(cli): `--notification-arns` not validated

[christopher-taormina-zocdoc]

Describe the bug

When deploying using the --notification-arns argument, it's possible to pass in an invalid arn as an SNS topic arn, causing a change set to be uploaded with an invalid arn. If possible, the cli should at least validate the structure of the notification arn's being passed in.

Creating a change set with an invalid SNS arn seems to put the stack into a bad state, as the change seemingly cannot be deleted. So far I've found the only remedy is to delete the stack

Expected Behavior

Expected the cli to throw when receiving invalid notification arns.

Current Behavior

The deploy still uploads a change set with an invalid SNS topic arn.

Reproduction Steps

This can be reproduced easily with any type of stack.

1. Deploy stack without using --notification-arns cdk deploy --require-approval never --all
2. Make a change to the stack and deploy using an invalid notification arn such as arn:aws:sns:us-east-1::some-sns-topic cdk deploy --require-approval never --all --notification-arns arn:aws:sns:us-east-1::some-sns-topic
3. The deploy will fail with a validation error.

 ❌  dev001-ct-s3-test-s3 failed: Error [ValidationError]: Invalid parameter: AccountId (Service: AmazonSNS; Status Code: 400; Error Code: InvalidParameter; Request ID: 8089a9f5-8661-5487-b5db-f2df5a335207; Proxy: null)
    at Request.extractError (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/protocol/query.js:50:29)
    at Request.callListeners (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
  code: 'ValidationError',
  time: 2022-06-20T20:35:30.070Z,
  requestId: 'a5b58918-f6cd-4b36-a9fe-a89aa2f915f7',
  statusCode: 400,
  retryable: false,
  retryDelay: 772.0194690899034
}

4. Try to delete the change set by cli, met with the error An error occurred (InvalidChangeSetStatus) when calling the DeleteChangeSet operation: An operation on this ChangeSet is currently in progress. Please attempt this operation again later.
5. Try to deploy the stack with a valid SNS topic. This is met with the following error

 ❌  dev001-ct-s3-test-s3 failed: InvalidChangeSetStatus: An operation on this ChangeSet is currently in progress.  Please attempt this operation again later.
    at Request.extractError (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/protocol/query.js:50:29)
    at Request.callListeners (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/Users/christopher.taormina/src/intern-cdk/cdk/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
  code: 'InvalidChangeSetStatus',
  time: 2022-06-20T20:39:18.375Z,
  requestId: '83a73e9a-77fc-456c-87ee-ac8a5416946f',
  statusCode: 400,
  retryable: false,
  retryDelay: 92.08934678630065
}

Possible Solution

The nicest thing to have is making a check to see if the SNS topic in fact exists. However even the simplest check for a valid SNS arn structure could prevent this from occurring.

Additional Information/Context

No response

CDK CLI Version

2.27.0

Framework Version

No response

Node.js Version

14.19.1

OS

Macos Monterey

Language

Typescript

Language Version

Typescrit 4.5.5

Other information

No response

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.