Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-route53: Not able to retrieve Name Servers for fake-name due to it being imported. CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers #30600

Closed
samson-keung opened this issue Jun 20, 2024 · 4 comments · Fixed by #30606, codu-code/codu#969 or rwlxxvii/containers#185 · May be fixed by NOUIY/aws-solutions-constructs#109 or NOUIY/aws-solutions-constructs#110
Closed

aws-route53: Not able to retrieve Name Servers for fake-name due to it being imported. CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers #30600

samson-keung opened this issue Jun 20, 2024 · 4 comments · Fixed by #30606, codu-code/codu#969 or rwlxxvii/containers#185 · May be fixed by NOUIY/aws-solutions-constructs#109 or NOUIY/aws-solutions-constructs#110
Assignees
@samson-keung
Labels
@aws-cdk/aws-route53 Related to Amazon Route 53 bug This issue is a bug. effort/small Small work item – less than a day of effort management/tracking Issues that track a subject or multiple issues p0

Comments

@samson-keung
Copy link
Contributor

samson-keung commented Jun 20, 2024
edited by comcalvi
Loading

Please add your +1 👍 to let us know you have encountered this

Status: RESOLVED

Overview:

Versions 2.145.0-2.147.0 will throw a synthesis error when passing an imported delegatedZone to route53.CrossAccountZoneDelegationRecord. For example, the following code will throw:

   const parentZone = new route53.PublicHostedZone(stack, 'ParentHostedZone', {
      zoneName: 'myzone.com',
    });

    const childZone = route53.PublicHostedZone.fromPublicHostedZoneAttributes(stack, 'ChildHostedZone', {
      hostedZoneId: 'my-id',
      zoneName: 'my-name,
    });

 new route53.CrossAccountZoneDelegationRecord(stack, 'Delegation', {
      delegatedZone: childZone,
      parentHostedZoneId: parentZone.hostedZoneId,
      delegationRole: parentZone.crossAccountZoneDelegationRole,
    });

Complete Error Message:

Not able to retrieve Name Servers for my-name due to it being imported.

Workaround:

Pin the version of aws-cdk-lib to 2.144.0.

Solution:

Related Issues:

Original Report

Describe the bug

The fix in #30440 is blocking users from using custom resource to retrieve the delegated zone name servers.

Expected Behavior

CDK should not throw error that blocks the user when the delegated zone is imported and does not have Name Servers information as users can use custom resource to retrieve the NS.

Current Behavior

CrossAccountZoneDelegationRecord throws when delegatedZone is imported.

Reproduction Steps

Following code will throw the error in question:

    const stack = new Stack();
    const parentZone = new route53.PublicHostedZone(stack, 'ParentHostedZone', {
      zoneName: 'myzone.com',
      crossAccountZoneDelegationPrincipal: new iam.AccountPrincipal('123456789012'),
    });

    // WHEN
    const childZone = route53.PublicHostedZone.fromPublicHostedZoneAttributes(stack, 'ChildHostedZone', {
      hostedZoneId: 'fake-id',
      zoneName: 'fake-name',
    });

    new route53.CrossAccountZoneDelegationRecord(stack, 'Delegation', {
      delegatedZone: childZone,
      parentHostedZoneId: parentZone.hostedZoneId,
      delegationRole: parentZone.crossAccountZoneDelegationRole,
    });

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.146.0

Framework Version

No response

Node.js Version

20

OS

mac

Language

TypeScript

Language Version

No response

Other information

No response
@samson-keung samson-keung added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Jun 20, 2024
@samson-keung samson-keung self-assigned this Jun 20, 2024
@github-actions github-actions bot added the @aws-cdk/aws-route53 Related to Amazon Route 53 label Jun 20, 2024
@ashishdhingra ashishdhingra added p1 effort/small Small work item – less than a day of effort and removed needs-triage This issue or PR still needs to be triaged. labels Jun 20, 2024
This was referenced Jun 20, 2024
Merged
Closed
@TheRealAmazonKendra TheRealAmazonKendra added p0 and removed p1 labels Jun 21, 2024
@TheRealAmazonKendra
Copy link
Contributor

This is a regression and therefore a p0. Updating the label here.

@samson-keung samson-keung mentioned this issue Jun 21, 2024
Merged
1 task
@comcalvi comcalvi pinned this issue Jun 21, 2024
@comcalvi comcalvi changed the title aws-route53: CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers Not able to retrieve Name Servers for fake-name due to it being imported. aws-route53: CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers Jun 21, 2024
@comcalvi comcalvi changed the title Not able to retrieve Name Servers for fake-name due to it being imported. aws-route53: CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers aws-route53: Not able to retrieve Name Servers for fake-name due to it being imported. CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers Jun 21, 2024
@comcalvi comcalvi added the management/tracking Issues that track a subject or multiple issues label Jun 21, 2024
@mergify mergify bot closed this as completed in #30606 Jun 21, 2024
@mergify mergify bot closed this as completed in 95280a0 Jun 21, 2024
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

1 similar comment
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

comcalvi pushed a commit that referenced this issue Jun 21, 2024
@samson-keung @comcalvi
revert: route53 CrossAccountZoneDelegationRecord fails at deployment …
69eb617 
…time with imported `delegatedZone` (#30440)" (#30606)

This reverts commit a3d9b10.

### Issue # (if applicable)

Closes #30600.

### Reason for this change

Reverting #30440 so that `cdk synth` succeed when using imported `delegatedZone`

### Description of changes

Removed the `throw new Error()`

### Description of how you validated changes



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This was referenced Jun 24, 2024
Closed
Closed
@moelasmar moelasmar unpinned this issue Jul 10, 2024
This was referenced Jul 16, 2024
Open
Open
@NOUIY NOUIY mentioned this issue Jul 23, 2024
Open
@aws-cdk-automation
Copy link
Collaborator

Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.

@aws aws locked as resolved and limited conversation to collaborators Jul 25, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@samson-keung samson-keung

Labels
@aws-cdk/aws-route53 Related to Amazon Route 53 bug This issue is a bug. effort/small Small work item – less than a day of effort management/tracking Issues that track a subject or multiple issues p0
Projects
None yet
Milestone
No milestone
6 participants
@aws-cdk-automation @TheRealAmazonKendra @comcalvi @ashishdhingra @samson-keung and others