Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws_s3): Enabling EventBridge notifications on an s3 bucket removes existing notification configuration #29653

Closed
flexelem opened this issue Mar 29, 2024 · 3 comments
Closed

(aws_s3): Enabling EventBridge notifications on an s3 bucket removes existing notification configuration #29653

flexelem opened this issue Mar 29, 2024 · 3 comments
Labels
@aws-cdk/aws-s3 Related to Amazon S3 bug This issue is a bug. effort/medium Medium work item – several days of effort p1

Comments

@flexelem
Copy link
Contributor

flexelem commented Mar 29, 2024
edited
Loading

Describe the bug

We have an s3 bucket where its notification configuration is being updated in a different stack. When we set eventBridgeEnabled to true CloudFormation makes a PutBucketNotification call with a payload { "EventBridgeConfiguration": {} } without the current notification configuration. This call overrides the current configuration by removing all the existing configuration setup in a different stack. I wonder if this is a bug or intentionally set to work with this way? If this is not a bug can you please guide with a proper workaround?

Here is a working example;

import * as cdk from 'aws-cdk-lib';
import {
  aws_lambda as lambda,
  aws_s3 as s3,
  aws_s3_notifications as s3n,
  aws_sqs as sqs,
} from 'aws-cdk-lib';
import { Construct } from 'constructs';

export class AppStack extends cdk.Stack {
  readonly bucket: s3.Bucket;
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    this.bucket = new s3.Bucket(this, 'AwesomeBucket', {
      // eventBridgeEnabled: true, // Enable this after deploying both stacks.
    });
  }
}

export interface OtherStackProps extends cdk.StackProps {
  bucketArn: string,
}

export class OtherStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: OtherStackProps) {
    super(scope, id, props);

    const bucket = s3.Bucket.fromBucketArn(this, 'ImportedAwesomeBucket', props.bucketArn);
    const queue = new sqs.Queue(this, 'AwesomeQueue', {});

    bucket.addObjectCreatedNotification(new s3n.SqsDestination(queue), {
      prefix: 'test',
      suffix: '.csv',
    });
  }
}

This is the PutBucketConfiguration call made by CloudFormation in the first deployment;

{
    "NotificationConfiguration": {
        "xmlns": "http://s3.amazonaws.com/doc/2006-03-01/",
        "QueueConfiguration": {
            "Filter": {
                "S3Key": {
                    "FilterRule": [
                        {
                            "Value": ".csv",
                            "Name": "suffix"
                        },
                        {
                            "Value": "test",
                            "Name": "prefix"
                        }
                    ]
                }
            },
            "Event": "s3:ObjectCreated:*",
            "Id": "arn:aws:cloudformation:us-east-1:548754742764:stack/OtherStack/038ffb30-edc2-11ee-a7ad-0e3e89454e27--6181785077119797464",
            "Queue": "arn:aws:sqs:us-east-1:548754742764:OtherStack-AwesomeQueue8670EAFF-BpWbPd57UrzC"
        }
    },
    "notification": "",
    "bucketName": "appstack-awesomebucket06a0f33d-zihof6dmqjlo",
    "Host": "appstack-awesomebucket06a0f33d-zihof6dmqjlo.s3.amazonaws.com"
}

And here you can see it doesn't include the existing configuration after we enable EventBridge for the bucket

{
    "NotificationConfiguration": {
        "xmlns": "http://s3.amazonaws.com/doc/2006-03-01/",
        "EventBridgeConfiguration": ""
    },
    "notification": "",
    "bucketName": "appstack-awesomebucket06a0f33d-zihof6dmqjlo",
    "Host": "appstack-awesomebucket06a0f33d-zihof6dmqjlo.s3.amazonaws.com"
}

Thanks

Expected Behavior

CloudFormation should keep the current notification configuration and make a proper PutBucketNotificationConfiguration call to preserve existing configuration.

Current Behavior

Enabling eventBridgeEnabled setting on a s3 bucket causes all existing configuration to be removed when configured with a cross-account fashion.

Reproduction Steps

  • Deploy both AppStack and OtherStack without having eventBridgeEnabled property enabled on s3 bucket
  • Set eventBridgeEnabled to true and deploy the stacks again.
  • Confirm that the last deployment overrides the current notification configured for the SQS queue.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.121.1

Framework Version

No response

Node.js Version

v18.15.0

OS

macos

Language

TypeScript

Language Version

No response

Other information

No response
@flexelem flexelem added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Mar 29, 2024
@github-actions github-actions bot added the @aws-cdk/aws-s3 Related to Amazon S3 label Mar 29, 2024
@flexelem flexelem changed the title (s3): Enabling EventBridge notifications on an s3 bucket removes existing notification configuration (aws_s3): Enabling EventBridge notifications on an s3 bucket removes existing notification configuration Mar 29, 2024
This was referenced Apr 1, 2024
Closed
Closed
Closed
@pahud pahud added p1 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Apr 8, 2024
@pahud
Copy link
Contributor

pahud commented Apr 8, 2024

related to #29004

closing in favor of #29004

@pahud pahud closed this as completed Apr 8, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 8, 2024

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@aws-cdk-automation
Copy link
Collaborator

Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.

@aws aws locked as resolved and limited conversation to collaborators Jul 25, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
@aws-cdk/aws-s3 Related to Amazon S3 bug This issue is a bug. effort/medium Medium work item – several days of effort p1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pahud @flexelem @aws-cdk-automation