Describe the bug
cdk destroy removes all event notifications configured on an existing S3 bucket instead of only CDK managed event notifications. This occurs whenever a stack that creates an event notification for an existing bucket is deleted or rolled back.
Expected Behavior
cdk destroy or a rollback from a failed stack should only delete S3 event notifications created by the stack
Current Behavior
cdk destroy or a rollback from a failed stack removes all S3 event notifications on the bucket
Reproduction Steps
- Create S3 bucket manually through the console
- Create SNS topic manually through the console
- Add event notification on the S3 bucket to the SNS topic through the console
- Create CDK stack that references an existing bucket and creates a new event notification:
bucket = s3.Bucket.from_bucket_arn(self, id="mybucket", bucket_arn="arn:aws:s3:::mybucket")
topic = sns.Topic(self, id="mytopic")
bucket.add_event_notification(s3.EventType.OBJECT_CREATED, s3_notifications.SnsDestination(topic), s3.NotificationKeyFilter(suffix=".1"))
cdk deploy the stackcdk destroy the stack- Observe that all event notifications are now removed from the bucket, including the manually created event notification from step 3.
Possible Solution
The BucketNotificationHandler Lambda function described in #2004 appears to include handling for unmanaged event notifications. Modifying this function to support this scenario should resolve the issue.
Additional Information/Context
No response
CDK CLI Version
2.126.0 (build fb74c41)
Framework Version
No response
Node.js Version
v20.11.0
OS
macOS Ventura 13.6.4
Language
Python
Language Version
Python (3.9.7)
Other information
No response
Describe the bug
cdk destroyremoves all event notifications configured on an existing S3 bucket instead of only CDK managed event notifications. This occurs whenever a stack that creates an event notification for an existing bucket is deleted or rolled back.Expected Behavior
cdk destroyor a rollback from a failed stack should only delete S3 event notifications created by the stackCurrent Behavior
cdk destroyor a rollback from a failed stack removes all S3 event notifications on the bucketReproduction Steps
cdk deploythe stackcdk destroythe stackPossible Solution
The BucketNotificationHandler Lambda function described in #2004 appears to include handling for unmanaged event notifications. Modifying this function to support this scenario should resolve the issue.
Additional Information/Context
No response
CDK CLI Version
2.126.0 (build fb74c41)
Framework Version
No response
Node.js Version
v20.11.0
OS
macOS Ventura 13.6.4
Language
Python
Language Version
Python (3.9.7)
Other information
No response