Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

aws-cloudfront: cache policy comment length is not validated #31248

Closed
1 task
floriangosse opened this issue Aug 29, 2024 · 3 comments · Fixed by #31251
Closed
1 task

aws-cloudfront: cache policy comment length is not validated #31248

floriangosse opened this issue Aug 29, 2024 · 3 comments · Fixed by #31251
Labels
@aws-cdk/aws-cloudfront Related to Amazon CloudFront bug This issue is a bug. effort/small Small work item – less than a day of effort p2

Comments

@floriangosse
Copy link

Describe the bug

CloudFront cache policy have a maximum comment length of 128 but is currently not validated by CDK.

Regression Issue

  • Select this option if this issue appears to be a regression.

Last Known Working CDK Version

No response

Expected Behavior

CDK validates the comment's length.

Current Behavior

CDK doesn't validate the comment's length.

Reproduction Steps

const stack = new cdk.Stack();
new cloudfront.CachePolicy(stack, 'MyCachePolicy', {
	comment: "a".repeat(129)
});

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.37.1

Framework Version

No response

Node.js Version

20

OS

macOS

Language

TypeScript

Language Version

TypeScript 5

Other information

No response

@floriangosse floriangosse added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 29, 2024
@github-actions github-actions bot added the @aws-cdk/aws-cloudfront Related to Amazon CloudFront label Aug 29, 2024
@ashishdhingra ashishdhingra self-assigned this Aug 29, 2024
@ashishdhingra ashishdhingra added p2 needs-reproduction This issue needs reproduction. and removed needs-triage This issue or PR still needs to be triaged. labels Aug 29, 2024
@ashishdhingra
Copy link
Contributor

Reproducible using latest version of CDK (2.154.1 (build febce9d)).

Running cdk synth generated the following CFN template:

Resources:
  MyCachePolicyAB35B4E5:
    Type: AWS::CloudFront::CachePolicy
    Properties:
      CachePolicyConfig:
        Comment: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
        DefaultTTL: 86400
        MaxTTL: 31536000
        MinTTL: 0
        Name: CdktestStackMyCachePolicy7DA6ED29-us-east-2
        ParametersInCacheKeyAndForwardedToOrigin:
          CookiesConfig:
            CookieBehavior: none
          EnableAcceptEncodingBrotli: false
          EnableAcceptEncodingGzip: false
          HeadersConfig:
            HeaderBehavior: none
          QueryStringsConfig:
            QueryStringBehavior: none
    Metadata:
      aws:cdk:path: CdktestStack/MyCachePolicy/Resource
  CDKMetadata:
    Type: AWS::CDK::Metadata
    Properties:
      Analytics: v2:deflate64:H4sIAAAAAAAA/zPSMzQ10TNUTCwv1k1OydbNyUzSqw4uSUzO1gEKxSfn5JempBXl55XoVTsnJmekBuTnZCZX6jin5SFxa0H8oNTi/NKi5NRanbz8lFS9rGL9MiMjPXM9A8Ws4sxM3aLSvJLM3FS9IAgNAIOR5994AAAA
    Metadata:
      aws:cdk:path: CdktestStack/CDKMetadata/Default
Parameters:
  BootstrapVersion:
    Type: AWS::SSM::Parameter::Value<String>
    Default: /cdk-bootstrap/hnb659fds/version
    Description: Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]

Running cdk deploy fails with the following error:

✨  Synthesis time: 4.26s

CdktestStack:  start: Building 50549a994e849e12bd404078424773d04a8b39084521c478d0e4b8372886c375:139480602983-us-east-2
CdktestStack:  success: Built 50549a994e849e12bd404078424773d04a8b39084521c478d0e4b8372886c375:139480602983-us-east-2
CdktestStack:  start: Publishing 50549a994e849e12bd404078424773d04a8b39084521c478d0e4b8372886c375:139480602983-us-east-2
CdktestStack:  success: Published 50549a994e849e12bd404078424773d04a8b39084521c478d0e4b8372886c375:139480602983-us-east-2
CdktestStack: deploying... [1/1]
CdktestStack: creating CloudFormation changeset...
[███████████████████▎······································] (1/3)
10:38:09 AM | CREATE_FAILED        | AWS::CloudFront::CachePolicy | MyCachePolicyAB35B4E5
Resource handler returned message: "Invalid request provided: AWS::CloudFront::CachePolicy: The parameter Comment is too big. (Service: CloudFront, Status Code: 4
00, Request ID: ba45e8f8-146f-46f5-8956-e7809f86a121)" (RequestToken: 17de6002-6f1b-f8b3-9f27-6838f1763a89, HandlerErrorCode: InvalidRequest)


 ❌  CdktestStack failed: Error: The stack named CdktestStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: AWS::CloudFront::CachePolicy: The parameter Comment is too big. (Service: CloudFront, Status Code: 400, Request ID: ba45e8f8-146f-46f5-8956-e7809f86a121)" (RequestToken: 17de6002-6f1b-f8b3-9f27-6838f1763a89, HandlerErrorCode: InvalidRequest)
    at FullCloudFormationDeployment.monitorDeployment (/opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:447:10567)
    at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
    at async Object.deployStack2 [as deployStack] (/opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:450:200276)
    at async /opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:450:181698

 ❌ Deployment failed: Error: The stack named CdktestStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: AWS::CloudFront::CachePolicy: The parameter Comment is too big. (Service: CloudFront, Status Code: 400, Request ID: ba45e8f8-146f-46f5-8956-e7809f86a121)" (RequestToken: 17de6002-6f1b-f8b3-9f27-6838f1763a89, HandlerErrorCode: InvalidRequest)
    at FullCloudFormationDeployment.monitorDeployment (/opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:447:10567)
    at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
    at async Object.deployStack2 [as deployStack] (/opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:450:200276)
    at async /opt/homebrew/lib/node_modules/aws-cdk/lib/index.js:450:181698

The stack named CdktestStack failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Resource handler returned message: "Invalid request provided: AWS::CloudFront::CachePolicy: The parameter Comment is too big. (Service: CloudFront, Status Code: 400, Request ID: ba45e8f8-146f-46f5-8956-e7809f86a121)" (RequestToken: 17de6002-6f1b-f8b3-9f27-6838f1763a89, HandlerErrorCode: InvalidRequest)

Per AWS CloudFront > CreateCachePolicy, comment cannot be longer than 128 characters.

@floriangosse Thanks for your PR contribution.

@ashishdhingra ashishdhingra added effort/small Small work item – less than a day of effort and removed needs-reproduction This issue needs reproduction. labels Aug 29, 2024
@ashishdhingra ashishdhingra removed their assignment Aug 29, 2024
@mergify mergify bot closed this as completed in #31251 Aug 29, 2024
@mergify mergify bot closed this as completed in 7803e06 Aug 29, 2024
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

1 similar comment
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 29, 2024
xazhao pushed a commit to xazhao/aws-cdk that referenced this issue Sep 12, 2024
…cy (aws#31251)

### Issue # (if applicable)

Closes aws#31248 .

### Reason for this change



CDK doesn't validate the comment's length in the cache policy now.

### Description of changes



Add validation for the length.

### Description of how you validated changes



unit tests.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Labels
@aws-cdk/aws-cloudfront Related to Amazon CloudFront bug This issue is a bug. effort/small Small work item – less than a day of effort p2
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants