Description
Describe the bug
Basically, the id that's created for the support stack statementId is 5 characters too long (69 characters). It then fails validation and the stack cannot be deployed.
It looks like this has been reported before: #19941.
Expected Behavior
The stack deploys as expected.
Current Behavior
Error Message: Stack Deployments Failed: Error: The stack named ci-cd-EventBusPolicy-support-us-west-2-{account2} failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: 1 validation error detected: Value 'Allow-account-{account2}-c884c8876055cffba97afb1bc5a28125a7cac73762' at 'statementId' failed to satisfy constraint: Member must have length less than or equal to 64 (Service: AWSEvents; Status Code: 400; Error Code: ValidationException; Request ID: c521bf0c-abec-4042-90ed-54823e58a58e; Proxy: null)
Reproduction Steps
import { Stack, StackProps } from 'aws-cdk-lib';
import { IRepository } from 'aws-cdk-lib/aws-codecommit';
import {
CodePipeline,
CodePipelineSource,
ShellStep,
} from 'aws-cdk-lib/pipelines';
import { Construct } from 'constructs';
export interface ReproStackProps extends StackProps {
codeRepository: IRepository;
}
export class CodeStack extends Stack {
public codeRepository: aws_codecommit.IRepository;
constructor(scope: Construct, props: StackProps) {
super(scope, 'CodeStack', props);
this.codeRepository = aws_codecommit.Repository.fromRepositoryName(
this,
'code-repo',
'repo',
);
}
}
export class ReproStack extends Stack {
constructor(scope: Construct, props: ReproStackProps) {
super(scope, 'repro', props);
new CodePipeline(this, 'code-pipeline', {
crossAccountKeys: true,
synth: new ShellStep('synth', {
input: CodePipelineSource.codeCommit(props.codeRepository, 'mainline'),
commands: ['yarn install', 'yarn build'],
}),
});
}
}
const app = new App();
const codeStack = new CodeStack(app, {
env: {
region: 'us-west-2',
account: 'account1',
},
});
new ReproStack(app, {
env: {
region: 'us-west-2',
account: 'account2',
},
codeRepository: codeStack.codeRepository,
});
Possible Solution
When trying to upgrade past version 1.150 we ran into ValidationException while trying to create a EventBusPolicy cross account. This failure is probably happening because of the following line
statementId: Allow-account-${sourceAccount}-${this.node.addr},
It can be found here: https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-events/lib/rule.ts#L400.
Additional Information/Context
No response
CDK CLI Version
2.41.0
Framework Version
No response
Node.js Version
v16.17.0
OS
MacOS Monterey 12.4
Language
Typescript
Language Version
Version 4.8.3
Other information
No response