Skip to content

aws-route53: Not able to retrieve Name Servers for fake-name due to it being imported. CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers #30600

Closed
Closed
aws-route53: Not able to retrieve Name Servers for fake-name due to it being imported. CrossAccountZoneDelegationRecord delegatedZone validation on NameServers blocks using Custom Resource to retrieve NameServers#30600
#30606 (+8)
Assignees
samson-keung
Labels
@aws-cdk/aws-route53Related to Amazon Route 53bugThis issue is a bug.effort/smallSmall work item – less than a day of effortmanagement/trackingIssues that track a subject or multiple issuesp0
@samson-keung

Description

@samson-keung
samson-keung
opened on Jun 20, 2024

Please add your +1 👍 to let us know you have encountered this

Status: RESOLVED

Overview:

Versions 2.145.0-2.147.0 will throw a synthesis error when passing an imported delegatedZone to route53.CrossAccountZoneDelegationRecord. For example, the following code will throw:

   const parentZone = new route53.PublicHostedZone(stack, 'ParentHostedZone', {
      zoneName: 'myzone.com',
    });

    const childZone = route53.PublicHostedZone.fromPublicHostedZoneAttributes(stack, 'ChildHostedZone', {
      hostedZoneId: 'my-id',
      zoneName: 'my-name,
    });

 new route53.CrossAccountZoneDelegationRecord(stack, 'Delegation', {
      delegatedZone: childZone,
      parentHostedZoneId: parentZone.hostedZoneId,
      delegationRole: parentZone.crossAccountZoneDelegationRole,
    });

Complete Error Message:

Not able to retrieve Name Servers for my-name due to it being imported.

Workaround:

Pin the version of aws-cdk-lib to 2.144.0.

Solution:

Related Issues:

Original Report

Describe the bug

The fix in #30440 is blocking users from using custom resource to retrieve the delegated zone name servers.

Expected Behavior

CDK should not throw error that blocks the user when the delegated zone is imported and does not have Name Servers information as users can use custom resource to retrieve the NS.

Current Behavior

CrossAccountZoneDelegationRecord throws when delegatedZone is imported.

Reproduction Steps

Following code will throw the error in question:

    const stack = new Stack();
    const parentZone = new route53.PublicHostedZone(stack, 'ParentHostedZone', {
      zoneName: 'myzone.com',
      crossAccountZoneDelegationPrincipal: new iam.AccountPrincipal('123456789012'),
    });

    // WHEN
    const childZone = route53.PublicHostedZone.fromPublicHostedZoneAttributes(stack, 'ChildHostedZone', {
      hostedZoneId: 'fake-id',
      zoneName: 'fake-name',
    });

    new route53.CrossAccountZoneDelegationRecord(stack, 'Delegation', {
      delegatedZone: childZone,
      parentHostedZoneId: parentZone.hostedZoneId,
      delegationRole: parentZone.crossAccountZoneDelegationRole,
    });

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.146.0

Framework Version

No response

Node.js Version

20

OS

mac

Language

TypeScript

Language Version

No response

Other information

No response

Metadata

Metadata

Assignees

Labels

@aws-cdk/aws-route53Related to Amazon Route 53bugThis issue is a bug.effort/smallSmall work item – less than a day of effortmanagement/trackingIssues that track a subject or multiple issuesp0

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions