CfnInclude: Changes to Mappings are recognized by diff but not deployed by deploy

[jduchon-sonarsource]

Describe the bug

While deploying CloudFormation templates using CDK's CfnInclude module I noticed my changes were not deployed, although recognized by cdk diff. I see this happen if the only change between deployments is to the Mappings block, such as adding keys, updating values, etc.

As mentioned above, I can see the changes being outputted by cdk diff but the subsequent cdk deploy doesn't deploy changes and reports No changes. If I deploy the changes through the AWS Console, everything works as expected.

I tried with the --method direct and/or --force flags but this leads to another problem - #23141

Expected Behavior

I expect changes to Mappings to be deployed with cdk deploy.

1. Make a change to the Mappings block in a CloudFormation template
2. Execute cdk diff (changes are outputted correctly)
3. Execute cdk deploy (changes are deployed correctly)

Current Behavior

Changes to Mappings are not deployed with cdk deploy, although recognized by cdk diff.

1. Make a change to the Mappings block in a CloudFormation template (e.g., add another key to a map in Mappings)
2. Execute cdk diff (changes are outputted correctly)
3. Execute cdk deploy (changes are NOT deployed)

Reproduction Steps

# stack.py

class DeploymentStack(cdk.Stack):
    def __init__(self, scope: Construct, construct_id: str, props: dict, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        template_file = "./template.yaml"

        try:
            _ = cfn_include.CfnInclude(
                self,
                "MyStackWithMappings",
                template_file= template_file,
                preserve_logical_ids=True,
            )

        except RuntimeError as error:
            logger.error("Couldn't parse the template file %s.", template_file)
            logger.error("Error: %s", error)
            raise error

# template.yaml

Mappings:
  TestMapping:
    PolicyName:
      test: foo
      prod: bar

Resources:
  MyBucketPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
    ManagedPolicyName: !FindInMap [TestMapping, PolicyName, test]
      PolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Action: "s3:PutObject"
            Resource: "*"
            Effect: Allow

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.101.1

Framework Version

No response

Node.js Version

20.8.0

OS

MacOS 14.0

Language

Python

Language Version

Python 3.11

Other information

No response

[pahud]

Can you share the output of cdk synth? I guess the mappings from the included file might not be synthesized.

[github-actions]

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

[jduchon-sonarsource]

This is a git diff from a CloudFormation template with a different Mappings block but the issue is still the same.

Mappings:
  CoreAccountMap:
    '123456789012': # dev
      [-] cirrussubname: '*'
      [+] cirrussubdetails: 'branch:*'
      githubenv: 'dev'
      cirrussubtype: 'branch'
    '234567890123': # staging
      [-] cirrussubname: 'master'
      [+] cirrussubdetails: 'branch:master'
      githubenv: 'staging'
      cirrussubtype: 'branch'
    '345678901234': # prod
      [-] cirrussubname: '*'
      [+] cirrussubdetails: 'branch:*:tag:v*'
      githubenv: 'prod'
      cirrussubtype: 'branch'

Synth output in the cdk.out folder

{
 "Mappings": {
  "CoreAccountMap": {
   "123456789012": {
    "cirrussubdetails": "branch:*",
    "githubenv": "dev"
   },
   "234567890123": {
    "cirrussubdetails": "branch:master",
    "githubenv": "staging"
   },
   "345678901234": {
    "cirrussubdetails": "branch:*:tag:v*",
    "githubenv": "prod"
   }
  }
 },

// ...

The cdk diff did output the changes as expected, they were synthesized correctly but subsequent cdk deploy didn't trigger CloudFormation deployment.