fix(lambda): custom resource fails to connect to efs filesystem#14431
fix(lambda): custom resource fails to connect to efs filesystem#14431mergify[bot] merged 7 commits intoaws:masterfrom
Conversation
|
|
708c3bd to
7081f4d
Compare
nija-at
left a comment
There was a problem hiding this comment.
Thanks for submitting this PR! @ddneilson
Please see my comments below.
| } | ||
|
|
||
| if (!props.vpc && props.filesystem) { | ||
| throw new Error('Cannot configurea \'filesystem\' without configuring a VPC.'); |
There was a problem hiding this comment.
| throw new Error('Cannot configurea \'filesystem\' without configuring a VPC.'); | |
| throw new Error("Cannot configure 'filesystem' without configuring a VPC."); |
There was a problem hiding this comment.
Fixed in next revision.
| if (!props.vpc && props.filesystem) { | ||
| throw new Error('Cannot configurea \'filesystem\' without configuring a VPC.'); | ||
| } |
There was a problem hiding this comment.
Move this validation into the if (props.filesystem) conditional as well.
There was a problem hiding this comment.
That would be an error, I'm afraid. It would put the check after:
which would cause the condition to never be true.
There was a problem hiding this comment.
I'm not sure I understand the error. Can you explain?
There was a problem hiding this comment.
Mmm. Maybe a miscommunication stemming from ambiguity. I am assuming that you mean this conditional in the same function:
That would be the error I outlined.
But, perhaps you mean one of these conditionals in the constructor?
Checking for the vpc property in one of those, and throwing an error, is redundant. There is an unconditional call to configureVpc() in the same constructor:
So, the only way to not hit the code that I've added here would be to have already thrown an error due to the securityGroup check, which has the same resolution as the error that I have added:
Perhaps it's better to just modify:
to
if ((props.securityGroup || props.allowAllOutbound !== undefined || props.filesystem) && !props.vpc) {
throw new Error('Cannot configure \'securityGroup\', \'allowAllOutbound\', or \'filesystem\' without configuring a VPC');
}?
There was a problem hiding this comment.
For clarity, I meant adding the conditional here right next to where you are adding the new dependencies -
There is an unconditional call to
configureVpc()in the same constructor. So, the only way to not hit the code that I've added here would be to have already thrown an error due to thesecurityGroupcheck, which has the same resolution as the error that I have added.
I'm finding a bit difficult to understand what you're saying here. It's not clear to me why the configureVpc() method has anything to do with this.
Perhaps I didn't explain the intention behind my comment - I wanted to keep the validation around filesystem, in the same place(s) as where the filesystem is being configured. configureVpc() feels like the wrong place.
At a later time (i.e., not in this PR), I'd like to bring all filesystem related code into a single (or a few) methods instead of it littered in the constructor.
There was a problem hiding this comment.
Let me know if you're still having difficulty.
There was a problem hiding this comment.
I'm finding a bit difficult to understand what you're saying here. It's not clear to me why the configureVpc() method has anything to do with this.
The code in question is within configureVpc().... but I digress. Sure, I'll move the check & error to the conditional where the dependencies are being added.
Perhaps I didn't explain the intention behind my comment - I wanted to keep the validation around filesystem, in the same place(s) as where the filesystem is being configured. configureVpc() feels like the wrong place.
Yes. Starting with that would have been useful. :-)
|
|
|
@nija-at Are we good to merge? I do not see any remaining comments that have not been addressed. |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
* chore(cloudfront): remove the use of calculateFunctionHash (#14583) `calculateFunctionHash()` was used to compute the 'refresh token' of the custom resource for the EdgeFunction construct. This method is private to the lambda module and is deemed to be changed. Instead, use the lambda function version's logical id. The logical id of the version includes computing the function hash (among others) and is a more reliable determinant of whether the underlying function version changed. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * feat(cloudwatch): validate parameters for a metric dimensions (closes #3116) (#14365) As per #3116, the changes in this PR validate metric dimension values (length, and checking if the value is null or undefined) and throw errors if the values are not valid. I've also corrected a comment in the metric-types.ts to use the correct method name * feat(appmesh): change HealthChecks to use protocol-specific union-like classes (#14432) BREAKING CHANGE: HealthChecks require use of static factory methods fixes #11640 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * feat(msk): Cluster L2 Construct (#9908) L2 Construct for a MSK Cluster. I wrote this for internal use and thought I'd share it. I tried to follow the [example resource](https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/example-construct-library/lib/example-resource.ts) and [design guidelines](https://github.com/aws/aws-cdk/blob/master/DESIGN_GUIDELINES.md) as much as I could. Default properties were chosen either based on defaults when creating a cluster in the console or defaults set from CloudFormation. Closes #9603 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * feat(kms): allow specifying key spec and key usage (#14478) This allows specifying key spec and key usage, so you can create asymmetric keys. closes #5639 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * chore: add `@types/jest` to a package that was missing it (#14609) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * chore: issue template for bugs to have an SSCCE example (#14615) Ask customers to provide reproducible code snippets to reduce the amount of triage time required. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * fix(cli): synth fails if there was an error when synthesizing the stack (#14613) All stacks created inside a pipeline stage will be flagged for validation. After synth is done, the CLI will validate all flagged stacks plus the stacks that were explicitly specified. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * chore: annotate `aws-lambda-go` with `docker` requirement (#14618) The `nozem` build tool needs to know that `docker` is required to build/test this particular package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * feat(elbv2): preserveClientIp for NetworkTargetGroup (#14589) Allows users to configure client IP preservation for network target groups. See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetgroupattribute.html ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * chore: npm-check-updates && yarn upgrade (#14620) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. * chore(mergify): add @BenChaimberg to team roster * chore(release): 1.103.0 * chore: mark "otaviomacedo" as core contributor (#14619) Co-authored-by: Otavio Macedo <otaviomacedo@protonmail.com> * chore(cli): add npm command to upgrade notice (#14621) A colleague had to go look up the command to update the CDK CLI. It occurred to me that is probably common with developers who don't work with NPM on a daily basis, such as anyone who isn't developing in TypeScript or JavaScript. Put the necessary command right in the upgrade notice. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * fix(lambda): custom resource fails to connect to efs filesystem (#14431) Fixes: #14430 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * feat(cfnspec): cloudformation spec v35.2.0 (#14610) * feat: cloudformation spec v35.2.0 * add spec patches Co-authored-by: AWS CDK Team <aws-cdk@amazon.com> Co-authored-by: Elad Ben-Israel <benisrae@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * fix(lambda-nodejs): handler filename missing from error message (#14564) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* * chore(build): clarify prerequisites in CONTRIBUTING and verify before build (#14642) The build script at the top level of the repository performs a prerequisites check before beginning the build. This verification is not complete as it does not include the required checks for .NET and Python executables. Further, the prerequisites documentation in the contributing guide does not note the Docker requirement. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* Co-authored-by: Niranjan Jayakar <nija@amazon.com> Co-authored-by: OksanaH <34384274+OksanaH@users.noreply.github.com> Co-authored-by: Dominic Fezzie <fezzid@amazon.com> Co-authored-by: Curtis <curtis.eppel@cultureamp.com> Co-authored-by: Shinya Tsuda <shinya@dacci.org> Co-authored-by: Rico Huijbers <rix0rrr@gmail.com> Co-authored-by: Otavio Macedo <otaviomacedo@protonmail.com> Co-authored-by: Griffin Byatt <byatt.griffin@gmail.com> Co-authored-by: Ben Chaimberg <chaimber@amazon.com> Co-authored-by: AWS CDK Team <aws-cdk@amazon.com> Co-authored-by: Mitchell Valine <valinm@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Jerry Kindall <52084730+Jerry-AWS@users.noreply.github.com> Co-authored-by: Daniel Neilson <53624638+ddneilson@users.noreply.github.com> Co-authored-by: Elad Ben-Israel <benisrae@amazon.com>
Fixes: #14430
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license