aws cdk SSM parameter not available in account

Question

i have a code that reads a value from SSM parameter which is going to be built in codebuild project. For the first time ever run, the value will not exist yet, so i wrote a logic that will catch the error and it is supposed to continue, but even with the logic, i'm still getting

SSM parameter not available in account 1234, region us-east-1: /api-endpoint error stops the codebuild project error

below is the code

let apiEndpoint: string;

    try {
      apiEndpoint = ssm.StringParameter.valueFromLookup(this, `api-endpoint`)
    } catch (error: any) {
      if (error.message.includes('ParameterNotFound')) {
        // Handle the case where the parameter doesn't exist yet
        console.warn('SSM parameter "api-endpoint" not found. Using default value.');
        apiEndpoint = 'default-value';
      } else {
        // Handle other errors
        throw error;
      }
    }

Answer 1

this cannot work. Note that the line ssm.StringParameter.valueFromLookup(this, 'api-endpoint') does not need the await statement. This is because this line does not actually execute any requests to AWS to validate if the parameter exists. For this reason it does not actually throw any errors. Your CDK process only builds a CloudFormation template that inserts contains a reference to this parameter. Then the actual error comes from a whole separate process that is completely outside of your control.

If you want to import an SSM value on your stack, the value must exist beforehand. One way to achieve this could be to create a whole separate stack that initializes the parameter so that then you can import it here.

Answer 2

TL;DR You can't catch the error this way. Perhaps you could create the parameter in the CDK with a dummy value, then have the CodeBuild project update its value.

Why isn't the catch block handling the error?

The catch block won't catch the SSM parameter not available error. It wouldn't handle it even if the error message did contain the text ParameterNotFound. This is because, under the hood, the valueFromLookup method is a so-called context method. It makes an async SDK GetParameter call to fetch the parameter from AWS and caches the result.

Because of this async call, your try-catch block exits before valueFromLookup finishes. See the SO questions Catch statement does not catch thrown error and Why is try {} .. catch() not working with async/await function? for explanations.

You can demonstrate this to yourself by adding a log command below your code:

console.log("after try/catch - will get logged before the error message!");

The following will get logged to the console when you cdk synth:

after try/catch - will get logged before the error message!
after try/catch - will get logged before the error message!
[Error at MyStack] SSM parameter not available in account 1234, region us-east-1: /api-endpoint

(The log message gets logged twice because of the way context fetching is implemented)