My CDK project hangs while I try to deploy it with: cdk deploy --require-approval never
I have the following structure to deploy a create-react-app with CDK
package.json # React
src/
public/
cdk/
package.json # CDK
Here is the code that I am using to create a bucket, push build/ folder and issue a route53 record and certificate and create a cloudfront distribution
import { Construct } from "constructs"
import {
Stack,
StackProps,
aws_s3 as s3,
aws_s3_deployment as s3Deploy,
aws_cloudfront as cloudfront,
aws_cloudfront_origins as cloudFrontOrigins,
aws_certificatemanager as acm,
aws_route53 as route53,
aws_route53_targets as route53Targets,
CfnOutput,
} from "aws-cdk-lib"
const bucketName = "my-bucket-name"
const domainName = "subdomain.example.com"
const localFolder = "../build"
const cloudFolder = "minified-react-master"
const oaiID = "XXXXXXXXXXXXXX"
const zoneName = "example.com"
export class CdkStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props)
const websiteBucket = new s3.Bucket(this, "ReferenceBucket", {
bucketName: bucketName,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
})
new s3Deploy.BucketDeployment(this, "DeployStatic", {
sources: [s3Deploy.Source.asset(localFolder)],
destinationBucket: websiteBucket,
destinationKeyPrefix: cloudFolder,
})
const oai = cloudfront.OriginAccessIdentity.fromOriginAccessIdentityName(this, "AccessIdentity", oaiID)
const myHostedZone = new route53.HostedZone(this, "HostedZone", {
zoneName: zoneName,
})
const certificate = new acm.Certificate(this, "Certificate", {
domainName: domainName,
validation: acm.CertificateValidation.fromDns(myHostedZone),
})
const distribution = new cloudfront.Distribution(this, "CloudFrontDist", {
defaultBehavior: {
origin: new cloudFrontOrigins.S3Origin(websiteBucket, {
originPath: `/${cloudFolder}`,
originAccessIdentity: oai,
}),
allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
},
domainNames: [domainName],
certificate: certificate,
priceClass: cloudfront.PriceClass.PRICE_CLASS_100,
minimumProtocolVersion: cloudfront.SecurityPolicyProtocol.TLS_V1_2_2021,
})
new route53.ARecord(this, "AliasRecord", {
zone: myHostedZone,
target: route53.RecordTarget.fromAlias(new route53Targets.CloudFrontTarget(distribution)),
})
new CfnOutput(this, "DistroName", {
value: distribution.distributionDomainName,
description: "Distribution assigned URL",
exportName: "TheAwesomeDistro",
})
}
}
Here are the logs, it took 40 minutes until I finally stopped it
cdk deploy --require-approval never
✨ Synthesis time: 8.7s
stable-project-master: deploying...
[0%] start: Publishing 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[0%] start: Publishing f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[0%] start: Publishing 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
[0%] start: Publishing 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[25%] success: Published 8d5bc80a7b784529c22a0a120c3cfaf04c72cce506110a3233e7566b4c794f3d:current_account-us-east-1
[50%] success: Published f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da:current_account-us-east-1
[75%] success: Published 55f133baccc1d0e4666b88328d51a8c2ff354c919b8e0fa9f045123a19df1b4e:current_account-us-east-1
[100%] success: Published 5d842ebd539c808f49a8b3be08177714858f53cfe65e91e756cdc81f128be2df:current_account-us-east-1
stable-project-master: creating CloudFormation changeset...
stable-project-master | 0/13 | 5:01:35 PM | REVIEW_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:46 PM | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | stable-project-master User Initiated
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 0/13 | 5:01:53 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265) Resource creation Initiated
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 0/13 | 5:01:54 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 0/13 | 5:01:55 PM | CREATE_IN_PROGRESS | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866) Resource creation Initiated
stable-project-master | 0/13 | 5:01:56 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata) Resource creation Initiated
stable-project-master | 1/13 | 5:01:56 PM | CREATE_COMPLETE | AWS::CDK::Metadata | CDKMetadata/Default (CDKMetadata)
stable-project-master | 1/13 | 5:02:02 PM | CREATE_IN_PROGRESS | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023) Resource creation Initiated
stable-project-master | 2/13 | 5:02:02 PM | CREATE_COMPLETE | AWS::Lambda::LayerVersion | DeployStatic/AwsCliLayer (DeployStaticAwsCliLayerB6913023)
stable-project-master | 3/13 | 5:02:08 PM | CREATE_COMPLETE | AWS::IAM::Role | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265)
stable-project-master | 4/13 | 5:02:16 PM | CREATE_COMPLETE | AWS::S3::Bucket | ReferenceBucket (ReferenceBucket7BB82C12)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 4/13 | 5:02:19 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170) Resource creation Initiated
stable-project-master | 4/13 | 5:02:20 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF) Resource creation Initiated
stable-project-master | 5/13 | 5:02:20 PM | CREATE_COMPLETE | AWS::S3::BucketPolicy | ReferenceBucket/Policy (ReferenceBucketPolicy2AFF6170)
stable-project-master | 6/13 | 5:02:34 PM | CREATE_COMPLETE | AWS::IAM::Policy | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C/ServiceRole/DefaultPolicy (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRoleDefaultPolicy88902FDF)
stable-project-master | 6/13 | 5:02:36 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 7/13 | 5:02:41 PM | CREATE_COMPLETE | AWS::Route53::HostedZone | HostedZone (HostedZoneDB99F866)
stable-project-master | 7/13 | 5:02:42 PM | CREATE_IN_PROGRESS | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536) Resource creation Initiated
stable-project-master | 7/13 | 5:02:44 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08)
stable-project-master | 7/13 | 5:02:45 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Resource creation Initiated
stable-project-master | 8/13 | 5:02:50 PM | CREATE_COMPLETE | AWS::Lambda::Function | Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C (CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536)
stable-project-master | 8/13 | 5:02:53 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
stable-project-master | 8/13 | 5:03:17 PM | CREATE_IN_PROGRESS | AWS::CertificateManager::Certificate | Certificate (Certificate4E7ABB08) Content of DNS Record is: {Name: _7fc42ea58e43b5091517f04ac34fcd25.stable-dev.example.com.,Type: CNAME,Value: _d637400f04abfa0e752b5feb9e826cd1.qwknvqrlct.acm-validations.aws.}
stable-project-master | 8/13 | 5:03:38 PM | CREATE_IN_PROGRESS | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246) Resource creation Initiated
stable-project-master | 9/13 | 5:03:38 PM | CREATE_COMPLETE | Custom::CDKBucketDeployment | DeployStatic/CustomResource/Default (DeployStaticCustomResourceF5C70246)
9/13 Currently in progress: stable-project-master, Certificate4E7ABB08
CodePudding user response:
This happens because the hosted zone has to have the proper records for validating your domain. You can create the hosted zone with CDK and then add the required records (as specified by your domain registrar) to transfer the control of the domain to the hosted zone.
After doing this, it will be able to validate the certificate with DNS automatically.
No need to do anything manually.