(aws_elasticloadbalancingv2): (RuntimeError: Error: Region is required to enable ELBv2 access logging) #32691
Assignees
Labels
@aws-cdk/aws-elasticloadbalancingv2
Related to Amazon Elastic Load Balancing V2
bug
This issue is a bug.
p2
response-requested
Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Comments
tylerclair
added
bug
github-actions
bot
added
the
@aws-cdk/aws-elasticloadbalancingv2
khushail
added
p2
and removed
needs-triage
|
Hey @tylerclair , thanks for reaching out. Did you mention Environment variables in your env: { account: '123456789012', region: 'us-west-2' }, |
khushail
added
response-requested
|
Hi @khushail, I do have my environment specified in my app.py calling my stack import os
import aws_cdk as cdk
from infrastructure.infrastructure_stack import DevStack
app = cdk.App()
DevStack(
app,
"DevStack",
env=cdk.Environment(
account=os.getenv("AWS_DEFAULT_ACCOUNT"),
region=os.getenv("AWS_DEFAULT_REGION", "us-west-2"),
),
)
app.synth()I have also confirmed that the env variables for the account and region are properly set and can be retrieved. |
github-actions
bot
removed
the
response-requested
This was referenced Jan 1, 2025
khushail
added
the
investigating
|
@tylerclair , I tried to reproduce the error with the given code in Typescript and here is my observation - code in import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as elb from 'aws-cdk-lib/aws-elasticloadbalancingv2';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
import * as s3 from 'aws-cdk-lib/aws-s3';
// import * as sqs from 'aws-cdk-lib/aws-sqs';
export class LoadBalancerIssueStack extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const vpc = new ec2.Vpc(this, 'VPC', {
maxAzs: 2,
});
const load_balancer_security_group = new ec2.SecurityGroup(this, 'LoadBalancerSecurityGroup', {
vpc: vpc,
allowAllOutbound: true,
});
const load_balancer = new elb.ApplicationLoadBalancer(this, 'LoadBalancer', {
vpc: vpc,
internetFacing: true,
securityGroup: load_balancer_security_group,
idleTimeout: cdk.Duration.seconds(600),
});
const accessLogsBucket = new s3.Bucket(this, 'LoadBalancerAccessLogsBucket', {
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
load_balancer.logAccessLogs(accessLogsBucket, 'access_logs/');
}
}Initial error produced with mentioning region/account - but as soon as I mentioned this in the const app = new cdk.App();
new LoadBalancerIssueStack(app, 'LoadBalancerIssueStack', {
env: { account: '123456789012', region: 'us-east-2' },
});the code successfully synthesized , sharing a snippet of synthesized template- 
Same gets synthesized in Python as well - 
Hope this would be helpful. Let me know if still having issues. |
khushail
added
response-requested
|
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
github-actions
bot
added
the
closing-soon
|
@khushail I was able to solve it by explicitly passing the environment to the stacks within my devstack. I worked with another developer who had the same issue and the way he solved it was along the same lines as what you had posted. I adapted it to Python in a slightly different way, not sure if its the right way but the error doesn't happen anymore. Folder structure:
I worked with another developer who had the same issue and the way he solved it was along the same lines as what you had posted. I adapted it to Python in a slightly different way. my app.py file: import os
import aws_cdk as cdk
from infrastructure.infrastructure_stack import DevStack
app = cdk.App()
DevStack(
app,
"DevStack",
env=cdk.Environment(
account=os.getenv("AWS_DEFAULT_ACCOUNT"),
region=os.getenv("AWS_DEFAULT_REGION"),
),
)
app.synth()my infrastructure/infrastructure_stack.py: import os
from aws_cdk import Stack
from constructs import Construct
from infrastructure.network_stack import NetworkStack
from infrastructure.compute_stack import ComputeStack
from infrastructure.load_balancer_stack import LoadBalancer
from infrastructure.redis_stack import RedisStack
class DevStack(Stack):
def __init__(self, scope: Construct, construct_id: str, **kwargs):
super().__init__(scope, construct_id, **kwargs)
env = kwargs.get("env")
self.network_stack = NetworkStack(self, "NetworkStack", env=env)
self.load_balancer = LoadBalancer(
self, "LoadBalancer", vpc=self.network_stack.vpc, env=env
)
self.compute_stack = ComputeStack(
self,
"ComputeStack",
vpc=self.network_stack.vpc,
load_balancer_security_group=self.load_balancer.load_balancer_security_group,
load_balancer_security_group_usu=self.load_balancer.load_balancer_security_group_usu_traffic,
env=env,
)
self.redis_stack = RedisStack(
self,
"RedisStack",
vpc=self.network_stack.vpc,
ecs_security_group=self.compute_stack.ecs_security_group,
env=env,
)my infrastucture/load_balancer.py: class LoadBalancer(Stack):
def __init__(
self,
scope: Construct,
construct_id: str,
vpc: ec2.Vpc,
**kwargs,
):
super().__init__(scope, construct_id, **kwargs)
access_log_bucket = s3.Bucket(
self,
"LB-Logs",
bucket_name=f"{stage_name}-lb-logs",
versioned=False,
public_read_access=False,
removal_policy=RemovalPolicy.RETAIN,
)
access_log_bucket.add_to_resource_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
principals=[iam.ArnPrincipal("arn:aws:iam::797873946194:root")],
actions=["s3:PutObject"],
resources=[f"{access_log_bucket.bucket_arn}/*"],
)
)
access_log_bucket.add_lifecycle_rule(expiration=Duration.days(30))
load_balancer = elb.ApplicationLoadBalancer(
self,
f"{stage_name}-LB",
load_balancer_name=f"{stage_name}-LB",
vpc=vpc,
internet_facing=True,
security_group=self.load_balancer_security_group,
idle_timeout=Duration.seconds(600),
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
)
load_balancer.log_access_logs(
bucket=s3.Bucket.from_bucket_arn(
self, "AccessLogBucket", access_log_bucket.bucket_arn
)
) |
github-actions
bot
removed
closing-soon
|
@tylerclair , Since you are able to solve this, should this issue be closed ? |
khushail
added
the
response-requested
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When trying to enable access logs for a elbv2 application load balancer, I get the RunTimeError
Error: Region is required to enable ELBv2 access loggingI have confirmed that the region is set in my stack and I also have tried specifying it in the CLI but I get the same error. I am using the us-west-2 region.My code to set it up is:
Regression Issue
Last Known Working CDK Version
No response
Expected Behavior
This should be setting the region from either my stack env region or region in the CLI
Current Behavior
Here is the sanitized error:
Reproduction Steps
This is the snippet of code I am using the create the load balancer and attach the access_logs bucket
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.173.4 (build 1dadd61)
Framework Version
No response
Node.js Version
v20.10.0
OS
Fedora Linux 41 (Workstation Edition)
Language
Python
Language Version
Python 3.13.1
Other information
There is a similar closed issue: #25007
The text was updated successfully, but these errors were encountered: