s3: possible race condition, adding new object to bucket between deletion of bucket objects and bucket deletion prevents deletion

[max-allan-surevine]

Describe the bug

If I create a log bucket. Then a content bucket, using log bucket for server access logs, when I do a "cdk destroy" the access logs are not removed and the stack fails to destroy.

Expected Behavior

The destroy to complete successfully! (The log bucket and content to be removed.)

Current Behavior

Cloudwatch logs for the delete objects Lambda suggests it was successful :

START RequestId: 72426a95-6f49-4d26-9642-2e15450b205a Version: $LATEST
2022-08-26T10:14:21.449Z	72426a95-6f49-4d26-9642-2e15450b205a	INFO	
{
    "RequestType": "Delete",
    "ServiceToken": "arn:aws:lambda:eu-west-2:123492961234:function:CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-kArk0g4I9Il2",
    "ResponseURL": "...",
    "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/0531d0e0-2522-11ed-abbb-0aa24eb467d4",
    "RequestId": "b81d7b6f-c28c-455f-83cf-8cf4be357191",
    "LogicalResourceId": "LogBucketAutoDeleteObjectsCustomResource7762F42C",
    "PhysicalResourceId": "f9dbbbc0-641f-4026-a15e-df345405a307",
    "ResourceType": "Custom::S3AutoDeleteObjects",
    "ResourceProperties": {
        "ServiceToken": "arn:aws:lambda:eu-west-2:123492961234:function:CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-kArk0g4I9Il2",
        "BucketName": "cdkbucketstack-logbucketcc3b17e8-79kbay52r42q"
    }
}

2022-08-26T10:14:27.491Z	72426a95-6f49-4d26-9642-2e15450b205a	INFO	submit response to cloudformation {
  Status: 'SUCCESS',
  Reason: 'SUCCESS',
  StackId: 'arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/0531d0e0-2522-11ed-abbb-0aa24eb467d4',
  RequestId: 'b81d7b6f-c28c-455f-83cf-8cf4be357191',
  PhysicalResourceId: 'f9dbbbc0-641f-4026-a15e-df345405a307',
  LogicalResourceId: 'LogBucketAutoDeleteObjectsCustomResource7762F42C',
  NoEcho: undefined,
  Data: undefined
}
END RequestId: 72426a95-6f49-4d26-9642-2e15450b205a
REPORT RequestId: 72426a95-6f49-4d26-9642-2e15450b205a	Duration: 6312.29 ms	Billed Duration: 6313 ms	Memory Size: 128 MB	Max Memory Used: 81 MB	Init Duration: 174.79 ms	

But the result of the cdk destroy is a fail because there is content :

CdkBucketStack: destroying...
11:15:21 | DELETE_FAILED        | AWS::S3::Bucket             | LogBucketCC3B17E8
The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: HJVZC3J1DP4N2QSM; S3 Extended Request ID: /OcCq7vdx6Yxt6bShdNQhgr8fUI3/pG1gmCuC4cu7dBm3juB+Sa9U+FM+O41vk+FVCV8Xwk49YA=; Proxy: null)


 ❌  CdkBucketStack: destroy failed Error: The stack named CdkBucketStack is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [LogBucketCC3B17E8]. ): The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: HJVZC3J1DP4N2QSM; S3 Extended Request ID: /OcCq7vdx6Yxt6bShdNQhgr8fUI3/pG1gmCuC4cu7dBm3juB+Sa9U+FM+O41vk+FVCV8Xwk49YA=; Proxy: null)

Reproduction Steps

Deploy the template below. Upload your current directory to "bucket" and wait up to an hour until there are some logs in logBucket. Then run the destroy.

(Yes the code is a bit janky, I did a lazy copy/paste and removed some logic that isn't relevant etc...)

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as s3 from 'aws-cdk-lib/aws-s3';
import * as iam from 'aws-cdk-lib/aws-iam';

export class CdkBucketStack extends cdk.Stack {
  public readonly Bucket: cdk.CfnOutput;
  public readonly logBucket: cdk.CfnOutput;
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);
    // Create a bucket for all the different logs.
    let logBucketProps: any = {
        removalPolicy: cdk.RemovalPolicy.DESTROY,
        autoDeleteObjects: true,
        accessControl: s3.BucketAccessControl.LOG_DELIVERY_WRITE,
    };
    logBucketProps["enforceSSL"] = true;
    logBucketProps["encryption"] = s3.BucketEncryption.S3_MANAGED;
    logBucketProps["blockPublicAccess"] = s3.BlockPublicAccess.BLOCK_ALL;
    const logBucket = new s3.Bucket(this, 'LogBucket', logBucketProps);
    logBucket.addToResourcePolicy(
      new iam.PolicyStatement({
        effect: iam.Effect.ALLOW,
        principals: [new iam.ServicePrincipal('logging.s3.amazonaws.com')],
        actions: ['s3:PutObject'],
        resources: [`${logBucket.bucketArn}/*`],
      }),
    );

    let BucketProps: any = {
        removalPolicy: cdk.RemovalPolicy.DESTROY,
        autoDeleteObjects: true,
    };
    BucketProps["enforceSSL"] = true;
    BucketProps["encryption"] = s3.BucketEncryption.S3_MANAGED;
    BucketProps["serverAccessLogsPrefix"] = "output-access-logs/";
    BucketProps["serverAccessLogsBucket"] = logBucket;
    BucketProps["blockPublicAccess"] = s3.BlockPublicAccess.BLOCK_ALL;
    const bucket = new s3.Bucket(this, 'OutputBucket', BucketProps);

    this.Bucket = new cdk.CfnOutput(this, 'S3Bucket', {
      value: bucket.bucketName,
      description: "The bucket",
     });
    this.logBucket = new cdk.CfnOutput(this, 'logS3Bucket', {
      value: logBucket.bucketName,
      description: "The log bucket",
    });
  }
}

Possible Solution

I imagine the "delete content" lambda is not checking some error condition it isn't expecting and reporting success when it hasn't succeeded. The Lambda does get deleted and the code in the Lambda editor is minified so I couldn't easily retry or debug it.

Additional Information/Context

The logic I removed in the code example avoids deleting the content in our "production" deployments. But in dev, we have no need to keep the access logs. So if someone was thinking "but it's log data, we can't delete that", please : do delete any data. Or at least provide a "actuallyAutoDeleteAllObjects: true" option.

CDK CLI Version

2.38.1 (build a5ced21)

Framework Version

No response

Node.js Version

Node.js v18.8.0

OS

OSX

Language

Typescript

Language Version

No response

Other information

No response

[pradoz]

Based on the error you received, it looks like the custom resource didn't actually finish emptying the bucket (although it did try to delete it):

(Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty ...

This can happen when S3 buckets have a large amount of objects in them. I was able to run cdk deploy and cdk destroy with the following [refactored] stack (you can safely remove the IAM policy):

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as s3 from 'aws-cdk-lib/aws-s3';

export class DummyStack extends cdk.Stack {
  public readonly Bucket: cdk.CfnOutput;
  public readonly logBucket: cdk.CfnOutput;
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // Create a bucket for all the different logs.
    const logBucket = new s3.Bucket(this, 'LogBucket', {
        removalPolicy: cdk.RemovalPolicy.DESTROY,
        autoDeleteObjects: true,
        accessControl: s3.BucketAccessControl.LOG_DELIVERY_WRITE,
        enforceSSL: true,
        encryption: s3.BucketEncryption.S3_MANAGED,
        blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
    });

    const bucket = new s3.Bucket(this, 'OutputBucket', {
        removalPolicy: cdk.RemovalPolicy.DESTROY,
        autoDeleteObjects: true,
        enforceSSL: true,
        encryption: s3.BucketEncryption.S3_MANAGED,
        serverAccessLogsPrefix: "output-access-logs/",
        serverAccessLogsBucket: logBucket,
        blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
    });

    this.Bucket = new cdk.CfnOutput(this, 'S3Bucket', {
      value: bucket.bucketName,
      description: "The bucket",
     });
    this.logBucket = new cdk.CfnOutput(this, 'logS3Bucket', {
      value: logBucket.bucketName,
      description: "The log bucket",
    });
  }
}

[peterwoodworth]

I wasn't able to reproduce this with the template and steps provided @max-allan-surevine, maybe @pradoz is right and this is related to having a large number of objects to delete?

[github-actions]

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

[max-allan-surevine]

If the "empty bucket" lambda has not emptied the bucket. Surely it should not be returning with a "Success"? Regardless of the reason why it didn't empty the bucket.
I don't really think that many objects is the problem. The bucket only existed for ~30 minutes and the "content" bucket has a LOT more objects in than the log bucket. Yet IT was deleted OK. (I copy up the local directory, which has all the npm dependencies in)

Did you definitely wait for some content to be published to the log bucket before deleting the stack???

Using the stack @pradoz provided, I still get exactly the same problem. There is a single folder output-access-logs with a single object in it.

The stack was created about 09:55 BST, the object is dated 10:20:50 (BST) , the delete failed at 09:21:07.499Z. So the Lambda appears to be failing to delete a single object.

Is it possible the log delivery mechanism is holding an object "open" and that can't be deleted??

MaAl00350:cdk-bucket max [main] $ cdk deploy

✨  Synthesis time: 8.54s

....
[100%] success: Published e57c1acaa363d7d2b81736776007a7091bc73dff4aeb8135627c4511a51e7dca:current_account-current_region
CdkBucketStack: creating CloudFormation changeset...

 ✅  CdkBucketStack

✨  Deployment time: 67.81s

Outputs:
CdkBucketStack.S3Bucket = cdkbucketstack-outputbucket7114eb27-th0y46k00uu8
CdkBucketStack.logS3Bucket = cdkbucketstack-logbucketcc3b17e8-g0crsksv9497
Stack ARN:
arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86

✨  Total time: 76.35s


MaAl00350:cdk-bucket max [main] $ aws s3 cp --recursive . s3://cdkbucketstack-outputbucket7114eb27-th0y46k00uu8

.....

MaAl00350:cdk-bucket max [main] $ aws s3 ls s3://cdkbucketstack-logbucketcc3b17e8-g0crsksv9497/
MaAl00350:cdk-bucket max [main] $ date
Tue 30 Aug 2022 09:58:35 BST
... time passes...

MaAl00350:cdk-bucket max [main] $ aws s3 ls s3://cdkbucketstack-logbucketcc3b17e8-g0crsksv9497/
                           PRE output-access-logs/
MaAl00350:cdk-bucket max [main] $ date
Tue 30 Aug 2022 10:19:50 BST
MaAl00350:cdk-bucket max [main] $ cdk destroy
Are you sure you want to delete: CdkBucketStack (y/n)? y
CdkBucketStack: destroying...
10:21:07 | DELETE_FAILED        | AWS::S3::Bucket             | LogBucketCC3B17E8
The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: 13B5WKE8TCT9VS8K; S3 Extended Requ
est ID: /7/TL8ibQg7kBnNvHowx/D81U0VISP2NwXFUmne62ZBh4ahsFgTHqnUYHyZRNGnuShor+HdGMQ8=; Proxy: null)


 ❌  CdkBucketStack: destroy failed Error: The stack named CdkBucketStack is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [LogBucketCC3B17E8]. ): The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: 13B5WKE8TCT9VS8K; S3 Extended Request ID: /7/TL8ibQg7kBnNvHowx/D81U0VISP2NwXFUmne62ZBh4ahsFgTHqnUYHyZRNGnuShor+HdGMQ8=; Proxy: null)
    at destroyStack (/usr/local/lib/node_modules/aws-cdk/lib/api/deploy-stack.ts:523:11)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
    at CdkToolkit.destroy (/usr/local/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:469:9)
    at initCommandLine (/usr/local/lib/node_modules/aws-cdk/lib/cli.ts:347:12)

The stack named CdkBucketStack is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [LogBucketCC3B17E8]. ): The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: 13B5WKE8TCT9VS8K; S3 Extended Request ID: /7/TL8ibQg7kBnNvHowx/D81U0VISP2NwXFUmne62ZBh4ahsFgTHqnUYHyZRNGnuShor+HdGMQ8=; Proxy: null)
MaAl00350:cdk-bucket max [main] $ aws s3 ls s3://cdkbucketstack-logbucketcc3b17e8-g0crsksv9497/output-access-logs
                           PRE output-access-logs/
MaAl00350:cdk-bucket max [main] $ aws s3 ls s3://cdkbucketstack-logbucketcc3b17e8-g0crsksv9497/output-access-logs/
2022-08-30 10:20:50      82616 2022-08-30-09-20-49-A7FCC762ED235F70


MaAl00350:cdk-bucket max [main] $ aws cloudformation describe-stack-events --stack-name CdkBucketStack
{
    "StackEvents": [
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "152341c0-2845-11ed-8b22-02fc99796c02",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "CdkBucketStack",
            "PhysicalResourceId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "ResourceType": "AWS::CloudFormation::Stack",
            "Timestamp": "2022-08-30T09:21:09.077Z",
            "ResourceStatus": "DELETE_FAILED",
            "ResourceStatusReason": "The following resource(s) failed to delete: [LogBucketCC3B17E8]. "
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092-DELETE_COMPLETE-2022-08-30T09:21:08.501Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
            "PhysicalResourceId": "CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-G9052CNB9HP",
            "ResourceType": "AWS::IAM::Role",
            "Timestamp": "2022-08-30T09:21:08.501Z",
            "ResourceStatus": "DELETE_COMPLETE",
            "ResourceProperties": "{\"ManagedPolicyArns\":[\"arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole\"],\"AssumeRolePolicyDocument\":{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}}"
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "LogBucketCC3B17E8-DELETE_FAILED-2022-08-30T09:21:07.499Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "LogBucketCC3B17E8",
            "PhysicalResourceId": "cdkbucketstack-logbucketcc3b17e8-g0crsksv9497",
            "ResourceType": "AWS::S3::Bucket",
            "Timestamp": "2022-08-30T09:21:07.499Z",
            "ResourceStatus": "DELETE_FAILED",
            "ResourceStatusReason": "The bucket you tried to delete is not empty (Service: Amazon S3; Status Code: 409; Error Code: BucketNotEmpty; Request ID: 13B5WKE8TCT9VS8K; S3 Extended Request ID: /7/TL8ibQg7kBnNvHowx/D81U0VISP2NwXFUmne62ZBh4ahsFgTHqnUYHyZRNGnuShor+HdGMQ8=; Proxy: null)",
            "ResourceProperties": "{\"PublicAccessBlockConfiguration\":{\"RestrictPublicBuckets\":\"true\",\"BlockPublicPolicy\":\"true\",\"BlockPublicAcls\":\"true\",\"IgnorePublicAcls\":\"true\"},\"BucketEncryption\":{\"ServerSideEncryptionConfiguration\":[{\"ServerSideEncryptionByDefault\":{\"SSEAlgorithm\":\"AES256\"}}]},\"AccessControl\":\"LogDeliveryWrite\",\"Tags\":[{\"Value\":\"true\",\"Key\":\"aws-cdk:auto-delete-objects\"}]}"
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092-DELETE_IN_PROGRESS-2022-08-30T09:21:06.925Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
            "PhysicalResourceId": "CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-G9052CNB9HP",
            "ResourceType": "AWS::IAM::Role",
            "Timestamp": "2022-08-30T09:21:06.925Z",
            "ResourceStatus": "DELETE_IN_PROGRESS",
            "ResourceProperties": "{\"ManagedPolicyArns\":[\"arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole\"],\"AssumeRolePolicyDocument\":{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}}"
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F-DELETE_COMPLETE-2022-08-30T09:21:06.385Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
            "PhysicalResourceId": "CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-u3gSlToflZdO",
            "ResourceType": "AWS::Lambda::Function",
            "Timestamp": "2022-08-30T09:21:06.385Z",
            "ResourceStatus": "DELETE_COMPLETE",
            "ResourceProperties": "{\"Role\":\"arn:aws:iam::123492961234:role/CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-G9052CNB9HP\",\"MemorySize\":\"128\",\"Runtime\":\"nodejs14.x\",\"Description\":\"Lambda function for auto-deleting objects in cdkbucketstack-logbucketcc3b17e8-g0crsksv9497 S3 bucket.\",\"Timeout\":\"900\",\"Handler\":\"__entrypoint__.handler\",\"Code\":{\"S3Bucket\":\"cdk-hnb659fds-assets-123492961234-eu-west-2\",\"S3Key\":\"e57c1acaa363d7d2b81736776007a7091bc73dff4aeb8135627c4511a51e7dca.zip\"}}"
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "OutputBucket7114EB27-DELETE_COMPLETE-2022-08-30T09:21:02.187Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "OutputBucket7114EB27",
            "PhysicalResourceId": "cdkbucketstack-outputbucket7114eb27-th0y46k00uu8",
            "ResourceType": "AWS::S3::Bucket",
            "Timestamp": "2022-08-30T09:21:02.187Z",
            "ResourceStatus": "DELETE_COMPLETE",
            "ResourceProperties": "{\"PublicAccessBlockConfiguration\":{\"RestrictPublicBuckets\":\"true\",\"BlockPublicPolicy\":\"true\",\"BlockPublicAcls\":\"true\",\"IgnorePublicAcls\":\"true\"},\"BucketEncryption\":{\"ServerSideEncryptionConfiguration\":[{\"ServerSideEncryptionByDefault\":{\"SSEAlgorithm\":\"AES256\"}}]},\"LoggingConfiguration\":{\"LogFilePrefix\":\"output-access-logs/\",\"DestinationBucketName\":\"cdkbucketstack-logbucketcc3b17e8-g0crsksv9497\"},\"Tags\":[{\"Value\":\"true\",\"Key\":\"aws-cdk:auto-delete-objects\"}]}"
        },
        {
            "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
            "EventId": "OutputBucket7114EB27-DELETE_IN_PROGRESS-2022-08-30T09:21:01.477Z",
            "StackName": "CdkBucketStack",
            "LogicalResourceId": "OutputBucket7114EB27",
            "PhysicalResourceId": "cdkbucketstack-outputbucket7114eb27-th0y46k00uu8",
            "ResourceType": "AWS::S3::Bucket",
            "Timestamp": "2022-08-30T09:21:01.477Z",
            "ResourceStatus": "DELETE_IN_PROGRESS",
            "ResourceProperties": "{\"PublicAccessBlockConfiguration\":{\"RestrictPublicBuckets\":\"true\",\"BlockPublicPolicy\":\"true\",\"BlockPublicAcls\":\"true\",\"IgnorePublicAcls\":\"true\"},\"BucketEncryption\":{\"ServerSideEncryptionConfiguration\":[{\"ServerSideEncryptionByDefault\":{\"SSEAlgorithm\":\"AES256\"}}]},\"LoggingConfiguration\":{\"LogFilePrefix\":\"output-access-logs/\",\"DestinationBucketName\":\"cdkbucketstack-logbucketcc3b17e8-g0crsksv9497\"},\"Tags\":[{\"Value\":\"true\",\"Key\":\"aws-cdk:auto-delete-objects\"}]}"
        },

[max-allan-surevine]

Oh, and the logs from the auto delete bucket lambda, ran at 9:20:19Z. Which is about 30seconds before the timestamp on the object in the bucket. (10:20:50 BST) :

2022-08-30T09:20:12.560Z	c91433c7-40e7-439c-8a5e-d035fd54c866	INFO	
{
    "RequestType": "Delete",
    "ServiceToken": "arn:aws:lambda:eu-west-2:123492961234:function:CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-u3gSlToflZdO",
    "ResponseURL": "...",
    "StackId": "arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86",
    "RequestId": "7c29bf80-973f-4911-b95a-4060d5a6469a",
    "LogicalResourceId": "LogBucketAutoDeleteObjectsCustomResource7762F42C",
    "PhysicalResourceId": "9942411f-a823-4ea6-bcc1-d5453163cd7a",
    "ResourceType": "Custom::S3AutoDeleteObjects",
    "ResourceProperties": {
        "ServiceToken": "arn:aws:lambda:eu-west-2:123492961234:function:CdkBucketStack-CustomS3AutoDeleteObjectsCustomReso-u3gSlToflZdO",
        "BucketName": "cdkbucketstack-logbucketcc3b17e8-g0crsksv9497"
    }
}

2022-08-30T09:20:19.661Z	c91433c7-40e7-439c-8a5e-d035fd54c866	INFO	submit response to cloudformation {
  Status: 'SUCCESS',
  Reason: 'SUCCESS',
  StackId: 'arn:aws:cloudformation:eu-west-2:123492961234:stack/CdkBucketStack/21276a90-2841-11ed-8b89-0687d8847c86',
  RequestId: '7c29bf80-973f-4911-b95a-4060d5a6469a',
  PhysicalResourceId: '9942411f-a823-4ea6-bcc1-d5453163cd7a',
  LogicalResourceId: 'LogBucketAutoDeleteObjectsCustomResource7762F42C',
  NoEcho: undefined,
  Data: undefined
}
END RequestId: c91433c7-40e7-439c-8a5e-d035fd54c866