Where communities thrive

  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
Repo info
    stack overflow question...
    Jorge Tovar

    Hey folks, how do you go about making a postgres URI connection string from a Credentials.fromGeneratedSecret() call without writing the secrets out using toString()?

    I think I read somewhere making a lambda that does that, but man that seems kinda overkill-ish

      const dbCreds = Credentials.fromGeneratedSecret("postgres")
      const username = dbCreds.username
      const password = dbCreds.password
      const uri = `postgresql://${username}:${password}@somerdurl/mydb?schema=public`
    Pretty sure I can't do the above. However my hasura and api ECS containers need connection strings like the above, so I figure this is probably a solved thing?
    Răzvan Botea
    Hello guys, I have a simple question, ContainerDefinition construct doesn't seem to support SystemControls, so I have to use the Cfn counterpart , but mixing Cfn objects with non-Cfn* ones gets real messy and I haven't had luck making it work. Is there a way to add arbitrary properties to the resources? this sounds like a bad idea, but I really need that property to set on the ContainerDefinition. Related github issue: aws/aws-cdk#16025
    Is there a recommended directory/project structure for cdk constructs, that might be shared in projects, and will include lambda code that will need to be tested?
    Hello everyone, Please I am trying to use an existing API gateway as an Event Source for Lambda in AWS CDK, I am using the addEventSource(new ApiEventSource(...)) method but it seems to be creating a new API gateway and using the newly created one instead, Please can any help?
    Chen Hong
    Hello all, Is fromLookup the only wat to get an ec2.vpc (to pass down to say an rds) when dealing with a CfnVPC? My application creates both the VPC and the RDS but the VPC is being created via Cfn and RDS won’t take that object by ref (missing interfaces)…
    😄 I'm looking for answer for a exactly opposite way : given a level 2 object VPC, I want to get it's level 1 object CfnVPC, so far not luck
    Igshaan Mesias

    Hi, I'm following examples of the cdk workshop here: https://github.com/aws-samples/aws-cdk-intro-workshop/blob/67c541fb1314c057e90d41804e8924845d080403/code/python/pipelines-workshop/cdk-workshop/pipeline_stack.py
    I see they make the value a CfnOutput, however when I pass values from one stack to another in a pipeline let's say eg.

    class CmkStack(cdk.Stack):
        def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs):
            super().__init__(scope, construct_id, **kwargs)
            k = aws_kms.Key(
                    description='Test CMK',
            self._key_arn = cdk.CfnOutput(
                description='Test CMK Output'
        def key_arn(self) -> str:
            return self._key_arn
    class CmkStage(cdk.Stage):
        def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs):
            super().__init__(scope, construct_id, **kwargs)
            cmk = CmkStack(self, 'CMK')
            self._key_arn = cmk.key_arn
        def key_arn(self) -> str:
            return self._key_arn

    and in somewhere I have a pipeline.py that says...

    cmk = CMKStage(self, 'MyCMKStage')
    cmk_stage = pipeline.add_application_stage(cmk)
    bucket = BucketStage(self, 'BuckeStage', cmk=pipeline.stack_output(cmk.key_arn))

    It resulrs in

    jsii.errors.JSIIError: Expected a string, got {"$jsii.byref":"@aws-cdk/pipelines.StackOutput@10027"}

    I also know that I can use SSM parameters to store values between stages however the Cdk workshop examples work I assumed this would too.

    Igshaan Mesias
    Any idea on what I'm perhaps doing incorrectly?
    Any idea on adding tags to s3 bucket
    I am looking for a solution adding tags to s3 bucket using cdk typescript
    does anyone know of a custom resource that will get an ALB priority dynamically?
    Z. Michael Gehlke
    Hi -- can someone explain how to set the bootstrap stack/bucket names? I keep finding references that it's possible to configure in cdk.json, but there doesn't seem to actually be documentation on how to configure the cdk via that file.
    patrick devlin
    Is there any way to ignore JSII8002? - I'm loading data from a file (yaml CloudFormation template). I'm trying to extract some data from the template so I defined some interfaces. JSII doesn't like that the interfaces are not camelCase.
    patrick devlin
    https://aws.github.io/jsii/user-guides/lib-author/configuration/#diagnostics eludes that this is possible but i get the following error; Error: Error: Illegal attempt to override category of error 8002 to Suggestion
    patrick devlin
    • Update the diagnostic category for this particular code. If isError is
    • true, attempting to set anything other than ts.DiagnosticCategory.Error
    • will result in an error being throw.
    Mitch Lloyd
    Does anyone have any tips for making a library work with CDK v1, CDKv2, and monocdk? Worst case here is perhaps publishing a library for each one. But is there something less awful?
    Alexandr Cherednichenko

    I have the CDK Pipeline with a stage that builds and pushes several docker containers to ECR (3 of them)
    It is supposed to do that in parallel but I’ve noticed that each action actually waiting for another to finish before start building.
    I have exactly the same configuration on another project and there it builds everything in parallel.

    Can it be the account tier limitation (paid vs free) ??

    Screenshot 2021-08-30 at 00.44.43.png
    Alexandr Cherednichenko
    So basically all other build actions remain in the “SUBMITTED” state if another action is running:
    Screenshot 2021-08-30 at 01.26.10.png
    and proceeds only when the running action finishes
    Alexandr Cherednichenko
    Yes it is the free tier limit. You can have only 1 codebuild at a time
    can fargate services be deployed to use spot pricing?
    1 reply
    I dont see where you can specify a spot price for fargate instances, unlike ec2 instances

    It is being used as below code.

    const mediaStoreContainer = new mediastore.CfnContainer(this, 'mediaStoreContainer', {
          containerName: 'MediaStoreContainer',
          accessLoggingEnabled: true,

    I've tried many ways, but I can't find it.

    Please tell me how I can get it.
    Louis Quaintance
    Hi there, i'm connecting to an external app using the FIX protocol and its over SSL tcp. It's running in Fargate inside our VPC and communicating to the external service via the nat gateways. Is it possible to maintain a persistent connection like this with Fargate? The reason I ask is that the socket hangs up almost instantaneously after making a connection? Any pointers would be much appreciated
    Is there any code examples of Python constructs using the assertion modules for tests? I could only find NPM based examples, and I think I'm missing something for the Python executions

    I operate the code below, an error occurs.

    cfnDomainName := domainNameApi.Node().DefaultChild().(awsapigateway.CfnDomainName)

    *awscdk.jsiiProxy_IConstruct is not awsapigateway.CfnDomainName: missing method AddDeletionOverride

    How should I solve this?

    Alden Prudent
    Hey so I'm trying to add a lifecyclehook to an autoscaling group but I can't seem to figure out what CDK wants for notificationtarget. I understand I could put in SQS or SNS but I don't see any of those resources when I add a LCH via the console. It also seems like it's maybe not even a field really needed here but I can't seem to get past it. Any thoughts?
    1 reply
    hi everyone, i'm trying to create a security group with an inbound NFS rule
    anyone know which enum this corresponds to for ec2.Protocol.?
    any well managed CDK based docker containers out there, something that can be used in a CI/CD pipeline? Thinking something that keeps up with latest CDK releases, AWS CLI, etc?

    Just starting out with the cdk using JavaScript (previously using Python) and I'm encountering an issue with the env region/name not being detected correctly. I've declared it as part of the stack, same way I do with Python, but it's just erroring...anyone encountered similar?

    class myStack extends cdk.Stack {
      constructor(scope, id, props) {
        super(scope, id, props);
        const vpc = ec2.Vpc.fromLookup(this, "myVPC", {vpcId: 'vpc-1234567'});
    module.exports = { myStack }
    const app = new cdk.App();
    const envEU = { account:'1234567890', region:'eu-west-1' };
    new myStack(app, 'my-test-stack', {
      env: envEU,

    running cdk synth I get:

    Error: Cannot retrieve value from context provider vpc-provider since account/region are not specified at the stack level. Configure "env" with an account and region when you define your stack.See https://docs.aws.amazon.com/cdk/latest/guide/environments.html for more details.

    1 reply


    trying to create an A record in a hosted zone for an excisting application loadbalancer.
    but then getting to following error

    Invalid request: Expected exactly one of [AliasTarget, all of [TTL, and ResourceRecords], or TrafficPolicyInstanceId], but found none in Change with [Action=CREATE, Name=xxxx.xxx.com., Type=A, SetIden
    tifier=null] (Service: AmazonRoute53; Status Code: 400; Error Code: InvalidInput; Request ID: ac5b8af8-3998-41af-a19d-1e3f898b18b5; Proxy: null)

    with and cdk synth it also doesn't show any resource records

    Type: AWS::Route53::RecordSet
    Name: xxx.xxxx.com
    Type: A
    Ref: xxxsdsaa213
    TTL: "1800"

    The code is as followed, already tried many options to point an A record to and excisting loadbalancer or is there an other way how to handle this?

    r53.ARecord(self, "alias", zone=self.hosted_zone1, record_name="xxx." + params.app_domain1, target=r53.RecordTarget(alias_target=r53.IAliasRecordTarget.bind( self, record=r53.AliasRecordTargetConfig(dns_name="dualstack.applicationloadbalancer.com", hosted_zone_id="123456789"))))
    in EKS,i am not able to see my nodegroups in console, it shows RBAC problem but i dont know how to recorrect, not able to understand.
    I dislike Google more every day. Setup fluentd to deploy via cdk and setup the log driver that I thought would work based on a quick google search.
    Turns out fargate cant have a fluentd log driver
    But at a glance google sure sells it
    hello everyone,
    updated CDK from 1.90.1 to 1.122.0 and cdk deploy '*' doesn't deploy all stacks anymore only the top level one
    if i call cdk list i can see all the stacks (eg.: Main, Main/Db, Main/Lambdas etc.) but only Main is deployed.
    Any hints on why this broke or what i'm doing wrong would be much appreciated. Ty
    /shrug seems like cdk deploy --all still works. i was under the impression that this was just an alias for '*' (wildcard)
    cdk synth '*' still works btw

    docs (https://docs.aws.amazon.com/cdk/latest/guide/cli.html#cli-stacks) has the following:

    If your app uses CDK Pipelines, the CDK Toolkit understands your stacks and stages as a hierarchy, and the --all option and the * wildcard only match top-level stacks. To match all the stacks, use **. Also use ** to indicate all the stacks under a particular hierarchy.

    (i don't have a pipeline setup for this env/deployment but it exists in a different account/env not sure how it's relevant)
    so according to the above cdk deploy '*' only deploys top level stacks now and that's correct, however running with --all still deploys all substacks even tho it should not
    while cdk synth '*' still synthetizes all stacks :-/