Something in the AWS CLI code for TLS certificates is changed in the /root directory on Linux | by Teri Radichel | Biting Bugs | December 2023


Does the AWS CLI move to the root directory when CloudFormation deploys TLS certificates? No: but changing to the wrong directory could result in invalid TLS algorithm deployments.

I’ve written time and time again about how I use a common function to deploy CloudFormation stacks.

I migrated my code to my new framework without the “context switch” to move from one directory to another using the “cd” command. This context switch was happening in a single function, but I assumed I had a bug somewhere because when I ran the TLS certificate deployment I was somehow in the wrong directory when I Tried to deploy my TLS certificate. I noted this in my code, reverted to the correct directory at deployment time, and continued.

Now in my new code structure there is no context switching. There is not a single CD order. I run each line of code from a single directory named “job” in my container. all paths are relative to this folder only. The whole context switching process was error-prone, risky and buggy. This was not feasible for a long term solution, so I eliminated it and significantly reduced and simplified the code.

I moved my certificate code into the new framework and it still says the template I’m trying to deploy doesn’t exist. Eh?

I always print the command the program is trying to execute when it deploys a resource so I can test it manually. I can see that the model path looks correct. Actually, if I use cat or vi with the path in this command, the file is opened successfully.

So, is the file not copied to the container or what?

I added the following lines of code to my deploy function just before the call to deploy the resource:

> print the working directory

> list each file in the path

> cat the supposedly missing file.

Here’s what’s happening: I’m currently in the root directory when I try to deploy TLS…

Leave a comment