. This causes the alias name conflict.
-
What is the expected behavior (or behavior of feature suggested)? Not to crash. The easier solution I can see is to keep track of the aliases, and only use the new logical ID pattern if there are more than one.
-
What is the motivation / use case for changing the behavior or adding this feature? Deploy previously working stacks
-
Please tell us about your environment:
- CDK CLI Version: 1.4.0
- Module Version: 1.4.0
- OS: Windows 10, most likely all
- Language: TypeScript, most likely all
-
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, gitter, etc)
The issue was originally raised by @Visorgood in #3596
Reproduction steps:
- Install
@aws-cdk/core@^1.3.0 @aws-cdk/aws-kms@^1.3.0
- Deploy the following stack:
import {Key} from '@aws-cdk/aws-kms';
import {Construct, Stack, StackProps} from '@aws-cdk/core';
export class KmsReproStack extends Stack {
public constructor(
private readonly scope: Construct,
private readonly id: string,
private readonly props: StackProps
) {
super(scope, id, props);
const key = new Key(this, 'TestKey');
key.addAlias('alias/test');
}
}
- Upgrade
@aws-cdk/core@^1.4.0 @aws-cdk/aws-kms@^1.4.0
cdk diff
:
Stack KmsReproStack
Resources
[-] AWS::KMS::Alias TestKeyAlias90FC0DD1 destroy
[+] AWS::KMS::Alias TestKey/Aliasalias--test TestKeyAliasaliastest5D993A95
- Try to redeploy that stack
Issue Analytics
- State:
- Created 4 years ago
- Comments:13 (8 by maintainers)
Top GitHub Comments
I’m going to make a PR to fix the issue, but in the meantime, @McDoit is correct, and you can do the following:
npx cdk diff
, and retrieve the existing alias’ logical ID, e.g.Tagging @Visorgood if you’re interested 👍
Moving things in and out of constructs will mess with their id’s, they are created level for level So if you did that, then it might be causing those issues