s3.Bucket.fromBucketArn does not set the right region for bucketRegionalDomainName
See original GitHub issueI have an existing S3 bucket created in the us-west-2
region through the console. I would like to create a stack in CDK that references this external resource in a Cloudfront distribution. Everything works as expected except that the S3 Bucket origin domain is set to us-east-1
instead of us-west-2
.
Reproduction Steps
- Create
test
S3 Bucket inus-west-2
region in the console. - Create CDK stack that references the S3 bucket:
import { CloudFrontWebDistribution } from '@aws-cdk/aws-cloudfront'
const sourceBucket = s3.Bucket.fromBucketArn(this, 'Bucket', 'arn:aws:s3:::test');
const distribution = new CloudFrontWebDistribution(this, 'MyDistribution', {
originConfigs: [
{
s3OriginSource: {
s3BucketSource: sourceBucket
},
behaviors : [ {isDefaultBehavior: true}]
}
]
});
- Run
cdk deploy
inus-east-1
region.
Expected: S3 origin for cloudfront distribution is set to test.s3.us-west-2.amazonaws.com
Actual: S3 origin for cloudfront distribution is set to test.s3.us-east-1.amazonaws.com
Error Log
No error.
Environment
- CLI Version : aws-cli/1.16.310 Python/3.8.1 Darwin/19.2.0 botocore/1.13.46
- Framework Version: cdk/1.22.0
- OS : macOS Catalina version 10.15.2
- Language : Typescript
Other
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 4 years ago
- Reactions:3
- Comments:5 (3 by maintainers)
Top Results From Across the Web
aws-cdk/aws-s3 module - AWS Documentation
The bucket's region defaults to the current stack's region, but can also be explicitly set in cases where one of the bucket's regional...
Read more >aws.s3.Bucket - Pulumi
A full list of bucket naming rules may be found here. bucketRegionalDomainName string. The bucket region-specific domain name. The bucket domain name including ......
Read more >@aws-cdk/aws-s3 | Yarn - Package Manager
Define an unencrypted S3 bucket. const bucket = new s3.Bucket(this, 'MyFirstBucket');. Bucket constructs expose the following deploy-time attributes:.
Read more >Is my s3 bucket set to the correct region? - Stack Overflow
The Amazon S3 management console displays all buckets in all regions (hence the message that "S3 does not require region selection").
Read more >Import an Existing S3 Bucket in AWS CDK | bobbyhadz
The only unresolved value is the partition, which CDK is not able to infer from the bucket name. You could pass the bucket...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Hi @thibaut-singlefile
Thanks for identifying and reporting this! Looks like we are using the deployment region as the bucket region.
Until we release a fix, I can offer the following workaround:
This basically sets the
bucketRegionalDomainName
property to the expected value, it is what eventually used as the origin domain name for the distribution.@mathieujonson - This is general behavior for imported resources; we don’t alter them, both because it’s non-trivial to do so (e.g., requiring custom resources) and because the “right” thing to do is sometimes undefined. For example here, whether we should create a bucket policy for the imported bucket depends on if the imported bucket already has a policy or not; with an imported bucket, we simply don’t know. See https://github.com/aws/aws-cdk/issues/9811#issuecomment-676130240 for a more detailed rationale. Effectively, you can create the OAI in the other stack where your bucket is created, not create/use an OAI if your permissions model doesn’t need it, or create a custom resource to set the correct policy.
Regarding this issue in general, I believe #9936 closes it. Once released, you will be able to set the region on the bucket and have it automatically set the
bucketRegionalDomainName
: