CloudFormation did not receive a response from your Custom Resource about cloudfront-authorization-at-edge HOT 19 CLOSED

Ok, I'll try and get you that data today after all my morning meetings :) Yeah, I used the --disable-rollback function since we're testing in our nonprod environment just for that reason. I've just not been able to find anything in cloudwatch related to why it's not initiating the creation of those 3 custom resources. Hope to have more info for you soon!

from cloudfront-authorization-at-edge.

Looks like you need to still run npm install in the root of the repo first, that should install typescript.

from cloudfront-authorization-at-edge.

Great! Our perseverance payed off in the end

from cloudfront-authorization-at-edge.

Can't explain it, it is really weird that some custom resources would time-out while others don't. All of them have been coded similarly and handle uncaught exceptions. They don't need permission to callback to the CloudFormation signed URL, so that can't be it either.

You'll have to look in the CloudWatch logs of the concerned Lambda functions and see what that says. Log group names you'll need to look in should be similar to:

• ...RandomValueGenerator...
• ...LambdaCodeUpdateHandler...
• ...StaticSiteHandler...

from cloudfront-authorization-at-edge.

Tried looking in Cloudwatch, but since it doesn't initiate the creation of those custom resources, there's nothing in Cloudwatch to point us in a direction. This is literally the only thing holding up the full deployment at this stage from what I can see.

from cloudfront-authorization-at-edge.

Can you paste a screenshot here, of the CloudFormation events tab that shows the errors?

You could try navigating to these lambda functions and just running them with a test payload (doesn't have to be meaningful) just to see what you get yourself if you try to invoke them. There might be a very fundamental error, that prevents CloudFormation from running them, you should see that yourself then too.

• ...RandomValueGenerator...
• ...LambdaCodeUpdateHandler...
• ...StaticSiteHandler...

from cloudfront-authorization-at-edge.

Hi Otto,
Here's the screenshot you requested

The problem with trying a test payload against them is that you can't actually get into the resources in Lambda because they aren't being created. There's just placeholder names there, but they're not clickable to get into them. See this screenshot:

So, whatever is going on, is preventing these final 3 resources to be created. We see it get to the Create Initiated step but it never actually creates them, then fails after an hour when it exhausts its retry limit. Since it never starts the creation, there's no logs that I can find either.

As always, I appreciate your help and feedback on this. You're awesome!

from cloudfront-authorization-at-edge.

As always, I appreciate your help and feedback on this. You're awesome!

Cheers mate!

I see e.g. "StaticSiteHandler" is blue and a valid link? That's what I'd be after, that takes you to the Lambda that implements the "StaticSite". If you run that Lambda manually, with a dummy payload, what happens? It should fail because that dummy payload is invalid (expected) but not because of some other error (like import errors, or code parse errors).

Note, that Lambda function should write logs to CloudWatch (that you can navigate to from within the Lambda function, in the monitoring tab). The Lambda function might be cleaned up by CloudFormation when the stack fails to deploy (unless you use --disable-rollback), but the logs should remain -- they must hold the answer to what goes wrong.

from cloudfront-authorization-at-edge.

So, one this I see is this (just trying to click through to Cloudwatch from StaticSiteHandler): Log group does not exist. The specific log group: /aws/lambda/uopx-nonprod-myresource-StaticSiteHander-xxxxxxxxxx does not exist in this account or region. That's not what I should see correct?

from cloudfront-authorization-at-edge.

Just for giggles, I ran a test using the default test data (no passing in anything really) and this is the error I see:
START RequestId: d25396a4-70d8-4d9c-8747-9b52139735bb Version: $LATEST
2022-03-16T16:10:57.830Z undefined ERROR Uncaught Exception {"errorType":"Runtime.HandlerNotFound","errorMessage":"index.handler is undefined or not exported","stack":["Runtime.HandlerNotFound: index.handler is undefined or not exported"," at Object.module.exports.load (/var/runtime/UserFunction.js:246:11)"," at Object. (/var/runtime/index.js:43:30)"," at Module._compile (internal/modules/cjs/loader.js:1085:14)"," at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)"," at Module.load (internal/modules/cjs/loader.js:950:32)"," at Function.Module._load (internal/modules/cjs/loader.js:790:12)"," at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:76:12)"," at internal/main/run_main_module.js:17:47"]}
2022-03-16T16:10:57.835Z undefined ERROR (node:9) Warning: Accessing non-existent property 'handler' of module exports inside circular dependency
(Use node --trace-warnings ... to show where the warning was created)
2022-03-16T16:10:57.998Z undefined ERROR Uncaught Exception {"errorType":"Runtime.HandlerNotFound","errorMessage":"index.handler is undefined or not exported","stack":["Runtime.HandlerNotFound: index.handler is undefined or not exported"," at Object.module.exports.load (/var/runtime/UserFunction.js:246:11)"," at Object. (/var/runtime/index.js:43:30)"," at Module._compile (internal/modules/cjs/loader.js:1085:14)"," at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)"," at Module.load (internal/modules/cjs/loader.js:950:32)"," at Function.Module._load (internal/modules/cjs/loader.js:790:12)"," at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:76:12)"," at internal/main/run_main_module.js:17:47"]}
2022-03-16T16:10:58.002Z undefined ERROR (node:9) Warning: Accessing non-existent property 'handler' of module exports inside circular dependency
(Use node --trace-warnings ... to show where the warning was created)
END RequestId: d25396a4-70d8-4d9c-8747-9b52139735bb
REPORT RequestId: d25396a4-70d8-4d9c-8747-9b52139735bb Duration: 112.46 ms Billed Duration: 113 ms Memory Size: 2048 MB Max Memory Used: 12 MB
Unknown application error occurred
Runtime.HandlerNotFound

from cloudfront-authorization-at-edge.

Well there's the culprit.

Not sure I understand the error completely. Was compiling the .ts files into .js files successful? (npm run build or npx tsc directly)

from cloudfront-authorization-at-edge.

Good question. Let me rerun the build and see what happens. It's been a minute. Stand by!

from cloudfront-authorization-at-edge.

So, no, it's not compiling looks like (using npm run build):

[email protected] build /Users/xxx/Desktop/Projects/cloudfront-authorization-at-edge-master 4
npm run tsc && npm run webpack

[email protected] tsc /Users/xxx/Desktop/Projects/cloudfront-authorization-at-edge-master 4
npx tsc -b

npx: installed 1 in 1.389s

            This is not the tsc command you are looking for                

To get access to the TypeScript compiler, tsc, from the command line either:

• Use npm install typescript to first add TypeScript to your project before using npx
• Use yarn to avoid accidentally running code from un-installed packages
  npm ERR! code ELIFECYCLE
  npm ERR! errno 1
  npm ERR! [email protected] tsc: npx tsc -b
  npm ERR! Exit status 1
  npm ERR!
  npm ERR! Failed at the [email protected] tsc script.
  npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
  npm WARN Local package.json exists, but node_modules missing, did you mean to install?

npm ERR! A complete log of this run can be found in:
npm ERR! /Users/xxx/.npm/_logs/2022-03-16T16_27_18_319Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] build: npm run tsc && npm run webpack
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm WARN Local package.json exists, but node_modules missing, did you mean to install?

npm ERR! A complete log of this run can be found in:
npm ERR! /Users/xxx/.npm/_logs/2022-03-16T16_27_18_349Z-debug.log

from cloudfront-authorization-at-edge.

Ok, I did npm install and then npm run build, and that all worked, so cheers on that! Should I do another sam deploy now and see if we get different results? Sorry for all the stupid questions, I'm just still very new with all this.

from cloudfront-authorization-at-edge.

Should I do another sam deploy now

Indeed. Basically follow these instructions closely:

https://github.com/aws-samples/cloudfront-authorization-at-edge#deployment

from cloudfront-authorization-at-edge.

Yeah, I thought I did, but apparently not, so I feel a little foolish possibly wasting your time. I appreciate your patience! I'm going to clean up my current deploy (since it'll want to delete those 3 failed resources anyway) but that requires another team since they handicap our ability to delete resources (frustrating). I'll get back to you with updated results later today.

from cloudfront-authorization-at-edge.

Sure thing, and no worries -- debugging Custom Resources can be a pain unfortunately.

from cloudfront-authorization-at-edge.

Hi Omar!

Well, it MOSTLY worked this time!! All the custom resources created, the only thing that failed was the actual S3 bucket creation with this error: CREATE_FAILED AWS::S3::Bucket S3Bucket Value of property Tags must be of type List

That's something we should be able to work through I think. I just have to figure out where it's failing on that. We added some Tags: properties within the S3 bucket resource because it wasn't creating them and getting purged by our sentinel policies. Thanks so much. I'll let you know when we're 100% successful, but we're almost there :)

from cloudfront-authorization-at-edge.

We finally got a full deploy done. Looks like everything is good now (we fixed the cloudfront log ACL issue on our end and added in Tags in the S3 bucket resource). Thank again for your help!!

from cloudfront-authorization-at-edge.