Unexpected Cloudformation-generated physical resource ID on stack rollback of in-flight custom resources #1814
Comments
icj217
changed the title
|
I would like to bump this as I have been seeing the exact same behaviour as you have outlined here. The physical ID I see being mysteriously generated matches the same format you provided: In my setup that reproduces this, I have several custom resources run simultaneously (they do not depend on one another). While the create handler for these custom resources are running, another resource fails to create, emitting a The custom resource delete handler I have implemented expects the physical ID passed to the delete handler to be the arn of the resource that was created (so that I can delete it). I implemented it this way because as you rightly pointed out the documentation suggests the physical ID in the delete handler will always be the value that was provided by the provider in the create event, and I made sure that this is always the case in my create handler. If a stack rollback occurs, and the custom resource creation cancels, and delete handler being called with this mysterious physical id, an error of course occurs as I implemented it to expect this value to be an ARN. This sounds like a bug to me more than missing documentation. In some respect it doesn't make sense for a custom resource delete handler to run before a response has been put to the cloudformation response bucket by the initial create event. Otherwise, we have a situation whereby the create and delete events are being processed in parallel, and can result in very unpredictable behaviour depending on the logic the custom resource implements. The delete handler being called before create sounds somewhat related, although probably not to these issues: #1730 and aws/aws-cdk#26139 |
|
Hi there, Is there any movement on this issue? Thank you |
Name of the resource
AWS::CloudFormation::CustomResource
Resource name
No response
Reference Link
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/crpg-ref-requesttypes-delete.html
Details
I am observing behavior in Custom Resources that I have been unable to find anywhere else on either the web or AWS documentation. It involves the presence of a value in
PhysicalResourceIdthat I suspect CloudFormation is generating on-the-fly under specific rollback scenarios.This behavior only surfaces during the rollback of a stack creation operation in which a custom resource began to be provisioned prior to the rollback-inducing event.
Here's the sequence of events from CloudFormation's perspective:
AWS::CloudFormation::CustomResourceCREATE_IN_PROGRESS, another resource fails to be createdCREATE_FAILEDevent (with reasonResource creation cancelled) for the custom resourceDELETE_IN_PROGRESS)On the custom resource side, I've observed the following:
Deleterequest for the custom resource (makes sense)Deleterequest is sent before theCreaterequest response was ever received by CFN (makes less sense)Deleterequest contains a physical resource ID that I never set on the resource. It's always a concatenation of a) the stack name, b) the logical ID, and c) some random hash. For example:MYSTACK-LOGICALID-B36FTLCJN97HI've been unable to find any documentation explaining the pseudo-physical resource ID that CloudFormation includes on
Deleterequests sent due to a stack rollback (if that is indeed the intended scenario where this occurs). All documentation implies that thePhysicalResourceIdfield is always a value that was provided by the custom resource provider after a successfulCreaterequest.The text was updated successfully, but these errors were encountered: