Skip to content

(s3): Multiple errors disabling autoDeleteObjects but eventually AutoDeleteObjectsCustomResource deletion succeeds. #14649

New issue
New issue
Closed
Closed
(s3): Multiple errors disabling autoDeleteObjects but eventually AutoDeleteObjectsCustomResource deletion succeeds.#14649
Labels
@aws-cdk/aws-s3Related to Amazon S3bugThis issue is a bug.closed-for-stalenessThis issue was automatically closed because it hadn't received any attention in a while.effort/smallSmall work item – less than a day of effortp2
@rcollette

Description

@rcollette
rcollette
opened on May 12, 2021

Turning off the autodelete option results in 3 instances of an error. CloudFormation says the AutoDeleteObjectsCustomResource could not be deleted but in fact the resource does get deleted. The deployment takes a while due to these errors.

Reproduction Steps

Create a bucket with

 removalPolicy: RemovalPolicy.DESTROY, autoDeleteObjects: true,

Edit the CDK app to set the properties to

 removalPolicy: RemovalPolicy.RETAIN, autoDeleteObjects: false,

What did you expect to happen?

Should remove the autodelete related resources from the stack.

What actually happened?

CDK Output

pdx-PdxApi-buckets-qa: creating CloudFormation changeset... 0/3 | 1:44:39 AM | UPDATE_IN_PROGRESS | AWS::CloudFormation::Stack | pdx-PdxApi-buckets-qa User Initiated 0/3 Currently in progress: pdx-PdxApi-buckets-qa 2/3 | 1:45:14 AM | UPDATE_COMPLETE | AWS::S3::Bucket | DeliveryBucket (DeliveryBucketA9AE6474) 2/3 | 1:45:17 AM | UPDATE_IN_PROGRESS | AWS::S3::BucketPolicy | DeliveryBucket/Policy (DeliveryBucketPolicyB86375F3) 2/3 | 1:45:17 AM | UPDATE_COMPLETE | AWS::S3::BucketPolicy | DeliveryBucket/Policy (DeliveryBucketPolicyB86375F3) 2/3 | 1:45:19 AM | UPDATE_COMPLETE_CLEA | AWS::CloudFormation::Stack | pdx-PdxApi-buckets-qa 2/3 | 1:45:20 AM | DELETE_IN_PROGRESS | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 2/3 | 1:45:29 AM | DELETE_FAILED | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 Received response status [FAILED] from custom resource. Message returned: AccessDenied: Access Denied at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:718:35) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:688:14) at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12) at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9) at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:690:12) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:116:18) (RequestId: 6d33fdd8-5e64-432e-9a2b-ce2dbd8a63db) 2/3 Currently in progress: pdx-PdxApi-buckets-qa 2/3 | 1:48:30 AM | DELETE_IN_PROGRESS | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 2/3 | 1:48:33 AM | DELETE_FAILED | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 Received response status [FAILED] from custom resource. Message returned: AccessDenied: Access Denied at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:718:35) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:688:14) at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12) at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9) at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:690:12) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:116:18) (RequestId: 23a8fc51-68db-461c-b7e4-0e081fc5e586) 2/3 Currently in progress: pdx-PdxApi-buckets-qa 2/3 | 1:51:34 AM | DELETE_IN_PROGRESS | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 3/3 | 1:51:37 AM | DELETE_FAILED | AWS::CloudFormation::CustomResource | DeliveryBucketAutoDeleteObjectsCustomResource70EC3C75 Received response status [FAILED] from custom resource. Message returned: AccessDenied: Access Denied at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:718:35) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:688:14) at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12) at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9) at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:690:12) at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:116:18) (RequestId: 5557075d-2470-48d1-a29f-bf5c334ebb39) 3/3 | 1:51:37 AM | UPDATE_COMPLETE | AWS::CloudFormation::Stack | pdx-PdxApi-buckets-qa Update successful. One or more resources could not be deleted. ✅ pdx-PdxApi-buckets-qa

Stack Events

image

Environment

  • CDK CLI Version : 1.93.0
  • Framework Version: 1.93.0
  • Node.js Version: 14.16.0
  • OS : alpine 3.13
  • Language (Version): Typescript 4.2.3

This is 🐛 Bug Report

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-s3Related to Amazon S3bugThis issue is a bug.closed-for-stalenessThis issue was automatically closed because it hadn't received any attention in a while.effort/smallSmall work item – less than a day of effortp2

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions