aws_ec2_verified_access: Resource handler returned message: "null"

[andreprawira]

Describe the bug

I'm creating aws verified access endpoint using cfn construct found here. Before i deployed this part of the code, i was able to create Verified Access Trust Provider, Instance, Groups but failed when deploying the endpoint. Here is the code to deploy the endpoint

# Verified Access Endpoint
        cfnVerifiedAccessEndpoint = ec2.CfnVerifiedAccessEndpoint(
            self,
            "CfnVerifiedAccessEndpoint",
            application_domain="my-sandbox.com", 
            attachment_type="vpc",
            domain_certificate_arn="my-dummy-cert-arn",  
            endpoint_domain_prefix="development",  
            endpoint_type="load-balancer",
            verified_access_group_id=cfnVerifiedAccessGroup.attr_verified_access_group_id,
            description="Verified Access Endpoint",
            load_balancer_options=ec2.CfnVerifiedAccessEndpoint.LoadBalancerOptionsProperty(
                load_balancer_arn="my-load-balancer-dummy-arn",
                subnet_ids=["subnet-private-1", "subnet-private-2"],  
            ),
            security_group_ids= ["my-dummy-sg-id"], 
        )

but when i deploy it, i get this weird non descriptive error

Resource handler returned message: "null" (RequestToken: d2ecd91a-a841-b67d-c5ca-6de761e1af83, HandlerErrorCode: InternalFailure)

Expected Behavior

Verified access endpoint is created

Current Behavior

Deployment failed with non descriptive error message

Reproduction Steps

Please view the code above

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.117.0 (build 59d9b23)

Framework Version

No response

Node.js Version

v18.18.0

OS

Windows

Language

Python

Language Version

Python 3.11.5

Other information

No response

[pahud]

This is probably a bug of CFN as it's a L1 construct and the error is from cloudformation.

Can you deploy the CFN stack from CFN console using the synthesized template? If it fails like that, I would recommend reaching out to the AWS Premium support for investigation as this could be a bug from CFN.

[andreprawira]

@pahud

Can you deploy the CFN stack from CFN console using the synthesized template

there are 3 templates that shows up for my verified access stack which are template.json, template.json.config, and assets.json, i deployed the one that says template.json only and it failed with the same error msg

"Resource handler returned message: "null" (RequestToken: b2116264-f6a1-e554-6954-e26a5adf9bec, HandlerErrorCode: InternalFailure)"