custom-resource: installLatestAwsSdk could timeout in China regions #27597
Labels
@aws-cdk/custom-resources
Related to AWS CDK Custom Resources
bug
This issue is a bug.
effort/medium
Medium work item – several days of effort
p2
Comments
pahud
added
bug
github-actions
bot
added
the
@aws-cdk/custom-resources
pahud
changed the title
pahud
added
p2
effort/medium
|
loop @zxkane |
|
If you are not using AwsCustomResource to directly call APIs without your custom code, you can use NodejsFunction to bundle the specific SDK within your lambda. |
mergify bot
pushed a commit
that referenced
this issue
Jan 12, 2024
… to install latest sdk version (#28688) This introduced uncertainty into the resource behavior, adds at least 60s to the execution time and will cause deployments in CN regions to fail. No tests add because the existing tests run with the `@aws-cdk/customresources:installLatestAwsSdkDefault` feature flag set to the recommended value. This change is merely change the `OpenSearchAccessPolicy` config for users that don't set the feature flag. We can safely do this, because we control the code for this custom resource and know it works with the provided SDK version. Related to #27597 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
I've confirmed this issue doesn't exist in cn-north-1 and cn-northwest-1 anymore with the following code. import {
App, Stack,
aws_eks as eks,
aws_ec2 as ec2,
aws_iam as iam,
} from 'aws-cdk-lib';
import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29';
const app = new App();
const stack = new Stack(app, 'my-test-stack4');
const mastersRole = new iam.Role(stack, 'AdminRole', {
assumedBy: new iam.AccountRootPrincipal(),
});
const vpc = new ec2.Vpc(stack, 'Vpc', { natGateways: 1 });
new eks.Cluster(stack, 'Cluster', {
vpc,
mastersRole,
version: eks.KubernetesVersion.V1_29,
kubectlLayer: new KubectlV29Layer(stack, 'KubectlLayer'),
defaultCapacity: 2,
});@aws-cdk/customresources:installLatestAwsSdkDefault is now default to false since 2.60.0. |
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
aws-cdk/packages/aws-cdk-lib/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts
Line 351 in 3f6401c
This function triggers a straight
npm installwhich generally would timeout in China regions.aws-cdk/packages/@aws-cdk/custom-resource-handlers/lib/custom-resources/aws-custom-resource-handler/aws-sdk-v3-handler.ts
Line 24 in 671b760
This is not a bug we just need some workaround for it.
Expected Behavior
installLatestSdk would not timeout
Current Behavior
would timeout
Reproduction Steps
set installLatestAwsSdk to true in custom resource
Workaround
Set
installLatestAwsSdk: falseor the feature flag@aws-cdk/customresources:installLatestAwsSdkDefaulttofalse.See: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.custom_resources.AwsCustomResource.html#installlatestawssdk
Possible Solution
I guess China users might need to use npm proxy or alternative mirrors to work it around.
Additional Information/Context
No response
CDK CLI Version
2.100.0
Framework Version
No response
Node.js Version
v18.16.0
OS
linux
Language
TypeScript
Language Version
No response
Other information
No response
The text was updated successfully, but these errors were encountered: