通过云形式失败创建GatewayAuthorizer-并发修改
我正在编写一个CF模板,其中包含一个带有某些端点的API网关,一个带有关联域和客户端的Cognito用户池,IDP和授权器。网关以及池和IDP成功创建。
但是,授权者并未成功创建。它本质上是在create_in_progress中长期存在的,然后在ConcandException /并发修改异常中失败:
{
... events ...
"eventTime": "2022-06-24T18:49:48Z",
"eventSource": "apigateway.amazonaws.com",
"eventName": "CreateAuthorizer",
"awsRegion": "eu-west-1",
"sourceIPAddress": "cloudformation.amazonaws.com",
"userAgent": "cloudformation.amazonaws.com",
"errorCode": "ConflictException",
"requestParameters": {
"identitySource": [
"$request.header.Authorization"
],
"name": "JwtCognitoAuthorizer",
"jwtConfiguration": {
"audience": [
"3t5s..."
],
"issuer": "https://cognito-idp.eu-west-1:223249055027.amazonaws.com/eu-west-1_orEMePYWZ"
},
"authorizerType": "JWT",
"apiId": "us0ekpcxhc"
},
"responseElements": {
"message": "Unable to complete operation due to concurrent modification. Please try again later."
},
...
}
我正在为授权者使用以下CF片段:
APIGatewayAuthorizer:
Type: AWS::ApiGatewayV2::Authorizer
Properties:
ApiId: !Ref apiGateway
AuthorizerType: JWT
IdentitySource:
- "$request.header.Authorization"
JwtConfiguration:
Audience:
- !Ref UserPoolClient
Issuer: !Sub 'https://cognito-idp.${AWS::Region}:${AWS::AccountId}.amazonaws.com/${UserPool}'
Name: JwtCognitoAuthorizer
并发修改使其听起来像某种依赖性问题(也许是在创建事物以错误的顺序?)但是我认为云形式本身是纠正的。
我看不到任何其他解决此问题的问题 - 任何建议或链接都赞赏。
谢谢
I'm writing a CF template that contains an API Gateway with some endpoints, a Cognito User Pool with associated Domain and Client, an IDP and an Authorizer. The Gateway is created successfully, as is the Pool and the IDP.
However, the Authorizer is not created successfully. It essentially sits in CREATE_IN_PROGRESS for a very long time and then fails with a ConflictException / Concurrent modification exception:
{
... events ...
"eventTime": "2022-06-24T18:49:48Z",
"eventSource": "apigateway.amazonaws.com",
"eventName": "CreateAuthorizer",
"awsRegion": "eu-west-1",
"sourceIPAddress": "cloudformation.amazonaws.com",
"userAgent": "cloudformation.amazonaws.com",
"errorCode": "ConflictException",
"requestParameters": {
"identitySource": [
"$request.header.Authorization"
],
"name": "JwtCognitoAuthorizer",
"jwtConfiguration": {
"audience": [
"3t5s..."
],
"issuer": "https://cognito-idp.eu-west-1:223249055027.amazonaws.com/eu-west-1_orEMePYWZ"
},
"authorizerType": "JWT",
"apiId": "us0ekpcxhc"
},
"responseElements": {
"message": "Unable to complete operation due to concurrent modification. Please try again later."
},
...
}
I'm using the below CF snippet for the Authorizer:
APIGatewayAuthorizer:
Type: AWS::ApiGatewayV2::Authorizer
Properties:
ApiId: !Ref apiGateway
AuthorizerType: JWT
IdentitySource:
- "$request.header.Authorization"
JwtConfiguration:
Audience:
- !Ref UserPoolClient
Issuer: !Sub 'https://cognito-idp.${AWS::Region}:${AWS::AccountId}.amazonaws.com/${UserPool}'
Name: JwtCognitoAuthorizer
Concurrent modification makes it sound like some sort of dependency issue (maybe things are being created in the wrong order?) but I thought CloudFormation dealt with that itself.
I couldn't see any other question which dealt with this specifically - any suggestions or links appreciated.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论