Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudfront_origins: CloudFrontOriginAccessIdentity is creating in the s3 stack instead of the cloudfront stack) #31234

Closed
1 task
mosestam97 opened this issue Aug 28, 2024 · 2 comments
Closed
1 task

cloudfront_origins: CloudFrontOriginAccessIdentity is creating in the s3 stack instead of the cloudfront stack) #31234

mosestam97 opened this issue Aug 28, 2024 · 2 comments
Labels
@aws-cdk/aws-cloudfront-origins Related to CloudFront Origins for the CDK CloudFront Library bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. p3 response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.

Comments

@mosestam97
Copy link

mosestam97 commented Aug 28, 2024
edited by pahud
Loading

Describe the bug

I am creating two stack: one is the s3 and one is for the cloudfront, what i am seeing is that even tho in my s3 stack i didnt reference anything for cloudfront, it will create a AWS::CloudFront::CloudFrontOriginAccessIdentity resources

Regression Issue

  • Select this option if this issue appears to be a regression.

Last Known Working CDK Version

2.138.0

Expected Behavior

the cloudfront components should be create within the cloudfront stack and not the s3 stack

Current Behavior

the AWS::CloudFront::CloudFrontOriginAccessIdentity is being created in the s3 stack

Reproduction Steps

s3 stack:

import aws_cdk as cdk
from constructs import Construct
import aws_cdk.aws_s3 as s3

class S3Stack(cdk.Stack):
    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        self.bucket = s3.Bucket(
            self,
            "DemoBucket",
            bucket_name="demo-cloudfront-s3-bucket",
            access_control=s3.BucketAccessControl.PRIVATE,
            block_public_access=s3.BlockPublicAccess.BLOCK_ALL,
            removal_policy=cdk.RemovalPolicy.DESTROY,
            auto_delete_objects=True
        )

        cdk.CfnOutput(self, "BucketName", value=self.bucket.bucket_name)

cloudfront stack:

import aws_cdk as cdk
from constructs import Construct
import aws_cdk.aws_cloudfront as cloudfront
import aws_cdk.aws_cloudfront_origins as origins
import aws_cdk.aws_s3 as s3

class CloudFrontStack(cdk.Stack):
    def __init__(self, scope: Construct, construct_id: str, s3_bucket: s3.Bucket, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        distribution = cloudfront.Distribution(
            self,
            "DemoDistribution",
            default_behavior=cloudfront.BehaviorOptions(
                origin=origins.S3Origin(s3_bucket),
                viewer_protocol_policy=cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
            )
        )

        cdk.CfnOutput(self, "DistributionDomainName", value=distribution.distribution_domain_name)

if I remove the cloudfront stack from my app file, the AWS::CloudFront::CloudFrontOriginAccessIdentity will not be create. however if both are within my app file it will create it

Possible Solution

I am thinking cdk read through the whole stacks file and figure the s3 will need the
AWS::CloudFront::CloudFrontOriginAccessIdentity setting

Additional Information/Context

No response

CDK CLI Version

2.138.0

Framework Version

Python

Node.js Version

NA

OS

Linix

Language

Python

Language Version

Python 3.9.6

Other information

this is what my app file look like:
import aws_cdk as cdk
from stacks.s3_stack import S3Stack
from stacks.cloudfront_stack import CloudFrontStack

app = cdk.App()

s3_stack = S3Stack(app, "DemoS3Stack")
cloudfront_stack = CloudFrontStack(app, "DemoCloudFrontStack", s3_bucket=s3_stack.bucket)

app.synth()
@mosestam97 mosestam97 added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 28, 2024
@github-actions github-actions bot added the @aws-cdk/aws-cloudfront-origins Related to CloudFront Origins for the CDK CloudFront Library label Aug 28, 2024
@pahud pahud self-assigned this Aug 28, 2024
@pahud
Copy link
Contributor

pahud commented Aug 28, 2024

This is because when S3Origin is created, it essentially creates an S3BucketOrigin with the bucket as its scope(details) and it has to be in the bucket stack per explained here.

@pahud pahud added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. p3 labels Aug 28, 2024
@pahud pahud removed their assignment Aug 28, 2024
@pahud pahud removed the needs-triage This issue or PR still needs to be triaged. label Aug 28, 2024
@pahud pahud changed the title (aws_cdk.aws_cloudfront_origins): (AWS::CloudFront::CloudFrontOriginAccessIdentity is creating in the s3 stack instead of the cloudfront stack) cloudfront_origins: CloudFrontOriginAccessIdentity is creating in the s3 stack instead of the cloudfront stack) Aug 28, 2024
@github-actions GitHub Actions
Copy link

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added the closing-soon This issue will automatically close in 4 days unless further comments are made. label Aug 30, 2024
This was referenced Sep 1, 2024
Open
Open
@github-actions github-actions bot added closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Sep 5, 2024
@github-actions github-actions bot closed this as completed Sep 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-cloudfront-origins Related to CloudFront Origins for the CDK CloudFront Library bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. p3 response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pahud @mosestam97 and others