fix(ec2): vpc interface endpoint not attaching to selected subnets (#…#37179
fix(ec2): vpc interface endpoint not attaching to selected subnets (#…#37179
Conversation
…ws#37144) CfnSubnet objects passed within SubnetSelection are now automatically wrapped with Subnet.fromSubnetAttributes to ensure they can be used for things like interface endpoint SubnetIds.
github-actions
bot
added
effort/medium
github-actions
bot
added
the
beginning-contributor
aws-cdk-automation
left a comment
aws-cdk-automation
left a comment
There was a problem hiding this comment.
The pull request linter fails with the following errors:
❌ Fixes must contain a change to an integration test file and the resulting snapshot.
If you believe this pull request should receive an exemption, please comment and provide a justification. A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed, add Clarification Request to a comment.
Adding integration test. Snapshot must be generated by maintainer via CI as local build environment is incompatible.
…property access The build failed because Subnet was not correctly imported from within vpc.ts (where it is defined) and because selection.subnets was being mapped without casting s to CfnSubnet, leading to property access errors on ISubnet.
|
This PR has been in the CHANGES REQUESTED state for 3 weeks, and looks abandoned. Note that PRs with failing linting check or builds are not reviewed, please ensure your build is passing To prevent automatic closure:
This PR will automatically close in 14 days if no action is taken. |
|
This PR has been deemed to be abandoned, and will be automatically closed. Please create a new PR for these changes if you think this decision has been made in error. |
aws-cdk-automation
added
the
closed-for-staleness
aws-cdk-automation
temporarily deployed
to
automation
GitHub Actions
Inactive
|
Comments on closed issues and PRs are hard for our team to see. |
aws-cdk-automation
temporarily deployed
to
automation
GitHub Actions
Inactive
2 participants
fix(ec2): vpc interface endpoint not attaching to selected subnets (#37144)
CfnSubnet objects passed within SubnetSelection are now automatically wrapped with Subnet.fromSubnetAttributes to ensure they can be used for things like interface endpoint SubnetIds.
Issue # (if applicable)
Closes #37144
Reason for this change
When creating a VPC interface endpoint and passing
CfnSubnetobjects directly into thesubnetsarray of SubnetSelection, the generated CloudFormation template results in an emptySubnetIdsarray. This is becauseCfnSubnetis an L1 construct and does not implement the full ISubnet interface, specifically lacking the.subnetIdproperty that the endpoint selection logic relies on, causing it to fail silently.Description of changes
Vpc.selectSubnetObjectsin@aws-cdk/aws-ec2to interceptSubnetSelection.subnetsarrays.CfnSubnet.Subnet.fromSubnetAttributes(this, id, { subnetId: s.ref, ... }), retaining their availability zone and CIDR block properties if available.vpc-endpointconstructs (and anything else utilizing selectSubnetObjects) to extract the proper routing IDs during CloudFormation synthesis.Describe any new or updated permissions being added
N/A - No new permissions or IAM updates are required for this construct logical fix.
Description of how you validated changes
endpoint selection works with L1 CfnSubnet passed as ISubnetin packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint.test.ts.CfnSubnettovpc.addInterfaceEndpoint()properly populates theSubnetIdsproperty with the Ref of the CloudFormation subnet in the synthesized output.Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license