Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws-cdk-lib/custom-resources): L2 Provider construct generate circular dependency #20360

Closed
lmouhib opened this issue May 16, 2022 · 7 comments · Fixed by #33600
Closed

(aws-cdk-lib/custom-resources): L2 Provider construct generate circular dependency #20360

lmouhib opened this issue May 16, 2022 · 7 comments · Fixed by #33600
Labels
@aws-cdk/custom-resources Related to AWS CDK Custom Resources bug This issue is a bug. effort/small Small work item – less than a day of effort p1

Comments

@lmouhib
Copy link

lmouhib commented May 16, 2022
edited
Loading

Describe the bug

When passing a role to the Provider the construct is no longer able to deploy correctly and fails with a circular dependency between the functions and policies generated by the Provider.

At CDK deploy time the deployment fails with Circular dependency between resources:

this where the construct is defined

https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_custom-resources.Provider.html

Expected Behavior

The Provider should deploy with the provider role without CFN failing with Circular dependency between resources:

Current Behavior

The Provider fail deploying with Circular dependency between resources:

Reproduction Steps

  1. Create a onEventHandler and isCompleteHandler Functions
  2. Create a role with service principal as lambda.amazonaws.com
  3. Create a Provider and pass to it the role and functions created above

Possible Solution

Fix the dependency on the Provider created resources.

Additional Information/Context

No response

CDK CLI Version

2.24.1 (build 585f9ca)

Framework Version

No response

Node.js Version

v14.17.6

OS

macOS Monterey

Language

Typescript

Language Version

4.1.6

Other information

No response
@lmouhib lmouhib added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels May 16, 2022
@github-actions github-actions bot added the @aws-cdk/custom-resources Related to AWS CDK Custom Resources label May 16, 2022
@lmouhib
Copy link
Author

lmouhib commented May 20, 2022
edited
Loading

To reproduce the error clone/fork this repository

@lmouhib
Copy link
Author

lmouhib commented May 20, 2022

This is the actual error message

Circular dependency between resources: [customresourceproviderframeworkonTimeout03C9F325, customresourceproviderframeworkonEvent8A5AE2D2, customresourceproviderwaiterstatemachineRoleDefaultPolicy7AD89E4F, customresourceproviderframeworkisComplete934E4E18, customresourceproviderwaiterstatemachineBC63D394, providerRoleDefaultPolicy70D60963]

@lmouhib
Copy link
Author

lmouhib commented May 20, 2022

if we comment isCompleteHandler the construct deploys without issue

@rix0rrr rix0rrr added effort/small Small work item – less than a day of effort p1 and removed needs-triage This issue or PR still needs to be triaged. labels May 23, 2022
@rix0rrr rix0rrr removed their assignment May 23, 2022
@atali
Copy link

atali commented Mar 19, 2023

I got the following :

Stack Deployments Failed: ValidationError: Circular dependency between resources: [CloudSearchDomainRoleDefaultPolicyD495E4C7, CloudSearchDomainCustomResourceE2BABF82, CloudSearchDomainProviderframeworkonTimeout333FF4AE, CloudSearchDomainProviderwaiterstatemachineRoleDefaultPolicy831754FB, CloudSearchDomainProviderframeworkisComplete94D623D4, CloudSearchDomainProviderwaiterstatemachine21988061, CloudSearchDomainProviderframeworkonEvent4A6BA2ED]

@nisaacson
Copy link

you can work around this by manually defining the provider role, granting the required permissions and then calling withoutPolicyUpdates on the role. See https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam.Role.html#withoutwbrpolicywbrupdatesoptions for more details

@GavinZZ GavinZZ mentioned this issue Feb 27, 2025
Merged
1 task
@mergify mergify bot closed this as completed in #33600 Mar 6, 2025
@mergify mergify bot closed this as completed in 77b6fa9 Mar 6, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 6, 2025

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

1 similar comment
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 6, 2025

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 6, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
@aws-cdk/custom-resources Related to AWS CDK Custom Resources bug This issue is a bug. effort/small Small work item – less than a day of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(custom-resources): fix circular dependency when a custom role provided to Provider aws/aws-cdk
4 participants
@nisaacson @atali @rix0rrr @lmouhib