Skip to content
This repository has been archived by the owner on May 29, 2024. It is now read-only.

Invalid template is built (InnovationSandboxSbxAccount.template) #14

Open
limejuny opened this issue Nov 3, 2022 · 1 comment
Open

Invalid template is built (InnovationSandboxSbxAccount.template) #14

limejuny opened this issue Nov 3, 2022 · 1 comment

Comments

@limejuny
Copy link
Contributor

limejuny commented Nov 3, 2022

When I build this solution with node v14.20.1, deployment/regional-s3-assets/InnovationSandboxSbxAccount.template is created like this.

...
    "SandboxServiceRoleDAAF0320": {
      "Type": "AWS::IAM::Role",
      "Properties": {
        "AssumeRolePolicyDocument": {
          "Statement": [
            {
              "Action": "sts:AssumeRole",
              "Effect": "Allow",
              "Principal": {
                "Service": "apigateway.amazonaws.com"
              }
            },
            {
              "Action": "sts:AssumeRole",
              "Effect": "Allow",
              "Principal": {
                "Service": "athena.amazonaws.com"
              }
            },
            {
              "Action": "sts:AssumeRole",
              "Effect": "Allow",
              "Principal": {
                "Service": "autoscaling.amazonaws.com"
              }
            },

...

But the sample template and source/test/__snapshots__/cdk.test.ts.snap is like this.

...
    "SandboxServiceRoleDAAF0320": {
      "Type": "AWS::IAM::Role",
      "Properties": {
        "AssumeRolePolicyDocument": {
          "Statement": [
            {
              "Action": "sts:AssumeRole",
              "Effect": "Allow",
              "Principal": {
                "Service": [
                  "apigateway.amazonaws.com",
                  "athena.amazonaws.com",
                  "autoscaling.amazonaws.com",
                  "cloudtrail.amazonaws.com",
...

In this reason, the stack is fail with message Cannot exceed quota for ACLSizePerRole, and I get the same error even if increase the service quota to the maximum. (no error occurs when use sample template.)

And when I try to build this solution with node v16.18.0, it doesn't build successfully with this message.

...
npm install
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/jest
npm ERR!   dev jest@"^25.5.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer jest@"^26.4.2" from @aws-cdk/[email protected]
npm ERR! node_modules/@aws-cdk/assert
npm ERR!   dev @aws-cdk/assert@"1.64.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /home/ubuntu/.npm/eresolve-report.txt for a full report.
...

If this code doesn't wrong, I think it because node version's difference.
What is the project's standard node version?
I think a node version for the build should be specified in README (or any other place).

Thanks.
@peterjgrainger
Copy link

peterjgrainger commented Feb 20, 2023
edited
Loading

node v16 doesn't work either.

I think it's because of aws/aws-cdk#18564

It's because the AssumeRolePolicyDocument for role SandboxServiceRoleDAAF0320 is too long. That PR fixes it in version 1.50.0, though I still couldn't get it to work. I changed it manually.

I'm not sure how the sample was created

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@peterjgrainger @limejuny