From 31d3f48ce7c19d0e345c1fcc90a0f8d7c7a549fb Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Fri, 9 Aug 2024 15:12:11 -0700 Subject: [PATCH 01/44] Add RouteTable addRoute method --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 21 +++ .../aws-cdk-routev2-alpha.assets.json | 4 +- .../aws-cdk-routev2-alpha.template.json | 2 +- ...routev2-dynamodbendpoint-alpha.assets.json | 4 +- ...utev2-dynamodbendpoint-alpha.template.json | 2 +- ...dk-routev2-egressonlyigw-alpha.assets.json | 4 +- ...-routev2-egressonlyigw-alpha.template.json | 36 +++- .../aws-cdk-routev2-igw-alpha.assets.json | 4 +- .../aws-cdk-routev2-igw-alpha.template.json | 2 +- ...ws-cdk-routev2-networkif-alpha.assets.json | 4 +- ...-cdk-routev2-networkif-alpha.template.json | 2 +- ...cdk-routev2-privatenatgw-alpha.assets.json | 4 +- ...k-routev2-privatenatgw-alpha.template.json | 2 +- ...-cdk-routev2-publicnatgw-alpha.assets.json | 4 +- ...dk-routev2-publicnatgw-alpha.template.json | 2 +- ...routev2-virtualprivategw-alpha.assets.json | 4 +- ...utev2-virtualprivategw-alpha.template.json | 2 +- ...outev2-vpcpeerconnection-alpha.assets.json | 4 +- ...tev2-vpcpeerconnection-alpha.template.json | 2 +- .../integ.route-v2.js.snapshot/manifest.json | 39 +++-- .../test/integ.route-v2.js.snapshot/tree.json | 158 ++++++++++++------ .../aws-ec2-alpha/test/integ.route-v2.ts | 14 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 39 +++++ 23 files changed, 254 insertions(+), 105 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 3a6a0ea5cd717..3b5591431ad29 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -569,6 +569,27 @@ export class RouteTable extends Resource implements IRouteTable, IDependable { this.routeTableId = this.resource.attrRouteTableId; } + + /** + * Add a new route to the route table. + * @param destination The IPv4 or IPv6 CIDR block used for the destination match. + * @param target The gateway or endpoint targeted by the route. + */ + public addRoute(destination: string, target: RouteTargetType) { + if (!target.gateway && !target.endpoint) { + throw new Error('Target is defined without a gateway or endpoint.'); + } + + let routerType: RouterType = target.gateway ? target.gateway.routerType : RouterType.VPC_ENDPOINT; + let routerTargetId: string = target.gateway ? target.gateway.routerTargetId : target.endpoint!.vpcEndpointId; + + new CfnRoute(this, 'Route', { + routeTableId: this.routeTableId, + destinationCidrBlock: destination, + destinationIpv6CidrBlock: destination, + [routerTypeToPropName(routerType)]: routerTargetId, + }); + } } function routerTypeToPropName(routerType: RouterType) { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json index f61a2717f93a6..fb21918bf2224 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f": { + "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7": { "source": { "path": "aws-cdk-routev2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "objectKey": "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json index 140f9ebf102e0..0aa074e2e7b1f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json index b9734dc366438..c4c1a14a7c00f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3": { + "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50": { "source": { "path": "aws-cdk-routev2-dynamodbendpoint-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "objectKey": "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json index 1fc8a4ff1bbe3..7aaf0a70fd923 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index b27c0c57931d5..18f523ba738e7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d": { + "4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "objectKey": "4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index 1c4d9adad8e08..bab2ac0fb855d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -32,11 +32,30 @@ } } }, + "TestRoottableRoute44770015": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "DestinationIpv6CidrBlock": "0.0.0.0/0", + "EgressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWviaAddRouteEIGWE430E12B", + "Id" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "eigwSubnetCC28B9F9": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -80,8 +99,8 @@ "testEIGWRouteEB4FE8D5": { "Type": "AWS::EC2::Route", "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", + "DestinationCidrBlock": "10.0.0.0/24", + "DestinationIpv6CidrBlock": "10.0.0.0/24", "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", @@ -95,6 +114,17 @@ ] } } + }, + "testEOIGWviaAddRouteEIGWE430E12B": { + "Type": "AWS::EC2::EgressOnlyInternetGateway", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "eigwC0F094EF", + "VpcId" + ] + } + } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json index 677f15417b1ed..c5ef7e53927ba 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038": { + "64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8": { "source": { "path": "aws-cdk-routev2-igw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "objectKey": "64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json index 1ddb6c3cc40d9..652ffba8b86ef 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json index 733952daae63f..668a964fb3389 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f": { + "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38": { "source": { "path": "aws-cdk-routev2-networkif-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "objectKey": "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json index d796497fc5388..1e157df23a14a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json index 591ec9e8d3066..7ac06f6e4e166 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239": { + "756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b": { "source": { "path": "aws-cdk-routev2-privatenatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "objectKey": "756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json index f2ed7e0d44c03..b7e8248cfd995 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json index 29398ffe76faa..ffee6bb74f327 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441": { + "8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417": { "source": { "path": "aws-cdk-routev2-publicnatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "objectKey": "8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json index 5f80cf56a0aa5..5102222b05ba8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json index 601d17d534bb8..2e6edeb0cbd98 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107": { + "a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017": { "source": { "path": "aws-cdk-routev2-virtualprivategw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "objectKey": "a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json index f96743310fabe..83eb4e6ca685d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json index fa96e660e9d19..0d4f8c6e9ee55 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473": { + "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8": { "source": { "path": "aws-cdk-routev2-vpcpeerconnection-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "objectKey": "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json index 804f7b179ac91..7f195e58f758f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 2dec0815f28b0..7d70ccc1202cc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -132,6 +132,12 @@ "data": "TestRoottableRouteTableFA28AA38" } ], + "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableRoute44770015" + } + ], "/aws-cdk-routev2-egressonlyigw-alpha/eigwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -156,6 +162,12 @@ "data": "testEIGWRouteEB4FE8D5" } ], + "/aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute/EIGW": [ + { + "type": "aws:cdk:logicalId", + "data": "testEOIGWviaAddRouteEIGWE430E12B" + } + ], "/aws-cdk-routev2-egressonlyigw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -188,7 +200,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -285,7 +297,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -382,7 +394,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -497,7 +509,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -588,7 +600,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -667,7 +679,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -746,7 +758,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -810,15 +822,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "dynamodbSecondaryIp4EEF58BFBEFB": [ - { - "type": "aws:cdk:logicalId", - "data": "dynamodbSecondaryIp4EEF58BFBEFB", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-routev2-dynamodbendpoint-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 7adf7f1621505..7844fb1fafc48 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -51,7 +51,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -80,7 +80,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -95,7 +95,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -153,7 +153,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -226,7 +226,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -252,10 +252,37 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "destinationIpv6CidrBlock": "0.0.0.0/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWviaAddRouteEIGWE430E12B", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -270,7 +297,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -317,7 +344,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -346,7 +373,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.EgressOnlyInternetGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, @@ -360,8 +387,8 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", + "destinationCidrBlock": "10.0.0.0/24", + "destinationIpv6CidrBlock": "10.0.0.0/24", "egressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", @@ -383,7 +410,36 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + }, + "testEOIGWviaAddRoute": { + "id": "testEOIGWviaAddRoute", + "path": "aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute", + "children": { + "EIGW": { + "id": "EIGW", + "path": "aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute/EIGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "eigwC0F094EF", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, @@ -456,7 +512,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -485,7 +541,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -500,7 +556,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -558,7 +614,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -580,7 +636,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -642,7 +698,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, @@ -715,7 +771,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -744,7 +800,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -759,7 +815,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -817,7 +873,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -841,7 +897,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VPNGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGateway", "version": "0.0.0" } }, @@ -903,7 +959,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, @@ -976,7 +1032,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1005,7 +1061,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1020,7 +1076,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1078,7 +1134,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1100,7 +1156,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -1162,7 +1218,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, @@ -1213,7 +1269,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1250,7 +1306,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, @@ -1323,7 +1379,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1352,7 +1408,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1367,7 +1423,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1425,7 +1481,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1458,7 +1514,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1495,7 +1551,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, @@ -1568,7 +1624,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1597,7 +1653,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1612,7 +1668,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1670,7 +1726,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1743,7 +1799,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1772,7 +1828,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1787,7 +1843,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1845,7 +1901,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1918,7 +1974,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1947,7 +2003,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1962,7 +2018,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -2020,7 +2076,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -2078,7 +2134,7 @@ "id": "testDynamoRoute", "path": "aws-cdk-routev2-dynamodbendpoint-alpha/testDynamoRoute", "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index 579800e7dfcb3..ebafaa530cd07 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -12,11 +12,9 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; -// import { CarrierGateway, TransitGateway } from '../lib/route'; import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, Route, RouteTable, VPNGateway } from '../lib/route'; import { GatewayVpcEndpoint, GatewayVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Fn } from 'aws-cdk-lib'; -//import { log } from 'console'; // as in unit tests, we use a qualified import, // not bring in individual classes @@ -26,14 +24,12 @@ const app = new cdk.App(); const stacks: {[id: string] : cdk.Stack} = { default: new cdk.Stack(app, 'aws-cdk-routev2-alpha', { stackName: 'DefaultVpcDeploy' }), - // 'cgw': new cdk.Stack(app, 'aws-cdk-routev2-carriergw-alpha', {stackName: 'CarrierGatewayVpc'}), eigw: new cdk.Stack(app, 'aws-cdk-routev2-egressonlyigw-alpha', { stackName: 'EgressOnlyIgwVpc' }), igw: new cdk.Stack(app, 'aws-cdk-routev2-igw-alpha', { stackName: 'InternetGatewayVpc' }), vpgw: new cdk.Stack(app, 'aws-cdk-routev2-virtualprivategw-alpha', { stackName: 'VirtualPrivateGwVpc' }), natgw_pub: new cdk.Stack(app, 'aws-cdk-routev2-publicnatgw-alpha', { stackName: 'NatGwPubVpc' }), natgw_priv: new cdk.Stack(app, 'aws-cdk-routev2-privatenatgw-alpha', { stackName: 'NatGwPrivVpc' }), nif: new cdk.Stack(app, 'aws-cdk-routev2-networkif-alpha', { stackName: 'NetworkInterfaceVpc' }), - // 'tgw': new cdk.Stack(app, 'aws-cdk-routev2-transitgw-alpha', {stackName: 'TransitGwVpc'}), vpcpc: new cdk.Stack(app, 'aws-cdk-routev2-vpcpeerconnection-alpha', { stackName: 'VpcPeerConnection' }), dynamodb: new cdk.Stack(app, 'aws-cdk-routev2-dynamodbendpoint-alpha', { stackName: 'DynamodbEndpointVpc' }), }; @@ -59,7 +55,7 @@ for (const stackName in stacks) { if (stackName == 'eigw') { const subnet = new SubnetV2(stacks[stackName], stackName + 'Subnet', { vpc: vpc, - availabilityZone: 'us-west-1a', + availabilityZone: 'us-east-1a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), subnetType: SubnetType.PRIVATE_WITH_EGRESS, routeTable: routeTables[stackName], @@ -69,7 +65,7 @@ for (const stackName in stacks) { // use empty ipv6 that doesn't overlap const subnet = new SubnetV2(stacks[stackName], stackName + 'Subnet', { vpc: vpc, - availabilityZone: 'us-west-1a', + availabilityZone: 'us-east-1a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), ipv6CidrBlock: new IpCidr(Fn.select(0, vpc.ipv6CidrBlocks)), subnetType: SubnetType.PRIVATE_WITH_EGRESS, @@ -84,9 +80,13 @@ const eigw = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGW', { }); new Route(stacks.eigw, 'testEIGWRoute', { routeTable: routeTables.eigw, - destination: '0.0.0.0/0', + destination: '10.0.0.0/24', target: { gateway: eigw }, }); +const eigwAddRoute = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGWviaAddRoute', { + vpc: vpcs.eigw, +}); +routeTables.eigw.addRoute('0.0.0.0/0', { gateway: eigwAddRoute }); const igw = new InternetGateway(stacks.igw, 'testIGW', { vpc: vpcs.igw, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index e5dc355fc1aea..2086d409151bc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -82,6 +82,45 @@ describe('EC2 Routing', () => { }); }); + test('Route to EIGW via addRoute method', () => { + const eigw = new route.EgressOnlyInternetGateway(stack, 'TestEIGW', { + vpc: myVpc, + }); + routeTable.addRoute('0.0.0.0/0', { gateway: eigw }); + Template.fromStack(stack).templateMatches({ + Resources: { + // EIGW should be in stack + TestEIGW4E4CDA8D: { + Type: 'AWS::EC2::EgressOnlyInternetGateway', + Properties: { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + }, + }, + // Route linking IP to EIGW should be in stack + TestRouteTableRoute37ACB8C6: { + Type: 'AWS::EC2::Route', + Properties: { + DestinationCidrBlock: '0.0.0.0/0', + EgressOnlyInternetGatewayId: { + 'Fn::GetAtt': [ + 'TestEIGW4E4CDA8D', 'Id', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], + }, + }, + }, + }, + }); + }); + test('Route to VPN Gateway', () => { const vpngw = new route.VPNGateway(stack, 'TestVpnGw', { type: VpnConnectionType.IPSEC_1, From 727b16467c7abe7d6932c9e77348558c0f4d27d2 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Fri, 9 Aug 2024 15:36:35 -0700 Subject: [PATCH 02/44] Update packages/@aws-cdk/aws-ec2-alpha/lib/route.ts --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 3b5591431ad29..a63f729290948 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -571,7 +571,7 @@ export class RouteTable extends Resource implements IRouteTable, IDependable { } /** - * Add a new route to the route table. + * Adds a new custom route to the route table. * @param destination The IPv4 or IPv6 CIDR block used for the destination match. * @param target The gateway or endpoint targeted by the route. */ From cb8c94111c1f34c1b0e2dccd7a2f770e643e438f Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Mon, 12 Aug 2024 09:44:17 -0700 Subject: [PATCH 03/44] Change CfnRoute to Route L2 --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 12 ++---- ...dk-routev2-egressonlyigw-alpha.assets.json | 4 +- ...-routev2-egressonlyigw-alpha.template.json | 2 +- .../integ.route-v2.js.snapshot/manifest.json | 6 +-- .../test/integ.route-v2.js.snapshot/tree.json | 42 ++++++++++++------- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 2 +- 6 files changed, 37 insertions(+), 31 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index a63f729290948..87304fb1febc6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -580,14 +580,10 @@ export class RouteTable extends Resource implements IRouteTable, IDependable { throw new Error('Target is defined without a gateway or endpoint.'); } - let routerType: RouterType = target.gateway ? target.gateway.routerType : RouterType.VPC_ENDPOINT; - let routerTargetId: string = target.gateway ? target.gateway.routerTargetId : target.endpoint!.vpcEndpointId; - - new CfnRoute(this, 'Route', { - routeTableId: this.routeTableId, - destinationCidrBlock: destination, - destinationIpv6CidrBlock: destination, - [routerTypeToPropName(routerType)]: routerTargetId, + new Route(this, 'Route', { + routeTable: this, + destination: destination, + target: target, }); } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index 18f523ba738e7..0e4f688bc02c2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69": { + "48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69.json", + "objectKey": "48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index bab2ac0fb855d..3093189f045d3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -32,7 +32,7 @@ } } }, - "TestRoottableRoute44770015": { + "TestRoottableRouteC5589CBD": { "Type": "AWS::EC2::Route", "Properties": { "DestinationCidrBlock": "0.0.0.0/0", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 7d70ccc1202cc..f010da241afda 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4ae0e03763447a62903fc1eef199dcd108da4256bdc2fc7b50c39443f702de69.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -132,10 +132,10 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route": [ + "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route/Route": [ { "type": "aws:cdk:logicalId", - "data": "TestRoottableRoute44770015" + "data": "TestRoottableRouteC5589CBD" } ], "/aws-cdk-routev2-egressonlyigw-alpha/eigwSubnet/Subnet": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 7844fb1fafc48..639615ed3290c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -256,27 +256,37 @@ "Route": { "id": "Route", "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "egressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWviaAddRouteEIGWE430E12B", - "Id" - ] + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "destinationIpv6CidrBlock": "0.0.0.0/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWviaAddRouteEIGWE430E12B", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 2086d409151bc..885f621ad386f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -101,7 +101,7 @@ describe('EC2 Routing', () => { }, }, // Route linking IP to EIGW should be in stack - TestRouteTableRoute37ACB8C6: { + TestRouteTableRoute25C3843B: { Type: 'AWS::EC2::Route', Properties: { DestinationCidrBlock: '0.0.0.0/0', From d21be53d27329ed2160b0a93f8f4e1745f310751 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Mon, 12 Aug 2024 09:47:58 -0700 Subject: [PATCH 04/44] Update README.md --- packages/@aws-cdk/aws-ec2-alpha/README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 0de7e39d27d35..1636e4fe0b3a2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -150,6 +150,23 @@ new vpc_v2.Route(stack, 'IgwRoute', { }); ``` +Alternatively, `Route`s can be created via a method in the `RouteTable` class. An example using the `EgressOnlyInternetGateway` construct can be seen below: + +```ts +import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; + +const myVpc = new vpc_v2.VpcV2(stack, 'Vpc', {...}); +const routeTable = new vpc_v2.RouteTable(stack, 'RouteTable', { + vpc: vpc.myVpc, +}); +const subnet = new vpc_v2.SubnetV2(stack, 'Subnet', {...}); + +const eigw = new vpc_v2.EgressOnlyInternetGateway(stack, 'EIGW', { + vpcId: vpc.myVpc, +}); +routeTable.addRoute('0.0.0.0/0', { gateway: eigw }); +``` + Other route targets may require a deeper set of parameters to set up properly. For instance, the example below illustrates how to set up a `NatGateway`: ```ts From 2f48ab2816b6b181db40e37fb89e4ddd00db5879 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Mon, 12 Aug 2024 14:53:21 -0700 Subject: [PATCH 05/44] Update integ test to use only one EIGW --- ...dk-routev2-egressonlyigw-alpha.assets.json | 4 +-- ...-routev2-egressonlyigw-alpha.template.json | 13 +------- .../integ.route-v2.js.snapshot/manifest.json | 8 +---- .../test/integ.route-v2.js.snapshot/tree.json | 31 +------------------ .../aws-ec2-alpha/test/integ.route-v2.ts | 5 +-- 5 files changed, 6 insertions(+), 55 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index 0e4f688bc02c2..2991283d3337d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd": { + "e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd.json", + "objectKey": "e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index 3093189f045d3..b213061ee1bf2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -39,7 +39,7 @@ "DestinationIpv6CidrBlock": "0.0.0.0/0", "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ - "testEOIGWviaAddRouteEIGWE430E12B", + "testEOIGWEIGW54CCAD37", "Id" ] }, @@ -114,17 +114,6 @@ ] } } - }, - "testEOIGWviaAddRouteEIGWE430E12B": { - "Type": "AWS::EC2::EgressOnlyInternetGateway", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "eigwC0F094EF", - "VpcId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index f010da241afda..28002a0f9b2d1 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/48796b9e38d59e5a5005633618f2c28e0e21c8d3156f5fcfd9b75e49c5d4defd.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -162,12 +162,6 @@ "data": "testEIGWRouteEB4FE8D5" } ], - "/aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute/EIGW": [ - { - "type": "aws:cdk:logicalId", - "data": "testEOIGWviaAddRouteEIGWE430E12B" - } - ], "/aws-cdk-routev2-egressonlyigw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 639615ed3290c..545ac917c3933 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -267,7 +267,7 @@ "destinationIpv6CidrBlock": "0.0.0.0/0", "egressOnlyInternetGatewayId": { "Fn::GetAtt": [ - "testEOIGWviaAddRouteEIGWE430E12B", + "testEOIGWEIGW54CCAD37", "Id" ] }, @@ -424,35 +424,6 @@ "version": "0.0.0" } }, - "testEOIGWviaAddRoute": { - "id": "testEOIGWviaAddRoute", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute", - "children": { - "EIGW": { - "id": "EIGW", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEOIGWviaAddRoute/EIGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "eigwC0F094EF", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", - "version": "0.0.0" - } - }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-routev2-egressonlyigw-alpha/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index ebafaa530cd07..87c6361aa11ae 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -83,10 +83,7 @@ new Route(stacks.eigw, 'testEIGWRoute', { destination: '10.0.0.0/24', target: { gateway: eigw }, }); -const eigwAddRoute = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGWviaAddRoute', { - vpc: vpcs.eigw, -}); -routeTables.eigw.addRoute('0.0.0.0/0', { gateway: eigwAddRoute }); +routeTables.eigw.addRoute('0.0.0.0/0', { gateway: eigw }); const igw = new InternetGateway(stacks.igw, 'testIGW', { vpc: vpcs.igw, From f904a97031a301787b16db7f14619b4e67868a7e Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Tue, 13 Aug 2024 10:48:55 -0700 Subject: [PATCH 06/44] Add subnet associateRouteTable method --- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 40 ++++++++++++++----- .../aws-ec2-alpha/test/subnet-v2.test.ts | 31 ++++++++++++++ 2 files changed, 60 insertions(+), 11 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index a71277d441cbc..261b7755ab26f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -1,8 +1,9 @@ import { Resource, Names, Lazy } from 'aws-cdk-lib'; -import { CfnRouteTable, CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { Construct, DependencyGroup, IDependable } from 'constructs'; import { IVpcV2 } from './vpc-v2-base'; import { CidrBlock, CidrBlockIpv6 } from './util'; +import { RouteTable } from './route'; /** * Interface to define subnet CIDR @@ -145,11 +146,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { */ public readonly ipv6CidrBlock?: string; - /** - * The route table for this subnet - */ - public readonly routeTable: IRouteTable; - /** * The type of subnet (public or private) that this subnet represents. * @attribute SubnetType @@ -158,6 +154,10 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _networkAcl: INetworkAcl; + private _routeTable: IRouteTable; + + private routeTableAssociation: CfnSubnetRouteTableAssociation; + /** * Constructs a new SubnetV2 instance. * @param scope The parent Construct that this resource will be part of. @@ -214,18 +214,18 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this._networkAcl = NetworkAcl.fromNetworkAclId(this, 'Acl', subnet.attrNetworkAclAssociationId); if (props.routeTable) { - this.routeTable = props.routeTable; + this._routeTable = props.routeTable; } else { - const defaultTable = new CfnRouteTable(this, 'RouteTable', { - vpcId: props.vpc.vpcId, + this._routeTable = new RouteTable(this, 'RouteTable', { + vpc: props.vpc, }); - this.routeTable = { routeTableId: defaultTable.ref }; } const routeAssoc = new CfnSubnetRouteTableAssociation(this, 'RouteTableAssociation', { subnetId: this.subnetId, - routeTableId: this.routeTable.routeTableId, + routeTableId: this._routeTable.routeTableId, }); + this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); this.internetConnectivityEstablished = this._internetConnectivityEstablished; @@ -250,6 +250,17 @@ export class SubnetV2 extends Resource implements ISubnetV2 { subnet: this, }); } + + /** + * Associate a Route Table with this subnet. + * @param routeTable The Route Table to associate with this subnet. + */ + public associateRouteTable(routeTable: IRouteTable) { + this._routeTable = routeTable; + this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTable.routeTableId); + } + + /** * Returns the Network ACL associated with this subnet. */ @@ -257,6 +268,13 @@ export class SubnetV2 extends Resource implements ISubnetV2 { public get networkAcl(): INetworkAcl { return this._networkAcl; } + + /** + * Returns the Route Table associated with this subnet. + */ + public get routeTable(): IRouteTable { + return this._routeTable; + } } const subnetTypeMap = { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts index 42289b359cece..b6475faa78ba1 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts @@ -5,6 +5,7 @@ import * as subnet from '../lib/subnet-v2'; import { NetworkAcl, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib/ipam'; import { createTestSubnet } from './util'; +import { RouteTable } from '../lib'; /** * Test suite for the SubnetV2 class. @@ -300,4 +301,34 @@ describe('Subnet V2 with custom IP and routing', () => { expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetNetworkAclAssociation', {})); }); + test('should associate a RouteTable with the subnet', () => { + const testVpc = new vpc.VpcV2(stack, 'TestVPC', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + }); + const subnetConfig = { + vpcV2: testVpc, + availabilityZone: 'us-east-1a', + cidrBlock: new subnet.IpCidr('10.1.0.0/24'), + subnetType: SubnetType.PUBLIC, + }; + const testsubnet = createTestSubnet(stack, subnetConfig); + + const routeTable = new RouteTable(stack, 'TestNewRouteTable', { + vpc: testVpc, + }); + + testsubnet.associateRouteTable(routeTable); + + console.log(Template.fromStack(stack).toJSON().Resources.TestSubnetRouteTableAssociationFE267B30) + expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetRouteTableAssociation', { + Properties: { + RouteTableId: { + 'Fn::GetAtt': [ + 'TestNewRouteTable240E1177', 'RouteTableId', + ], + }, + }, + })); + }); + }); From b52d49877d8f605b4175bc8aeacd7915ac942327 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Tue, 13 Aug 2024 11:59:56 -0700 Subject: [PATCH 07/44] Appease the linter --- packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 1 - packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts | 1 - 2 files changed, 2 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 261b7755ab26f..00a6aca90d13d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -260,7 +260,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTable.routeTableId); } - /** * Returns the Network ACL associated with this subnet. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts index b6475faa78ba1..fc3ffa9032b51 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts @@ -319,7 +319,6 @@ describe('Subnet V2 with custom IP and routing', () => { testsubnet.associateRouteTable(routeTable); - console.log(Template.fromStack(stack).toJSON().Resources.TestSubnetRouteTableAssociationFE267B30) expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetRouteTableAssociation', { Properties: { RouteTableId: { From 1aef528de294326a3fb8eebb2a76f7fa2faa4af9 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Tue, 13 Aug 2024 15:23:16 -0700 Subject: [PATCH 08/44] Update subnet with public routeTable again --- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 00a6aca90d13d..3b3426bd32a3c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -146,6 +146,11 @@ export class SubnetV2 extends Resource implements ISubnetV2 { */ public readonly ipv6CidrBlock?: string; + /** + * The route table for this subnet + */ + public readonly routeTable: IRouteTable; + /** * The type of subnet (public or private) that this subnet represents. * @attribute SubnetType @@ -154,8 +159,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _networkAcl: INetworkAcl; - private _routeTable: IRouteTable; - private routeTableAssociation: CfnSubnetRouteTableAssociation; /** @@ -214,16 +217,16 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this._networkAcl = NetworkAcl.fromNetworkAclId(this, 'Acl', subnet.attrNetworkAclAssociationId); if (props.routeTable) { - this._routeTable = props.routeTable; + this.routeTable = props.routeTable; } else { - this._routeTable = new RouteTable(this, 'RouteTable', { + this.routeTable = new RouteTable(this, 'RouteTable', { vpc: props.vpc, }); } const routeAssoc = new CfnSubnetRouteTableAssociation(this, 'RouteTableAssociation', { subnetId: this.subnetId, - routeTableId: this._routeTable.routeTableId, + routeTableId: this.routeTable.routeTableId, }); this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); @@ -254,10 +257,11 @@ export class SubnetV2 extends Resource implements ISubnetV2 { /** * Associate a Route Table with this subnet. * @param routeTable The Route Table to associate with this subnet. + * @returns The Route Table newly-associated with this subnet. */ public associateRouteTable(routeTable: IRouteTable) { - this._routeTable = routeTable; this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTable.routeTableId); + return routeTable } /** @@ -267,13 +271,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { public get networkAcl(): INetworkAcl { return this._networkAcl; } - - /** - * Returns the Route Table associated with this subnet. - */ - public get routeTable(): IRouteTable { - return this._routeTable; - } } const subnetTypeMap = { From 9b15a4b4b44c060d4cfd241d379802a11fdef624 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 13 Aug 2024 23:05:52 -0700 Subject: [PATCH 09/44] Update subnet-v2.ts --- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 3b3426bd32a3c..921a93be4774d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -146,11 +146,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { */ public readonly ipv6CidrBlock?: string; - /** - * The route table for this subnet - */ - public readonly routeTable: IRouteTable; - /** * The type of subnet (public or private) that this subnet represents. * @attribute SubnetType @@ -159,6 +154,8 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _networkAcl: INetworkAcl; + private _routeTable: IRouteTable; + private routeTableAssociation: CfnSubnetRouteTableAssociation; /** @@ -217,19 +214,22 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this._networkAcl = NetworkAcl.fromNetworkAclId(this, 'Acl', subnet.attrNetworkAclAssociationId); if (props.routeTable) { - this.routeTable = props.routeTable; + this._routeTable = props.routeTable; } else { - this.routeTable = new RouteTable(this, 'RouteTable', { + //Assigning a default route Table + this._routeTable = new RouteTable(this, 'RouteTable', { vpc: props.vpc, }); } const routeAssoc = new CfnSubnetRouteTableAssociation(this, 'RouteTableAssociation', { subnetId: this.subnetId, - routeTableId: this.routeTable.routeTableId, + routeTableId: this._routeTable.routeTableId, }); + this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); + this.internetConnectivityEstablished = this._internetConnectivityEstablished; this.subnetType = props.subnetType; @@ -254,14 +254,20 @@ export class SubnetV2 extends Resource implements ISubnetV2 { }); } + /** + * Return the Route Table associated with this subnet + */ + public get routeTable(): IRouteTable { + return this._routeTable; + } + /** * Associate a Route Table with this subnet. - * @param routeTable The Route Table to associate with this subnet. - * @returns The Route Table newly-associated with this subnet. + * @param routeTableProps The Route Table to associate with this subnet. */ - public associateRouteTable(routeTable: IRouteTable) { - this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTable.routeTableId); - return routeTable + public associateRouteTable(routeTableProps: IRouteTable) { + this._routeTable = routeTableProps; + this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTableProps.routeTableId); } /** @@ -271,6 +277,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { public get networkAcl(): INetworkAcl { return this._networkAcl; } + } const subnetTypeMap = { From bc56a776c38ba66df43a4cd4a598fc4e06602b08 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 13 Aug 2024 23:06:58 -0700 Subject: [PATCH 10/44] Update subnet-v2.ts --- packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 921a93be4774d..00b9f52b5b9a7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -229,7 +229,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); - this.internetConnectivityEstablished = this._internetConnectivityEstablished; this.subnetType = props.subnetType; @@ -277,7 +276,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { public get networkAcl(): INetworkAcl { return this._networkAcl; } - } const subnetTypeMap = { From cc8db35461544ac042a83e46c49275ee014cc6de Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Wed, 14 Aug 2024 11:58:47 -0700 Subject: [PATCH 11/44] Extend IRouteTable into IRouteTableV2 --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 17 +++++++++++++---- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 14 +++++++------- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 87304fb1febc6..1c8aba548a80b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -413,7 +413,7 @@ export interface IRouteV2 { * The ID of the route table for the route. * @attribute routeTable */ - readonly routeTable: IRouteTable; + readonly routeTable: IRouteTableV2; /** * The IPv4 or IPv6 CIDR block used for the destination match. @@ -437,7 +437,7 @@ export interface RouteProps { * The ID of the route table for the route. * @attribute routeTable */ - readonly routeTable: IRouteTable; + readonly routeTable: IRouteTableV2; /** * The IPv4 or IPv6 CIDR block used for the destination match. @@ -479,7 +479,7 @@ export class Route extends Resource implements IRouteV2 { * The route table for the route. * @attribute routeTable */ - public readonly routeTable: IRouteTable; + public readonly routeTable: IRouteTableV2; /** * The type of router the route is targetting @@ -528,6 +528,15 @@ export class Route extends Resource implements IRouteV2 { } } +export interface IRouteTableV2 extends IRouteTable { + /** + * Adds a new custom route to the route table. + * @param destination The IPv4 or IPv6 CIDR block used for the destination match. + * @param target The gateway or endpoint targeted by the route. + */ + addRoute(destination: string, target: RouteTargetType): void; +} + /** * Properties to define a route table. */ @@ -548,7 +557,7 @@ export interface RouteTableProps { * Creates a route table for the specified VPC * @resource AWS::EC2::RouteTable */ -export class RouteTable extends Resource implements IRouteTable, IDependable { +export class RouteTable extends Resource implements IRouteTableV2, IDependable { /** * The ID of the route table. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 00b9f52b5b9a7..28585f299b589 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -1,9 +1,9 @@ import { Resource, Names, Lazy } from 'aws-cdk-lib'; -import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { Construct, DependencyGroup, IDependable } from 'constructs'; import { IVpcV2 } from './vpc-v2-base'; import { CidrBlock, CidrBlockIpv6 } from './util'; -import { RouteTable } from './route'; +import { IRouteTableV2, RouteTable } from './route'; /** * Interface to define subnet CIDR @@ -57,7 +57,7 @@ export interface SubnetV2Props { * Custom Route for subnet * @default Default route table */ - readonly routeTable?: IRouteTable; + readonly routeTable?: IRouteTableV2; /** * The type of Subnet to configure. @@ -154,7 +154,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _networkAcl: INetworkAcl; - private _routeTable: IRouteTable; + private _routeTable: IRouteTableV2; private routeTableAssociation: CfnSubnetRouteTableAssociation; @@ -216,7 +216,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { if (props.routeTable) { this._routeTable = props.routeTable; } else { - //Assigning a default route Table + // Assigning a default route table this._routeTable = new RouteTable(this, 'RouteTable', { vpc: props.vpc, }); @@ -256,7 +256,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { /** * Return the Route Table associated with this subnet */ - public get routeTable(): IRouteTable { + public get routeTable(): IRouteTableV2 { return this._routeTable; } @@ -264,7 +264,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { * Associate a Route Table with this subnet. * @param routeTableProps The Route Table to associate with this subnet. */ - public associateRouteTable(routeTableProps: IRouteTable) { + public associateRouteTable(routeTableProps: IRouteTableV2) { this._routeTable = routeTableProps; this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTableProps.routeTableId); } From 98f9d5307aaf780096fc22b91e2889a74e6c8984 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Wed, 14 Aug 2024 15:39:55 -0700 Subject: [PATCH 12/44] ok so route table v2 was not a great idea lol --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 17 ++++------------- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 12 ++++++------ 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 1c8aba548a80b..87304fb1febc6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -413,7 +413,7 @@ export interface IRouteV2 { * The ID of the route table for the route. * @attribute routeTable */ - readonly routeTable: IRouteTableV2; + readonly routeTable: IRouteTable; /** * The IPv4 or IPv6 CIDR block used for the destination match. @@ -437,7 +437,7 @@ export interface RouteProps { * The ID of the route table for the route. * @attribute routeTable */ - readonly routeTable: IRouteTableV2; + readonly routeTable: IRouteTable; /** * The IPv4 or IPv6 CIDR block used for the destination match. @@ -479,7 +479,7 @@ export class Route extends Resource implements IRouteV2 { * The route table for the route. * @attribute routeTable */ - public readonly routeTable: IRouteTableV2; + public readonly routeTable: IRouteTable; /** * The type of router the route is targetting @@ -528,15 +528,6 @@ export class Route extends Resource implements IRouteV2 { } } -export interface IRouteTableV2 extends IRouteTable { - /** - * Adds a new custom route to the route table. - * @param destination The IPv4 or IPv6 CIDR block used for the destination match. - * @param target The gateway or endpoint targeted by the route. - */ - addRoute(destination: string, target: RouteTargetType): void; -} - /** * Properties to define a route table. */ @@ -557,7 +548,7 @@ export interface RouteTableProps { * Creates a route table for the specified VPC * @resource AWS::EC2::RouteTable */ -export class RouteTable extends Resource implements IRouteTableV2, IDependable { +export class RouteTable extends Resource implements IRouteTable, IDependable { /** * The ID of the route table. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 28585f299b589..b5874c7f145fb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -1,9 +1,9 @@ import { Resource, Names, Lazy } from 'aws-cdk-lib'; -import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { Construct, DependencyGroup, IDependable } from 'constructs'; import { IVpcV2 } from './vpc-v2-base'; import { CidrBlock, CidrBlockIpv6 } from './util'; -import { IRouteTableV2, RouteTable } from './route'; +import { RouteTable } from './route'; /** * Interface to define subnet CIDR @@ -57,7 +57,7 @@ export interface SubnetV2Props { * Custom Route for subnet * @default Default route table */ - readonly routeTable?: IRouteTableV2; + readonly routeTable?: IRouteTable; /** * The type of Subnet to configure. @@ -154,7 +154,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _networkAcl: INetworkAcl; - private _routeTable: IRouteTableV2; + private _routeTable: IRouteTable; private routeTableAssociation: CfnSubnetRouteTableAssociation; @@ -256,7 +256,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { /** * Return the Route Table associated with this subnet */ - public get routeTable(): IRouteTableV2 { + public get routeTable(): IRouteTable { return this._routeTable; } @@ -264,7 +264,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { * Associate a Route Table with this subnet. * @param routeTableProps The Route Table to associate with this subnet. */ - public associateRouteTable(routeTableProps: IRouteTableV2) { + public associateRouteTable(routeTableProps: IRouteTable) { this._routeTable = routeTableProps; this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTableProps.routeTableId); } From 1211fde0e0aa046b625f1353bd7f4c72dc5bf3e2 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Thu, 15 Aug 2024 09:18:50 -0700 Subject: [PATCH 13/44] Update testing --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 +- .../aws-ec2-alpha/test/integ.route-v2.ts | 45 +- .../aws-cdk-vpcv2-alpha-new.assets.json | 6 +- .../aws-cdk-vpcv2-alpha-new.template.json | 7 +- .../test/integ.subnet-v2.js.snapshot/cdk.out | 2 +- .../integ.subnet-v2.js.snapshot/integ.json | 2 +- ...efaultTestDeployAssertCF40BD53.assets.json | 2 +- .../integ.subnet-v2.js.snapshot/manifest.json | 13 +- .../integ.subnet-v2.js.snapshot/tree.json | 13 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 869 +++++++----------- 10 files changed, 368 insertions(+), 597 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 87304fb1febc6..51bd4c89b80ae 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -462,7 +462,7 @@ export interface RouteProps { * Creates a new route with added functionality. * @resource AWS::EC2::Route */ -export class Route extends Resource implements IRouteV2 { +class Route extends Resource implements IRouteV2 { /** * The IPv4 or IPv6 CIDR block used for the destination match. * @@ -575,12 +575,12 @@ export class RouteTable extends Resource implements IRouteTable, IDependable { * @param destination The IPv4 or IPv6 CIDR block used for the destination match. * @param target The gateway or endpoint targeted by the route. */ - public addRoute(destination: string, target: RouteTargetType) { + public addRoute(id: string, destination: string, target: RouteTargetType) { if (!target.gateway && !target.endpoint) { throw new Error('Target is defined without a gateway or endpoint.'); } - new Route(this, 'Route', { + new Route(this, id, { routeTable: this, destination: destination, target: target, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index 87c6361aa11ae..ac298bc0a6f91 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -12,7 +12,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; -import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, Route, RouteTable, VPNGateway } from '../lib/route'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, RouteTable, VPNGateway } from '../lib/route'; import { GatewayVpcEndpoint, GatewayVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Fn } from 'aws-cdk-lib'; @@ -78,49 +78,28 @@ for (const stackName in stacks) { const eigw = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGW', { vpc: vpcs.eigw, }); -new Route(stacks.eigw, 'testEIGWRoute', { - routeTable: routeTables.eigw, - destination: '10.0.0.0/24', - target: { gateway: eigw }, -}); -routeTables.eigw.addRoute('0.0.0.0/0', { gateway: eigw }); +routeTables.eigw.addRoute('eigwRoute', '0.0.0.0/0', { gateway: eigw }); const igw = new InternetGateway(stacks.igw, 'testIGW', { vpc: vpcs.igw, }); -new Route(stacks.igw, 'testIGWRoute', { - routeTable: routeTables.igw, - destination: '0.0.0.0/0', - target: { gateway: igw }, -}); +routeTables.igw.addRoute('igwRoute', '0.0.0.0/0', { gateway: igw }); const vpgw = new VPNGateway(stacks.vpgw, 'testVPGW', { type: VpnConnectionType.IPSEC_1, vpc: vpcs.vpgw, }); -new Route(stacks.vpgw, 'testVPGWRoute', { - routeTable: routeTables.vpgw, - destination: '0.0.0.0/0', - target: { gateway: vpgw }, -}); +routeTables.vpgw.addRoute('vpgwRoute', '0.0.0.0/0', { gateway: vpgw }); const natGwIgw = new InternetGateway(stacks.natgw_pub, 'testNATgwIGW', { vpc: vpcs.natgw_pub, }); -new Route(stacks.natgw_pub, 'testnatgwigwRoute', { - routeTable: routeTables.natgw_pub, - destination: '242.0.0.0/32', - target: { gateway: natGwIgw }, -}); +routeTables.natgw_pub.addRoute('natGwRoute', '0.0.0.0/0', { gateway: natGwIgw }); const natGwPub = new NatGateway(stacks.natgw_pub, 'testNATgw', { subnet: subnets.natgw_pub, vpc: vpcs.natgw_pub, }); -new Route(stacks.natgw_pub, 'testNATGWRoute', { - routeTable: routeTables.natgw_pub, - destination: '0.0.0.0/0', - target: { gateway: natGwPub }, -}); +routeTables.natgw_pub.addRoute('natGwPubRoute', '0.0.0.0/0', { gateway: natGwPub }); const natGwPriv = new NatGateway(stacks.natgw_priv, 'testNATgw', { subnet: subnets.natgw_priv, @@ -131,22 +110,14 @@ const natGwPriv = new NatGateway(stacks.natgw_priv, 'testNATgw', { '10.0.0.43', '10.0.0.44', '10.0.0.45', ], }); -new Route(stacks.natgw_priv, 'testNATGWRoute', { - routeTable: routeTables.natgw_priv, - destination: '0.0.0.0/0', - target: { gateway: natGwPriv }, -}); +routeTables.natgw_priv.addRoute('natGwPrivRoute', '0.0.0.0/0', { gateway: natGwPriv }); const dynamoEndpoint = new GatewayVpcEndpoint(stacks.dynamodb, 'testDynamoEndpoint', { service: GatewayVpcEndpointAwsService.DYNAMODB, vpc: vpcs.dynamodb, subnets: [subnets.dynamodb], }); -new Route(stacks.dynamodb, 'testDynamoRoute', { - routeTable: routeTables.dynamodb, - destination: '0.0.0.0/0', - target: { endpoint: dynamoEndpoint }, -}); +routeTables.dynamodb.addRoute('dynamoRoute', '0.0.0.0/0', { endpoint: dynamoEndpoint }); var i = 0; for (const stackName in stacks) { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 8fa7b0508afb2..21b01be95b3c6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.5", + "version": "36.0.0", "files": { - "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { + "ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "objectKey": "ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index f6cffbdb23c5d..575219310d27f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -15,12 +15,7 @@ "Properties": { "AddressFamily": "ipv6", "AwsService": "ec2", - "IpamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, + "IpamScopeId": "DefaultPublicScope", "Locale": "eu-west-2", "PublicIpSource": "amazon" } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out index bd5311dc372de..1f0068d32659a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"36.0.5"} \ No newline at end of file +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json index 50d9ec54ae49a..321da99978a8c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "36.0.5", + "version": "36.0.0", "testCases": { "integtest-model/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json index e93a555169b11..3dba4ef9b8bab 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.5", + "version": "36.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index f6b54e8178156..5979efcf9a0da 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "36.0.5", + "version": "36.0.0", "artifacts": { "aws-cdk-vpcv2-alpha-new.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -141,6 +141,15 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "VPCTestSecondaryIp48408C993194": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestSecondaryIp48408C993194", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index f1f62b0a8a30e..c1ff499051b89 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -42,12 +42,7 @@ "aws:cdk:cloudformation:props": { "addressFamily": "ipv6", "awsService": "ec2", - "ipamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, + "ipamScopeId": "DefaultPublicScope", "locale": "eu-west-2", "publicIpSource": "amazon" } @@ -85,7 +80,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Ipam", "version": "0.0.0" } }, @@ -205,7 +200,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -283,7 +278,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 885f621ad386f..941a564c80794 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -43,80 +43,29 @@ describe('EC2 Routing', () => { const eigw = new route.EgressOnlyInternetGateway(stack, 'TestEIGW', { vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: eigw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // EIGW should be in stack - TestEIGW4E4CDA8D: { - Type: 'AWS::EC2::EgressOnlyInternetGateway', - Properties: { - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - }, - }, - // Route linking IP to EIGW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - EgressOnlyInternetGatewayId: { - 'Fn::GetAtt': [ - 'TestEIGW4E4CDA8D', 'Id', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, - }, - }); - }); + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: eigw }); - test('Route to EIGW via addRoute method', () => { - const eigw = new route.EgressOnlyInternetGateway(stack, 'TestEIGW', { - vpc: myVpc, + const template = Template.fromStack(stack); + // EIGW should be in stack + template.hasResourceProperties('AWS::EC2::EgressOnlyInternetGateway', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, }); - routeTable.addRoute('0.0.0.0/0', { gateway: eigw }); - Template.fromStack(stack).templateMatches({ - Resources: { - // EIGW should be in stack - TestEIGW4E4CDA8D: { - Type: 'AWS::EC2::EgressOnlyInternetGateway', - Properties: { - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - }, - }, - // Route linking IP to EIGW should be in stack - TestRouteTableRoute25C3843B: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - EgressOnlyInternetGatewayId: { - 'Fn::GetAtt': [ - 'TestEIGW4E4CDA8D', 'Id', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, + // Route linking IP to EIGW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + EgressOnlyInternetGatewayId: { + 'Fn::GetAtt': [ + 'TestEIGW4E4CDA8D', 'Id', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], }, }); }); @@ -126,53 +75,37 @@ describe('EC2 Routing', () => { type: VpnConnectionType.IPSEC_1, vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: vpngw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // VPN Gateway should be in stack - TestVpnGwIGW11AF5344: { - Type: 'AWS::EC2::VPNGateway', - Properties: { - Type: 'ipsec.1', - }, - }, - // Route linking IP to VPN GW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - GatewayId: { - 'Fn::GetAtt': [ - 'TestVpnGwIGW11AF5344', 'VPNGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, - // Route Gateway attachment should be in stack - TestRouteGWAttachmentDD69361B: { - Type: 'AWS::EC2::VPCGatewayAttachment', - Properties: { - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - VpnGatewayId: { - 'Fn::GetAtt': [ - 'TestVpnGwIGW11AF5344', 'VPNGatewayId', - ], - }, - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: vpngw }); + const template = Template.fromStack(stack); + // VPN Gateway should be in stack + template.hasResourceProperties('AWS::EC2::VPNGateway', { + Type: 'ipsec.1', + }); + // Route linking IP to VPN GW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + GatewayId: { + 'Fn::GetAtt': [ + 'TestVpnGwIGW11AF5344', 'VPNGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], + }, + }); + // Route Gateway attachment should be in stack + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + VpnGatewayId: { + 'Fn::GetAtt': [ + 'TestVpnGwIGW11AF5344', 'VPNGatewayId', + ], }, }); }), @@ -183,17 +116,10 @@ describe('EC2 Routing', () => { vpc: myVpc, amazonSideAsn: 12345678, }); - Template.fromStack(stack).templateMatches({ - Resources: { - // VPN Gateway should be in stack - TestVpnGwIGW11AF5344: { - Type: 'AWS::EC2::VPNGateway', - Properties: { - AmazonSideAsn: 12345678, - Type: 'ipsec.1', - }, - }, - }, + // VPN Gateway should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGateway', { + AmazonSideAsn: 12345678, + Type: 'ipsec.1', }); }), @@ -201,50 +127,35 @@ describe('EC2 Routing', () => { const igw = new route.InternetGateway(stack, 'TestIGW', { vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: igw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // Internet Gateway should be in stack - TestIGW1B4DB37D: { - Type: 'AWS::EC2::InternetGateway', - }, - // Route linking IP to IGW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - GatewayId: { - 'Fn::GetAtt': [ - 'TestIGW1B4DB37D', 'InternetGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, - // Route Gateway attachment should be in stack - TestRouteGWAttachmentDD69361B: { - Type: 'AWS::EC2::VPCGatewayAttachment', - Properties: { - InternetGatewayId: { - 'Fn::GetAtt': [ - 'TestIGW1B4DB37D', 'InternetGatewayId', - ], - }, - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: igw }); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + // Route linking IP to IGW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + GatewayId: { + 'Fn::GetAtt': [ + 'TestIGW1B4DB37D', 'InternetGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], + }, + }); + // Route Gateway attachment should be in stack + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + InternetGatewayId: { + 'Fn::GetAtt': [ + 'TestIGW1B4DB37D', 'InternetGatewayId', + ], }, }); }); @@ -255,47 +166,35 @@ describe('EC2 Routing', () => { connectivityType: route.NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, }); }); @@ -309,33 +208,24 @@ describe('EC2 Routing', () => { '10.0.2.0/28', ], }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SecondaryPrivateIpAddresses: [ - '10.0.1.0/28', - '10.0.2.0/28', - ], - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, - }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -346,48 +236,37 @@ describe('EC2 Routing', () => { privateIpAddress: '10.0.0.42', secondaryPrivateIpAddressCount: 2, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SecondaryPrivateIpAddressCount: 2, - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddressCount: 2, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, }); }); @@ -395,52 +274,40 @@ describe('EC2 Routing', () => { const natgw = new route.NatGateway(stack, 'TestNATGW', { subnet: mySubnet, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be created when not provided - TestNATGWEIP0A279819: { - Type: 'AWS::EC2::EIP', - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -452,57 +319,42 @@ describe('EC2 Routing', () => { subnet: mySubnet, allocationId: eip.attrAllocationId, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be in stack - MyEIP: { - Type: 'AWS::EC2::EIP', - Properties: { - Domain: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be in stack + template.hasResourceProperties('AWS::EC2::EIP', { + Domain: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], + }, }); }); @@ -512,60 +364,42 @@ describe('EC2 Routing', () => { connectivityType: route.NatConnectivityType.PUBLIC, maxDrainDuration: cdk.Duration.seconds(2001), }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - AllocationId: { - 'Fn::GetAtt': [ - 'TestNATGWEIP0A279819', - 'AllocationId', - ], - }, - ConnectivityType: 'public', - MaxDrainDurationSeconds: 2001, - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be created when not provided - TestNATGWEIP0A279819: { - Type: 'AWS::EC2::EIP', - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'public', + MaxDrainDurationSeconds: 2001, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -574,44 +408,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.DYNAMODB, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // DynamoDB endpoint should be in stack - TestDB27CDA92F: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.dynamodb', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // DynamoDB endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.dynamodb', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); @@ -621,44 +444,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.S3, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // S3 endpoint should be in stack - TestS38FCC715C: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.s3', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // S3 endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.s3', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); @@ -668,44 +480,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.S3_EXPRESS, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // S3 endpoint should be in stack - TestS3E055E5994: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.s3express', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // S3 endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.s3express', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); From eaa7ccb863c83db6d603122d30eeb5b13d56c68f Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 13 Aug 2024 23:00:28 -0700 Subject: [PATCH 14/44] add method associateRouteTable --- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 9 ++ .../aws-cdk-routev2-alpha.assets.json | 4 +- .../aws-cdk-routev2-alpha.template.json | 2 +- ...routev2-dynamodbendpoint-alpha.assets.json | 4 +- ...utev2-dynamodbendpoint-alpha.template.json | 2 +- ...dk-routev2-egressonlyigw-alpha.assets.json | 4 +- ...-routev2-egressonlyigw-alpha.template.json | 25 +--- .../aws-cdk-routev2-igw-alpha.assets.json | 4 +- .../aws-cdk-routev2-igw-alpha.template.json | 2 +- ...ws-cdk-routev2-networkif-alpha.assets.json | 4 +- ...-cdk-routev2-networkif-alpha.template.json | 2 +- ...cdk-routev2-privatenatgw-alpha.assets.json | 4 +- ...k-routev2-privatenatgw-alpha.template.json | 2 +- ...-cdk-routev2-publicnatgw-alpha.assets.json | 4 +- ...dk-routev2-publicnatgw-alpha.template.json | 2 +- ...routev2-virtualprivategw-alpha.assets.json | 4 +- ...utev2-virtualprivategw-alpha.template.json | 2 +- ...outev2-vpcpeerconnection-alpha.assets.json | 4 +- ...tev2-vpcpeerconnection-alpha.template.json | 2 +- .../integ.route-v2.js.snapshot/manifest.json | 33 +++-- .../test/integ.route-v2.js.snapshot/tree.json | 139 +++++++----------- 21 files changed, 107 insertions(+), 151 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index b5874c7f145fb..7789d98268add 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -227,8 +227,10 @@ export class SubnetV2 extends Resource implements ISubnetV2 { routeTableId: this._routeTable.routeTableId, }); + this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); + this.internetConnectivityEstablished = this._internetConnectivityEstablished; this.subnetType = props.subnetType; @@ -260,6 +262,13 @@ export class SubnetV2 extends Resource implements ISubnetV2 { return this._routeTable; } + /** + * Return the Route Table associated with this subnet + */ + public get routeTable(): IRouteTable { + return this._routeTable; + } + /** * Associate a Route Table with this subnet. * @param routeTableProps The Route Table to associate with this subnet. diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json index fb21918bf2224..f61a2717f93a6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7": { + "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f": { "source": { "path": "aws-cdk-routev2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", + "objectKey": "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json index 0aa074e2e7b1f..140f9ebf102e0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json index c4c1a14a7c00f..b9734dc366438 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50": { + "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3": { "source": { "path": "aws-cdk-routev2-dynamodbendpoint-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", + "objectKey": "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json index 7aaf0a70fd923..1fc8a4ff1bbe3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index 2991283d3337d..b27c0c57931d5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098": { + "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098.json", + "objectKey": "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index b213061ee1bf2..1c4d9adad8e08 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -32,30 +32,11 @@ } } }, - "TestRoottableRouteC5589CBD": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "EgressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, "eigwSubnetCC28B9F9": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -99,8 +80,8 @@ "testEIGWRouteEB4FE8D5": { "Type": "AWS::EC2::Route", "Properties": { - "DestinationCidrBlock": "10.0.0.0/24", - "DestinationIpv6CidrBlock": "10.0.0.0/24", + "DestinationCidrBlock": "0.0.0.0/0", + "DestinationIpv6CidrBlock": "0.0.0.0/0", "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json index c5ef7e53927ba..677f15417b1ed 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8": { + "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038": { "source": { "path": "aws-cdk-routev2-igw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8.json", + "objectKey": "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json index 652ffba8b86ef..1ddb6c3cc40d9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json index 668a964fb3389..733952daae63f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38": { + "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f": { "source": { "path": "aws-cdk-routev2-networkif-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", + "objectKey": "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json index 1e157df23a14a..d796497fc5388 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json index 7ac06f6e4e166..591ec9e8d3066 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b": { + "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239": { "source": { "path": "aws-cdk-routev2-privatenatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b.json", + "objectKey": "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json index b7e8248cfd995..f2ed7e0d44c03 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json index ffee6bb74f327..29398ffe76faa 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417": { + "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441": { "source": { "path": "aws-cdk-routev2-publicnatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417.json", + "objectKey": "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json index 5102222b05ba8..5f80cf56a0aa5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json index 2e6edeb0cbd98..601d17d534bb8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017": { + "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107": { "source": { "path": "aws-cdk-routev2-virtualprivategw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017.json", + "objectKey": "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json index 83eb4e6ca685d..f96743310fabe 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json index 0d4f8c6e9ee55..fa96e660e9d19 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.0", "files": { - "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8": { + "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473": { "source": { "path": "aws-cdk-routev2-vpcpeerconnection-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", + "objectKey": "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json index 7f195e58f758f..804f7b179ac91 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-east-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 28002a0f9b2d1..2dec0815f28b0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e9c1a7071ffb437e4f0b10aafb57215dbdb5c5f320f0fbf09194c6f79e461098.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -132,12 +132,6 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "TestRoottableRouteC5589CBD" - } - ], "/aws-cdk-routev2-egressonlyigw-alpha/eigwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -194,7 +188,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64fd4909563782b372beda47c03d9faa4cb3b387d2faf349d9359248b0da8cd8.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -291,7 +285,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a364633fbc736a6dbe5bd9ca333d5cace5a7ee6b6d1c2206bd3b450bf630c017.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -388,7 +382,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8d9fcbb8b283c9a451969129fde47cdcd712ffe35c7c45f99734cf32eb5ce417.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -503,7 +497,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/756dd84ca14a3792841cc7026f0cccaf78aa7cbd5daa51790c752876f02f2e9b.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -594,7 +588,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -673,7 +667,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -752,7 +746,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -816,6 +810,15 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "dynamodbSecondaryIp4EEF58BFBEFB": [ + { + "type": "aws:cdk:logicalId", + "data": "dynamodbSecondaryIp4EEF58BFBEFB", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-routev2-dynamodbendpoint-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 545ac917c3933..7adf7f1621505 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -51,7 +51,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -80,7 +80,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -95,7 +95,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -153,7 +153,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -226,7 +226,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -252,47 +252,10 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } - }, - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/Route/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "egressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", - "version": "0.0.0" - } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -307,7 +270,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -354,7 +317,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -383,7 +346,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, @@ -397,8 +360,8 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "10.0.0.0/24", - "destinationIpv6CidrBlock": "10.0.0.0/24", + "destinationCidrBlock": "0.0.0.0/0", + "destinationIpv6CidrBlock": "0.0.0.0/0", "egressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", @@ -420,7 +383,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -493,7 +456,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -522,7 +485,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -537,7 +500,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -595,7 +558,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -617,7 +580,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -679,7 +642,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -752,7 +715,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -781,7 +744,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -796,7 +759,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -854,7 +817,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -878,7 +841,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VPNGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VPNGateway", "version": "0.0.0" } }, @@ -940,7 +903,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -1013,7 +976,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1042,7 +1005,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1057,7 +1020,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1115,7 +1078,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1137,7 +1100,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -1199,7 +1162,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -1250,7 +1213,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1287,7 +1250,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -1360,7 +1323,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1389,7 +1352,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1404,7 +1367,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1462,7 +1425,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1495,7 +1458,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", + "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1532,7 +1495,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, @@ -1605,7 +1568,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1634,7 +1597,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1649,7 +1612,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1707,7 +1670,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1780,7 +1743,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1809,7 +1772,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1824,7 +1787,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1882,7 +1845,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1955,7 +1918,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1984,7 +1947,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1999,7 +1962,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-east-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -2057,7 +2020,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -2115,7 +2078,7 @@ "id": "testDynamoRoute", "path": "aws-cdk-routev2-dynamodbendpoint-alpha/testDynamoRoute", "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", "version": "0.0.0" } }, From a25bb78af3281e685ca73efe0e6e5640a261487c Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 11:35:39 -0700 Subject: [PATCH 15/44] fixing route class --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 +++--- packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 8 -------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 51bd4c89b80ae..1e347600f8770 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -408,7 +408,7 @@ export class RouteTargetType { /** * Interface to define a route. */ -export interface IRouteV2 { +interface IRoute { /** * The ID of the route table for the route. * @attribute routeTable @@ -432,7 +432,7 @@ export interface IRouteV2 { /** * Properties to define a route. */ -export interface RouteProps { +interface RouteProps { /** * The ID of the route table for the route. * @attribute routeTable @@ -462,7 +462,7 @@ export interface RouteProps { * Creates a new route with added functionality. * @resource AWS::EC2::Route */ -class Route extends Resource implements IRouteV2 { +class Route extends Resource implements IRoute { /** * The IPv4 or IPv6 CIDR block used for the destination match. * diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 7789d98268add..8a2d3b3a6047c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -227,7 +227,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { routeTableId: this._routeTable.routeTableId, }); - this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); @@ -262,13 +261,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { return this._routeTable; } - /** - * Return the Route Table associated with this subnet - */ - public get routeTable(): IRouteTable { - return this._routeTable; - } - /** * Associate a Route Table with this subnet. * @param routeTableProps The Route Table to associate with this subnet. From 1721026e110795970751523fa0922522eebd2bcd Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 11:57:53 -0700 Subject: [PATCH 16/44] making ipam props private --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 1e347600f8770..c9f37796b840c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -531,7 +531,7 @@ class Route extends Resource implements IRoute { /** * Properties to define a route table. */ -export interface RouteTableProps { +interface RouteTableProps { /** * The ID of the VPC. */ From bc393c22f3d4bd2586bf3f383987c662d23f89db Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 12:02:52 -0700 Subject: [PATCH 17/44] successful build --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index c9f37796b840c..1e347600f8770 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -531,7 +531,7 @@ class Route extends Resource implements IRoute { /** * Properties to define a route table. */ -interface RouteTableProps { +export interface RouteTableProps { /** * The ID of the VPC. */ From aed940f6f1c5cb14a2e3491eb3b4e83cd936edb0 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 13:46:22 -0700 Subject: [PATCH 18/44] adding validation for ipv4 --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 14 ++++++++++++-- .../aws-cdk-vpcv2-alpha-new.assets.json | 6 +++--- .../aws-cdk-vpcv2-alpha-new.template.json | 7 ++++++- .../test/integ.subnet-v2.js.snapshot/cdk.out | 2 +- .../test/integ.subnet-v2.js.snapshot/integ.json | 2 +- ...odelDefaultTestDeployAssertCF40BD53.assets.json | 2 +- .../test/integ.subnet-v2.js.snapshot/manifest.json | 13 ++----------- .../test/integ.subnet-v2.js.snapshot/tree.json | 13 +++++++++---- 8 files changed, 35 insertions(+), 24 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 1e347600f8770..2941b57145363 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -2,6 +2,7 @@ import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway import { Construct, IDependable } from 'constructs'; import { Duration, Resource } from 'aws-cdk-lib/core'; import { IVpcV2 } from './vpc-v2-base'; +import { NetworkUtils } from './util'; /** * Indicates whether the NAT gateway supports public or private connectivity. @@ -491,12 +492,21 @@ class Route extends Resource implements IRoute { */ public readonly resource?: CfnRoute; + /** + * Destination cidr block for ipv4 or ipv6 + */ + private destinationIpv6Cidr?: string; + constructor(scope: Construct, id: string, props: RouteProps) { super(scope, id); - this.destination = props.destination; this.target = props.target; this.routeTable = props.routeTable; + this.destination = props.destination; + if (!NetworkUtils.validIp(props.destination)) { + //TODO Validate for IPv6 CIDR range + this.destinationIpv6Cidr = props.destination; + } this.targetRouterType = this.target.gateway ? this.target.gateway.routerType : RouterType.VPC_ENDPOINT; @@ -505,7 +515,7 @@ class Route extends Resource implements IRoute { this.resource = new CfnRoute(this, 'Route', { routeTableId: this.routeTable.routeTableId, destinationCidrBlock: this.destination, - destinationIpv6CidrBlock: this.destination, + destinationIpv6CidrBlock: this.destinationIpv6Cidr, [routerTypeToPropName(this.targetRouterType)]: this.target.gateway ? this.target.gateway.routerTargetId : this.target.endpoint ? this.target.endpoint.vpcEndpointId : null, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 21b01be95b3c6..8fa7b0508afb2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef": { + "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef.json", + "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index 575219310d27f..f6cffbdb23c5d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -15,7 +15,12 @@ "Properties": { "AddressFamily": "ipv6", "AwsService": "ec2", - "IpamScopeId": "DefaultPublicScope", + "IpamScopeId": { + "Fn::GetAtt": [ + "Ipam50346F82", + "PublicDefaultScopeId" + ] + }, "Locale": "eu-west-2", "PublicIpSource": "amazon" } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out index 1f0068d32659a..bd5311dc372de 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"36.0.0"} \ No newline at end of file +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json index 321da99978a8c..50d9ec54ae49a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "testCases": { "integtest-model/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json index 3dba4ef9b8bab..e93a555169b11 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index 5979efcf9a0da..f6b54e8178156 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "artifacts": { "aws-cdk-vpcv2-alpha-new.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ccdbd85132bedf38aeb99e5b0c700f48494d3b7c344a96232f29b48a5279b6ef.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -141,15 +141,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "VPCTestSecondaryIp48408C993194": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCTestSecondaryIp48408C993194", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index c1ff499051b89..f1f62b0a8a30e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -42,7 +42,12 @@ "aws:cdk:cloudformation:props": { "addressFamily": "ipv6", "awsService": "ec2", - "ipamScopeId": "DefaultPublicScope", + "ipamScopeId": { + "Fn::GetAtt": [ + "Ipam50346F82", + "PublicDefaultScopeId" + ] + }, "locale": "eu-west-2", "publicIpSource": "amazon" } @@ -80,7 +85,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Ipam", + "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", "version": "0.0.0" } }, @@ -200,7 +205,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -278,7 +283,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, From 499c6c80c761111553343a55fca3b6f2158f5cde Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 17:18:39 -0700 Subject: [PATCH 19/44] fixing egw route and subnet snapshot --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 +- .../aws-ec2-alpha/test/integ.route-v2.ts | 2 +- .../aws-cdk-vpcv2-alpha-new.assets.json | 4 +- .../aws-cdk-vpcv2-alpha-new.template.json | 61 ++++++- .../integ.subnet-v2.js.snapshot/manifest.json | 44 ++++- .../integ.subnet-v2.js.snapshot/tree.json | 150 ++++++++++++++++-- .../aws-ec2-alpha/test/integ.subnet-v2.ts | 18 ++- 7 files changed, 261 insertions(+), 24 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 2941b57145363..dc7826af6be8a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -503,11 +503,15 @@ class Route extends Resource implements IRoute { this.target = props.target; this.routeTable = props.routeTable; this.destination = props.destination; - if (!NetworkUtils.validIp(props.destination)) { + const isDestinationIpv4 = NetworkUtils.validIp(props.destination); + if (!isDestinationIpv4) { //TODO Validate for IPv6 CIDR range this.destinationIpv6Cidr = props.destination; } + if(this.target.gateway?.routerType == RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4){ + throw new Error('Egress only internet gateway does not support IPv4 routing'); + } this.targetRouterType = this.target.gateway ? this.target.gateway.routerType : RouterType.VPC_ENDPOINT; // Gateway generates route automatically via its RouteTable, thus we don't need to generate the resource for it diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index ac298bc0a6f91..6f67c317dc783 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -78,7 +78,7 @@ for (const stackName in stacks) { const eigw = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGW', { vpc: vpcs.eigw, }); -routeTables.eigw.addRoute('eigwRoute', '0.0.0.0/0', { gateway: eigw }); +routeTables.eigw.addRoute('eigwRoute', '::/0', { gateway: eigw }); const igw = new InternetGateway(stacks.igw, 'testIGW', { vpc: vpcs.igw, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 8fa7b0508afb2..070df7cb90f26 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { + "22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "objectKey": "22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index f6cffbdb23c5d..a44eea1df7d49 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -92,7 +92,10 @@ "Properties": { "RouteTableIds": [ { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] } ], "VpnGatewayId": { @@ -120,7 +123,7 @@ "VPCTestIpv6IpamCidrD5C271DD" ] }, - "testsbubnetRouteTableF40F025B": { + "testsbubnetRouteTableD0136BEA": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -138,7 +141,10 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" @@ -241,6 +247,55 @@ "DependsOn": [ "InstanceInstanceRoleE9785DE5" ] + }, + "testIGW8D947AF2": { + "Type": "AWS::EC2::InternetGateway" + }, + "TestRoottableRouteTableFA28AA38": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] + } + } + }, + "TestRoottableeigwRouteF867084E": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottableeigwRouteGWAttachmentDECE87B9": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] + } + } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index f6b54e8178156..8d506ab5c90e8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -88,16 +88,19 @@ "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "testsbubnetRouteTableD0136BEA" } ], "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA" + "data": "testsbubnetRouteTableAssociationD6D083FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ @@ -130,6 +133,30 @@ "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" } ], + "/aws-cdk-vpcv2-alpha-new/testIGW/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "testIGW8D947AF2" + } + ], + "/aws-cdk-vpcv2-alpha-new/TestRoottable/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableRouteTableFA28AA38" + } + ], + "/aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableeigwRouteF867084E" + } + ], + "/aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/GWAttachment": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableeigwRouteGWAttachmentDECE87B9" + } + ], "/aws-cdk-vpcv2-alpha-new/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -141,6 +168,15 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "testsbubnetRouteTableF40F025B": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableF40F025B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index f1f62b0a8a30e..52007fe15dc43 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -190,7 +190,10 @@ "aws:cdk:cloudformation:props": { "routeTableIds": [ { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] } ], "vpnGatewayId": { @@ -246,19 +249,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -269,7 +282,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -464,6 +480,118 @@ "version": "0.0.0" } }, + "testIGW": { + "id": "testIGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "version": "0.0.0" + } + }, + "TestRoottable": { + "id": "TestRoottable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoottable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "eigwRoute": { + "id": "eigwRoute", + "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha-new/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts index 529b1cdcc5f40..93d248ebc797a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts @@ -10,7 +10,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; -import { AddressFamily, AwsServiceName, IpCidr, Ipam, IpamPoolPublicIpSource, SubnetV2 } from '../lib'; +import { AddressFamily, AwsServiceName, InternetGateway, IpCidr, Ipam, IpamPoolPublicIpSource, RouteTable, SubnetV2 } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { SubnetType } from 'aws-cdk-lib/aws-ec2'; @@ -51,7 +51,7 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { * can assign IPv6 address only after the allocation * uncomment ipv6CidrBlock and provide valid IPv6 range */ -new SubnetV2(stack, 'testsbubnet', { +const mySubnet = new SubnetV2(stack, 'testsbubnet', { vpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), @@ -67,12 +67,26 @@ vpc.enableVpnGateway({ type: 'ipsec.1', }); +/**Test compatibility with existing construct */ new ec2.Instance(stack, 'Instance', { vpc, instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO), machineImage: new ec2.AmazonLinuxImage(), }); +/** Test route table association */ + +const igw = new InternetGateway(stack, 'testIGW', { + vpc, +}); + +const routeTable = new RouteTable(stack, 'TestRoottable', { + vpc, +}); + +routeTable.addRoute('eigwRoute', '0.0.0.0/0', { gateway: igw }); +mySubnet.associateRouteTable(routeTable); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); From f296f3ed917fccee8b6ebd1c11b0c4ead8478754 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 17:24:55 -0700 Subject: [PATCH 20/44] fixing readme and route unit test --- packages/@aws-cdk/aws-ec2-alpha/README.md | 3 ++- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 2 +- packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 1636e4fe0b3a2..3749a446cdfdc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -151,6 +151,7 @@ new vpc_v2.Route(stack, 'IgwRoute', { ``` Alternatively, `Route`s can be created via a method in the `RouteTable` class. An example using the `EgressOnlyInternetGateway` construct can be seen below: +Note: `EgressOnlyInternetGateway` can only be used to set up outbound IPv6 routing. ```ts import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; @@ -164,7 +165,7 @@ const subnet = new vpc_v2.SubnetV2(stack, 'Subnet', {...}); const eigw = new vpc_v2.EgressOnlyInternetGateway(stack, 'EIGW', { vpcId: vpc.myVpc, }); -routeTable.addRoute('0.0.0.0/0', { gateway: eigw }); +routeTable.addRoute('::/0', { gateway: eigw }); ``` Other route targets may require a deeper set of parameters to set up properly. For instance, the example below illustrates how to set up a `NatGateway`: diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index dc7826af6be8a..7420375537880 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -509,7 +509,7 @@ class Route extends Resource implements IRoute { this.destinationIpv6Cidr = props.destination; } - if(this.target.gateway?.routerType == RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4){ + if (this.target.gateway?.routerType == RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4) { throw new Error('Egress only internet gateway does not support IPv4 routing'); } this.targetRouterType = this.target.gateway ? this.target.gateway.routerType : RouterType.VPC_ENDPOINT; diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 941a564c80794..8070fe093c80a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -43,7 +43,7 @@ describe('EC2 Routing', () => { const eigw = new route.EgressOnlyInternetGateway(stack, 'TestEIGW', { vpc: myVpc, }); - routeTable.addRoute('Route', '0.0.0.0/0', { gateway: eigw }); + routeTable.addRoute('Route', '::/0', { gateway: eigw }); const template = Template.fromStack(stack); // EIGW should be in stack @@ -56,7 +56,7 @@ describe('EC2 Routing', () => { }); // Route linking IP to EIGW should be in stack template.hasResourceProperties('AWS::EC2::Route', { - DestinationCidrBlock: '0.0.0.0/0', + DestinationCidrBlock: '::/0', EgressOnlyInternetGatewayId: { 'Fn::GetAtt': [ 'TestEIGW4E4CDA8D', 'Id', From 0002de5dc3e232da7d67591cd9e1ddc4d8923b9c Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 15 Aug 2024 21:58:51 -0700 Subject: [PATCH 21/44] fixing vpc snapshot --- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 33 ++++-- .../manifest.json | 96 ++++++++++++--- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 111 ++++++++++++------ .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 12 +- 5 files changed, 182 insertions(+), 74 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index edea907079f09..9fad60783195d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { + "05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "objectKey": "05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 69b67454af10b..89f42c48a94df 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -5,7 +5,7 @@ "Properties": { "OperatingRegions": [ { - "RegionName": "eu-central-1" + "RegionName": "ap-south-1" } ] } @@ -20,7 +20,7 @@ "PrivateDefaultScopeId" ] }, - "Locale": "eu-central-1", + "Locale": "ap-south-1", "ProvisionedCidrs": [ { "Cidr": "10.2.0.0/16" @@ -39,7 +39,7 @@ "PublicDefaultScopeId" ] }, - "Locale": "eu-central-1", + "Locale": "ap-south-1", "PublicIpSource": "amazon" } }, @@ -152,7 +152,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1a", + "AvailabilityZone": "ap-south-1a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -167,7 +167,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsbubnetRouteTableF40F025B": { + "testsbubnetRouteTableD0136BEA": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -187,7 +187,10 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" @@ -203,7 +206,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "ap-south-1b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -218,7 +221,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsubnetRouteTable55223C61": { + "testsubnetRouteTable682580B2": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -238,7 +241,10 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" @@ -254,7 +260,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "ap-south-1b", "CidrBlock": "10.3.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -269,7 +275,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "validateIpv6RouteTable10861B00": { + "validateIpv6RouteTable09389F8D": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -289,7 +295,10 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 07729bcb92768..be86401dbd136 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -43,19 +43,28 @@ "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC" + "data": "IpamTestPrivatePool039C763DC", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49" + "data": "IpamTestPublicPool0C44B7C49", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ @@ -67,7 +76,10 @@ "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + "data": "VPCintegtest1ipv4IpamCidr8105B4E4", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ @@ -85,7 +97,10 @@ "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" + "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ @@ -103,55 +118,73 @@ "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845" + "data": "testsbubnetSubnet77337845", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "testsbubnetRouteTableD0136BEA" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA" + "data": "testsbubnetRouteTableAssociationD6D083FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/testsubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetSubnetDD417829" + "data": "testsubnetSubnetDD417829", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61" + "data": "testsubnetRouteTable682580B2" } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTableAssociationC106676D" + "data": "testsubnetRouteTableAssociationC106676D", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6Subnet07BD40AE" + "data": "validateIpv6Subnet07BD40AE", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00" + "data": "validateIpv6RouteTable09389F8D" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTableAssociationD6330457" + "data": "validateIpv6RouteTableAssociationD6330457", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ @@ -165,6 +198,33 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "testsbubnetRouteTableF40F025B": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableF40F025B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsubnetRouteTable55223C61": [ + { + "type": "aws:cdk:logicalId", + "data": "testsubnetRouteTable55223C61", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "validateIpv6RouteTable10861B00": [ + { + "type": "aws:cdk:logicalId", + "data": "validateIpv6RouteTable10861B00", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index 4ef8722255a1d..923e868905d52 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -20,7 +20,7 @@ "aws:cdk:cloudformation:props": { "operatingRegions": [ { - "regionName": "eu-central-1" + "regionName": "ap-south-1" } ] } @@ -47,7 +47,7 @@ "PrivateDefaultScopeId" ] }, - "locale": "eu-central-1", + "locale": "ap-south-1", "provisionedCidrs": [ { "cidr": "10.2.0.0/16" @@ -84,7 +84,7 @@ "PublicDefaultScopeId" ] }, - "locale": "eu-central-1", + "locale": "ap-south-1", "publicIpSource": "amazon" } }, @@ -302,7 +302,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1a", + "availabilityZone": "ap-south-1a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -328,19 +328,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -351,7 +361,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -380,7 +393,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "ap-south-1b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -406,19 +419,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -429,7 +452,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -458,7 +484,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "ap-south-1b", "cidrBlock": "10.3.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -484,19 +510,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -507,7 +543,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index b4174e8e3d2aa..17d1837b24390 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -20,7 +20,7 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); const ipam = new Ipam(stack, 'IpamTest', { - operatingRegion: ['eu-central-1'], + operatingRegion: ['ap-south-1'], }); /**Test Ipam Pool Ipv4 */ @@ -28,13 +28,13 @@ const ipam = new Ipam(stack, 'IpamTest', { const pool1 = ipam.privateScope.addPool('PrivatePool0', { addressFamily: AddressFamily.IP_V4, ipv4ProvisionedCidrs: ['10.2.0.0/16'], - locale: 'eu-central-1', + locale: 'ap-south-1', }); const pool2 = ipam.publicScope.addPool('PublicPool0', { addressFamily: AddressFamily.IP_V6, awsService: AwsServiceName.EC2, - locale: 'eu-central-1', + locale: 'ap-south-1', publicIpSource: IpamPoolPublicIpSource.AMAZON, }); pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); @@ -78,14 +78,14 @@ const vpc = new vpc_v2.VpcV2(stack, 'Vpc-integ-test-2', { new SubnetV2(stack, 'testsbubnet', { vpc, - availabilityZone: 'eu-central-1a', + availabilityZone: 'ap-south-1a', ipv4CidrBlock: new IpCidr('10.1.0.0/24'), subnetType: SubnetType.PRIVATE_ISOLATED, }); new SubnetV2(stack, 'testsubnet', { vpc, - availabilityZone: 'eu-central-1b', + availabilityZone: 'ap-south-1b', ipv4CidrBlock: new IpCidr('10.2.0.0/24'), //Test secondary ipv6 address after IPAM pool creation //ipv6CidrBlock: new Ipv6Cidr('2001:db8:1::/64'), @@ -96,7 +96,7 @@ new SubnetV2(stack, 'testsubnet', { new SubnetV2(stack, 'validateIpv6', { vpc, ipv4CidrBlock: new IpCidr('10.3.0.0/24'), - availabilityZone: 'eu-central-1b', + availabilityZone: 'ap-south-1b', //Test secondary ipv6 address after IPAM pool creation //ipv6CidrBlock: new Ipv6Cidr('2001:db8::/48'), subnetType: SubnetType.PRIVATE_ISOLATED, From 909f7da511473289db3dd263492b07b0d15b2260 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Fri, 16 Aug 2024 10:44:41 -0700 Subject: [PATCH 22/44] Update route snapshot --- .../aws-cdk-routev2-alpha.assets.json | 6 +- .../aws-cdk-routev2-alpha.template.json | 2 +- ...routev2-dynamodbendpoint-alpha.assets.json | 6 +- ...utev2-dynamodbendpoint-alpha.template.json | 2 +- ...dk-routev2-egressonlyigw-alpha.assets.json | 6 +- ...-routev2-egressonlyigw-alpha.template.json | 39 +- .../aws-cdk-routev2-igw-alpha.assets.json | 6 +- .../aws-cdk-routev2-igw-alpha.template.json | 73 +- ...ws-cdk-routev2-networkif-alpha.assets.json | 6 +- ...-cdk-routev2-networkif-alpha.template.json | 2 +- ...cdk-routev2-privatenatgw-alpha.assets.json | 6 +- ...k-routev2-privatenatgw-alpha.template.json | 39 +- ...-cdk-routev2-publicnatgw-alpha.assets.json | 6 +- ...dk-routev2-publicnatgw-alpha.template.json | 110 ++- ...routev2-virtualprivategw-alpha.assets.json | 6 +- ...utev2-virtualprivategw-alpha.template.json | 73 +- ...outev2-vpcpeerconnection-alpha.assets.json | 6 +- ...tev2-vpcpeerconnection-alpha.template.json | 2 +- .../test/integ.route-v2.js.snapshot/cdk.out | 2 +- .../integ.route-v2.js.snapshot/integ.json | 2 +- ...efaultTestDeployAssertA16689B0.assets.json | 2 +- ...efaultTestDeployAssert46FEDE40.assets.json | 2 +- ...efaultTestDeployAssert04E3783E.assets.json | 2 +- ...efaultTestDeployAssertF3FA2F74.assets.json | 2 +- ...efaultTestDeployAssert4B12233C.assets.json | 2 +- ...efaultTestDeployAssertC0DDB875.assets.json | 2 +- ...efaultTestDeployAssert90B004F4.assets.json | 2 +- ...efaultTestDeployAssert4C509DCE.assets.json | 2 +- ...efaultTestDeployAssert77221752.assets.json | 2 +- .../integ.route-v2.js.snapshot/manifest.json | 125 ++-- .../test/integ.route-v2.js.snapshot/tree.json | 688 +++++++++--------- 31 files changed, 605 insertions(+), 626 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json index f61a2717f93a6..953b3a4ae82e9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f": { + "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7": { "source": { "path": "aws-cdk-routev2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "objectKey": "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json index 140f9ebf102e0..0aa074e2e7b1f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json index b9734dc366438..6f27e2c04e801 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3": { + "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50": { "source": { "path": "aws-cdk-routev2-dynamodbendpoint-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "objectKey": "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json index 1fc8a4ff1bbe3..7aaf0a70fd923 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index b27c0c57931d5..81be20bd295ef 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d": { + "8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "objectKey": "8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index 1c4d9adad8e08..cf4190f430f68 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -32,11 +32,29 @@ } } }, + "TestRoottableeigwRouteF867084E": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "EgressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWEIGW54CCAD37", + "Id" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "eigwSubnetCC28B9F9": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -76,25 +94,6 @@ ] } } - }, - "testEIGWRouteEB4FE8D5": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "EgressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json index 677f15417b1ed..a62abd102c23c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038": { + "62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b": { "source": { "path": "aws-cdk-routev2-igw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "objectKey": "62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json index 1ddb6c3cc40d9..1e21b3bc2c96f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json @@ -32,11 +32,46 @@ } } }, + "TestRoottableigwRouteC52EF731": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottableigwRouteGWAttachment4B3E8FD9": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "igw127F1970", + "VpcId" + ] + } + } + }, "igwSubnetF238E402": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -79,42 +114,6 @@ }, "testIGW8D947AF2": { "Type": "AWS::EC2::InternetGateway" - }, - "testIGWRoute7696715B": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testIGWRouteGWAttachmentB0836D42": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "igw127F1970", - "VpcId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json index 733952daae63f..805e32a041de3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f": { + "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38": { "source": { "path": "aws-cdk-routev2-networkif-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "objectKey": "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json index d796497fc5388..1e157df23a14a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json index 591ec9e8d3066..6fae013fe0a29 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239": { + "a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd": { "source": { "path": "aws-cdk-routev2-privatenatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "objectKey": "a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json index f2ed7e0d44c03..654e1e1de840e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json @@ -32,11 +32,29 @@ } } }, + "TestRoottablenatGwPrivRoute9F8908DE": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "natgwprivSubnetE547C5A0": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -94,25 +112,6 @@ "DependsOn": [ "natgwprivSubnetRouteTableAssociation9E115869" ] - }, - "testNATGWRoute7A26EC80": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json index 29398ffe76faa..f59abe7b20923 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441": { + "85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047": { "source": { "path": "aws-cdk-routev2-publicnatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "objectKey": "85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json index 5f80cf56a0aa5..81030e32ede4d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json @@ -32,11 +32,64 @@ } } }, + "TestRoottablenatGwRoute31868FBF": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottablenatGwRouteGWAttachment1D9CDF77": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "natgwpub2FB85986", + "VpcId" + ] + } + } + }, + "TestRoottablenatGwPubRoute0463E2F5": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "natgwpubSubnet79D316E5": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -80,42 +133,6 @@ "testNATgwIGW6AC97E9A": { "Type": "AWS::EC2::InternetGateway" }, - "testnatgwigwRouteE8D2BF39": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "242.0.0.0/32", - "DestinationIpv6CidrBlock": "242.0.0.0/32", - "GatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testnatgwigwRouteGWAttachmentB8E1033C": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "natgwpub2FB85986", - "VpcId" - ] - } - } - }, "testNATgwEIP1C260FAD": { "Type": "AWS::EC2::EIP", "Properties": { @@ -146,25 +163,6 @@ "DependsOn": [ "natgwpubSubnetRouteTableAssociation019CE26A" ] - }, - "testNATGWRoute7A26EC80": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json index 601d17d534bb8..0cd2e52e78a44 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107": { + "fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924": { "source": { "path": "aws-cdk-routev2-virtualprivategw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "objectKey": "fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json index f96743310fabe..b25f6ff502905 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json @@ -32,11 +32,46 @@ } } }, + "TestRoottablevpgwRouteAD510A2A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottablevpgwRouteGWAttachmentDD0077EE": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "vpgw2AB64B6B", + "VpcId" + ] + }, + "VpnGatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + } + } + }, "vpgwSubnet5E7F36AD": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -82,42 +117,6 @@ "Properties": { "Type": "ipsec.1" } - }, - "testVPGWRouteA169B1AA": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testVPGWRouteGWAttachment01E74575": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "vpgw2AB64B6B", - "VpcId" - ] - }, - "VpnGatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json index fa96e660e9d19..94cc48acf6542 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473": { + "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8": { "source": { "path": "aws-cdk-routev2-vpcpeerconnection-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "objectKey": "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json index 804f7b179ac91..7f195e58f758f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out index 1f0068d32659a..bd5311dc372de 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"36.0.0"} \ No newline at end of file +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json index 4ba304a14b0f1..488691ab97ceb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "testCases": { "integtest-model-8/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json index db0c4fcd06799..6f5363d26cf89 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json index 494dbc93fd34d..9094ce35beea5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json index 063e77bfac0d8..29387894579ea 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json index 3b7039646f51f..6afa1f9195a7b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json index a760a50f08dc1..2170d2cd526f2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json index 34f6c443f8be6..aed458dfb9b1f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json index 933d02b8072da..29423943325fc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json index 57cecd7995331..6fe2b5a955f17 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json index c9d2f2fc69193..d9fd3cff95553 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 2dec0815f28b0..92709262ce3a8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "artifacts": { "aws-cdk-routev2-alpha.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -132,6 +132,12 @@ "data": "TestRoottableRouteTableFA28AA38" } ], + "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableeigwRouteF867084E" + } + ], "/aws-cdk-routev2-egressonlyigw-alpha/eigwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -150,12 +156,6 @@ "data": "testEOIGWEIGW54CCAD37" } ], - "/aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "testEIGWRouteEB4FE8D5" - } - ], "/aws-cdk-routev2-egressonlyigw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -188,7 +188,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -223,34 +223,34 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-igw-alpha/igwSubnet/Subnet": [ + "/aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "igwSubnetF238E402" + "data": "TestRoottableigwRouteC52EF731" } ], - "/aws-cdk-routev2-igw-alpha/igwSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "igwSubnetRouteTableAssociationA48C27F3" + "data": "TestRoottableigwRouteGWAttachment4B3E8FD9" } ], - "/aws-cdk-routev2-igw-alpha/testIGW/IGW": [ + "/aws-cdk-routev2-igw-alpha/igwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testIGW8D947AF2" + "data": "igwSubnetF238E402" } ], - "/aws-cdk-routev2-igw-alpha/testIGWRoute/Route": [ + "/aws-cdk-routev2-igw-alpha/igwSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testIGWRoute7696715B" + "data": "igwSubnetRouteTableAssociationA48C27F3" } ], - "/aws-cdk-routev2-igw-alpha/testIGWRoute/GWAttachment": [ + "/aws-cdk-routev2-igw-alpha/testIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testIGWRouteGWAttachmentB0836D42" + "data": "testIGW8D947AF2" } ], "/aws-cdk-routev2-igw-alpha/BootstrapVersion": [ @@ -285,7 +285,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -320,34 +320,34 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/Subnet": [ + "/aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "vpgwSubnet5E7F36AD" + "data": "TestRoottablevpgwRouteAD510A2A" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "vpgwSubnetRouteTableAssociation49921F90" + "data": "TestRoottablevpgwRouteGWAttachmentDD0077EE" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGW/IGW": [ + "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWIGW816C7C4F" + "data": "vpgwSubnet5E7F36AD" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/Route": [ + "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWRouteA169B1AA" + "data": "vpgwSubnetRouteTableAssociation49921F90" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/GWAttachment": [ + "/aws-cdk-routev2-virtualprivategw-alpha/testVPGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWRouteGWAttachment01E74575" + "data": "testVPGWIGW816C7C4F" } ], "/aws-cdk-routev2-virtualprivategw-alpha/BootstrapVersion": [ @@ -382,7 +382,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -417,52 +417,52 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/Subnet": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "natgwpubSubnet79D316E5" + "data": "TestRoottablenatGwRoute31868FBF" } ], - "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "natgwpubSubnetRouteTableAssociation019CE26A" + "data": "TestRoottablenatGwRouteGWAttachment1D9CDF77" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgwIGW/IGW": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwIGW6AC97E9A" + "data": "TestRoottablenatGwPubRoute0463E2F5" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/Route": [ + "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testnatgwigwRouteE8D2BF39" + "data": "natgwpubSubnet79D316E5" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/GWAttachment": [ + "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testnatgwigwRouteGWAttachmentB8E1033C" + "data": "natgwpubSubnetRouteTableAssociation019CE26A" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/EIP": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgwIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwEIP1C260FAD" + "data": "testNATgwIGW6AC97E9A" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/NATGateway": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/EIP": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwNATGateway1533420D" + "data": "testNATgwEIP1C260FAD" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute/Route": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/NATGateway": [ { "type": "aws:cdk:logicalId", - "data": "testNATGWRoute7A26EC80" + "data": "testNATgwNATGateway1533420D" } ], "/aws-cdk-routev2-publicnatgw-alpha/BootstrapVersion": [ @@ -497,7 +497,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -532,6 +532,12 @@ "data": "TestRoottableRouteTableFA28AA38" } ], + "/aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottablenatGwPrivRoute9F8908DE" + } + ], "/aws-cdk-routev2-privatenatgw-alpha/natgw_privSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -550,12 +556,6 @@ "data": "testNATgwNATGateway1533420D" } ], - "/aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "testNATGWRoute7A26EC80" - } - ], "/aws-cdk-routev2-privatenatgw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -588,7 +588,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -667,7 +667,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -746,7 +746,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -810,15 +810,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "dynamodbSecondaryIp4EEF58BFBEFB": [ - { - "type": "aws:cdk:logicalId", - "data": "dynamodbSecondaryIp4EEF58BFBEFB", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-routev2-dynamodbendpoint-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 7adf7f1621505..a87a09a9e4ab9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -51,7 +51,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -80,7 +80,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -95,7 +95,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -153,7 +153,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -226,7 +226,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -252,10 +252,46 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "eigwRoute": { + "id": "eigwRoute", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWEIGW54CCAD37", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -270,7 +306,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -317,7 +353,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -346,44 +382,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.EgressOnlyInternetGateway", - "version": "0.0.0" - } - }, - "testEIGWRoute": { - "id": "testEIGWRoute", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "egressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, @@ -456,7 +455,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -482,10 +481,71 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "igwRoute": { + "id": "igwRoute", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "igw127F1970", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -500,7 +560,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -558,7 +618,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -580,69 +640,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "testIGWRoute": { - "id": "testIGWRoute", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "igw127F1970", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -715,7 +713,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -741,10 +739,71 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "vpgwRoute": { + "id": "vpgwRoute", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "vpgw2AB64B6B", + "VpcId" + ] + }, + "vpnGatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -759,7 +818,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -817,7 +876,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -841,69 +900,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VPNGateway", - "version": "0.0.0" - } - }, - "testVPGWRoute": { - "id": "testVPGWRoute", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "vpgw2AB64B6B", - "VpcId" - ] - }, - "vpnGatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGateway", "version": "0.0.0" } }, @@ -976,7 +973,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1002,10 +999,107 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "natGwRoute": { + "id": "natGwRoute", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "natgwpub2FB85986", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "natGwPubRoute": { + "id": "natGwPubRoute", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1020,7 +1114,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1078,7 +1172,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1100,69 +1194,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "testnatgwigwRoute": { - "id": "testnatgwigwRoute", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "242.0.0.0/32", - "destinationIpv6CidrBlock": "242.0.0.0/32", - "gatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "natgwpub2FB85986", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -1213,44 +1245,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", - "version": "0.0.0" - } - }, - "testNATGWRoute": { - "id": "testNATGWRoute", - "path": "aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1323,7 +1318,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1349,10 +1344,46 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "natGwPrivRoute": { + "id": "natGwPrivRoute", + "path": "aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1367,7 +1398,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1425,7 +1456,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1458,44 +1489,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", - "version": "0.0.0" - } - }, - "testNATGWRoute": { - "id": "testNATGWRoute", - "path": "aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1568,7 +1562,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1597,7 +1591,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1612,7 +1606,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1670,7 +1664,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1743,7 +1737,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1772,7 +1766,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1787,7 +1781,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1845,7 +1839,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1918,7 +1912,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1944,10 +1938,18 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "dynamoRoute": { + "id": "dynamoRoute", + "path": "aws-cdk-routev2-dynamodbendpoint-alpha/TestRoottable/dynamoRoute", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1962,7 +1964,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -2020,7 +2022,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -2074,14 +2076,6 @@ "version": "0.0.0" } }, - "testDynamoRoute": { - "id": "testDynamoRoute", - "path": "aws-cdk-routev2-dynamodbendpoint-alpha/testDynamoRoute", - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", - "version": "0.0.0" - } - }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-routev2-dynamodbendpoint-alpha/BootstrapVersion", From 1b907c1dfb1965af0678c492c0be073b2fed7596 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Fri, 16 Aug 2024 10:57:48 -0700 Subject: [PATCH 23/44] Update route snapshot --- .../aws-cdk-routev2-egressonlyigw-alpha.assets.json | 4 ++-- .../aws-cdk-routev2-egressonlyigw-alpha.template.json | 3 ++- .../test/integ.route-v2.js.snapshot/manifest.json | 2 +- .../aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json | 3 ++- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index 81be20bd295ef..d17484319eef3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1": { + "b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1.json", + "objectKey": "b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index cf4190f430f68..cd3a0c0a42484 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -35,7 +35,8 @@ "TestRoottableeigwRouteF867084E": { "Type": "AWS::EC2::Route", "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", + "DestinationCidrBlock": "::/0", + "DestinationIpv6CidrBlock": "::/0", "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 92709262ce3a8..2e922475b66bf 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8bf28eacaad81567408936a80f47d55ecc558caaaa2596ab90eebd1dcb9c04b1.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index a87a09a9e4ab9..68cca1ffdc6ab 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -263,7 +263,8 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", + "destinationCidrBlock": "::/0", + "destinationIpv6CidrBlock": "::/0", "egressOnlyInternetGatewayId": { "Fn::GetAtt": [ "testEOIGWEIGW54CCAD37", From 8ca0a3c2a918c01e5c974c17b1e4dbfbf718593e Mon Sep 17 00:00:00 2001 From: shikha372 Date: Fri, 23 Aug 2024 15:54:27 -0700 Subject: [PATCH 24/44] adding EGW method to VPC --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 +-- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 45 +++++++++++++++++++ .../aws-ec2-alpha/test/integ.subnet-v2.ts | 2 +- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 16 +++++-- 4 files changed, 62 insertions(+), 7 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 7420375537880..368e476b662b9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -409,7 +409,7 @@ export class RouteTargetType { /** * Interface to define a route. */ -interface IRoute { +export interface IRoute { /** * The ID of the route table for the route. * @attribute routeTable @@ -433,7 +433,7 @@ interface IRoute { /** * Properties to define a route. */ -interface RouteProps { +export interface RouteProps { /** * The ID of the route table for the route. * @attribute routeTable @@ -463,7 +463,7 @@ interface RouteProps { * Creates a new route with added functionality. * @resource AWS::EC2::Route */ -class Route extends Resource implements IRoute { +export class Route extends Resource implements IRoute { /** * The IPv4 or IPv6 CIDR block used for the destination match. * diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 1be8c35744356..d4022bb864a42 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,6 +2,17 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct } from 'constructs'; +import { EgressOnlyInternetGateway, Route } from './route'; + +/** + * Options to define EgressOnlyInternetGateway for VPC + */ +export interface EgressOnlyInternetGatewayOptions{ + /** + * List of subnets where route to EGW will be added + */ + readonly subnets?: SubnetSelection[]; +} /** * Placeholder to see what extra props we might need, @@ -23,6 +34,12 @@ export interface IVpcV2 extends IVpc { */ readonly ipv4CidrBlock: string; + /** + * Add an Egress only Internet Gateway to current VPC + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway-basics.html}. + */ + addEgressOnlyInternetGateway(options: EgressOnlyInternetGatewayOptions): void; + } /** @@ -196,6 +213,34 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { }); } + /** + * Adds a new Egress Only Internet Gateway to this VPC and adds route + * to the route table of given subnets + * @default in case of no input subnets, no route is defined. + */ + public addEgressOnlyInternetGateway(options: EgressOnlyInternetGatewayOptions): void { + const egw = new EgressOnlyInternetGateway(this, 'EgressOnlyGW', { + vpc: this, + }); + if (options.subnets) { + const subnets = flatten(options.subnets.map(s => this.selectSubnets(s).subnets)); + subnets.forEach((subnet) => { + this.createEgressRoute(subnet, egw); + }); + } + } + + /** + * Creates a route for EGW with destination set to outbound IPv6('::/0'). + */ + private createEgressRoute(subnet: ISubnet, egw: EgressOnlyInternetGateway): void { + new Route(this, `${subnet.node.id}-EgressRoute`, { + routeTable: subnet.routeTable, + destination: '::/0', // IPv6 default route + target: { gateway: egw }, + }); + } + /** * Adds a new flow log to this VPC */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts index 93d248ebc797a..b9248ef9a026e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts @@ -80,7 +80,7 @@ const igw = new InternetGateway(stack, 'testIGW', { vpc, }); -const routeTable = new RouteTable(stack, 'TestRoottable', { +const routeTable = new RouteTable(stack, 'TestRoutetable', { vpc, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 17d1837b24390..2b19d6e7f9018 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -12,7 +12,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; const app = new cdk.App(); @@ -98,8 +98,18 @@ new SubnetV2(stack, 'validateIpv6', { ipv4CidrBlock: new IpCidr('10.3.0.0/24'), availabilityZone: 'ap-south-1b', //Test secondary ipv6 address after IPAM pool creation - //ipv6CidrBlock: new Ipv6Cidr('2001:db8::/48'), - subnetType: SubnetType.PRIVATE_ISOLATED, + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + subnetType: SubnetType.PUBLIC, +}); + +vpc.addGatewayEndpoint('TestGWendpoint', { + service: GatewayVpcEndpointAwsService.S3, + subnets: [{ subnetType: SubnetType.PRIVATE_ISOLATED }], +}); + +//Add an Egress only Internet Gateway +vpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], }); new IntegTest(app, 'integtest-model', { From f42666d73add8c0fc93b49078667d26c44ac4c06 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Mon, 26 Aug 2024 12:03:36 -0700 Subject: [PATCH 25/44] (feat): add EIGW implementation --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 +-- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 9 +++++ .../aws-ec2-alpha/test/vpc-add-method.test.ts | 38 +++++++++++++++++++ 3 files changed, 50 insertions(+), 3 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 368e476b662b9..f826d1fd3b155 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -1,6 +1,6 @@ import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, GatewayVpcEndpoint, IRouteTable, ISubnet, IVpcEndpoint, RouterType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; -import { Construct, IDependable } from 'constructs'; -import { Duration, Resource } from 'aws-cdk-lib/core'; +import { Construct, IConstruct, IDependable } from 'constructs'; +import { Duration, IResource, Resource } from 'aws-cdk-lib/core'; import { IVpcV2 } from './vpc-v2-base'; import { NetworkUtils } from './util'; @@ -409,7 +409,7 @@ export class RouteTargetType { /** * Interface to define a route. */ -export interface IRoute { +export interface IRoute extends IConstruct, IResource{ /** * The ID of the route table for the route. * @attribute routeTable diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index d4022bb864a42..9a73f1b2eeb26 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -10,6 +10,7 @@ import { EgressOnlyInternetGateway, Route } from './route'; export interface EgressOnlyInternetGatewayOptions{ /** * List of subnets where route to EGW will be added + * @default no route created */ readonly subnets?: SubnetSelection[]; } @@ -222,6 +223,14 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { const egw = new EgressOnlyInternetGateway(this, 'EgressOnlyGW', { vpc: this, }); + + const useIpv6 = (this.secondaryCidrBlock.some((secondaryAddress) => secondaryAddress.amazonProvidedIpv6CidrBlock === true || + secondaryAddress.ipv6IpamPoolId != undefined))? true : false; + + if (!useIpv6) { + throw new Error('Egress only IGW can only be added to Ipv6 enabled VPC'); + }; + if (options.subnets) { const subnets = flatten(options.subnets.map(s => this.selectSubnets(s).subnets)); subnets.forEach((subnet) => { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts new file mode 100644 index 0000000000000..3d315dbac1f8b --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -0,0 +1,38 @@ +import { Template } from 'aws-cdk-lib/assertions'; +import * as cdk from 'aws-cdk-lib'; +import * as vpc from '../lib/vpc-v2'; + +describe('Vpc V2 with full control', () => { + let stack: cdk.Stack; + + beforeEach(() => { + const app = new cdk.App({ + context: { + '@aws-cdk/core:newStyleStackSynthesis': false, + }, + }); + stack = new cdk.Stack(app); + }); + test('Method to add a new Egress-Only IGW', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }, + ); + myVpc.addEgressOnlyInternetGateway({}); + Template.fromStack(stack).hasResource('AWS::EC2::EgressOnlyInternetGateway', 1); + }); + + test('addEIGW throws error if VPC does not have IPv6', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + enableDnsHostnames: true, + enableDnsSupport: true, + }); + expect(() => { + myVpc.addEgressOnlyInternetGateway({}); + }).toThrow('Egress only IGW can only be added to Ipv6 enabled VPC'); + }); +}); \ No newline at end of file From 36a9511375d24d15b20b1e5b5779f838a0eabc91 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Mon, 26 Aug 2024 16:09:58 -0700 Subject: [PATCH 26/44] adding unit and integ tests --- packages/@aws-cdk/aws-ec2-alpha/awslint.json | 3 +- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 11 +- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 13 +- .../@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts | 73 ++++++++++++ .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 33 ++---- .../manifest.json | 96 +++------------ .../integ.vpc-v2-alpha.js.snapshot/tree.json | 111 ++++++------------ .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 71 +++-------- .../aws-ec2-alpha/test/subnet-v2.test.ts | 1 - .../aws-ec2-alpha/test/vpc-add-method.test.ts | 73 ++++++++++++ 11 files changed, 251 insertions(+), 238 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts diff --git a/packages/@aws-cdk/aws-ec2-alpha/awslint.json b/packages/@aws-cdk/aws-ec2-alpha/awslint.json index 35de7712d8ef5..6ea89091a597a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/awslint.json +++ b/packages/@aws-cdk/aws-ec2-alpha/awslint.json @@ -2,6 +2,7 @@ "exclude": [ "from-method:@aws-cdk/aws-ec2-alpha.VpcV2", "attribute-tag:@aws-cdk/aws-ec2-alpha.RouteTable.routeTableId", - "from-method:@aws-cdk/aws-ec2-alpha.SubnetV2" + "from-method:@aws-cdk/aws-ec2-alpha.SubnetV2", + "from-method:@aws-cdk/aws-ec2-alpha.Route" ] } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index f826d1fd3b155..b2444e3b91c42 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -493,10 +493,15 @@ export class Route extends Resource implements IRoute { public readonly resource?: CfnRoute; /** - * Destination cidr block for ipv4 or ipv6 + * Destination cidr block for ipv6 */ private destinationIpv6Cidr?: string; + /** + * Destination cidr block for ipv4 + */ + private destinationIpv4Cidr?: string; + constructor(scope: Construct, id: string, props: RouteProps) { super(scope, id); @@ -507,6 +512,8 @@ export class Route extends Resource implements IRoute { if (!isDestinationIpv4) { //TODO Validate for IPv6 CIDR range this.destinationIpv6Cidr = props.destination; + } else { + this.destinationIpv4Cidr = props.destination; } if (this.target.gateway?.routerType == RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4) { @@ -518,7 +525,7 @@ export class Route extends Resource implements IRoute { if (!(this.target.endpoint instanceof GatewayVpcEndpoint)) { this.resource = new CfnRoute(this, 'Route', { routeTableId: this.routeTable.routeTableId, - destinationCidrBlock: this.destination, + destinationCidrBlock: this.destinationIpv4Cidr, destinationIpv6CidrBlock: this.destinationIpv6Cidr, [routerTypeToPropName(this.targetRouterType)]: this.target.gateway ? this.target.gateway.routerTargetId : this.target.endpoint ? this.target.endpoint.vpcEndpointId : null, diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 9a73f1b2eeb26..a3e3657a1f80f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -13,6 +13,12 @@ export interface EgressOnlyInternetGatewayOptions{ * @default no route created */ readonly subnets?: SubnetSelection[]; + + /** + * Destination Ipv6 address for EGW route + * @default '::/0' all Ipv6 traffic + */ + readonly destination?: string; } /** @@ -234,7 +240,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { if (options.subnets) { const subnets = flatten(options.subnets.map(s => this.selectSubnets(s).subnets)); subnets.forEach((subnet) => { - this.createEgressRoute(subnet, egw); + this.createEgressRoute(subnet, egw, options.destination); }); } } @@ -242,10 +248,11 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Creates a route for EGW with destination set to outbound IPv6('::/0'). */ - private createEgressRoute(subnet: ISubnet, egw: EgressOnlyInternetGateway): void { + private createEgressRoute(subnet: ISubnet, egw: EgressOnlyInternetGateway, destination?: string): void { + const destinationIpv6 = destination ?? '::/0'; new Route(this, `${subnet.node.id}-EgressRoute`, { routeTable: subnet.routeTable, - destination: '::/0', // IPv6 default route + destination: destinationIpv6, // IPv6 default route target: { gateway: egw }, }); } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts new file mode 100644 index 0000000000000..4ab5c543679cc --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts @@ -0,0 +1,73 @@ +// /* +// * Our integration tests act as snapshot tests to make sure the rendered template is stable. +// * If any changes to the result are required, +// * you need to perform an actual CloudFormation deployment of this application, +// * and, if it is successful, a new snapshot will be written out. +// * +// * For more information on CDK integ tests, +// * see the main CONTRIBUTING.md file. +// */ + +import * as vpc_v2 from '../lib/vpc-v2'; +import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as cdk from 'aws-cdk-lib'; + +/** + * Integ test for VPC with IPAM pool to be run with --no-clean + */ + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); + +const ipam = new Ipam(stack, 'IpamTest', { + operatingRegion: ['ap-south-1'], +}); + +/**Test Ipam Pool Ipv4 */ + +const pool1 = ipam.privateScope.addPool('PrivatePool0', { + addressFamily: AddressFamily.IP_V4, + ipv4ProvisionedCidrs: ['10.2.0.0/16'], + locale: 'ap-south-1', +}); + +const pool2 = ipam.publicScope.addPool('PublicPool0', { + addressFamily: AddressFamily.IP_V6, + awsService: AwsServiceName.EC2, + locale: 'ap-south-1', + publicIpSource: IpamPoolPublicIpSource.AMAZON, +}); +pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); + +/** Test Ipv4 Primary and Secondary address IpvIPAM */ +new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { + primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), + secondaryAddressBlocks: [ + vpc_v2.IpAddresses.ipv4Ipam({ + ipamPool: pool1, + netmaskLength: 20, + cidrBlockName: 'ipv4IpamCidr', + }), + ], + enableDnsHostnames: true, + enableDnsSupport: true, +}); + +new vpc_v2.VpcV2(stack, 'Vpc-integ-test-2', { + primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ + ipamPool: pool2, + netmaskLength: 60, + cidrBlockName: 'Ipv6IpamCidr', + })], +}); + +/** + * Integ test for VPC with IPAM pool to be run with --no-clean + * due to dependency on de-allocation of provisioned ipv6 CIDR + */ +new IntegTest(app, 'integtest-model', { + testCases: [stack], +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index 9fad60783195d..edea907079f09 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99": { + "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99.json", + "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 89f42c48a94df..69b67454af10b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -5,7 +5,7 @@ "Properties": { "OperatingRegions": [ { - "RegionName": "ap-south-1" + "RegionName": "eu-central-1" } ] } @@ -20,7 +20,7 @@ "PrivateDefaultScopeId" ] }, - "Locale": "ap-south-1", + "Locale": "eu-central-1", "ProvisionedCidrs": [ { "Cidr": "10.2.0.0/16" @@ -39,7 +39,7 @@ "PublicDefaultScopeId" ] }, - "Locale": "ap-south-1", + "Locale": "eu-central-1", "PublicIpSource": "amazon" } }, @@ -152,7 +152,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "ap-south-1a", + "AvailabilityZone": "eu-central-1a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -167,7 +167,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsbubnetRouteTableD0136BEA": { + "testsbubnetRouteTableF40F025B": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -187,10 +187,7 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" @@ -206,7 +203,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "ap-south-1b", + "AvailabilityZone": "eu-central-1b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -221,7 +218,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsubnetRouteTable682580B2": { + "testsubnetRouteTable55223C61": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -241,10 +238,7 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "testsubnetRouteTable682580B2", - "RouteTableId" - ] + "Ref": "testsubnetRouteTable55223C61" }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" @@ -260,7 +254,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "ap-south-1b", + "AvailabilityZone": "eu-central-1b", "CidrBlock": "10.3.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -275,7 +269,7 @@ "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "validateIpv6RouteTable09389F8D": { + "validateIpv6RouteTable10861B00": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -295,10 +289,7 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] + "Ref": "validateIpv6RouteTable10861B00" }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index be86401dbd136..07729bcb92768 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/05dd5343aac11e069ac1e728ef6bc8fd02caae9a5c84c5723ddf8735bca3ba99.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -43,28 +43,19 @@ "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "IpamTestPrivatePool039C763DC" } ], "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "IpamTestPublicPool0C44B7C49" } ], "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ @@ -76,10 +67,7 @@ "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1ipv4IpamCidr8105B4E4" } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ @@ -97,10 +85,7 @@ "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" } ], "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ @@ -118,73 +103,55 @@ "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableD0136BEA" + "data": "testsbubnetRouteTableF40F025B" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "testsbubnetRouteTableAssociationD6D083FA" } ], "/aws-cdk-vpcv2-alpha/testsubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetSubnetDD417829", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "testsubnetSubnetDD417829" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable682580B2" + "data": "testsubnetRouteTable55223C61" } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTableAssociationC106676D", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "testsubnetRouteTableAssociationC106676D" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6Subnet07BD40AE", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "validateIpv6Subnet07BD40AE" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable09389F8D" + "data": "validateIpv6RouteTable10861B00" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTableAssociationD6330457", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "validateIpv6RouteTableAssociationD6330457" } ], "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ @@ -198,33 +165,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "testsbubnetRouteTableF40F025B": [ - { - "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "testsubnetRouteTable55223C61": [ - { - "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "validateIpv6RouteTable10861B00": [ - { - "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-vpcv2-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index 923e868905d52..4ef8722255a1d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -20,7 +20,7 @@ "aws:cdk:cloudformation:props": { "operatingRegions": [ { - "regionName": "ap-south-1" + "regionName": "eu-central-1" } ] } @@ -47,7 +47,7 @@ "PrivateDefaultScopeId" ] }, - "locale": "ap-south-1", + "locale": "eu-central-1", "provisionedCidrs": [ { "cidr": "10.2.0.0/16" @@ -84,7 +84,7 @@ "PublicDefaultScopeId" ] }, - "locale": "ap-south-1", + "locale": "eu-central-1", "publicIpSource": "amazon" } }, @@ -302,7 +302,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "ap-south-1a", + "availabilityZone": "eu-central-1a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -328,29 +328,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -361,10 +351,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -393,7 +380,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "ap-south-1b", + "availabilityZone": "eu-central-1b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -419,29 +406,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -452,10 +429,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "testsubnetRouteTable682580B2", - "RouteTableId" - ] + "Ref": "testsubnetRouteTable55223C61" }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -484,7 +458,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "ap-south-1b", + "availabilityZone": "eu-central-1b", "cidrBlock": "10.3.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -510,29 +484,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -543,10 +507,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] + "Ref": "validateIpv6RouteTable10861B00" }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 2b19d6e7f9018..fd916d327ba4e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -9,7 +9,6 @@ // */ import * as vpc_v2 from '../lib/vpc-v2'; -import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { GatewayVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; @@ -19,75 +18,37 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); -const ipam = new Ipam(stack, 'IpamTest', { - operatingRegion: ['ap-south-1'], -}); - -/**Test Ipam Pool Ipv4 */ - -const pool1 = ipam.privateScope.addPool('PrivatePool0', { - addressFamily: AddressFamily.IP_V4, - ipv4ProvisionedCidrs: ['10.2.0.0/16'], - locale: 'ap-south-1', -}); - -const pool2 = ipam.publicScope.addPool('PublicPool0', { - addressFamily: AddressFamily.IP_V6, - awsService: AwsServiceName.EC2, - locale: 'ap-south-1', - publicIpSource: IpamPoolPublicIpSource.AMAZON, -}); -pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); - -/** Test Ipv4 Primary and Secondary address */ -new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), +/** Test Multiple Ipv4 Primary and Secondary address */ +const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { + primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.ipv4Ipam({ - ipamPool: pool1, - netmaskLength: 20, - cidrBlockName: 'ipv4IpamCidr', + vpc_v2.IpAddresses.ipv4('10.2.0.0/16', { + cidrBlockName: 'SecondaryAddress2', }), - //Test secondary ipv6 address + //Test Amazon provided secondary ipv6 address vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvided', }), + vpc_v2.IpAddresses.ipv4('10.3.0.0/16', { + cidrBlockName: 'SecondaryAddress3', + }), ], enableDnsHostnames: true, enableDnsSupport: true, }); -/** - * Integ test for VPC with IPAM pool to be run with --no-clean - */ -const vpc = new vpc_v2.VpcV2(stack, 'Vpc-integ-test-2', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ - ipamPool: pool2, - netmaskLength: 60, - cidrBlockName: 'Ipv6IpamCidr', - }), - vpc_v2.IpAddresses.ipv4('10.2.0.0/16', { - cidrBlockName: 'SecondaryAddress2', - }), - vpc_v2.IpAddresses.ipv4('10.3.0.0/16', { - cidrBlockName: 'SecondaryAddress3', - }, - )], -}); - new SubnetV2(stack, 'testsbubnet', { vpc, - availabilityZone: 'ap-south-1a', + availabilityZone: 'us-west-1a', ipv4CidrBlock: new IpCidr('10.1.0.0/24'), subnetType: SubnetType.PRIVATE_ISOLATED, }); new SubnetV2(stack, 'testsubnet', { vpc, - availabilityZone: 'ap-south-1b', + availabilityZone: 'us-west-1b', ipv4CidrBlock: new IpCidr('10.2.0.0/24'), - //Test secondary ipv6 address after IPAM pool creation + //Test secondary ipv6 address after Amazon Provided ipv6 allocation //ipv6CidrBlock: new Ipv6Cidr('2001:db8:1::/64'), subnetType: SubnetType.PRIVATE_ISOLATED, }); @@ -96,15 +57,15 @@ new SubnetV2(stack, 'testsubnet', { new SubnetV2(stack, 'validateIpv6', { vpc, ipv4CidrBlock: new IpCidr('10.3.0.0/24'), - availabilityZone: 'ap-south-1b', - //Test secondary ipv6 address after IPAM pool creation - ipv6CidrBlock: new IpCidr('2001:db8::/48'), + availabilityZone: 'us-west-1b', + //Test secondary ipv6 address after Amazon Provided ipv6 allocation + //ipv6CidrBlock: new IpCidr('2001:db8::/48'), subnetType: SubnetType.PUBLIC, }); vpc.addGatewayEndpoint('TestGWendpoint', { service: GatewayVpcEndpointAwsService.S3, - subnets: [{ subnetType: SubnetType.PRIVATE_ISOLATED }], + subnets: [{ subnetType: SubnetType.PUBLIC }], }); //Add an Egress only Internet Gateway diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts index 3aa8492e4fdc2..ddedfd9395918 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts @@ -331,5 +331,4 @@ describe('Subnet V2 with custom IP and routing', () => { }, })); }); - }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 3d315dbac1f8b..a5a68a5b5f1fa 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -1,6 +1,9 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as cdk from 'aws-cdk-lib'; import * as vpc from '../lib/vpc-v2'; +import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; +import { SubnetType } from 'aws-cdk-lib/aws-ec2'; +/* eslint-disable no-console */ describe('Vpc V2 with full control', () => { let stack: cdk.Stack; @@ -35,4 +38,74 @@ describe('Vpc V2 with full control', () => { myVpc.addEgressOnlyInternetGateway({}); }).toThrow('Egress only IGW can only be added to Ipv6 enabled VPC'); }); + + test('addEIGW defines a route under subnet to default destination', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + new SubnetV2(stack, 'validateIpv6', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + subnetType: SubnetType.PUBLIC, + }); + myVpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::Route', { + DestinationIpv6CidrBlock: '::/0', + }); + }); + + test('addEIGW defines a route under subnet to given destination', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + new SubnetV2(stack, 'validateIpv6', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + //Test secondary ipv6 address after IPAM pool creation + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + subnetType: SubnetType.PUBLIC, + }); + myVpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + destination: '::/48', + }); + console.log(Template.fromStack(stack).toJSON()); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::Route', { + DestinationIpv6CidrBlock: '::/48', + }); + }); + + test('should not associate a route to an incorrect subnet', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + new SubnetV2(stack, 'validateIpv6', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + //Test secondary ipv6 address after IPAM pool creation + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + expect( () => { + myVpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + destination: '::/48', + }); + }).toThrow("There are no 'Public' subnet groups in this VPC. Available types: Isolated,Deprecated_Isolated"); + }); }); \ No newline at end of file From 5bd279bb2eab38540c30aa691362b0a345d66408 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Mon, 26 Aug 2024 16:51:38 -0700 Subject: [PATCH 27/44] updating readme and snapshot for EGW --- packages/@aws-cdk/aws-ec2-alpha/README.md | 27 + .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 313 +++++----- .../manifest.json | 62 +- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 538 ++++++++++-------- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 9 +- 6 files changed, 556 insertions(+), 397 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index ef9a034942b56..28a67dd6f8d14 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -219,3 +219,30 @@ new vpc_v2.Route(this, 'DynamoDBRoute', { target: { endpoint: dynamoEndpoint }, }); ``` +## Adding Egress-Only Internet Gateway to VPC + +An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. For more information see@ https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html + +VPCv2 supports adding an egress only internet gateway to VPC with the help of `addEgressOnlyInternetGateway` method as well. + +By Default, it sets up a route to all outbound IPv6 Address ranges unless specified to a specific destination by the user. It can only be set up for IPv6 enabled VPCs. +`Subnets` takes in value of `SubnetFilter` which can be based on a SubnetType in VPCV2. A new route will be added to route tables of all subnets filtered out with this property. + +```ts + +const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); +const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { + vpc: myVpc, +}); +const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + subnetType: ec2.SubnetType.PRIVATE }); + +myVpc.addEgressOnlyInternetGateway({ + subnets: [{SubnetType.PUBLIC}], + destination: '::/60', +}) + +``` \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index edea907079f09..9d4b04a3cb898 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { + "3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "objectKey": "3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 69b67454af10b..f6c0a06d1b8a6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -1,79 +1,74 @@ { "Resources": { - "IpamTestIpam6C9298EF": { - "Type": "AWS::EC2::IPAM", + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", "Properties": { - "OperatingRegions": [ - { - "RegionName": "eu-central-1" - } - ] + "CidrBlock": "10.1.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" } }, - "IpamTestPrivatePool039C763DC": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1SecondaryAddress256BAC1D3": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv4", - "IpamScopeId": { + "CidrBlock": "10.2.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "ProvisionedCidrs": [ - { - "Cidr": "10.2.0.0/16" - } - ] + } } }, - "IpamTestPublicPool0C44B7C49": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1AmazonProvidedE0445E5C": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv6", - "AwsService": "ec2", - "IpamScopeId": { + "AmazonProvidedIpv6CidrBlock": true, + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "PublicIpSource": "amazon" + } } }, - "IpamTestPublicPool0PublicPool0CidrC57CE00C": { - "Type": "AWS::EC2::IPAMPoolCidr", + "VPCintegtest1SecondaryAddress3BCA08E40": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "IpamPoolId": { + "CidrBlock": "10.3.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "NetmaskLength": 52 - } - }, - "VPCintegtest1EBA1CB75": { - "Type": "AWS::EC2::VPC", - "Properties": { - "CidrBlock": "10.0.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + } } }, - "VPCintegtest1ipv4IpamCidr8105B4E4": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestGWendpoint6276409E": { + "Type": "AWS::EC2::VPCEndpoint", "Properties": { - "Ipv4IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" + "RouteTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] ] }, - "Ipv4NetmaskLength": 20, + "VpcEndpointType": "Gateway", "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -82,10 +77,45 @@ } } }, - "VPCintegtest1AmazonProvidedE0445E5C": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7": { + "Type": "AWS::EC2::SecurityGroup", "Properties": { - "AmazonProvidedIpv6CidrBlock": true, + "GroupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "SecurityGroupIngress": [ + { + "CidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "Description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + }, + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -94,56 +124,72 @@ } } }, - "Vpcintegtest20DAD8F9D": { - "Type": "AWS::EC2::VPC", - "Properties": { - "CidrBlock": "10.1.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" - } - }, - "Vpcintegtest2Ipv6IpamCidrFF84EC2B": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestInterfaceEndpoint7B63C4C3": { + "Type": "AWS::EC2::VPCEndpoint", "Properties": { - "Ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "PrivateDnsEnabled": true, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] ] }, - "Ipv6NetmaskLength": 60, + "SubnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "VpcEndpointType": "Interface", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } - }, - "DependsOn": [ - "IpamTestPublicPool0PublicPool0CidrC57CE00C" - ] + } }, - "Vpcintegtest2SecondaryAddress2A96C0AF8": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1EgressOnlyGWEIGW440911B4": { + "Type": "AWS::EC2::EgressOnlyInternetGateway", "Properties": { - "CidrBlock": "10.2.0.0/16", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } } }, - "Vpcintegtest2SecondaryAddress36FC60BBC": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1validateIpv6EgressRouteB2A1DA27": { + "Type": "AWS::EC2::Route", "Properties": { - "CidrBlock": "10.3.0.0/16", - "VpcId": { + "DestinationIpv6CidrBlock": "::/0", + "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" ] } } @@ -152,153 +198,162 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1a", + "AvailabilityZone": "us-west-1a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsbubnetRouteTableF40F025B": { + "testsbubnetRouteTableD0136BEA": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsbubnetRouteTableAssociationD6D083FA": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetSubnetDD417829": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-1b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsubnetRouteTable55223C61": { + "testsubnetRouteTable682580B2": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetRouteTableAssociationC106676D": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6Subnet07BD40AE": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-1b", "CidrBlock": "10.3.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "validateIpv6RouteTable10861B00": { + "validateIpv6RouteTable09389F8D": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6RouteTableAssociationD6330457": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 07729bcb92768..8dbfb7d284021 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,70 +34,58 @@ "aws-cdk-vpcv2-alpha.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ - { - "type": "aws:cdk:logicalId", - "data": "IpamTestIpam6C9298EF" - } - ], - "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ - { - "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC" - } - ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49" + "data": "VPCintegtest1EBA1CB75" } ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "data": "VPCintegtest1SecondaryAddress256BAC1D3" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EBA1CB75" + "data": "VPCintegtest1AmazonProvidedE0445E5C" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + "data": "VPCintegtest1SecondaryAddress3BCA08E40" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1AmazonProvidedE0445E5C" + "data": "VPCintegtest1TestGWendpoint6276409E" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest20DAD8F9D" + "data": "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" + "data": "VPCintegtest1TestInterfaceEndpoint7B63C4C3" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress2A96C0AF8" + "data": "VPCintegtest1EgressOnlyGWEIGW440911B4" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress36FC60BBC" + "data": "VPCintegtest1validateIpv6EgressRouteB2A1DA27" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ @@ -106,10 +94,10 @@ "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "testsbubnetRouteTableD0136BEA" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ @@ -124,10 +112,10 @@ "data": "testsubnetSubnetDD417829" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61" + "data": "testsubnetRouteTable682580B2" } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ @@ -142,10 +130,10 @@ "data": "validateIpv6Subnet07BD40AE" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00" + "data": "validateIpv6RouteTable09389F8D" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index 4ef8722255a1d..f7fbcbbc6220e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -8,123 +8,6 @@ "id": "aws-cdk-vpcv2-alpha", "path": "aws-cdk-vpcv2-alpha", "children": { - "IpamTest": { - "id": "IpamTest", - "path": "aws-cdk-vpcv2-alpha/IpamTest", - "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", - "aws:cdk:cloudformation:props": { - "operatingRegions": [ - { - "regionName": "eu-central-1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", - "version": "0.0.0" - } - }, - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", - "children": { - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", - "aws:cdk:cloudformation:props": { - "addressFamily": "ipv4", - "ipamScopeId": { - "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" - ] - }, - "locale": "eu-central-1", - "provisionedCidrs": [ - { - "cidr": "10.2.0.0/16" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", - "children": { - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", - "aws:cdk:cloudformation:props": { - "addressFamily": "ipv6", - "awsService": "ec2", - "ipamScopeId": { - "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" - ] - }, - "locale": "eu-central-1", - "publicIpSource": "amazon" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", - "version": "0.0.0" - } - }, - "PublicPool0Cidr": { - "id": "PublicPool0Cidr", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", - "aws:cdk:cloudformation:props": { - "ipamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" - ] - }, - "netmaskLength": 52 - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", - "version": "0.0.0" - } - }, "VPC-integ-test-1": { "id": "VPC-integ-test-1", "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", @@ -135,7 +18,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", + "cidrBlock": "10.1.0.0/16", "enableDnsHostnames": true, "enableDnsSupport": true, "instanceTenancy": "default" @@ -146,19 +29,13 @@ "version": "0.0.0" } }, - "ipv4IpamCidr": { - "id": "ipv4IpamCidr", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", + "SecondaryAddress2": { + "id": "SecondaryAddress2", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { - "ipv4IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" - ] - }, - "ipv4NetmaskLength": 20, + "cidrBlock": "10.2.0.0/16", "vpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -191,50 +68,17 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", - "version": "0.0.0" - } - }, - "Vpc-integ-test-2": { - "id": "Vpc-integ-test-2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.1.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", - "version": "0.0.0" - } }, - "Ipv6IpamCidr": { - "id": "Ipv6IpamCidr", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr", + "SecondaryAddress3": { + "id": "SecondaryAddress3", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { - "ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" - ] - }, - "ipv6NetmaskLength": 60, + "cidrBlock": "10.3.0.0/16", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -245,43 +89,242 @@ "version": "0.0.0" } }, - "SecondaryAddress2": { - "id": "SecondaryAddress2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.2.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "TestGWendpoint": { + "id": "TestGWendpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", + "aws:cdk:cloudformation:props": { + "routeTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] + ] + }, + "vpcEndpointType": "Gateway", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "aws-cdk-lib.aws_ec2.GatewayVpcEndpoint", "version": "0.0.0" } }, - "SecondaryAddress3": { - "id": "SecondaryAddress3", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.3.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "TestInterfaceEndpoint": { + "id": "TestInterfaceEndpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint", + "children": { + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "securityGroupIngress": [ + { + "cidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "ipProtocol": "tcp", + "fromPort": 443, + "toPort": 443, + "description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + } + } + ], + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", + "aws:cdk:cloudformation:props": { + "privateDnsEnabled": true, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] + } + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] + ] + }, + "subnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "vpcEndpointType": "Interface", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint", + "version": "0.0.0" + } + }, + "EgressOnlyGW": { + "id": "EgressOnlyGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW", + "children": { + "EIGW": { + "id": "EIGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", + "version": "0.0.0" + } + }, + "validateIpv6-EgressRoute": { + "id": "validateIpv6-EgressRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationIpv6CidrBlock": "::/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } } @@ -302,11 +345,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1a", + "availabilityZone": "us-west-1a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -328,19 +371,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -351,7 +404,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -380,11 +436,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-1b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -406,19 +462,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -429,7 +495,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -458,11 +527,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-1b", "cidrBlock": "10.3.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -484,19 +553,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -507,7 +586,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index fd916d327ba4e..9ee47ecd718aa 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -11,7 +11,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { GatewayVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; const app = new cdk.App(); @@ -63,11 +63,18 @@ new SubnetV2(stack, 'validateIpv6', { subnetType: SubnetType.PUBLIC, }); +//Test to add Gateway Endpoint vpc.addGatewayEndpoint('TestGWendpoint', { service: GatewayVpcEndpointAwsService.S3, subnets: [{ subnetType: SubnetType.PUBLIC }], }); +//Test to add Interface Endpoint +vpc.addInterfaceEndpoint('TestInterfaceEndpoint', { + service: InterfaceVpcEndpointAwsService.SNS, + subnets: { subnetType: SubnetType.PRIVATE_ISOLATED }, +}); + //Add an Egress only Internet Gateway vpc.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], From 6023ecdf8e8415fc3f1795a9047a874a0c168db2 Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Mon, 26 Aug 2024 17:11:35 -0700 Subject: [PATCH 28/44] Implement addNatGateway command Note: I still have to rerun the integ tests to update the snapshots --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 25 +- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 6 + .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 19 +- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 7 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 2 +- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 234 +++++++++++++++++- 6 files changed, 278 insertions(+), 15 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index b2444e3b91c42..d332243c714a8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -1,8 +1,9 @@ -import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, GatewayVpcEndpoint, IRouteTable, ISubnet, IVpcEndpoint, RouterType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; +import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Construct, IConstruct, IDependable } from 'constructs'; import { Duration, IResource, Resource } from 'aws-cdk-lib/core'; import { IVpcV2 } from './vpc-v2-base'; import { NetworkUtils } from './util'; +import { ISubnetV2 } from './subnet-v2'; /** * Indicates whether the NAT gateway supports public or private connectivity. @@ -98,19 +99,13 @@ export interface VPNGatewayProps { } /** - * Properties to define a NAT gateway. + * Options to define a NAT gateway. */ -export interface NatGatewayProps { +export interface NatGatewayOptions { /** * The subnet in which the NAT gateway is located. */ - readonly subnet: ISubnet; - - /** - * The ID of the VPC in which the NAT gateway is located. - * @default none - */ - readonly vpc?: IVpcV2; + readonly subnet: ISubnetV2; /** * AllocationID of Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT @@ -175,7 +170,17 @@ export interface NatGatewayProps { * @default none */ readonly natGatewayName?: string; +} +/** + * Properties to define a NAT gateway. + */ +export interface NatGatewayProps extends NatGatewayOptions { + /** + * The ID of the VPC in which the NAT gateway is located. + * @default none + */ + readonly vpc?: IVpcV2; } /** diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 8a2d3b3a6047c..406384ce6e568 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -96,6 +96,12 @@ export interface ISubnetV2 extends ISubnet { */ readonly ipv6CidrBlock?: string; + /** + * The type of subnet (public or private) that this subnet represents. + * @attribute SubnetType + */ + readonly subnetType?: SubnetType; + } /** diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index a3e3657a1f80f..8c69d88e9b410 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,7 +2,8 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct } from 'constructs'; -import { EgressOnlyInternetGateway, Route } from './route'; +import { EgressOnlyInternetGateway, NatGateway, NatGatewayOptions, Route } from './route'; +import { ISubnetV2 } from './subnet-v2'; /** * Options to define EgressOnlyInternetGateway for VPC @@ -248,7 +249,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Creates a route for EGW with destination set to outbound IPv6('::/0'). */ - private createEgressRoute(subnet: ISubnet, egw: EgressOnlyInternetGateway, destination?: string): void { + private createEgressRoute(subnet: ISubnetV2, egw: EgressOnlyInternetGateway, destination?: string): void { const destinationIpv6 = destination ?? '::/0'; new Route(this, `${subnet.node.id}-EgressRoute`, { routeTable: subnet.routeTable, @@ -257,6 +258,20 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { }); } + /** + * Adds a new NAT Gateway to this VPC and adds a route to the route table + * of given subnets. + * @param id The ID of the NAT Gateway construct + * @param options The options for the NAT Gateway to be created + * @returns - The newly-created NAT Gateway + */ + public addNatGateway(id: string, options: NatGatewayOptions): NatGateway { + return new NatGateway(this, id, { + vpc: this, + ...options, + }); + } + /** * Adds a new flow log to this VPC */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 9ee47ecd718aa..8708177886129 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -37,7 +37,7 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { enableDnsSupport: true, }); -new SubnetV2(stack, 'testsbubnet', { +const subnet = new SubnetV2(stack, 'testsbubnet', { vpc, availabilityZone: 'us-west-1a', ipv4CidrBlock: new IpCidr('10.1.0.0/24'), @@ -80,6 +80,11 @@ vpc.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], }); +//Add a NAT Gateway +vpc.addNatGateway('TestNATGateway', { + subnet: subnet, +}); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 8070fe093c80a..2a8be1fd451e5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -56,7 +56,7 @@ describe('EC2 Routing', () => { }); // Route linking IP to EIGW should be in stack template.hasResourceProperties('AWS::EC2::Route', { - DestinationCidrBlock: '::/0', + DestinationIpv6CidrBlock: '::/0', EgressOnlyInternetGatewayId: { 'Fn::GetAtt': [ 'TestEIGW4E4CDA8D', 'Id', diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index a5a68a5b5f1fa..05b685433a9c0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -2,7 +2,8 @@ import { Template } from 'aws-cdk-lib/assertions'; import * as cdk from 'aws-cdk-lib'; import * as vpc from '../lib/vpc-v2'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; -import { SubnetType } from 'aws-cdk-lib/aws-ec2'; +import * as route from '../lib/route'; +import { CfnEIP, SubnetType } from 'aws-cdk-lib/aws-ec2'; /* eslint-disable no-console */ describe('Vpc V2 with full control', () => { @@ -108,4 +109,235 @@ describe('Vpc V2 with full control', () => { }); }).toThrow("There are no 'Public' subnet groups in this VPC. Available types: Isolated,Deprecated_Isolated"); }); + + + test('addNatGateway defines a private gateway', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines private gateway with secondary IP addresses', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + secondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines private gateway with secondary IP address count', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + secondaryPrivateIpAddressCount: 2, + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddressCount: 2, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines public gateway', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines public gateway with provided EIP', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + const eip = new CfnEIP(stack, 'MyEIP', { + domain: myVpc.vpcId, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + allocationId: eip.attrAllocationId, + }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be in stack + template.hasResourceProperties('AWS::EC2::EIP', { + Domain: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], + }, + }); + }); + + test('addNatGateway defines public gateway with many parameters', () => { + const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + const mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + myVpc.addNatGateway('TestNATGW', { + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PUBLIC, + maxDrainDuration: cdk.Duration.seconds(2001), + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'public', + MaxDrainDurationSeconds: 2001, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + }); \ No newline at end of file From 85eafa29ac355155ef5808d97dc9c0ca91e6648a Mon Sep 17 00:00:00 2001 From: Leonardo Gama Date: Tue, 27 Aug 2024 10:00:57 -0700 Subject: [PATCH 29/44] Test cleanup --- .../aws-cdk-vpcv2-alpha-new.assets.json | 4 +- .../aws-cdk-vpcv2-alpha-new.template.json | 61 +- .../integ.subnet-v2.js.snapshot/manifest.json | 44 +- .../integ.subnet-v2.js.snapshot/tree.json | 150 +---- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 313 +++++----- .../manifest.json | 62 +- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 538 ++++++++---------- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 1 - 9 files changed, 416 insertions(+), 761 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 070df7cb90f26..8fa7b0508afb2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a": { + "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a.json", + "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index a44eea1df7d49..f6cffbdb23c5d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -92,10 +92,7 @@ "Properties": { "RouteTableIds": [ { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" } ], "VpnGatewayId": { @@ -123,7 +120,7 @@ "VPCTestIpv6IpamCidrD5C271DD" ] }, - "testsbubnetRouteTableD0136BEA": { + "testsbubnetRouteTableF40F025B": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -141,10 +138,7 @@ "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" @@ -247,55 +241,6 @@ "DependsOn": [ "InstanceInstanceRoleE9785DE5" ] - }, - "testIGW8D947AF2": { - "Type": "AWS::EC2::InternetGateway" - }, - "TestRoottableRouteTableFA28AA38": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - } - } - }, - "TestRoottableeigwRouteF867084E": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "TestRoottableeigwRouteGWAttachmentDECE87B9": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index 8d506ab5c90e8..f6b54e8178156 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/22c29b35882bab9f2ff567018bbe3b6ae5bd6ab03a13edcd74d29110d672881a.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -88,19 +88,16 @@ "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableD0136BEA" + "data": "testsbubnetRouteTableF40F025B" } ], "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "testsbubnetRouteTableAssociationD6D083FA" } ], "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ @@ -133,30 +130,6 @@ "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" } ], - "/aws-cdk-vpcv2-alpha-new/testIGW/IGW": [ - { - "type": "aws:cdk:logicalId", - "data": "testIGW8D947AF2" - } - ], - "/aws-cdk-vpcv2-alpha-new/TestRoottable/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "TestRoottableRouteTableFA28AA38" - } - ], - "/aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "TestRoottableeigwRouteF867084E" - } - ], - "/aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/GWAttachment": [ - { - "type": "aws:cdk:logicalId", - "data": "TestRoottableeigwRouteGWAttachmentDECE87B9" - } - ], "/aws-cdk-vpcv2-alpha-new/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -168,15 +141,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "testsbubnetRouteTableF40F025B": [ - { - "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index 52007fe15dc43..f1f62b0a8a30e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -190,10 +190,7 @@ "aws:cdk:cloudformation:props": { "routeTableIds": [ { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" } ], "vpnGatewayId": { @@ -249,29 +246,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCTestFB735C86", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -282,10 +269,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -480,118 +464,6 @@ "version": "0.0.0" } }, - "testIGW": { - "id": "testIGW", - "path": "aws-cdk-vpcv2-alpha-new/testIGW", - "children": { - "IGW": { - "id": "IGW", - "path": "aws-cdk-vpcv2-alpha-new/testIGW/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "TestRoottable": { - "id": "TestRoottable", - "path": "aws-cdk-vpcv2-alpha-new/TestRoottable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "eigwRoute": { - "id": "eigwRoute", - "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-vpcv2-alpha-new/TestRoottable/eigwRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", - "version": "0.0.0" - } - }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha-new/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index 9d4b04a3cb898..edea907079f09 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370": { + "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370.json", + "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index f6c0a06d1b8a6..69b67454af10b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -1,74 +1,79 @@ { "Resources": { - "VPCintegtest1EBA1CB75": { - "Type": "AWS::EC2::VPC", + "IpamTestIpam6C9298EF": { + "Type": "AWS::EC2::IPAM", "Properties": { - "CidrBlock": "10.1.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + "OperatingRegions": [ + { + "RegionName": "eu-central-1" + } + ] } }, - "VPCintegtest1SecondaryAddress256BAC1D3": { - "Type": "AWS::EC2::VPCCidrBlock", + "IpamTestPrivatePool039C763DC": { + "Type": "AWS::EC2::IPAMPool", "Properties": { - "CidrBlock": "10.2.0.0/16", - "VpcId": { + "AddressFamily": "ipv4", + "IpamScopeId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" ] - } + }, + "Locale": "eu-central-1", + "ProvisionedCidrs": [ + { + "Cidr": "10.2.0.0/16" + } + ] } }, - "VPCintegtest1AmazonProvidedE0445E5C": { - "Type": "AWS::EC2::VPCCidrBlock", + "IpamTestPublicPool0C44B7C49": { + "Type": "AWS::EC2::IPAMPool", "Properties": { - "AmazonProvidedIpv6CidrBlock": true, - "VpcId": { + "AddressFamily": "ipv6", + "AwsService": "ec2", + "IpamScopeId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" ] - } + }, + "Locale": "eu-central-1", + "PublicIpSource": "amazon" } }, - "VPCintegtest1SecondaryAddress3BCA08E40": { - "Type": "AWS::EC2::VPCCidrBlock", + "IpamTestPublicPool0PublicPool0CidrC57CE00C": { + "Type": "AWS::EC2::IPAMPoolCidr", "Properties": { - "CidrBlock": "10.3.0.0/16", - "VpcId": { + "IpamPoolId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" ] - } + }, + "NetmaskLength": 52 } }, - "VPCintegtest1TestGWendpoint6276409E": { - "Type": "AWS::EC2::VPCEndpoint", + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", "Properties": { - "RouteTableIds": [ - { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - ], - "ServiceName": { - "Fn::Join": [ - "", - [ - "com.amazonaws.", - { - "Ref": "AWS::Region" - }, - ".s3" - ] + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" + } + }, + "VPCintegtest1ipv4IpamCidr8105B4E4": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" ] }, - "VpcEndpointType": "Gateway", + "Ipv4NetmaskLength": 20, "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -77,45 +82,10 @@ } } }, - "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7": { - "Type": "AWS::EC2::SecurityGroup", + "VPCintegtest1AmazonProvidedE0445E5C": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "GroupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", - "SecurityGroupEgress": [ - { - "CidrIp": "0.0.0.0/0", - "Description": "Allow all outbound traffic by default", - "IpProtocol": "-1" - } - ], - "SecurityGroupIngress": [ - { - "CidrIp": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "CidrBlock" - ] - }, - "Description": { - "Fn::Join": [ - "", - [ - "from ", - { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "CidrBlock" - ] - }, - ":443" - ] - ] - }, - "FromPort": 443, - "IpProtocol": "tcp", - "ToPort": 443 - } - ], + "AmazonProvidedIpv6CidrBlock": true, "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -124,72 +94,56 @@ } } }, - "VPCintegtest1TestInterfaceEndpoint7B63C4C3": { - "Type": "AWS::EC2::VPCEndpoint", + "Vpcintegtest20DAD8F9D": { + "Type": "AWS::EC2::VPC", "Properties": { - "PrivateDnsEnabled": true, - "SecurityGroupIds": [ - { - "Fn::GetAtt": [ - "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", - "GroupId" - ] - } - ], - "ServiceName": { - "Fn::Join": [ - "", - [ - "com.amazonaws.", - { - "Ref": "AWS::Region" - }, - ".sns" - ] + "CidrBlock": "10.1.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" + } + }, + "Vpcintegtest2Ipv6IpamCidrFF84EC2B": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" ] }, - "SubnetIds": [ - { - "Ref": "testsbubnetSubnet77337845" - }, - { - "Ref": "testsubnetSubnetDD417829" - } - ], - "VpcEndpointType": "Interface", + "Ipv6NetmaskLength": 60, "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } - } + }, + "DependsOn": [ + "IpamTestPublicPool0PublicPool0CidrC57CE00C" + ] }, - "VPCintegtest1EgressOnlyGWEIGW440911B4": { - "Type": "AWS::EC2::EgressOnlyInternetGateway", + "Vpcintegtest2SecondaryAddress2A96C0AF8": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { + "CidrBlock": "10.2.0.0/16", "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } } }, - "VPCintegtest1validateIpv6EgressRouteB2A1DA27": { - "Type": "AWS::EC2::Route", + "Vpcintegtest2SecondaryAddress36FC60BBC": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "DestinationIpv6CidrBlock": "::/0", - "EgressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1EgressOnlyGWEIGW440911B4", - "Id" - ] - }, - "RouteTableId": { + "CidrBlock": "10.3.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" + "Vpcintegtest20DAD8F9D", + "VpcId" ] } } @@ -198,162 +152,153 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "eu-central-1a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsbubnetRouteTableD0136BEA": { + "testsbubnetRouteTableF40F025B": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, "testsbubnetRouteTableAssociationD6D083FA": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, "testsubnetSubnetDD417829": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1b", + "AvailabilityZone": "eu-central-1b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "testsubnetRouteTable682580B2": { + "testsubnetRouteTable55223C61": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, "testsubnetRouteTableAssociationC106676D": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "testsubnetRouteTable682580B2", - "RouteTableId" - ] + "Ref": "testsubnetRouteTable55223C61" }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, "validateIpv6Subnet07BD40AE": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1b", + "AvailabilityZone": "eu-central-1b", "CidrBlock": "10.3.0.0/24", "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, - "validateIpv6RouteTable09389F8D": { + "validateIpv6RouteTable10861B00": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] }, "validateIpv6RouteTableAssociationD6330457": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] + "Ref": "validateIpv6RouteTable10861B00" }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" } }, "DependsOn": [ - "VPCintegtest1AmazonProvidedE0445E5C", - "VPCintegtest1SecondaryAddress256BAC1D3", - "VPCintegtest1SecondaryAddress3BCA08E40" + "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "Vpcintegtest2SecondaryAddress2A96C0AF8", + "Vpcintegtest2SecondaryAddress36FC60BBC" ] } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 8dbfb7d284021..07729bcb92768 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3d4d1af9a53fd056999e46a5c904f6aa886ed7d808a18591c45ed2e118649370.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,58 +34,70 @@ "aws-cdk-vpcv2-alpha.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EBA1CB75" + "data": "IpamTestIpam6C9298EF" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2": [ + "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1SecondaryAddress256BAC1D3" + "data": "IpamTestPrivatePool039C763DC" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1AmazonProvidedE0445E5C" + "data": "IpamTestPublicPool0C44B7C49" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1EBA1CB75" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1SecondaryAddress3BCA08E40" + "data": "VPCintegtest1ipv4IpamCidr8105B4E4" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestGWendpoint6276409E" + "data": "VPCintegtest1AmazonProvidedE0445E5C" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource": [ + "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7" + "data": "Vpcintegtest20DAD8F9D" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource": [ + "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestInterfaceEndpoint7B63C4C3" + "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW": [ + "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EgressOnlyGWEIGW440911B4" + "data": "Vpcintegtest2SecondaryAddress2A96C0AF8" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route": [ + "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1validateIpv6EgressRouteB2A1DA27" + "data": "Vpcintegtest2SecondaryAddress36FC60BBC" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ @@ -94,10 +106,10 @@ "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableD0136BEA" + "data": "testsbubnetRouteTableF40F025B" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ @@ -112,10 +124,10 @@ "data": "testsubnetSubnetDD417829" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable682580B2" + "data": "testsubnetRouteTable55223C61" } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ @@ -130,10 +142,10 @@ "data": "validateIpv6Subnet07BD40AE" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable09389F8D" + "data": "validateIpv6RouteTable10861B00" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index f7fbcbbc6220e..4ef8722255a1d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -8,6 +8,123 @@ "id": "aws-cdk-vpcv2-alpha", "path": "aws-cdk-vpcv2-alpha", "children": { + "IpamTest": { + "id": "IpamTest", + "path": "aws-cdk-vpcv2-alpha/IpamTest", + "children": { + "Ipam": { + "id": "Ipam", + "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", + "aws:cdk:cloudformation:props": { + "operatingRegions": [ + { + "regionName": "eu-central-1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", + "version": "0.0.0" + } + }, + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", + "children": { + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv4", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" + ] + }, + "locale": "eu-central-1", + "provisionedCidrs": [ + { + "cidr": "10.2.0.0/16" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", + "children": { + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv6", + "awsService": "ec2", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" + ] + }, + "locale": "eu-central-1", + "publicIpSource": "amazon" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + }, + "PublicPool0Cidr": { + "id": "PublicPool0Cidr", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", + "aws:cdk:cloudformation:props": { + "ipamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "netmaskLength": 52 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", + "version": "0.0.0" + } + }, "VPC-integ-test-1": { "id": "VPC-integ-test-1", "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", @@ -18,7 +135,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { - "cidrBlock": "10.1.0.0/16", + "cidrBlock": "10.0.0.0/16", "enableDnsHostnames": true, "enableDnsSupport": true, "instanceTenancy": "default" @@ -29,13 +146,19 @@ "version": "0.0.0" } }, - "SecondaryAddress2": { - "id": "SecondaryAddress2", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2", + "ipv4IpamCidr": { + "id": "ipv4IpamCidr", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { - "cidrBlock": "10.2.0.0/16", + "ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" + ] + }, + "ipv4NetmaskLength": 20, "vpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -68,263 +191,97 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } - }, - "SecondaryAddress3": { - "id": "SecondaryAddress3", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3", + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "version": "0.0.0" + } + }, + "Vpc-integ-test-2": { + "id": "Vpc-integ-test-2", + "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { - "cidrBlock": "10.3.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", - "version": "0.0.0" - } - }, - "TestGWendpoint": { - "id": "TestGWendpoint", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", - "aws:cdk:cloudformation:props": { - "routeTableIds": [ - { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - ], - "serviceName": { - "Fn::Join": [ - "", - [ - "com.amazonaws.", - { - "Ref": "AWS::Region" - }, - ".s3" - ] - ] - }, - "vpcEndpointType": "Gateway", - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", - "version": "0.0.0" - } + "cidrBlock": "10.1.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default" } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.GatewayVpcEndpoint", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", "version": "0.0.0" } }, - "TestInterfaceEndpoint": { - "id": "TestInterfaceEndpoint", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint", - "children": { - "SecurityGroup": { - "id": "SecurityGroup", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "securityGroupIngress": [ - { - "cidrIp": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "CidrBlock" - ] - }, - "ipProtocol": "tcp", - "fromPort": 443, - "toPort": 443, - "description": { - "Fn::Join": [ - "", - [ - "from ", - { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "CidrBlock" - ] - }, - ":443" - ] - ] - } - } - ], - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", - "aws:cdk:cloudformation:props": { - "privateDnsEnabled": true, - "securityGroupIds": [ - { - "Fn::GetAtt": [ - "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", - "GroupId" - ] - } - ], - "serviceName": { - "Fn::Join": [ - "", - [ - "com.amazonaws.", - { - "Ref": "AWS::Region" - }, - ".sns" - ] - ] - }, - "subnetIds": [ - { - "Ref": "testsbubnetSubnet77337845" - }, - { - "Ref": "testsubnetSubnetDD417829" - } - ], - "vpcEndpointType": "Interface", - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } + "Ipv6IpamCidr": { + "id": "Ipv6IpamCidr", + "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", - "version": "0.0.0" + "ipv6NetmaskLength": 60, + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } }, - "EgressOnlyGW": { - "id": "EgressOnlyGW", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW", - "children": { - "EIGW": { - "id": "EIGW", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", - "version": "0.0.0" + "SecondaryAddress2": { + "id": "SecondaryAddress2", + "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.2.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } }, - "validateIpv6-EgressRoute": { - "id": "validateIpv6-EgressRoute", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationIpv6CidrBlock": "::/0", - "egressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1EgressOnlyGWEIGW440911B4", - "Id" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" + "SecondaryAddress3": { + "id": "SecondaryAddress3", + "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.3.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } } @@ -345,11 +302,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "eu-central-1a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } @@ -371,29 +328,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -404,10 +351,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "testsbubnetRouteTableD0136BEA", - "RouteTableId" - ] + "Ref": "testsbubnetRouteTableF40F025B" }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -436,11 +380,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1b", + "availabilityZone": "eu-central-1b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } @@ -462,29 +406,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -495,10 +429,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "testsubnetRouteTable682580B2", - "RouteTableId" - ] + "Ref": "testsubnetRouteTable55223C61" }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -527,11 +458,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1b", + "availabilityZone": "eu-central-1b", "cidrBlock": "10.3.0.0/24", "vpcId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", + "Vpcintegtest20DAD8F9D", "VpcId" ] } @@ -553,29 +484,19 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "children": { - "RouteTable": { - "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "Vpcintegtest20DAD8F9D", + "VpcId" + ] } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -586,10 +507,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] + "Ref": "validateIpv6RouteTable10861B00" }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 05b685433a9c0..3d96d9d6b45a5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -81,7 +81,6 @@ describe('Vpc V2 with full control', () => { subnets: [{ subnetType: SubnetType.PUBLIC }], destination: '::/48', }); - console.log(Template.fromStack(stack).toJSON()); Template.fromStack(stack).hasResourceProperties('AWS::EC2::Route', { DestinationIpv6CidrBlock: '::/48', }); From 09d3ae008b3a7cc1c4c223fd7eb91771d6651dde Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 27 Aug 2024 15:49:42 -0700 Subject: [PATCH 30/44] resolving conflicts --- packages/@aws-cdk/aws-ec2-alpha/README.md | 83 +++++----- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 6 + .../aws-ec2-alpha/rosetta/default.ts-fixture | 4 +- .../manifest.json | 148 +++++++++++++++++- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 27 +++- 5 files changed, 213 insertions(+), 55 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 28a67dd6f8d14..3f6101bc321d7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -23,10 +23,10 @@ To create a VPC with both IPv4 and IPv6 support: ```ts const stack = new Stack(); -new vpc_v2.VpcV2(this, 'Vpc', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/24'), +new VpcV2(this, 'Vpc', { + primaryAddressBlock: IpAddresses.ipv4('10.0.0.0/24'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({cidrBlockName: 'AmazonProvidedIpv6'}), + IpAddresses.amazonProvidedIpv6({cidrBlockName: 'AmazonProvidedIpv6'}), ], }); ``` @@ -43,17 +43,17 @@ This new construct can be used to add subnets to a `VpcV2` instance: ```ts const stack = new Stack(); -const myVpc = new vpc_v2.VpcV2(this, 'Vpc', { +const myVpc = new VpcV2(this, 'Vpc', { secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvidedIp'}), + IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvidedIp'}), ], }); -new vpc_v2.SubnetV2(this, 'subnetA', { +new SubnetV2(this, 'subnetA', { vpc: myVpc, availabilityZone: 'us-east-1a', - ipv4CidrBlock: new vpc_v2.IpCidr('10.0.0.0/24'), - ipv6CidrBlock: new vpc_v2.IpCidr('2a05:d02c:25:4000::/60'), + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + ipv6CidrBlock: new IpCidr('2a05:d02c:25:4000::/60'), subnetType: ec2.SubnetType.PRIVATE_ISOLATED, }) ``` @@ -73,28 +73,28 @@ const ipam = new Ipam(this, 'Ipam', { operatingRegion: ['us-west-1'] }); const ipamPublicPool = ipam.publicScope.addPool('PublicPoolA', { - addressFamily: vpc_v2.AddressFamily.IP_V6, + addressFamily: AddressFamily.IP_V6, awsService: AwsServiceName.EC2, locale: 'us-west-1', - publicIpSource: vpc_v2.IpamPoolPublicIpSource.AMAZON, + publicIpSource: IpamPoolPublicIpSource.AMAZON, }); ipamPublicPool.provisionCidr('PublicPoolACidrA', { netmaskLength: 52 } ); const ipamPrivatePool = ipam.privateScope.addPool('PrivatePoolA', { - addressFamily: vpc_v2.AddressFamily.IP_V4, + addressFamily: AddressFamily.IP_V4, }); ipamPrivatePool.provisionCidr('PrivatePoolACidrA', { netmaskLength: 8 } ); -new vpc_v2.VpcV2(this, 'Vpc', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/24'), +new VpcV2(this, 'Vpc', { + primaryAddressBlock: IpAddresses.ipv4('10.0.0.0/24'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonIpv6' }), - vpc_v2.IpAddresses.ipv6Ipam({ + IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonIpv6' }), + IpAddresses.ipv6Ipam({ ipamPool: ipamPublicPool, netmaskLength: 52, cidrBlockName: 'ipv6Ipam', }), - vpc_v2.IpAddresses.ipv4Ipam({ + IpAddresses.ipv4Ipam({ ipamPool: ipamPrivatePool, netmaskLength: 8, cidrBlockName: 'ipv4Ipam', @@ -112,11 +112,11 @@ Since `VpcV2` does not create subnets automatically, users have full control ove ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, routeTable, availabilityZone: 'eu-west-2a', @@ -129,20 +129,20 @@ const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { ```ts const stack = new Stack(); -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); -const igw = new vpc_v2.InternetGateway(this, 'IGW', { +const igw = new InternetGateway(this, 'IGW', { vpc: myVpc, }); -new vpc_v2.Route(this, 'IgwRoute', { +new Route(this, 'IgwRoute', { routeTable, destination: '0.0.0.0/0', target: { gateway: igw }, @@ -155,13 +155,13 @@ Note: `EgressOnlyInternetGateway` can only be used to set up outbound IPv6 routi ```ts import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; -const myVpc = new vpc_v2.VpcV2(stack, 'Vpc', {...}); -const routeTable = new vpc_v2.RouteTable(stack, 'RouteTable', { +const myVpc = new VpcV2(stack, 'Vpc', {...}); +const routeTable = new RouteTable(stack, 'RouteTable', { vpc: vpc.myVpc, }); -const subnet = new vpc_v2.SubnetV2(stack, 'Subnet', {...}); +const subnet = new SubnetV2(stack, 'Subnet', {...}); -const eigw = new vpc_v2.EgressOnlyInternetGateway(stack, 'EIGW', { +const eigw = new EgressOnlyInternetGateway(stack, 'EIGW', { vpcId: vpc.myVpc, }); routeTable.addRoute('::/0', { gateway: eigw }); @@ -171,23 +171,23 @@ Other route targets may require a deeper set of parameters to set up properly. F ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); -const natgw = new vpc_v2.NatGateway(this, 'NatGW', { +const natgw = new NatGateway(this, 'NatGW', { subnet: subnet, vpc: myVpc, connectivityType: NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', }); -new vpc_v2.Route(this, 'NatGwRoute', { +new Route(this, 'NatGwRoute', { routeTable, destination: '0.0.0.0/0', target: { gateway: natgw }, @@ -198,11 +198,11 @@ It is also possible to set up endpoints connecting other AWS services. For insta ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), @@ -213,12 +213,13 @@ const dynamoEndpoint = new ec2.GatewayVpcEndpoint(this, 'DynamoEndpoint', { vpc: myVpc, subnets: [subnet], }); -new vpc_v2.Route(this, 'DynamoDBRoute', { +new Route(this, 'DynamoDBRoute', { routeTable, destination: '0.0.0.0/0', target: { endpoint: dynamoEndpoint }, }); ``` + ## Adding Egress-Only Internet Gateway to VPC An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. For more information see@ https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html @@ -230,11 +231,11 @@ By Default, it sets up a route to all outbound IPv6 Address ranges unless specif ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), @@ -245,4 +246,4 @@ myVpc.addEgressOnlyInternetGateway({ destination: '::/60', }) -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index d332243c714a8..43b3fbd8dbbfe 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -280,6 +280,7 @@ export class VPNGateway extends Resource implements IRouteTarget { */ public readonly resource: CfnVPNGateway; + constructor(scope: Construct, id: string, props: VPNGatewayProps) { super(scope, id); @@ -293,6 +294,11 @@ export class VPNGateway extends Resource implements IRouteTarget { this.routerTargetId = this.resource.attrVpnGatewayId; this.vpcId = props.vpc.vpcId; + + new CfnVPCGatewayAttachment(this, 'GWAttachment', { + vpcId: this.vpcId, + vpnGatewayId: this.routerTargetId, + }); } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture index d7bc142e3497e..9671a592cda88 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture @@ -1,8 +1,8 @@ // Fixture with packages imported, but nothing else import { Construct } from 'constructs'; import { Stack, App, Fn } from 'aws-cdk-lib'; -import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; -import { Ipam, AwsServiceName, IpCidr } from '@aws-cdk/aws-ec2-alpha'; +import { VpcV2, SubnetV2, IpAddresses, IpamPoolPublicIpSource, RouteTable, InternetGateway, Route, NatGateway } from '@aws-cdk/aws-ec2-alpha'; +import { Ipam, AwsServiceName, IpCidr, AddressFamily } from '@aws-cdk/aws-ec2-alpha'; import { NatConnectivityType } from '@aws-cdk/aws-ec2-alpha' import * as ec2 from 'aws-cdk-lib/aws-ec2'; diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 07729bcb92768..7c741197ffefb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -61,7 +61,10 @@ "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EBA1CB75" + "data": "VPCintegtest1EBA1CB75", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ @@ -73,7 +76,10 @@ "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1AmazonProvidedE0445E5C" + "data": "VPCintegtest1AmazonProvidedE0445E5C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource": [ @@ -103,7 +109,10 @@ "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845" + "data": "testsbubnetSubnet77337845", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ @@ -115,13 +124,19 @@ "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA" + "data": "testsbubnetRouteTableAssociationD6D083FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/testsubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetSubnetDD417829" + "data": "testsubnetSubnetDD417829", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ @@ -133,13 +148,19 @@ "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTableAssociationC106676D" + "data": "testsubnetRouteTableAssociationC106676D", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6Subnet07BD40AE" + "data": "validateIpv6Subnet07BD40AE", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ @@ -151,7 +172,10 @@ "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTableAssociationD6330457" + "data": "validateIpv6RouteTableAssociationD6330457", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ @@ -165,6 +189,114 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "IpamTestIpam6C9298EF": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestIpam6C9298EF", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamTestPrivatePool039C763DC": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPrivatePool039C763DC", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamTestPublicPool0C44B7C49": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0C44B7C49", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamTestPublicPool0PublicPool0CidrC57CE00C": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1ipv4IpamCidr8105B4E4": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1ipv4IpamCidr8105B4E4", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "Vpcintegtest20DAD8F9D": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpcintegtest20DAD8F9D", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "Vpcintegtest2Ipv6IpamCidrFF84EC2B": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "Vpcintegtest2SecondaryAddress2A96C0AF8": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpcintegtest2SecondaryAddress2A96C0AF8", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "Vpcintegtest2SecondaryAddress36FC60BBC": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpcintegtest2SecondaryAddress36FC60BBC", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetRouteTableF40F025B": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableF40F025B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsubnetRouteTable55223C61": [ + { + "type": "aws:cdk:logicalId", + "data": "testsubnetRouteTable55223C61", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "validateIpv6RouteTable10861B00": [ + { + "type": "aws:cdk:logicalId", + "data": "validateIpv6RouteTable10861B00", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 8708177886129..85a58642c6e47 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -11,8 +11,9 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; +import { Route, RouteTable, VPNGateway } from '../lib'; const app = new cdk.App(); @@ -39,14 +40,14 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { const subnet = new SubnetV2(stack, 'testsbubnet', { vpc, - availabilityZone: 'us-west-1a', + availabilityZone: 'us-west-2a', ipv4CidrBlock: new IpCidr('10.1.0.0/24'), subnetType: SubnetType.PRIVATE_ISOLATED, }); new SubnetV2(stack, 'testsubnet', { vpc, - availabilityZone: 'us-west-1b', + availabilityZone: 'us-west-2b', ipv4CidrBlock: new IpCidr('10.2.0.0/24'), //Test secondary ipv6 address after Amazon Provided ipv6 allocation //ipv6CidrBlock: new Ipv6Cidr('2001:db8:1::/64'), @@ -57,7 +58,7 @@ new SubnetV2(stack, 'testsubnet', { new SubnetV2(stack, 'validateIpv6', { vpc, ipv4CidrBlock: new IpCidr('10.3.0.0/24'), - availabilityZone: 'us-west-1b', + availabilityZone: 'us-west-2b', //Test secondary ipv6 address after Amazon Provided ipv6 allocation //ipv6CidrBlock: new IpCidr('2001:db8::/48'), subnetType: SubnetType.PUBLIC, @@ -80,6 +81,24 @@ vpc.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], }); +const vpnGateway = vpc.enableVpnGatewayV2({ + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + type: 'ipsec.1', +}); + + + +// const vpnGateway = new VPNGateway(stack, 'vpnGateway', { +// type: VpnConnectionType.IPSEC_1, +// vpc, +// }); + +new Route(stack, 'route', { + destination: '172.31.0.0/24', + target: { gateway: vpnGateway }, + routeTable: new RouteTable(stack, 'routeTable', { vpc } ), +}); + //Add a NAT Gateway vpc.addNatGateway('TestNATGateway', { subnet: subnet, From c5f2b96ce9f262bcde0ea07b9d35dbb3083ea30a Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 27 Aug 2024 16:11:04 -0700 Subject: [PATCH 31/44] add vpn gateway v2 --- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 8c69d88e9b410..aed54040dc917 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,7 +2,7 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct } from 'constructs'; -import { EgressOnlyInternetGateway, NatGateway, NatGatewayOptions, Route } from './route'; +import { EgressOnlyInternetGateway, NatGateway, NatGatewayOptions, Route, VPNGateway } from './route'; import { ISubnetV2 } from './subnet-v2'; /** @@ -181,6 +181,52 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { routePropagation.node.addDependency(attachment); } + /** + * Adds VPNGAtewayV2 to the VPC + */ + /** + * Adds a VPN Gateway to this VPC + */ + public enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGateway { + if (this.vpnGatewayId) { + throw new Error('The VPN Gateway has already been enabled.'); + } + + const vpnGateway = new VPNGateway(this, 'VpnGateway', { + amazonSideAsn: options.amazonSideAsn, + type: VpnConnectionType.IPSEC_1, + vpc: this, + }); + + this._vpnGatewayId = vpnGateway.routerTargetId; + + const attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { + vpcId: this.vpcId, + vpnGatewayId: this._vpnGatewayId, + }); + + // Propagate routes on route tables associated with the right subnets + const vpnRoutePropagation = options.vpnRoutePropagation ?? [{}]; + const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => this.selectSubnets(s).subnets))); + + if (routeTableIds.length === 0) { + Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); + } + + const routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { + routeTableIds, + vpnGatewayId: this._vpnGatewayId, + }); + // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway + // until it has successfully attached to the VPC. + // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html + routePropagation.node.addDependency(attachment); + + + return vpnGateway; + } + + /** * Adds a new VPN connection to this VPC */ From 5a05757fc8260b68c4141d61d4ae7cc43adb4843 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Wed, 28 Aug 2024 17:06:34 -0700 Subject: [PATCH 32/44] feat(vpcv2): add igw implementation --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 45 +- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 2 +- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 186 ++-- packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts | 7 +- .../aws-ec2-alpha/test/integ.route-v2.ts | 4 +- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 471 ++++++++--- .../manifest.json | 203 ++--- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 798 +++++++++++++----- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 16 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 4 +- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 3 +- 12 files changed, 1185 insertions(+), 558 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 43b3fbd8dbbfe..0b33c3e42317b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -25,7 +25,7 @@ export enum NatConnectivityType { * Interface to define a routing target, such as an * egress-only internet gateway or VPC endpoint. */ -export interface IRouteTarget { +export interface IRouteTarget extends IDependable{ /** * The type of router used in the route. */ @@ -73,7 +73,7 @@ export interface InternetGatewayProps { /** * Properties to define a VPN gateway. */ -export interface VPNGatewayProps { +export interface VPNGatewayV2Props { /** * The type of VPN connection the virtual private gateway supports. * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html#cfn-ec2-vpngateway-type @@ -252,6 +252,11 @@ export class InternetGateway extends Resource implements IRouteTarget { this.routerTargetId = this.resource.attrInternetGatewayId; this.vpcId = props.vpc.vpcId; + + new CfnVPCGatewayAttachment(this, 'GWAttachment', { + vpcId: this.vpcId, + internetGatewayId: this.routerTargetId, + }); } } @@ -259,7 +264,7 @@ export class InternetGateway extends Resource implements IRouteTarget { * Creates a virtual private gateway * @resource AWS::EC2::VPNGateway */ -export class VPNGateway extends Resource implements IRouteTarget { +export class VPNGatewayV2 extends Resource implements IRouteTarget { /** * The type of router used in the route. */ @@ -280,8 +285,12 @@ export class VPNGateway extends Resource implements IRouteTarget { */ public readonly resource: CfnVPNGateway; + /** + * The VPN Gateway Attachment + */ + public readonly attachment: CfnVPCGatewayAttachment; - constructor(scope: Construct, id: string, props: VPNGatewayProps) { + constructor(scope: Construct, id: string, props: VPNGatewayV2Props) { super(scope, id); this.routerType = RouterType.GATEWAY; @@ -293,11 +302,11 @@ export class VPNGateway extends Resource implements IRouteTarget { this.node.defaultChild = this.resource; this.routerTargetId = this.resource.attrVpnGatewayId; - this.vpcId = props.vpc.vpcId; - new CfnVPCGatewayAttachment(this, 'GWAttachment', { + this.vpcId = props.vpc.vpcId; + this.attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { vpcId: this.vpcId, - vpnGatewayId: this.routerTargetId, + vpnGatewayId: this.resource.attrVpnGatewayId, }); } } @@ -474,7 +483,7 @@ export interface RouteProps { * Creates a new route with added functionality. * @resource AWS::EC2::Route */ -export class Route extends Resource implements IRoute { +export class Route extends Resource implements IRoute, IDependable { /** * The IPv4 or IPv6 CIDR block used for the destination match. * @@ -544,18 +553,12 @@ export class Route extends Resource implements IRoute { } this.node.defaultChild = this.resource; - if (this.targetRouterType == RouterType.GATEWAY) { - if (this.target.gateway instanceof InternetGateway) { - new CfnVPCGatewayAttachment(this, 'GWAttachment', { - vpcId: this.target.gateway.vpcId, - internetGatewayId: this.target.gateway.routerTargetId, - }); - } else if (this.target.gateway instanceof VPNGateway) { - new CfnVPCGatewayAttachment(this, 'GWAttachment', { - vpcId: this.target.gateway.vpcId, - vpnGatewayId: this.target.gateway.routerTargetId, - }); - } + //Create a route only after target gateway or endpoint is created + if (this.target.gateway) { + this.node.addDependency(this.target.gateway); + } + if (this.target.endpoint) { + this.node.addDependency(this.target.endpoint); } } } @@ -580,7 +583,7 @@ export interface RouteTableProps { * Creates a route table for the specified VPC * @resource AWS::EC2::RouteTable */ -export class RouteTable extends Resource implements IRouteTable, IDependable { +export class RouteTable extends Resource implements IRouteTable { /** * The ID of the route table. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 406384ce6e568..5c9e5a5d688d9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -156,7 +156,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { * The type of subnet (public or private) that this subnet represents. * @attribute SubnetType */ - public readonly subnetType: SubnetType; + public readonly subnetType?: SubnetType; private _networkAcl: INetworkAcl; diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index aed54040dc917..336b3893574e7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -1,8 +1,8 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; -import { IDependable, Dependable, IConstruct } from 'constructs'; -import { EgressOnlyInternetGateway, NatGateway, NatGatewayOptions, Route, VPNGateway } from './route'; +import { IDependable, Dependable, IConstruct, DependencyGroup } from 'constructs'; +import { EgressOnlyInternetGateway, InternetGateway, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; import { ISubnetV2 } from './subnet-v2'; /** @@ -43,10 +43,33 @@ export interface IVpcV2 extends IVpc { readonly ipv4CidrBlock: string; /** - * Add an Egress only Internet Gateway to current VPC + * Add an Egress only Internet Gateway to current VPC. + * Can only be used for ipv6 enabled VPCs. * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway-basics.html}. */ - addEgressOnlyInternetGateway(options: EgressOnlyInternetGatewayOptions): void; + addEgressOnlyInternetGateway(options?: EgressOnlyInternetGatewayOptions): void; + + /** + * Adds an Internet Gateway to current VPC. + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html}. + * @default defines route for all ipv4('0.0.0.0') and ipv6 addresses('::/0') + */ + addInternetGateway(id: string, destination?: string): InternetGateway; + + /** + * Adds VPN Gateway to VPC and set route propogation. + * For more information, see the {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html}. + * @default no route propogation + */ + enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGatewayV2; + + /** + * Adds a new NAT Gateway to VPC + * A NAT gateway is a Network Address Translation (NAT) service. NAT Gateway Connectivity can be of type `Public` or `Private` + * @default ConnectivityType.Public + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html}. + */ + addNatGateway(id: string, options: NatGatewayOptions): NatGateway; } @@ -97,6 +120,13 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { */ public abstract readonly internetConnectivityEstablished: IDependable; + /** + * Dependable that can be depended upon to force internet connectivity established on the VPC + * Add igw to this if its a public subnet + * @internal + */ + protected readonly _internetConnectivityEstablished = new DependencyGroup(); + /** * Secondary IPs for the VPC, can be multiple Ipv4 or Ipv6 * Ipv4 should be within RFC#1918 range @@ -118,11 +148,16 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Mutable private field for the vpnGatewayId - * * @internal */ protected _vpnGatewayId?: string; + /** + * Mutable private field for the internetGatewayId + * @internal + */ + protected _internetGatewayId?: string; + /** * Return information on the subnets appropriate for the given selection strategy * @@ -145,6 +180,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds a VPN Gateway to this VPC + * @deprecated use enableVpnGatewayV2 for compatibility with VPCV2.Route */ public enableVpnGateway(options: EnableVpnGatewayOptions): void { if (this.vpnGatewayId) { @@ -182,50 +218,41 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { } /** - * Adds VPNGAtewayV2 to the VPC + * Adds VPNGAtewayV2 to this VPC */ - /** - * Adds a VPN Gateway to this VPC - */ - public enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGateway { - if (this.vpnGatewayId) { - throw new Error('The VPN Gateway has already been enabled.'); - } - - const vpnGateway = new VPNGateway(this, 'VpnGateway', { - amazonSideAsn: options.amazonSideAsn, - type: VpnConnectionType.IPSEC_1, - vpc: this, - }); - - this._vpnGatewayId = vpnGateway.routerTargetId; - - const attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { - vpcId: this.vpcId, - vpnGatewayId: this._vpnGatewayId, - }); - - // Propagate routes on route tables associated with the right subnets - const vpnRoutePropagation = options.vpnRoutePropagation ?? [{}]; - const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => this.selectSubnets(s).subnets))); - - if (routeTableIds.length === 0) { - Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); - } - - const routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { - routeTableIds, - vpnGatewayId: this._vpnGatewayId, - }); - // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway - // until it has successfully attached to the VPC. - // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html - routePropagation.node.addDependency(attachment); + public enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGatewayV2 { + if (this.vpnGatewayId) { + throw new Error('The VPN Gateway has already been enabled.'); + } + const vpnGateway = new VPNGatewayV2(this, 'VpnGateway', { + amazonSideAsn: options.amazonSideAsn, + type: VpnConnectionType.IPSEC_1, + vpc: this, + }); - return vpnGateway; + this._internetConnectivityEstablished.add(vpnGateway); + this._vpnGatewayId = vpnGateway.routerTargetId; + + // Propagate routes on route tables associated with the right subnets + const vpnRoutePropagation = options.vpnRoutePropagation ?? [{}]; + const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => this.selectSubnets(s).subnets))); + + if (routeTableIds.length === 0) { + Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); } + const routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { + routeTableIds, + vpnGatewayId: this._vpnGatewayId, + }); + // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway + // until it has successfully attached to the VPC. + // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html + routePropagation.node.addDependency(vpnGateway.attachment); + + return vpnGateway; + } /** * Adds a new VPN connection to this VPC @@ -268,11 +295,11 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { } /** - * Adds a new Egress Only Internet Gateway to this VPC and adds route + * Adds a new Egress Only Internet Gateway to this VPC and defines a new route * to the route table of given subnets - * @default in case of no input subnets, no route is defined. + * @default in case of no input subnets, no route is created. */ - public addEgressOnlyInternetGateway(options: EgressOnlyInternetGatewayOptions): void { + public addEgressOnlyInternetGateway(options?: EgressOnlyInternetGatewayOptions): void { const egw = new EgressOnlyInternetGateway(this, 'EgressOnlyGW', { vpc: this, }); @@ -284,7 +311,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { throw new Error('Egress only IGW can only be added to Ipv6 enabled VPC'); }; - if (options.subnets) { + if (options?.subnets) { const subnets = flatten(options.subnets.map(s => this.selectSubnets(s).subnets)); subnets.forEach((subnet) => { this.createEgressRoute(subnet, egw, options.destination); @@ -293,8 +320,9 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { } /** - * Creates a route for EGW with destination set to outbound IPv6('::/0'). - */ + * Creates a route for EGW with destination set to outbound IPv6('::/0') or custom ipv6 address. + * @internal + */ private createEgressRoute(subnet: ISubnetV2, egw: EgressOnlyInternetGateway, destination?: string): void { const destinationIpv6 = destination ?? '::/0'; new Route(this, `${subnet.node.id}-EgressRoute`, { @@ -305,13 +333,62 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { } /** - * Adds a new NAT Gateway to this VPC and adds a route to the route table + * Adds a new Internet Gateway to this VPC + * @default creates a new route for public subnets(with all outbound access) to the Internet Gateway. + */ + public addInternetGateway(id: string, destination?: string): InternetGateway { + if (this._internetGatewayId) { + throw new Error('The Internet Gateway has already been enabled.'); + } + + const igw = new InternetGateway(this, id, { + vpc: this, + }); + + this._internetConnectivityEstablished.add(igw); + this._internetGatewayId = igw.routerTargetId; + this.publicSubnets.forEach( (s) => this.addDefaultInternetRoute(s, igw, destination)); + + return igw; + } + + /** + * Adds default route for the internet gateway + * @internal + */ + private addDefaultInternetRoute(subnet: ISubnetV2, igw: InternetGateway, destination?: string): void { + + if (subnet.subnetType !== SubnetType.PUBLIC) { + throw new Error('Internet Gateway is to be added to public subnets'); + } + + //Add deffault route to IGW for IPv6 + if (subnet.ipv6CidrBlock) { + new Route(this, `${subnet.node.id}-DefaultIPv6Route`, { + routeTable: subnet.routeTable, + destination: destination ?? '::/0', + target: { gateway: igw }, + }); + } + //Add default route to IGW for IPv4 + new Route(this, `${subnet.node.id}-DefaultRoute`, { + routeTable: subnet.routeTable, + destination: destination ?? '0.0.0.0/0', + target: { gateway: igw }, + }); + } + + /** + * Adds a new NAT Gateway to the given subnet of this VPC * of given subnets. * @param id The ID of the NAT Gateway construct * @param options The options for the NAT Gateway to be created * @returns - The newly-created NAT Gateway */ public addNatGateway(id: string, options: NatGatewayOptions): NatGateway { + if (this._internetGatewayId === undefined) { + throw new Error('Cannot add a NAT Gateway without an Internet Gateway enabled on VPC'); + } return new NatGateway(this, id, { vpc: this, ...options, @@ -335,6 +412,13 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { return this._vpnGatewayId; } + /** + * Returns the id of the Internet Gateway (if enabled) + */ + public get interntetGatewayId(): string | undefined { + return this._internetGatewayId; + } + /** * Return the subnets appropriate for the placement strategy */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts index 76fc7c654921b..da99d82352c66 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts @@ -1,6 +1,6 @@ import { CfnVPC, CfnVPCCidrBlock, DefaultInstanceTenancy, ISubnet } from 'aws-cdk-lib/aws-ec2'; import { Arn, CfnResource, Lazy, Names } from 'aws-cdk-lib/core'; -import { Construct, DependencyGroup, IDependable } from 'constructs'; +import { Construct, IDependable } from 'constructs'; import { IpamOptions, IIpamPool } from './ipam'; import { VpcV2Base } from './vpc-v2-base'; @@ -249,11 +249,6 @@ export class VpcV2 extends VpcV2Base { */ public readonly internetConnectivityEstablished: IDependable; - /** - * To define dependency on internet connectivity - */ - private readonly _internetConnectivityEstablished = new DependencyGroup(); - /** * reference to all secondary blocks attached */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index 6f67c317dc783..4458b93dcf35d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -12,7 +12,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; -import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, RouteTable, VPNGateway } from '../lib/route'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, RouteTable, VPNGatewayV2 } from '../lib/route'; import { GatewayVpcEndpoint, GatewayVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Fn } from 'aws-cdk-lib'; @@ -85,7 +85,7 @@ const igw = new InternetGateway(stacks.igw, 'testIGW', { }); routeTables.igw.addRoute('igwRoute', '0.0.0.0/0', { gateway: igw }); -const vpgw = new VPNGateway(stacks.vpgw, 'testVPGW', { +const vpgw = new VPNGatewayV2(stacks.vpgw, 'testVPGW', { type: VpnConnectionType.IPSEC_1, vpc: vpcs.vpgw, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index edea907079f09..bd61121769b16 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { + "7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "objectKey": "7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 69b67454af10b..06f898b1c5f46 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -1,79 +1,162 @@ { "Resources": { - "IpamTestIpam6C9298EF": { - "Type": "AWS::EC2::IPAM", + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", "Properties": { - "OperatingRegions": [ - { - "RegionName": "eu-central-1" - } - ] + "CidrBlock": "10.1.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" } }, - "IpamTestPrivatePool039C763DC": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1SecondaryAddress256BAC1D3": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv4", - "IpamScopeId": { + "CidrBlock": "10.2.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "ProvisionedCidrs": [ - { - "Cidr": "10.2.0.0/16" - } - ] + } } }, - "IpamTestPublicPool0C44B7C49": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1AmazonProvidedE0445E5C": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv6", - "AwsService": "ec2", - "IpamScopeId": { + "AmazonProvidedIpv6CidrBlock": true, + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "PublicIpSource": "amazon" + } } }, - "IpamTestPublicPool0PublicPool0CidrC57CE00C": { - "Type": "AWS::EC2::IPAMPoolCidr", + "VPCintegtest1SecondaryAddress3BCA08E40": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "IpamPoolId": { + "CidrBlock": "10.3.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "NetmaskLength": 52 + } } }, - "VPCintegtest1EBA1CB75": { - "Type": "AWS::EC2::VPC", + "VPCintegtest1TestGWendpoint6276409E": { + "Type": "AWS::EC2::VPCEndpoint", "Properties": { - "CidrBlock": "10.0.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + "RouteTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] + ] + }, + "VpcEndpointType": "Gateway", + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, - "VPCintegtest1ipv4IpamCidr8105B4E4": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7": { + "Type": "AWS::EC2::SecurityGroup", "Properties": { - "Ipv4IpamPoolId": { + "GroupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "SecurityGroupIngress": [ + { + "CidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "Description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + }, + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], + "VpcId": { "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "VPCintegtest1TestInterfaceEndpoint7B63C4C3": { + "Type": "AWS::EC2::VPCEndpoint", + "Properties": { + "PrivateDnsEnabled": true, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] ] }, - "Ipv4NetmaskLength": 20, + "SubnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "VpcEndpointType": "Interface", "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -82,10 +165,9 @@ } } }, - "VPCintegtest1AmazonProvidedE0445E5C": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1EgressOnlyGWEIGW440911B4": { + "Type": "AWS::EC2::EgressOnlyInternetGateway", "Properties": { - "AmazonProvidedIpv6CidrBlock": true, "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -94,211 +176,360 @@ } } }, - "Vpcintegtest20DAD8F9D": { - "Type": "AWS::EC2::VPC", + "VPCintegtest1validateIpv6EgressRouteB2A1DA27": { + "Type": "AWS::EC2::Route", "Properties": { - "CidrBlock": "10.1.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + "DestinationIpv6CidrBlock": "::/0", + "EgressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1EgressOnlyGWEIGW440911B4" + ] + }, + "VPCintegtest1VpnGatewayIGWBC493574": { + "Type": "AWS::EC2::VPNGateway", + "Properties": { + "Type": "ipsec.1" } }, - "Vpcintegtest2Ipv6IpamCidrFF84EC2B": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1VPCVPNGW9C6831A0": { + "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { - "Ipv6IpamPoolId": { + "VpcId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EBA1CB75", + "VpcId" ] }, - "Ipv6NetmaskLength": 60, - "VpcId": { + "VpnGatewayId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + } + }, + "VPCintegtest1RoutePropagation062BDAD5": { + "Type": "AWS::EC2::VPNGatewayRoutePropagation", + "Properties": { + "RouteTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "VpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" ] } }, "DependsOn": [ - "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "VPCintegtest1VPCVPNGW9C6831A0" ] }, - "Vpcintegtest2SecondaryAddress2A96C0AF8": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestIGW604D0664": { + "Type": "AWS::EC2::InternetGateway" + }, + "VPCintegtest1TestIGWGWAttachment786F3526": { + "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { - "CidrBlock": "10.2.0.0/16", + "InternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } } }, - "Vpcintegtest2SecondaryAddress36FC60BBC": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02": { + "Type": "AWS::EC2::Route", "Properties": { - "CidrBlock": "10.3.0.0/16", - "VpcId": { + "DestinationIpv6CidrBlock": "::/0", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1TestIGWGWAttachment786F3526", + "VPCintegtest1TestIGW604D0664" + ] + }, + "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1TestIGWGWAttachment786F3526", + "VPCintegtest1TestIGW604D0664" + ] + }, + "VPCintegtest1TestNATGatewayEIP444375D7": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } - } + }, + "DependsOn": [ + "testsbubnetRouteTableAssociationD6D083FA" + ] + }, + "VPCintegtest1TestNATGateway54FD55E6": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VPCintegtest1TestNATGatewayEIP444375D7", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "testsbubnetSubnet77337845" + } + }, + "DependsOn": [ + "testsbubnetRouteTableAssociationD6D083FA" + ] }, "testsbubnetSubnet77337845": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1a", + "AvailabilityZone": "us-west-2a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsbubnetRouteTableF40F025B": { + "testsbubnetRouteTableD0136BEA": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsbubnetRouteTableAssociationD6D083FA": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetSubnetDD417829": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-2b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsubnetRouteTable55223C61": { + "testsubnetRouteTable682580B2": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetRouteTableAssociationC106676D": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6Subnet07BD40AE": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-2b", "CidrBlock": "10.3.0.0/24", + "Ipv6CidrBlock": "2600:1f14:3283:9501::/64", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "validateIpv6RouteTable10861B00": { + "validateIpv6RouteTable09389F8D": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6RouteTableAssociationD6330457": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" + ] + }, + "routeTableRouteTable23B79F0B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "routeRouteFC6D4F1F": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "172.31.0.0/24", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1VpnGatewayIGWBC493574" ] } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 7c741197ffefb..4ad953fc29524 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,268 +34,193 @@ "aws-cdk-vpcv2-alpha.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ - { - "type": "aws:cdk:logicalId", - "data": "IpamTestIpam6C9298EF" - } - ], - "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ - { - "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC" - } - ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ - { - "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49" - } - ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "data": "VPCintegtest1EBA1CB75" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EBA1CB75", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1SecondaryAddress256BAC1D3" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + "data": "VPCintegtest1AmazonProvidedE0445E5C" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1AmazonProvidedE0445E5C", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1SecondaryAddress3BCA08E40" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest20DAD8F9D" + "data": "VPCintegtest1TestGWendpoint6276409E" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" + "data": "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress2A96C0AF8" + "data": "VPCintegtest1TestInterfaceEndpoint7B63C4C3" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress36FC60BBC" + "data": "VPCintegtest1EgressOnlyGWEIGW440911B4" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1validateIpv6EgressRouteB2A1DA27" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "VPCintegtest1VpnGatewayIGWBC493574" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VPCVPNGW": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1VPCVPNGW9C6831A0" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/Subnet": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/RoutePropagation": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetSubnetDD417829", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1RoutePropagation062BDAD5" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61" + "data": "VPCintegtest1TestIGW604D0664" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTableAssociationC106676D", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1TestIGWGWAttachment786F3526" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route/Route": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6Subnet07BD40AE", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00" + "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/EIP": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTableAssociationD6330457", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1TestNATGatewayEIP444375D7" } ], - "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway": [ { "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" + "data": "VPCintegtest1TestNATGateway54FD55E6" } ], - "/aws-cdk-vpcv2-alpha/CheckBootstrapVersion": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" + "data": "testsbubnetSubnet77337845" } ], - "IpamTestIpam6C9298EF": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestIpam6C9298EF", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "testsbubnetRouteTableD0136BEA" } ], - "IpamTestPrivatePool039C763DC": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "testsbubnetRouteTableAssociationD6D083FA" } ], - "IpamTestPublicPool0C44B7C49": [ + "/aws-cdk-vpcv2-alpha/testsubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "testsubnetSubnetDD417829" } ], - "IpamTestPublicPool0PublicPool0CidrC57CE00C": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "testsubnetRouteTable682580B2" } ], - "VPCintegtest1ipv4IpamCidr8105B4E4": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "testsubnetRouteTableAssociationC106676D" } ], - "Vpcintegtest20DAD8F9D": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest20DAD8F9D", + "data": "validateIpv6Subnet07BD40AE", "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + "!!DESTRUCTIVE_CHANGES: MAY_REPLACE" ] } ], - "Vpcintegtest2Ipv6IpamCidrFF84EC2B": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "validateIpv6RouteTable09389F8D" } ], - "Vpcintegtest2SecondaryAddress2A96C0AF8": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress2A96C0AF8", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "validateIpv6RouteTableAssociationD6330457" } ], - "Vpcintegtest2SecondaryAddress36FC60BBC": [ + "/aws-cdk-vpcv2-alpha/routeTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress36FC60BBC", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "routeTableRouteTable23B79F0B" } ], - "testsbubnetRouteTableF40F025B": [ + "/aws-cdk-vpcv2-alpha/route/Route": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "routeRouteFC6D4F1F" } ], - "testsubnetRouteTable55223C61": [ + "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "BootstrapVersion" } ], - "validateIpv6RouteTable10861B00": [ + "/aws-cdk-vpcv2-alpha/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] + "data": "CheckBootstrapVersion" } ] }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index 4ef8722255a1d..c3c30d6e4231a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -8,280 +8,569 @@ "id": "aws-cdk-vpcv2-alpha", "path": "aws-cdk-vpcv2-alpha", "children": { - "IpamTest": { - "id": "IpamTest", - "path": "aws-cdk-vpcv2-alpha/IpamTest", + "VPC-integ-test-1": { + "id": "VPC-integ-test-1", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { - "operatingRegions": [ - { - "regionName": "eu-central-1" - } - ] + "cidrBlock": "10.1.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default" } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", "version": "0.0.0" } }, - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", + "SecondaryAddress2": { + "id": "SecondaryAddress2", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.2.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "AmazonProvided": { + "id": "AmazonProvided", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "amazonProvidedIpv6CidrBlock": true, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "SecondaryAddress3": { + "id": "SecondaryAddress3", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.3.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "TestGWendpoint": { + "id": "TestGWendpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint", "children": { - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", "aws:cdk:cloudformation:props": { - "addressFamily": "ipv4", - "ipamScopeId": { + "routeTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] + ] + }, + "vpcEndpointType": "Gateway", + "vpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.GatewayVpcEndpoint", + "version": "0.0.0" + } + }, + "TestInterfaceEndpoint": { + "id": "TestInterfaceEndpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint", + "children": { + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "securityGroupIngress": [ + { + "cidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "ipProtocol": "tcp", + "fromPort": 443, + "toPort": 443, + "description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + } + } + ], + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } }, - "locale": "eu-central-1", - "provisionedCidrs": [ + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", + "aws:cdk:cloudformation:props": { + "privateDnsEnabled": true, + "securityGroupIds": [ { - "cidr": "10.2.0.0/16" + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] } - ] + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] + ] + }, + "subnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "vpcEndpointType": "Interface", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint", "version": "0.0.0" } }, - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", + "EgressOnlyGW": { + "id": "EgressOnlyGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW", "children": { - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", + "EIGW": { + "id": "EIGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", "aws:cdk:cloudformation:props": { - "addressFamily": "ipv6", - "awsService": "ec2", - "ipamScopeId": { + "vpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "locale": "eu-central-1", - "publicIpSource": "amazon" + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", "version": "0.0.0" } - }, - "PublicPool0Cidr": { - "id": "PublicPool0Cidr", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", + "version": "0.0.0" + } + }, + "validateIpv6-EgressRoute": { + "id": "validateIpv6-EgressRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", + "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { - "ipamPoolId": { + "destinationIpv6CidrBlock": "::/0", + "egressOnlyInternetGatewayId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" ] }, - "netmaskLength": 52 + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", - "version": "0.0.0" - } - }, - "VPC-integ-test-1": { - "id": "VPC-integ-test-1", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default" + }, + "VpnGateway": { + "id": "VpnGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGateway", + "aws:cdk:cloudformation:props": { + "type": "ipsec.1" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGatewayV2", "version": "0.0.0" } }, - "ipv4IpamCidr": { - "id": "ipv4IpamCidr", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", + "VPCVPNGW": { + "id": "VPCVPNGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VPCVPNGW", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", "aws:cdk:cloudformation:props": { - "ipv4IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" - ] - }, - "ipv4NetmaskLength": 20, "vpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", "VpcId" ] + }, + "vpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", "version": "0.0.0" } }, - "AmazonProvided": { - "id": "AmazonProvided", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided", + "RoutePropagation": { + "id": "RoutePropagation", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/RoutePropagation", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", "aws:cdk:cloudformation:props": { - "amazonProvidedIpv6CidrBlock": true, - "vpcId": { + "routeTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "vpnGatewayId": { "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" ] } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", - "version": "0.0.0" - } - }, - "Vpc-integ-test-2": { - "id": "Vpc-integ-test-2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.1.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default" + }, + "TestIGW": { + "id": "TestIGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, - "Ipv6IpamCidr": { - "id": "Ipv6IpamCidr", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" - ] + "validateIpv6-DefaultIPv6Route": { + "id": "validateIpv6-DefaultIPv6Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationIpv6CidrBlock": "::/0", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } }, - "ipv6NetmaskLength": 60, - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, - "SecondaryAddress2": { - "id": "SecondaryAddress2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.2.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "validateIpv6-DefaultRoute": { + "id": "validateIpv6-DefaultRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1TestIGW604D0664", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, - "SecondaryAddress3": { - "id": "SecondaryAddress3", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.3.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "TestNATGateway": { + "id": "TestNATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway", + "children": { + "EIP": { + "id": "EIP", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VPCintegtest1TestNATGatewayEIP444375D7", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "testsbubnetSubnet77337845" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } } @@ -302,11 +591,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1a", + "availabilityZone": "us-west-2a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -328,19 +617,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -351,7 +650,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -380,11 +682,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-2b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -406,19 +708,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -429,7 +741,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -458,11 +773,12 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-2b", "cidrBlock": "10.3.0.0/24", + "ipv6CidrBlock": "2600:1f14:3283:9501::/64", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -484,19 +800,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -507,7 +833,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" @@ -525,6 +854,71 @@ "version": "0.0.0" } }, + "routeTable": { + "id": "routeTable", + "path": "aws-cdk-vpcv2-alpha/routeTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/routeTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "route": { + "id": "route", + "path": "aws-cdk-vpcv2-alpha/route", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/route/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "172.31.0.0/24", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 85a58642c6e47..4d904f4f06950 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -11,9 +11,9 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; -import { Route, RouteTable, VPNGateway } from '../lib'; +import { Route, RouteTable } from '../lib'; const app = new cdk.App(); @@ -60,7 +60,7 @@ new SubnetV2(stack, 'validateIpv6', { ipv4CidrBlock: new IpCidr('10.3.0.0/24'), availabilityZone: 'us-west-2b', //Test secondary ipv6 address after Amazon Provided ipv6 allocation - //ipv6CidrBlock: new IpCidr('2001:db8::/48'), + ipv6CidrBlock: new IpCidr('2600:1f14:3283:9501::/64'), subnetType: SubnetType.PUBLIC, }); @@ -86,19 +86,15 @@ const vpnGateway = vpc.enableVpnGatewayV2({ type: 'ipsec.1', }); - - -// const vpnGateway = new VPNGateway(stack, 'vpnGateway', { -// type: VpnConnectionType.IPSEC_1, -// vpc, -// }); - new Route(stack, 'route', { destination: '172.31.0.0/24', target: { gateway: vpnGateway }, routeTable: new RouteTable(stack, 'routeTable', { vpc } ), }); +//Add Internet Gateway +vpc.addInternetGateway('TestIGW'); + //Add a NAT Gateway vpc.addNatGateway('TestNATGateway', { subnet: subnet, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 2a8be1fd451e5..ac79f109e3879 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -71,7 +71,7 @@ describe('EC2 Routing', () => { }); test('Route to VPN Gateway', () => { - const vpngw = new route.VPNGateway(stack, 'TestVpnGw', { + const vpngw = new route.VPNGatewayV2(stack, 'TestVpnGw', { type: VpnConnectionType.IPSEC_1, vpc: myVpc, }); @@ -111,7 +111,7 @@ describe('EC2 Routing', () => { }), test('Route to VPN Gateway with optional properties', () => { - new route.VPNGateway(stack, 'TestVpnGw', { + new route.VPNGatewayV2(stack, 'TestVpnGw', { type: VpnConnectionType.IPSEC_1, vpc: myVpc, amazonSideAsn: 12345678, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 3d96d9d6b45a5..05dcac8102045 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -86,7 +86,7 @@ describe('Vpc V2 with full control', () => { }); }); - test('should not associate a route to an incorrect subnet', () => { + test('addEIGW should not associate a route to an incorrect subnet', () => { const myVpc = new vpc.VpcV2(stack, 'TestVpc', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], @@ -109,7 +109,6 @@ describe('Vpc V2 with full control', () => { }).toThrow("There are no 'Public' subnet groups in this VPC. Available types: Isolated,Deprecated_Isolated"); }); - test('addNatGateway defines a private gateway', () => { const myVpc = new vpc.VpcV2(stack, 'TestVpc', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), From 391ae8e0d6ba28e58a9258c76943257d9ec6168c Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 29 Aug 2024 13:21:57 -0700 Subject: [PATCH 33/44] fix validation for natGW --- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 4 +- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 93 +-------- .../manifest.json | 95 ++++++--- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 194 +++--------------- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 7 +- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 1 + 7 files changed, 100 insertions(+), 298 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 336b3893574e7..1ab7d4b381232 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,7 +2,7 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct, DependencyGroup } from 'constructs'; -import { EgressOnlyInternetGateway, InternetGateway, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; import { ISubnetV2 } from './subnet-v2'; /** @@ -386,7 +386,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { * @returns - The newly-created NAT Gateway */ public addNatGateway(id: string, options: NatGatewayOptions): NatGateway { - if (this._internetGatewayId === undefined) { + if (options.connectivityType === NatConnectivityType.PUBLIC && !this._internetGatewayId) { throw new Error('Cannot add a NAT Gateway without an Internet Gateway enabled on VPC'); } return new NatGateway(this, id, { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index bd61121769b16..7a5008549818f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e": { + "51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e.json", + "objectKey": "51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 06f898b1c5f46..51c30d1563bb0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -203,7 +203,7 @@ "Type": "ipsec.1" } }, - "VPCintegtest1VPCVPNGW9C6831A0": { + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "VpcId": { @@ -239,96 +239,13 @@ } }, "DependsOn": [ - "VPCintegtest1VPCVPNGW9C6831A0" - ] - }, - "VPCintegtest1TestIGW604D0664": { - "Type": "AWS::EC2::InternetGateway" - }, - "VPCintegtest1TestIGWGWAttachment786F3526": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationIpv6CidrBlock": "::/0", - "GatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - }, - "DependsOn": [ - "VPCintegtest1TestIGWGWAttachment786F3526", - "VPCintegtest1TestIGW604D0664" - ] - }, - "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - }, - "DependsOn": [ - "VPCintegtest1TestIGWGWAttachment786F3526", - "VPCintegtest1TestIGW604D0664" - ] - }, - "VPCintegtest1TestNATGatewayEIP444375D7": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - }, - "DependsOn": [ - "testsbubnetRouteTableAssociationD6D083FA" + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] }, "VPCintegtest1TestNATGateway54FD55E6": { "Type": "AWS::EC2::NatGateway", "Properties": { - "AllocationId": { - "Fn::GetAtt": [ - "VPCintegtest1TestNATGatewayEIP444375D7", - "AllocationId" - ] - }, + "ConnectivityType": "private", "SubnetId": { "Ref": "testsbubnetSubnet77337845" } @@ -451,7 +368,6 @@ "AssignIpv6AddressOnCreation": false, "AvailabilityZone": "us-west-2b", "CidrBlock": "10.3.0.0/24", - "Ipv6CidrBlock": "2600:1f14:3283:9501::/64", "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -529,7 +445,8 @@ } }, "DependsOn": [ - "VPCintegtest1VpnGatewayIGWBC493574" + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 4ad953fc29524..c28c51900c216 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7a0488cee45675cc92f78f1f9ec08ec8454ea733aff07c1ba7b01532aca6313e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -94,10 +94,10 @@ "data": "VPCintegtest1VpnGatewayIGWBC493574" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VPCVPNGW": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/VPCVPNGW": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1VPCVPNGW9C6831A0" + "data": "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" } ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/RoutePropagation": [ @@ -106,40 +106,13 @@ "data": "VPCintegtest1RoutePropagation062BDAD5" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/IGW": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestIGW604D0664" - } - ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/GWAttachment": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestIGWGWAttachment786F3526" - } - ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02" - } - ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD" - } - ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestNATGatewayEIP444375D7" - } - ], "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestNATGateway54FD55E6" + "data": "VPCintegtest1TestNATGateway54FD55E6", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ @@ -222,6 +195,60 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "VPCintegtest1VPCVPNGW9C6831A0": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1VPCVPNGW9C6831A0", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1TestIGW604D0664": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1TestIGW604D0664", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1TestIGWGWAttachment786F3526": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1TestIGWGWAttachment786F3526", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1TestNATGatewayEIP444375D7": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1TestNATGatewayEIP444375D7", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index c3c30d6e4231a..d09d97e3c60f7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -345,35 +345,35 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VPNGatewayV2", - "version": "0.0.0" - } - }, - "VPCVPNGW": { - "id": "VPCVPNGW", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VPCVPNGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] + }, + "VPCVPNGW": { + "id": "VPCVPNGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/VPCVPNGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + }, + "vpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + } }, - "vpnGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1VpnGatewayIGWBC493574", - "VPNGatewayId" - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGatewayV2", "version": "0.0.0" } }, @@ -404,160 +404,17 @@ "version": "0.0.0" } }, - "TestIGW": { - "id": "TestIGW", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW", - "children": { - "IGW": { - "id": "IGW", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestIGW/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "validateIpv6-DefaultIPv6Route": { - "id": "validateIpv6-DefaultIPv6Route", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultIPv6Route/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationIpv6CidrBlock": "::/0", - "gatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", - "version": "0.0.0" - } - }, - "validateIpv6-DefaultRoute": { - "id": "validateIpv6-DefaultRoute", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1TestIGW604D0664", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Route", - "version": "0.0.0" - } - }, "TestNATGateway": { "id": "TestNATGateway", "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway", "children": { - "EIP": { - "id": "EIP", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, "NATGateway": { "id": "NATGateway", "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VPCintegtest1TestNATGatewayEIP444375D7", - "AllocationId" - ] - }, + "connectivityType": "private", "subnetId": { "Ref": "testsbubnetSubnet77337845" } @@ -775,7 +632,6 @@ "assignIpv6AddressOnCreation": false, "availabilityZone": "us-west-2b", "cidrBlock": "10.3.0.0/24", - "ipv6CidrBlock": "2600:1f14:3283:9501::/64", "vpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 4d904f4f06950..7c74f10b099f8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -13,7 +13,7 @@ import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; -import { Route, RouteTable } from '../lib'; +import { NatConnectivityType, Route, RouteTable } from '../lib'; const app = new cdk.App(); @@ -60,7 +60,7 @@ new SubnetV2(stack, 'validateIpv6', { ipv4CidrBlock: new IpCidr('10.3.0.0/24'), availabilityZone: 'us-west-2b', //Test secondary ipv6 address after Amazon Provided ipv6 allocation - ipv6CidrBlock: new IpCidr('2600:1f14:3283:9501::/64'), + //ipv6CidrBlock: new IpCidr('2600:1f14:3283:9501::/64'), subnetType: SubnetType.PUBLIC, }); @@ -98,7 +98,8 @@ vpc.addInternetGateway('TestIGW'); //Add a NAT Gateway vpc.addNatGateway('TestNATGateway', { subnet: subnet, -}); + connectivityType: NatConnectivityType.PRIVATE, +}).node.addDependency(vpnGateway); new IntegTest(app, 'integtest-model', { testCases: [stack], diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 05dcac8102045..c965adf169bcc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -311,6 +311,7 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); + myVpc.addInternetGateway('TestIGW'); myVpc.addNatGateway('TestNATGW', { subnet: mySubnet, connectivityType: route.NatConnectivityType.PUBLIC, From aba5e6619016b8938bedf954ad77d5a3679339ca Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 29 Aug 2024 13:42:34 -0700 Subject: [PATCH 34/44] add VPN route propogation to L2 --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 46 +++++++++++-- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 64 +++++++++---------- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 4 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 2 + .../aws-ec2-alpha/test/vpc-add-method.test.ts | 14 ++-- 5 files changed, 84 insertions(+), 46 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 0b33c3e42317b..257e9d0d09353 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -1,8 +1,8 @@ -import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; +import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, CfnVPNGatewayRoutePropagation, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType, SubnetSelection, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Construct, IConstruct, IDependable } from 'constructs'; -import { Duration, IResource, Resource } from 'aws-cdk-lib/core'; +import { Annotations, Duration, IResource, Resource } from 'aws-cdk-lib/core'; import { IVpcV2 } from './vpc-v2-base'; -import { NetworkUtils } from './util'; +import { NetworkUtils, allRouteTableIds, flatten } from './util'; import { ISubnetV2 } from './subnet-v2'; /** @@ -96,6 +96,12 @@ export interface VPNGatewayV2Props { * @default none */ readonly vpnGatewayName?: string; + + /** + * Provide an array of subnets where the route propagation should be added. + * @default noPropagation + */ + readonly vpnRoutePropagation?: SubnetSelection[]; } /** @@ -178,6 +184,7 @@ export interface NatGatewayOptions { export interface NatGatewayProps extends NatGatewayOptions { /** * The ID of the VPC in which the NAT gateway is located. + * Required in case of public connectivity if allocation id is not defined * @default none */ readonly vpc?: IVpcV2; @@ -288,7 +295,12 @@ export class VPNGatewayV2 extends Resource implements IRouteTarget { /** * The VPN Gateway Attachment */ - public readonly attachment: CfnVPCGatewayAttachment; + private readonly _attachment: CfnVPCGatewayAttachment; + + /** + * The VPN Gateway Route Propogation + */ + private readonly _routePropagation: CfnVPNGatewayRoutePropagation; constructor(scope: Construct, id: string, props: VPNGatewayV2Props) { super(scope, id); @@ -304,10 +316,28 @@ export class VPNGatewayV2 extends Resource implements IRouteTarget { this.routerTargetId = this.resource.attrVpnGatewayId; this.vpcId = props.vpc.vpcId; - this.attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { + this._attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { vpcId: this.vpcId, vpnGatewayId: this.resource.attrVpnGatewayId, }); + + // Propagate routes on route tables associated with the right subnets + const vpnRoutePropagation = props.vpnRoutePropagation ?? [{}]; + const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => props.vpc.selectSubnets(s).subnets))); + + if (routeTableIds.length === 0) { + Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); + } + + this._routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { + routeTableIds, + vpnGatewayId: this.routerTargetId, + }); + // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway + // until it has successfully attached to the VPC. + // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html + this._routePropagation.node.addDependency(this._attachment); + } } @@ -352,6 +382,12 @@ export class NatGateway extends Resource implements IRouteTarget { this.connectivityType = props.connectivityType || NatConnectivityType.PUBLIC; this.maxDrainDuration = props.maxDrainDuration || Duration.seconds(350); + if (this.connectivityType == NatConnectivityType.PUBLIC) { + if (!props.vpc && !props.allocationId) { + throw new Error('Either provide vpc or allocationId'); + } + } + // If user does not provide EIP, generate one for them var aId: string | undefined; if (this.connectivityType == 'public') { diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 1ab7d4b381232..b2947730d138d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -22,6 +22,24 @@ export interface EgressOnlyInternetGatewayOptions{ readonly destination?: string; } +/** + * Options to define InternetGateway for VPC + */ +export interface InternetGatewayOptions{ + + /** + * Destination Ipv6 address for EGW route + * @default '0.0.0.0' all Ipv4 traffic + */ + readonly ipv4Destination?: string; + + /** + * Destination Ipv6 address for EGW route + * @default '::/0' all Ipv6 traffic + */ + readonly ipv6Destination?: string; +} + /** * Placeholder to see what extra props we might need, * will be added to original IVPC @@ -54,7 +72,7 @@ export interface IVpcV2 extends IVpc { * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html}. * @default defines route for all ipv4('0.0.0.0') and ipv6 addresses('::/0') */ - addInternetGateway(id: string, destination?: string): InternetGateway; + addInternetGateway(options?: InternetGatewayOptions): void; /** * Adds VPN Gateway to VPC and set route propogation. @@ -69,7 +87,7 @@ export interface IVpcV2 extends IVpc { * @default ConnectivityType.Public * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html}. */ - addNatGateway(id: string, options: NatGatewayOptions): NatGateway; + addNatGateway(options: NatGatewayOptions): NatGateway; } @@ -234,23 +252,6 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { this._internetConnectivityEstablished.add(vpnGateway); this._vpnGatewayId = vpnGateway.routerTargetId; - // Propagate routes on route tables associated with the right subnets - const vpnRoutePropagation = options.vpnRoutePropagation ?? [{}]; - const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => this.selectSubnets(s).subnets))); - - if (routeTableIds.length === 0) { - Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); - } - - const routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { - routeTableIds, - vpnGatewayId: this._vpnGatewayId, - }); - // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway - // until it has successfully attached to the VPC. - // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html - routePropagation.node.addDependency(vpnGateway.attachment); - return vpnGateway; } @@ -336,44 +337,46 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { * Adds a new Internet Gateway to this VPC * @default creates a new route for public subnets(with all outbound access) to the Internet Gateway. */ - public addInternetGateway(id: string, destination?: string): InternetGateway { + public addInternetGateway(options?: InternetGatewayOptions): void { if (this._internetGatewayId) { throw new Error('The Internet Gateway has already been enabled.'); } - const igw = new InternetGateway(this, id, { + const igw = new InternetGateway(this, 'InternetGateway', { vpc: this, }); this._internetConnectivityEstablished.add(igw); this._internetGatewayId = igw.routerTargetId; - this.publicSubnets.forEach( (s) => this.addDefaultInternetRoute(s, igw, destination)); - return igw; + //If there are no public subnets defined, no default route will be added + if (this.publicSubnets) { + this.publicSubnets.forEach( (s) => this.addDefaultInternetRoute(s, igw, options)); + } } /** * Adds default route for the internet gateway * @internal */ - private addDefaultInternetRoute(subnet: ISubnetV2, igw: InternetGateway, destination?: string): void { + private addDefaultInternetRoute(subnet: ISubnetV2, igw: InternetGateway, options?: InternetGatewayOptions): void { if (subnet.subnetType !== SubnetType.PUBLIC) { - throw new Error('Internet Gateway is to be added to public subnets'); + throw new Error('No public subnets defined to add route for internet gateway'); } //Add deffault route to IGW for IPv6 if (subnet.ipv6CidrBlock) { new Route(this, `${subnet.node.id}-DefaultIPv6Route`, { routeTable: subnet.routeTable, - destination: destination ?? '::/0', + destination: options?.ipv6Destination ?? '::/0', target: { gateway: igw }, }); } //Add default route to IGW for IPv4 new Route(this, `${subnet.node.id}-DefaultRoute`, { routeTable: subnet.routeTable, - destination: destination ?? '0.0.0.0/0', + destination: options?.ipv4Destination ?? '0.0.0.0/0', target: { gateway: igw }, }); } @@ -381,15 +384,12 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds a new NAT Gateway to the given subnet of this VPC * of given subnets. - * @param id The ID of the NAT Gateway construct - * @param options The options for the NAT Gateway to be created - * @returns - The newly-created NAT Gateway */ - public addNatGateway(id: string, options: NatGatewayOptions): NatGateway { + public addNatGateway(options: NatGatewayOptions): NatGateway { if (options.connectivityType === NatConnectivityType.PUBLIC && !this._internetGatewayId) { throw new Error('Cannot add a NAT Gateway without an Internet Gateway enabled on VPC'); } - return new NatGateway(this, id, { + return new NatGateway(this, 'NATGateway', { vpc: this, ...options, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 7c74f10b099f8..8bf093a84b0ed 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -93,10 +93,10 @@ new Route(stack, 'route', { }); //Add Internet Gateway -vpc.addInternetGateway('TestIGW'); +vpc.addInternetGateway(); //Add a NAT Gateway -vpc.addNatGateway('TestNATGateway', { +vpc.addNatGateway({ subnet: subnet, connectivityType: NatConnectivityType.PRIVATE, }).node.addDependency(vpnGateway); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index ac79f109e3879..6504622ae4611 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -273,6 +273,7 @@ describe('EC2 Routing', () => { test('Route to public NAT Gateway', () => { const natgw = new route.NatGateway(stack, 'TestNATGW', { subnet: mySubnet, + vpc: myVpc, }); routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); const template = Template.fromStack(stack); @@ -363,6 +364,7 @@ describe('EC2 Routing', () => { subnet: mySubnet, connectivityType: route.NatConnectivityType.PUBLIC, maxDrainDuration: cdk.Duration.seconds(2001), + vpc: myVpc, }); routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); const template = Template.fromStack(stack); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index c965adf169bcc..7afffb7f778d8 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -122,7 +122,7 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); - myVpc.addNatGateway('TestNATGW', { + myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', @@ -155,7 +155,7 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); - myVpc.addNatGateway('TestNATGW', { + myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', @@ -197,7 +197,7 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); - myVpc.addNatGateway('TestNATGW', { + myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', @@ -233,7 +233,7 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); - myVpc.addNatGateway('TestNATGW', { + myVpc.addNatGateway({ subnet: mySubnet, }); const template = Template.fromStack(stack); @@ -272,7 +272,7 @@ describe('Vpc V2 with full control', () => { const eip = new CfnEIP(stack, 'MyEIP', { domain: myVpc.vpcId, }); - myVpc.addNatGateway('TestNATGW', { + myVpc.addNatGateway({ subnet: mySubnet, allocationId: eip.attrAllocationId, }); @@ -311,8 +311,8 @@ describe('Vpc V2 with full control', () => { availabilityZone: 'ap-south-1b', subnetType: SubnetType.PRIVATE_ISOLATED, }); - myVpc.addInternetGateway('TestIGW'); - myVpc.addNatGateway('TestNATGW', { + myVpc.addInternetGateway(); + myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PUBLIC, maxDrainDuration: cdk.Duration.seconds(2001), From aeba62bbe7cc9b08eecda5f9f9a5f65a48ac33e8 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 29 Aug 2024 16:39:12 -0700 Subject: [PATCH 35/44] remove associate routetable --- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 12 -------- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 9 ++---- .../aws-ec2-alpha/test/integ.subnet-v2.ts | 10 +------ .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 1 + .../aws-ec2-alpha/test/subnet-v2.test.ts | 30 ------------------- 5 files changed, 5 insertions(+), 57 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 5c9e5a5d688d9..b342b92f954d5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -162,8 +162,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { private _routeTable: IRouteTable; - private routeTableAssociation: CfnSubnetRouteTableAssociation; - /** * Constructs a new SubnetV2 instance. * @param scope The parent Construct that this resource will be part of. @@ -233,7 +231,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { routeTableId: this._routeTable.routeTableId, }); - this.routeTableAssociation = routeAssoc; this._internetConnectivityEstablished.add(routeAssoc); this.internetConnectivityEstablished = this._internetConnectivityEstablished; @@ -267,15 +264,6 @@ export class SubnetV2 extends Resource implements ISubnetV2 { return this._routeTable; } - /** - * Associate a Route Table with this subnet. - * @param routeTableProps The Route Table to associate with this subnet. - */ - public associateRouteTable(routeTableProps: IRouteTable) { - this._routeTable = routeTableProps; - this.routeTableAssociation.addPropertyOverride('RouteTableId', routeTableProps.routeTableId); - } - /** * Returns the Network ACL associated with this subnet. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index b2947730d138d..8da4ac9095065 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,7 +2,7 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct, DependencyGroup } from 'constructs'; -import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; +import { EgressOnlyInternetGateway, InternetGateway, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; import { ISubnetV2 } from './subnet-v2'; /** @@ -174,7 +174,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { * Mutable private field for the internetGatewayId * @internal */ - protected _internetGatewayId?: string; + protected _internetGatewayId = ''; /** * Return information on the subnets appropriate for the given selection strategy @@ -386,9 +386,6 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { * of given subnets. */ public addNatGateway(options: NatGatewayOptions): NatGateway { - if (options.connectivityType === NatConnectivityType.PUBLIC && !this._internetGatewayId) { - throw new Error('Cannot add a NAT Gateway without an Internet Gateway enabled on VPC'); - } return new NatGateway(this, 'NATGateway', { vpc: this, ...options, @@ -415,7 +412,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Returns the id of the Internet Gateway (if enabled) */ - public get interntetGatewayId(): string | undefined { + public get internetGatewayId(): string | undefined { return this._internetGatewayId; } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts index b9248ef9a026e..a601e0f7f319f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts @@ -51,7 +51,7 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { * can assign IPv6 address only after the allocation * uncomment ipv6CidrBlock and provide valid IPv6 range */ -const mySubnet = new SubnetV2(stack, 'testsbubnet', { +new SubnetV2(stack, 'testsbubnet', { vpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), @@ -60,13 +60,6 @@ const mySubnet = new SubnetV2(stack, 'testsbubnet', { subnetType: SubnetType.PRIVATE_ISOLATED, }); -vpc.enableVpnGateway({ - vpnRoutePropagation: [{ - subnetType: SubnetType.PRIVATE_ISOLATED, // optional, defaults to "PUBLIC" - }], - type: 'ipsec.1', -}); - /**Test compatibility with existing construct */ new ec2.Instance(stack, 'Instance', { vpc, @@ -85,7 +78,6 @@ const routeTable = new RouteTable(stack, 'TestRoutetable', { }); routeTable.addRoute('eigwRoute', '0.0.0.0/0', { gateway: igw }); -mySubnet.associateRouteTable(routeTable); new IntegTest(app, 'integtest-model', { testCases: [stack], diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 6504622ae4611..62c59d501a005 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -26,6 +26,7 @@ describe('EC2 Routing', () => { enableDnsHostnames: true, enableDnsSupport: true, }); + myVpc.addInternetGateway(); //Required for Public NATGW routeTable = new route.RouteTable(stack, 'TestRouteTable', { vpc: myVpc, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts index ddedfd9395918..caf371cc524d4 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts @@ -5,7 +5,6 @@ import * as subnet from '../lib/subnet-v2'; import { NetworkAcl, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib/ipam'; import { createTestSubnet } from './util'; -import { RouteTable } from '../lib'; /** * Test suite for the SubnetV2 class. @@ -302,33 +301,4 @@ describe('Subnet V2 with custom IP and routing', () => { expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetNetworkAclAssociation', {})); }); - - test('should associate a RouteTable with the subnet', () => { - const testVpc = new vpc.VpcV2(stack, 'TestVPC', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - }); - const subnetConfig = { - vpcV2: testVpc, - availabilityZone: 'us-east-1a', - cidrBlock: new subnet.IpCidr('10.1.0.0/24'), - subnetType: SubnetType.PUBLIC, - }; - const testsubnet = createTestSubnet(stack, subnetConfig); - - const routeTable = new RouteTable(stack, 'TestNewRouteTable', { - vpc: testVpc, - }); - - testsubnet.associateRouteTable(routeTable); - - expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetRouteTableAssociation', { - Properties: { - RouteTableId: { - 'Fn::GetAtt': [ - 'TestNewRouteTable240E1177', 'RouteTableId', - ], - }, - }, - })); - }); }); From 2f1e60c14ed4552cfe59d80993bafd8a5d4accbb Mon Sep 17 00:00:00 2001 From: shikha372 Date: Fri, 30 Aug 2024 13:10:31 -0700 Subject: [PATCH 36/44] adding unit tests for internet gateway --- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 5 +- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 1 - .../aws-ec2-alpha/test/vpc-add-method.test.ts | 219 +++++++++--------- 3 files changed, 109 insertions(+), 116 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 8da4ac9095065..0b9125f6b96fa 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -2,7 +2,7 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; import { IDependable, Dependable, IConstruct, DependencyGroup } from 'constructs'; -import { EgressOnlyInternetGateway, InternetGateway, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; import { ISubnetV2 } from './subnet-v2'; /** @@ -386,6 +386,9 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { * of given subnets. */ public addNatGateway(options: NatGatewayOptions): NatGateway { + if (options.connectivityType === NatConnectivityType.PUBLIC && !this._internetGatewayId) { + throw new Error('Cannot add a Public NAT Gateway without an Internet Gateway enabled on VPC'); + } return new NatGateway(this, 'NATGateway', { vpc: this, ...options, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index 62c59d501a005..6504622ae4611 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -26,7 +26,6 @@ describe('EC2 Routing', () => { enableDnsHostnames: true, enableDnsSupport: true, }); - myVpc.addInternetGateway(); //Required for Public NATGW routeTable = new route.RouteTable(stack, 'TestRouteTable', { vpc: myVpc, }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 7afffb7f778d8..b7d5805c8fc57 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -8,6 +8,8 @@ import { CfnEIP, SubnetType } from 'aws-cdk-lib/aws-ec2'; describe('Vpc V2 with full control', () => { let stack: cdk.Stack; + let myVpc: vpc.VpcV2; + let mySubnet: SubnetV2; beforeEach(() => { const app = new cdk.App({ @@ -16,44 +18,35 @@ describe('Vpc V2 with full control', () => { }, }); stack = new cdk.Stack(app); - }); - test('Method to add a new Egress-Only IGW', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + myVpc = new vpc.VpcV2(stack, 'TestVpc', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], enableDnsHostnames: true, enableDnsSupport: true, - }, - ); + }); + mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PUBLIC, + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + }); + }); + test('Method to add a new Egress-Only IGW', () => { myVpc.addEgressOnlyInternetGateway({}); Template.fromStack(stack).hasResource('AWS::EC2::EgressOnlyInternetGateway', 1); }); test('addEIGW throws error if VPC does not have IPv6', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + const vpc1 = new vpc.VpcV2(stack, 'TestIpv4Vpc', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - enableDnsHostnames: true, - enableDnsSupport: true, }); expect(() => { - myVpc.addEgressOnlyInternetGateway({}); + vpc1.addEgressOnlyInternetGateway({}); }).toThrow('Egress only IGW can only be added to Ipv6 enabled VPC'); }); test('addEIGW defines a route under subnet to default destination', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - new SubnetV2(stack, 'validateIpv6', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - ipv6CidrBlock: new IpCidr('2001:db8::/48'), - subnetType: SubnetType.PUBLIC, - }); myVpc.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], }); @@ -63,20 +56,6 @@ describe('Vpc V2 with full control', () => { }); test('addEIGW defines a route under subnet to given destination', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - new SubnetV2(stack, 'validateIpv6', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - //Test secondary ipv6 address after IPAM pool creation - ipv6CidrBlock: new IpCidr('2001:db8::/48'), - subnetType: SubnetType.PUBLIC, - }); myVpc.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], destination: '::/48', @@ -87,22 +66,20 @@ describe('Vpc V2 with full control', () => { }); test('addEIGW should not associate a route to an incorrect subnet', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { + const vpc1 = new vpc.VpcV2(stack, 'TestPrivateVpc', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, }); new SubnetV2(stack, 'validateIpv6', { - vpc: myVpc, + vpc: vpc1, ipv4CidrBlock: new IpCidr('10.1.0.0/24'), availabilityZone: 'ap-south-1b', //Test secondary ipv6 address after IPAM pool creation ipv6CidrBlock: new IpCidr('2001:db8::/48'), subnetType: SubnetType.PRIVATE_ISOLATED, }); - expect( () => { - myVpc.addEgressOnlyInternetGateway({ + expect(() => { + vpc1.addEgressOnlyInternetGateway({ subnets: [{ subnetType: SubnetType.PUBLIC }], destination: '::/48', }); @@ -110,18 +87,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines a private gateway', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, @@ -143,18 +108,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines private gateway with secondary IP addresses', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, @@ -185,18 +138,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines private gateway with secondary IP address count', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); myVpc.addNatGateway({ subnet: mySubnet, connectivityType: route.NatConnectivityType.PRIVATE, @@ -221,18 +162,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines public gateway', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); myVpc.addNatGateway({ subnet: mySubnet, }); @@ -257,18 +186,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines public gateway with provided EIP', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); const eip = new CfnEIP(stack, 'MyEIP', { domain: myVpc.vpcId, }); @@ -299,18 +216,6 @@ describe('Vpc V2 with full control', () => { }); test('addNatGateway defines public gateway with many parameters', () => { - const myVpc = new vpc.VpcV2(stack, 'TestVpc', { - primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], - enableDnsHostnames: true, - enableDnsSupport: true, - }); - const mySubnet = new SubnetV2(stack, 'TestSubnet', { - vpc: myVpc, - ipv4CidrBlock: new IpCidr('10.1.0.0/24'), - availabilityZone: 'ap-south-1b', - subnetType: SubnetType.PRIVATE_ISOLATED, - }); myVpc.addInternetGateway(); myVpc.addNatGateway({ subnet: mySubnet, @@ -339,4 +244,90 @@ describe('Vpc V2 with full control', () => { }); }); + test('addinternetGateway defines a new internet gateway with attachment and no route', () => { + const vpc2 = new vpc.VpcV2(stack, 'TestVpcNoSubnet', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + vpc2.addInternetGateway(); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + InternetGatewayId: { + 'Fn::GetAtt': ['TestVpcNoSubnetInternetGatewayIGWC957CF52', 'InternetGatewayId'], + }, + VpcId: { + 'Fn::GetAtt': ['TestVpcNoSubnetF2A028F4', 'VpcId'], + }, + }); + template.resourceCountIs('AWS::EC2::Route', 0); + }); + + test('addinternetGateway defines a new internet gateway with new route in case of public subnet', () => { + myVpc.addInternetGateway(); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationCidrBlock: '0.0.0.0/0', + }); + }); + + test('addinternetGateway defines a new internet gateway with Ipv6 route in case of ipv6 enabled subnet', () => { + myVpc.addInternetGateway(); + const template = Template.fromStack(stack); + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationIpv6CidrBlock: '::/0', + }); + }); + + test('Throws error if there is already an IGW attached', () => { + myVpc.addInternetGateway(); + expect(() => { + myVpc.addInternetGateway(); + }).toThrow('The Internet Gateway has already been enabled.'); + }); + + test('addinternetGateway defines a new route in case of input destination', () => { + myVpc.addInternetGateway({ + ipv4Destination: '203.0.113.25', + ipv6Destination: '2001:db8::/48', + }); + const template = Template.fromStack(stack); + //Route for custom IPv4 destination + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationCidrBlock: '203.0.113.25', + }); + //Route for custom IPv6 destination + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationIpv6CidrBlock: '2001:db8::/48', + }); + }); }); \ No newline at end of file From e0602781b143f9758a65f83e0c0bf26669c87d9f Mon Sep 17 00:00:00 2001 From: shikha372 Date: Fri, 30 Aug 2024 14:24:30 -0700 Subject: [PATCH 37/44] adding unit tests for VPN gateway --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 29 +-------- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 36 +++++++++-- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 4 +- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 61 ++++++++++++++++++- 4 files changed, 97 insertions(+), 33 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 257e9d0d09353..9d6e58d8b7ecc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -1,7 +1,7 @@ -import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, CfnVPNGatewayRoutePropagation, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType, SubnetSelection, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; +import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, CfnVPNGatewayRoutePropagation, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType } from 'aws-cdk-lib/aws-ec2'; import { Construct, IConstruct, IDependable } from 'constructs'; import { Annotations, Duration, IResource, Resource } from 'aws-cdk-lib/core'; -import { IVpcV2 } from './vpc-v2-base'; +import { IVpcV2, VPNGatewayV2Options } from './vpc-v2-base'; import { NetworkUtils, allRouteTableIds, flatten } from './util'; import { ISubnetV2 } from './subnet-v2'; @@ -73,35 +73,12 @@ export interface InternetGatewayProps { /** * Properties to define a VPN gateway. */ -export interface VPNGatewayV2Props { - /** - * The type of VPN connection the virtual private gateway supports. - * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html#cfn-ec2-vpngateway-type - */ - readonly type: VpnConnectionType; +export interface VPNGatewayV2Props extends VPNGatewayV2Options{ /** * The ID of the VPC for which to create the VPN gateway. */ readonly vpc: IVpcV2; - - /** - * The private Autonomous System Number (ASN) for the Amazon side of a BGP session. - * @default none - */ - readonly amazonSideAsn?: number; - - /** - * The resource name of the VPN gateway. - * @default none - */ - readonly vpnGatewayName?: string; - - /** - * Provide an array of subnets where the route propagation should be added. - * @default noPropagation - */ - readonly vpnRoutePropagation?: SubnetSelection[]; } /** diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 0b9125f6b96fa..32751ee838ad0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -40,6 +40,35 @@ export interface InternetGatewayOptions{ readonly ipv6Destination?: string; } +/** + * Options to define VPNGatewayV2 for VPC + */ +export interface VPNGatewayV2Options { + /** + * The type of VPN connection the virtual private gateway supports. + * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html#cfn-ec2-vpngateway-type + */ + readonly type: VpnConnectionType; + + /** + * The private Autonomous System Number (ASN) for the Amazon side of a BGP session. + * @default none + */ + readonly amazonSideAsn?: number; + + /** + * The resource name of the VPN gateway. + * @default none + */ + readonly vpnGatewayName?: string; + + /** + * Provide an array of subnets where the route propagation should be added. + * @default noPropagation + */ + readonly vpnRoutePropagation?: SubnetSelection[]; +} + /** * Placeholder to see what extra props we might need, * will be added to original IVPC @@ -79,7 +108,7 @@ export interface IVpcV2 extends IVpc { * For more information, see the {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html}. * @default no route propogation */ - enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGatewayV2; + enableVpnGatewayV2(options: VPNGatewayV2Options): VPNGatewayV2; /** * Adds a new NAT Gateway to VPC @@ -238,15 +267,14 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds VPNGAtewayV2 to this VPC */ - public enableVpnGatewayV2(options: EnableVpnGatewayOptions): VPNGatewayV2 { + public enableVpnGatewayV2(options: VPNGatewayV2Options): VPNGatewayV2 { if (this.vpnGatewayId) { throw new Error('The VPN Gateway has already been enabled.'); } const vpnGateway = new VPNGatewayV2(this, 'VpnGateway', { - amazonSideAsn: options.amazonSideAsn, - type: VpnConnectionType.IPSEC_1, vpc: this, + ...options, }); this._internetConnectivityEstablished.add(vpnGateway); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 8bf093a84b0ed..3f582a15c608e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -11,7 +11,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; import { NatConnectivityType, Route, RouteTable } from '../lib'; @@ -83,7 +83,7 @@ vpc.addEgressOnlyInternetGateway({ const vpnGateway = vpc.enableVpnGatewayV2({ vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], - type: 'ipsec.1', + type: VpnConnectionType.IPSEC_1, }); new Route(stack, 'route', { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index b7d5805c8fc57..5f5ad1dedbfe6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -3,7 +3,7 @@ import * as cdk from 'aws-cdk-lib'; import * as vpc from '../lib/vpc-v2'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; import * as route from '../lib/route'; -import { CfnEIP, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { CfnEIP, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; /* eslint-disable no-console */ describe('Vpc V2 with full control', () => { @@ -330,4 +330,63 @@ describe('Vpc V2 with full control', () => { DestinationIpv6CidrBlock: '2001:db8::/48', }); }); + + //Tests for VPNGatewayV2 + test('enableVpnGatewayV2 defines a new VPNGateway with attachment', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + }); + Template.fromStack(stack).hasResource('AWS::EC2::VPNGateway', 1); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpnGatewayId: { + 'Fn::GetAtt': ['TestVpcVpnGatewayIGWF1052317', 'VPNGatewayId'], + }, + VpcId: { + 'Fn::GetAtt': ['TestVpcE77CE678', 'VpcId'], + }, + }); + }); + + test('check vpngateway has correct connection type', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGateway', { + Type: 'ipsec.1', + }); + }); + + test('Check vpngateway has routePropogation for input subnets', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGatewayRoutePropagation', { + VpnGatewayId: { + 'Fn::GetAtt': ['TestVpcVpnGatewayIGWF1052317', 'VPNGatewayId'], + }, + RouteTableIds: [ + { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + ], + }); + }); + + test('Throws error when no subnet identified for route propogation', () => { + expect(() => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + vpnRoutePropagation: [{ subnetType: SubnetType.PRIVATE_ISOLATED }], + }); + }).toThrow("There are no 'Isolated' subnet groups in this VPC. Available types: Public"); + }); + + test('Throws error when VPN GW is already enabled', () => { + myVpc.enableVpnGatewayV2({ type: VpnConnectionType.IPSEC_1 }); + expect(() => { + myVpc.enableVpnGatewayV2({ type: VpnConnectionType.IPSEC_1 }); + }).toThrow('The VPN Gateway has already been enabled.'); + }); + }); \ No newline at end of file From 74adb43731d0b17d0069b5296b68da4b424a15f3 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Mon, 2 Sep 2024 22:28:12 -0700 Subject: [PATCH 38/44] fixing all integ snapshots --- .../aws-cdk-vpcv2-alpha.assets.json | 19 + .../aws-cdk-vpcv2-alpha.template.json | 192 +++++++++ .../test/integ.ipam.js.snapshot/cdk.out | 1 + .../test/integ.ipam.js.snapshot/integ.json | 12 + ...efaultTestDeployAssertCF40BD53.assets.json | 19 + ...aultTestDeployAssertCF40BD53.template.json | 36 ++ .../test/integ.ipam.js.snapshot/manifest.json | 167 ++++++++ .../test/integ.ipam.js.snapshot/tree.json | 388 +++++++++++++++++ .../@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts | 35 +- .../aws-cdk-vpcv2-alpha-new.assets.json | 4 +- .../aws-cdk-vpcv2-alpha-new.template.json | 208 ++++----- .../integ.subnet-v2.js.snapshot/manifest.json | 171 ++++++-- .../integ.subnet-v2.js.snapshot/tree.json | 405 ++++++++++-------- .../aws-ec2-alpha/test/integ.subnet-v2.ts | 38 +- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 75 +++- .../manifest.json | 86 ++-- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 165 ++++++- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 14 +- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 10 + 20 files changed, 1609 insertions(+), 440 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json new file mode 100644 index 0000000000000..8a2f77121d709 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc": { + "source": { + "path": "aws-cdk-vpcv2-alpha.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json new file mode 100644 index 0000000000000..2c44184f9db15 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -0,0 +1,192 @@ +{ + "Resources": { + "IpamTestIpam6C9298EF": { + "Type": "AWS::EC2::IPAM", + "Properties": { + "OperatingRegions": [ + { + "RegionName": "us-west-2" + } + ] + } + }, + "IpamTestPrivatePool039C763DC": { + "Type": "AWS::EC2::IPAMPool", + "Properties": { + "AddressFamily": "ipv4", + "IpamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" + ] + }, + "Locale": "us-west-2", + "ProvisionedCidrs": [ + { + "Cidr": "10.2.0.0/16" + } + ] + } + }, + "IpamTestPublicPool0C44B7C49": { + "Type": "AWS::EC2::IPAMPool", + "Properties": { + "AddressFamily": "ipv6", + "AwsService": "ec2", + "IpamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" + ] + }, + "Locale": "us-west-2", + "PublicIpSource": "amazon" + } + }, + "IpamTestPublicPool0PublicPool0CidrC57CE00C": { + "Type": "AWS::EC2::IPAMPoolCidr", + "Properties": { + "IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "NetmaskLength": 52 + } + }, + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" + } + }, + "VPCintegtest1ipv4IpamCidr8105B4E4": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" + ] + }, + "Ipv4NetmaskLength": 20, + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "VPCintegtest1Ipv6IpamCidrEF56F8F7": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "Ipv6NetmaskLength": 60, + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "IpamTestPublicPool0PublicPool0CidrC57CE00C" + ] + }, + "testsbubnetSubnet77337845": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": false, + "AvailabilityZone": "us-west-2a", + "CidrBlock": "10.0.0.0/24", + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + }, + "testsbubnetRouteTableD0136BEA": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + }, + "testsbubnetRouteTableAssociationD6D083FA": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] + }, + "SubnetId": { + "Ref": "testsbubnetSubnet77337845" + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out new file mode 100644 index 0000000000000..bd5311dc372de --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json new file mode 100644 index 0000000000000..b73b42e18e04e --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.5", + "testCases": { + "integtest-model/DefaultTest": { + "stacks": [ + "aws-cdk-vpcv2-alpha" + ], + "assertionStack": "integtest-model/DefaultTest/DeployAssert", + "assertionStackName": "integtestmodelDefaultTestDeployAssertCF40BD53" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json new file mode 100644 index 0000000000000..e93a555169b11 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "integtestmodelDefaultTestDeployAssertCF40BD53.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json new file mode 100644 index 0000000000000..663212ef1077a --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json @@ -0,0 +1,167 @@ +{ + "version": "36.0.5", + "artifacts": { + "aws-cdk-vpcv2-alpha.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-vpcv2-alpha.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-vpcv2-alpha": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-vpcv2-alpha.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-vpcv2-alpha.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-vpcv2-alpha.assets" + ], + "metadata": { + "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestIpam6C9298EF" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPrivatePool039C763DC" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0C44B7C49" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1EBA1CB75" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Ipv6IpamCidr": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1Ipv6IpamCidrEF56F8F7" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetSubnet77337845" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableD0136BEA" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableAssociationD6D083FA" + } + ], + "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-vpcv2-alpha/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-vpcv2-alpha" + }, + "integtestmodelDefaultTestDeployAssertCF40BD53.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integtestmodelDefaultTestDeployAssertCF40BD53.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integtestmodelDefaultTestDeployAssertCF40BD53": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integtestmodelDefaultTestDeployAssertCF40BD53.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integtestmodelDefaultTestDeployAssertCF40BD53.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integtestmodelDefaultTestDeployAssertCF40BD53.assets" + ], + "metadata": { + "/integtest-model/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integtest-model/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integtest-model/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json new file mode 100644 index 0000000000000..87201a2c1351a --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json @@ -0,0 +1,388 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-vpcv2-alpha": { + "id": "aws-cdk-vpcv2-alpha", + "path": "aws-cdk-vpcv2-alpha", + "children": { + "IpamTest": { + "id": "IpamTest", + "path": "aws-cdk-vpcv2-alpha/IpamTest", + "children": { + "Ipam": { + "id": "Ipam", + "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", + "aws:cdk:cloudformation:props": { + "operatingRegions": [ + { + "regionName": "us-west-2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", + "version": "0.0.0" + } + }, + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", + "children": { + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv4", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" + ] + }, + "locale": "us-west-2", + "provisionedCidrs": [ + { + "cidr": "10.2.0.0/16" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", + "children": { + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv6", + "awsService": "ec2", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" + ] + }, + "locale": "us-west-2", + "publicIpSource": "amazon" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + }, + "PublicPool0Cidr": { + "id": "PublicPool0Cidr", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", + "aws:cdk:cloudformation:props": { + "ipamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "netmaskLength": 52 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", + "version": "0.0.0" + } + }, + "VPC-integ-test-1": { + "id": "VPC-integ-test-1", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "ipv4IpamCidr": { + "id": "ipv4IpamCidr", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" + ] + }, + "ipv4NetmaskLength": 20, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "Ipv6IpamCidr": { + "id": "Ipv6IpamCidr", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Ipv6IpamCidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "ipv6NetmaskLength": 60, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "version": "0.0.0" + } + }, + "testsbubnet": { + "id": "testsbubnet", + "path": "aws-cdk-vpcv2-alpha/testsbubnet", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": false, + "availabilityZone": "us-west-2a", + "cidrBlock": "10.0.0.0/24", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] + }, + "subnetId": { + "Ref": "testsbubnetSubnet77337845" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-vpcv2-alpha/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-vpcv2-alpha/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "integtest-model": { + "id": "integtest-model", + "path": "integtest-model", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "integtest-model/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "integtest-model/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "integtest-model/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integtest-model/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integtest-model/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts index 4ab5c543679cc..a8796f61ca294 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts @@ -9,9 +9,10 @@ // */ import * as vpc_v2 from '../lib/vpc-v2'; -import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib'; +import { AddressFamily, AwsServiceName, IpCidr, Ipam, IpamPoolPublicIpSource, SubnetV2 } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; +import { SubnetType } from 'aws-cdk-lib/aws-ec2'; /** * Integ test for VPC with IPAM pool to be run with --no-clean @@ -22,7 +23,7 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); const ipam = new Ipam(stack, 'IpamTest', { - operatingRegion: ['ap-south-1'], + operatingRegion: ['us-west-2'], }); /**Test Ipam Pool Ipv4 */ @@ -30,19 +31,19 @@ const ipam = new Ipam(stack, 'IpamTest', { const pool1 = ipam.privateScope.addPool('PrivatePool0', { addressFamily: AddressFamily.IP_V4, ipv4ProvisionedCidrs: ['10.2.0.0/16'], - locale: 'ap-south-1', + locale: 'us-west-2', }); const pool2 = ipam.publicScope.addPool('PublicPool0', { addressFamily: AddressFamily.IP_V6, awsService: AwsServiceName.EC2, - locale: 'ap-south-1', + locale: 'us-west-2', publicIpSource: IpamPoolPublicIpSource.AMAZON, }); pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); /** Test Ipv4 Primary and Secondary address IpvIPAM */ -new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { +const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), secondaryAddressBlocks: [ vpc_v2.IpAddresses.ipv4Ipam({ @@ -50,18 +51,28 @@ new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { netmaskLength: 20, cidrBlockName: 'ipv4IpamCidr', }), + vpc_v2.IpAddresses.ipv6Ipam({ + ipamPool: pool2, + netmaskLength: 60, + cidrBlockName: 'Ipv6IpamCidr', + }), ], enableDnsHostnames: true, enableDnsSupport: true, }); -new vpc_v2.VpcV2(stack, 'Vpc-integ-test-2', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ - ipamPool: pool2, - netmaskLength: 60, - cidrBlockName: 'Ipv6IpamCidr', - })], +/** + * Since source for IPAM IPv6 is set to amazonProvidedIPAM CIDR, + * can assign IPv6 address only after the allocation + * uncomment ipv6CidrBlock and provide valid IPv6 range + */ +new SubnetV2(stack, 'testsbubnet', { + vpc, + availabilityZone: 'us-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + //defined on the basis of allocation done in IPAM console + //ipv6CidrBlock: new Ipv6Cidr('2a05:d02c:25:4000::/60'), + subnetType: SubnetType.PRIVATE_ISOLATED, }); /** diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 8fa7b0508afb2..d72a02628c295 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { + "3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "objectKey": "3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index f6cffbdb23c5d..50fbb4892afdb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -1,43 +1,6 @@ { "Resources": { - "Ipam50346F82": { - "Type": "AWS::EC2::IPAM", - "Properties": { - "OperatingRegions": [ - { - "RegionName": "eu-west-2" - } - ] - } - }, - "IpamPublicPool050D6AA6C": { - "Type": "AWS::EC2::IPAMPool", - "Properties": { - "AddressFamily": "ipv6", - "AwsService": "ec2", - "IpamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, - "Locale": "eu-west-2", - "PublicIpSource": "amazon" - } - }, - "IpamPublicPool0PublicPool0CidrAC7F711E": { - "Type": "AWS::EC2::IPAMPoolCidr", - "Properties": { - "IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "NetmaskLength": 52 - } - }, - "VPCTestFB735C86": { + "SubnetTest3296A161": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", @@ -46,106 +9,64 @@ "InstanceTenancy": "default" } }, - "VPCTestIpv6IpamCidrD5C271DD": { + "SubnetTestSecondaryTestBDE45F82": { "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "Ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "Ipv6NetmaskLength": 56, + "AmazonProvidedIpv6CidrBlock": true, "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } - }, - "DependsOn": [ - "IpamPublicPool0PublicPool0CidrAC7F711E" - ] - }, - "VPCTestVpnGateway51EEED38": { - "Type": "AWS::EC2::VPNGateway", - "Properties": { - "Type": "ipsec.1" } }, - "VPCTestVPCVPNGW0A869280": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - }, - "VpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "VPCTestRoutePropagationFEA3011A": { - "Type": "AWS::EC2::VPNGatewayRoutePropagation", - "Properties": { - "RouteTableIds": [ - { - "Ref": "testsbubnetRouteTableF40F025B" - } - ], - "VpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - }, - "DependsOn": [ - "VPCTestVPCVPNGW0A869280" - ] - }, - "testsbubnetSubnet77337845": { + "testSubnet1Subnet72087287": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-west-2a", + "AvailabilityZone": "us-west-2a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, - "testsbubnetRouteTableF40F025B": { + "testSubnet1RouteTableB5FDDF81": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, - "testsbubnetRouteTableAssociationD6D083FA": { + "testSubnet1RouteTableAssociation1DA9E185": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testSubnet1RouteTableB5FDDF81", + "RouteTableId" + ] }, "SubnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, "InstanceInstanceSecurityGroupF0E2D5BE": { @@ -167,7 +88,7 @@ ], "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -209,7 +130,7 @@ "InstanceC1063A87": { "Type": "AWS::EC2::Instance", "Properties": { - "AvailabilityZone": "eu-west-2a", + "AvailabilityZone": "us-west-2a", "IamInstanceProfile": { "Ref": "InstanceInstanceProfileAB5AEF02" }, @@ -226,7 +147,7 @@ } ], "SubnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" }, "Tags": [ { @@ -241,6 +162,93 @@ "DependsOn": [ "InstanceInstanceRoleE9785DE5" ] + }, + "testIGW8D947AF2": { + "Type": "AWS::EC2::InternetGateway" + }, + "testIGWGWAttachment682A6782": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "TestRoutetableRouteTable7B7B907D": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "TestRoutetableeigwRouteCDE8BBAF": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "testIGWGWAttachment682A6782", + "testIGW8D947AF2" + ] + }, + "testSubnet2Subnet4681911A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": false, + "AvailabilityZone": "us-west-2a", + "CidrBlock": "10.0.1.0/24", + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + }, + "DependsOn": [ + "SubnetTestSecondaryTestBDE45F82" + ] + }, + "testSubnet2RouteTableAssociation40DCE4CD": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + }, + "SubnetId": { + "Ref": "testSubnet2Subnet4681911A" + } + }, + "DependsOn": [ + "SubnetTestSecondaryTestBDE45F82" + ] } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index f6b54e8178156..63a3c3fdc4a8c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,100 +34,106 @@ "aws-cdk-vpcv2-alpha-new.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha-new/Ipam/Ipam": [ + "/aws-cdk-vpcv2-alpha-new/SubnetTest/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Ipam50346F82" + "data": "SubnetTest3296A161" } ], - "/aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0": [ + "/aws-cdk-vpcv2-alpha-new/SubnetTest/SecondaryTest": [ { "type": "aws:cdk:logicalId", - "data": "IpamPublicPool050D6AA6C" + "data": "SubnetTestSecondaryTestBDE45F82" } ], - "/aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0Cidr": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "IpamPublicPool0PublicPool0CidrAC7F711E" + "data": "testSubnet1Subnet72087287" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestFB735C86" + "data": "testSubnet1RouteTableB5FDDF81" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/Ipv6IpamCidr": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestIpv6IpamCidrD5C271DD" + "data": "testSubnet1RouteTableAssociation1DA9E185" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway/Default": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestVpnGateway51EEED38" + "data": "InstanceInstanceSecurityGroupF0E2D5BE", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/VPCVPNGW": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestVPCVPNGW0A869280" + "data": "InstanceInstanceRoleE9785DE5" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/RoutePropagation": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceProfile": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestRoutePropagationFEA3011A" + "data": "InstanceInstanceProfileAB5AEF02" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/Subnet": [ + "/aws-cdk-vpcv2-alpha-new/Instance/Resource": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845" + "data": "InstanceC1063A87", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha-new/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation": [ + "/aws-cdk-vpcv2-alpha-new/testIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA" + "data": "testIGW8D947AF2" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testIGW/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceSecurityGroupF0E2D5BE" + "data": "testIGWGWAttachment682A6782" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceRole/Resource": [ + "/aws-cdk-vpcv2-alpha-new/TestRoutetable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceRoleE9785DE5" + "data": "TestRoutetableRouteTable7B7B907D" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceProfile": [ + "/aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceProfileAB5AEF02" + "data": "TestRoutetableeigwRouteCDE8BBAF" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "InstanceC1063A87" + "data": "testSubnet2Subnet4681911A" } ], - "/aws-cdk-vpcv2-alpha-new/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + "data": "testSubnet2RouteTableAssociation40DCE4CD" } ], "/aws-cdk-vpcv2-alpha-new/BootstrapVersion": [ @@ -141,6 +147,105 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "Ipam50346F82": [ + { + "type": "aws:cdk:logicalId", + "data": "Ipam50346F82", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamPublicPool050D6AA6C": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamPublicPool050D6AA6C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamPublicPool0PublicPool0CidrAC7F711E": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamPublicPool0PublicPool0CidrAC7F711E", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestFB735C86": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestFB735C86", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestIpv6IpamCidrD5C271DD": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestIpv6IpamCidrD5C271DD", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestVpnGateway51EEED38": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestVpnGateway51EEED38", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestVPCVPNGW0A869280": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestVPCVPNGW0A869280", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestRoutePropagationFEA3011A": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestRoutePropagationFEA3011A", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetSubnet77337845": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetSubnet77337845", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetRouteTableF40F025B": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableF40F025B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetRouteTableAssociationD6D083FA": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableAssociationD6D083FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index f1f62b0a8a30e..8cee5fa9bf37c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -8,94 +8,13 @@ "id": "aws-cdk-vpcv2-alpha-new", "path": "aws-cdk-vpcv2-alpha-new", "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha-new/Ipam", - "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/Ipam", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", - "aws:cdk:cloudformation:props": { - "operatingRegions": [ - { - "regionName": "eu-west-2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", - "version": "0.0.0" - } - }, - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0", - "children": { - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", - "aws:cdk:cloudformation:props": { - "addressFamily": "ipv6", - "awsService": "ec2", - "ipamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, - "locale": "eu-west-2", - "publicIpSource": "amazon" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", - "version": "0.0.0" - } - }, - "PublicPool0Cidr": { - "id": "PublicPool0Cidr", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0Cidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", - "aws:cdk:cloudformation:props": { - "ipamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "netmaskLength": 52 - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", - "version": "0.0.0" - } - }, - "VPCTest": { - "id": "VPCTest", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest", + "SubnetTest": { + "id": "SubnetTest", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest", "children": { "Resource": { "id": "Resource", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/Resource", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { @@ -110,22 +29,16 @@ "version": "0.0.0" } }, - "Ipv6IpamCidr": { - "id": "Ipv6IpamCidr", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/Ipv6IpamCidr", + "SecondaryTest": { + "id": "SecondaryTest", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest/SecondaryTest", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { - "ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "ipv6NetmaskLength": 56, + "amazonProvidedIpv6CidrBlock": true, "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -135,73 +48,6 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } - }, - "VpnGateway": { - "id": "VpnGateway", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway/Default", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPNGateway", - "aws:cdk:cloudformation:props": { - "type": "ipsec.1" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.VpnGateway", - "version": "0.0.0" - } - }, - "VPCVPNGW": { - "id": "VPCVPNGW", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VPCVPNGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - }, - "vpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - }, - "RoutePropagation": { - "id": "RoutePropagation", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/RoutePropagation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", - "aws:cdk:cloudformation:props": { - "routeTableIds": [ - { - "Ref": "testsbubnetRouteTableF40F025B" - } - ], - "vpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", - "version": "0.0.0" - } } }, "constructInfo": { @@ -209,22 +55,22 @@ "version": "0.0.0" } }, - "testsbubnet": { - "id": "testsbubnet", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet", + "testSubnet1": { + "id": "testSubnet1", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/Subnet", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-west-2a", + "availabilityZone": "us-west-2a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -237,7 +83,7 @@ }, "Acl": { "id": "Acl", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/Acl", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/Acl", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -245,34 +91,47 @@ }, "RouteTable": { "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testSubnet1RouteTableB5FDDF81", + "RouteTableId" + ] }, "subnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" } } }, @@ -317,7 +176,7 @@ ], "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -407,7 +266,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Instance", "aws:cdk:cloudformation:props": { - "availabilityZone": "eu-west-2a", + "availabilityZone": "us-west-2a", "iamInstanceProfile": { "Ref": "InstanceInstanceProfileAB5AEF02" }, @@ -424,7 +283,7 @@ } ], "subnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" }, "tags": [ { @@ -464,6 +323,180 @@ "version": "0.0.0" } }, + "testIGW": { + "id": "testIGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha-new/testIGW/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "version": "0.0.0" + } + }, + "TestRoutetable": { + "id": "TestRoutetable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "eigwRoute": { + "id": "eigwRoute", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "testSubnet2": { + "id": "testSubnet2", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": false, + "availabilityZone": "us-west-2a", + "cidrBlock": "10.0.1.0/24", + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + }, + "subnetId": { + "Ref": "testSubnet2Subnet4681911A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha-new/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts index a601e0f7f319f..a584b26038aeb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts @@ -10,7 +10,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; -import { AddressFamily, AwsServiceName, InternetGateway, IpCidr, Ipam, IpamPoolPublicIpSource, RouteTable, SubnetV2 } from '../lib'; +import { InternetGateway, IpCidr, RouteTable, SubnetV2 } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { SubnetType } from 'aws-cdk-lib/aws-ec2'; @@ -19,28 +19,10 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha-new'); -const ipam = new Ipam(stack, 'Ipam', { - operatingRegion: ['eu-west-2'], //set to the region stack is being deployed to -}); - -/** - * Integ test for VPC with IPAM pool to be run with --no-clean - */ -const pool2 = ipam.publicScope.addPool('PublicPool0', { - addressFamily: AddressFamily.IP_V6, - awsService: AwsServiceName.EC2, - locale: 'eu-west-2', //set to the region stack is being deployed to - publicIpSource: IpamPoolPublicIpSource.AMAZON, -}); - -pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); - -const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { +const vpc = new vpc_v2.VpcV2(stack, 'SubnetTest', { primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), - secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ - ipamPool: pool2, - netmaskLength: 56, - cidrBlockName: 'Ipv6IpamCidr', + secondaryAddressBlocks: [vpc_v2.IpAddresses.amazonProvidedIpv6( { + cidrBlockName: 'SecondaryTest', })], enableDnsHostnames: true, enableDnsSupport: true, @@ -51,9 +33,9 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { * can assign IPv6 address only after the allocation * uncomment ipv6CidrBlock and provide valid IPv6 range */ -new SubnetV2(stack, 'testsbubnet', { +new SubnetV2(stack, 'testSubnet1', { vpc, - availabilityZone: 'eu-west-2a', + availabilityZone: 'us-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), //defined on the basis of allocation done in IPAM console //ipv6CidrBlock: new Ipv6Cidr('2a05:d02c:25:4000::/60'), @@ -79,6 +61,14 @@ const routeTable = new RouteTable(stack, 'TestRoutetable', { routeTable.addRoute('eigwRoute', '0.0.0.0/0', { gateway: igw }); +new SubnetV2(stack, 'testSubnet2', { + vpc, + availabilityZone: 'us-west-2a', + ipv4CidrBlock: new IpCidr('10.0.1.0/24'), + routeTable: routeTable, + subnetType: SubnetType.PUBLIC, +}); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index 7a5008549818f..ec6f321d9d708 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213": { + "353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213.json", + "objectKey": "353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 51c30d1563bb0..444a4d76a15c3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -220,7 +220,7 @@ } } }, - "VPCintegtest1RoutePropagation062BDAD5": { + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7": { "Type": "AWS::EC2::VPNGatewayRoutePropagation", "Properties": { "RouteTableIds": [ @@ -242,7 +242,49 @@ "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] }, - "VPCintegtest1TestNATGateway54FD55E6": { + "VPCintegtest1InternetGatewayIGWAA29FB02": { + "Type": "AWS::EC2::InternetGateway" + }, + "VPCintegtest1InternetGatewayGWAttachment69B1C71E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "192.168.0.0/16", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1InternetGatewayGWAttachment69B1C71E", + "VPCintegtest1InternetGatewayIGWAA29FB02" + ] + }, + "VPCintegtest1NATGateway31DAF7F4": { "Type": "AWS::EC2::NatGateway", "Properties": { "ConnectivityType": "private", @@ -251,7 +293,10 @@ } }, "DependsOn": [ - "testsbubnetRouteTableAssociationD6D083FA" + "testsbubnetRouteTableAssociationD6D083FA", + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] }, "testsbubnetSubnet77337845": { @@ -427,6 +472,29 @@ } } }, + "routeTableNATGWRouteF45BEF45": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "172.32.0.0/24", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" + ] + }, "routeRouteFC6D4F1F": { "Type": "AWS::EC2::Route", "Properties": { @@ -446,6 +514,7 @@ }, "DependsOn": [ "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index c28c51900c216..88e5763bc3db9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/51edd8607f00b16f64f3e944f3777231b6c6ec26b807793498fcd17aef170213.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -100,19 +100,34 @@ "data": "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/RoutePropagation": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/RoutePropagation": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1RoutePropagation062BDAD5" + "data": "VPCintegtest1VpnGatewayRoutePropagation2E585DD7" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/IGW": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestNATGateway54FD55E6", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "VPCintegtest1InternetGatewayIGWAA29FB02" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/GWAttachment": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1InternetGatewayGWAttachment69B1C71E" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1NATGateway31DAF7F4" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ @@ -154,10 +169,7 @@ "/aws-cdk-vpcv2-alpha/validateIpv6/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6Subnet07BD40AE", - "trace": [ - "!!DESTRUCTIVE_CHANGES: MAY_REPLACE" - ] + "data": "validateIpv6Subnet07BD40AE" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ @@ -178,6 +190,12 @@ "data": "routeTableRouteTable23B79F0B" } ], + "/aws-cdk-vpcv2-alpha/routeTable/NATGWRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "routeTableNATGWRouteF45BEF45" + } + ], "/aws-cdk-vpcv2-alpha/route/Route": [ { "type": "aws:cdk:logicalId", @@ -196,55 +214,19 @@ "data": "CheckBootstrapVersion" } ], - "VPCintegtest1VPCVPNGW9C6831A0": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1VPCVPNGW9C6831A0", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "VPCintegtest1TestIGW604D0664": [ + "VPCintegtest1RoutePropagation062BDAD5": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestIGW604D0664", + "data": "VPCintegtest1RoutePropagation062BDAD5", "trace": [ "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" ] } ], - "VPCintegtest1TestIGWGWAttachment786F3526": [ + "VPCintegtest1TestNATGateway54FD55E6": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestIGWGWAttachment786F3526", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1validateIpv6DefaultIPv6RouteCC91FD02", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "VPCintegtest1TestNATGatewayEIP444375D7": [ - { - "type": "aws:cdk:logicalId", - "data": "VPCintegtest1TestNATGatewayEIP444375D7", + "data": "VPCintegtest1TestNATGateway54FD55E6", "trace": [ "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" ] diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index d09d97e3c60f7..cb254995dba28 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -370,6 +370,33 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", "version": "0.0.0" } + }, + "RoutePropagation": { + "id": "RoutePropagation", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/RoutePropagation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", + "aws:cdk:cloudformation:props": { + "routeTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "vpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", + "version": "0.0.0" + } } }, "constructInfo": { @@ -377,40 +404,96 @@ "version": "0.0.0" } }, - "RoutePropagation": { - "id": "RoutePropagation", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/RoutePropagation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", - "aws:cdk:cloudformation:props": { - "routeTableIds": [ - { - "Fn::GetAtt": [ - "validateIpv6RouteTable09389F8D", - "RouteTableId" - ] + "InternetGateway": { + "id": "InternetGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } - ], - "vpnGatewayId": { - "Fn::GetAtt": [ - "VPCintegtest1VpnGatewayIGWBC493574", - "VPNGatewayId" - ] + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "version": "0.0.0" + } + }, + "validateIpv6-DefaultRoute": { + "id": "validateIpv6-DefaultRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "192.168.0.0/16", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, - "TestNATGateway": { - "id": "TestNATGateway", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway", + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway", "children": { "NATGateway": { "id": "NATGateway", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestNATGateway/NATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway/NATGateway", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { @@ -732,6 +815,42 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "NATGWRoute": { + "id": "NATGWRoute", + "path": "aws-cdk-vpcv2-alpha/routeTable/NATGWRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/routeTable/NATGWRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "172.32.0.0/24", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 3f582a15c608e..776903b9c043d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -86,14 +86,19 @@ const vpnGateway = vpc.enableVpnGatewayV2({ type: VpnConnectionType.IPSEC_1, }); +//Can define a route with VPN gateway as a target +const routeTable = new RouteTable(stack, 'routeTable', { vpc } ); + new Route(stack, 'route', { destination: '172.31.0.0/24', target: { gateway: vpnGateway }, - routeTable: new RouteTable(stack, 'routeTable', { vpc } ), + routeTable: routeTable, }); -//Add Internet Gateway -vpc.addInternetGateway(); +//Add Internet Gateway with routes set to custom IP range +vpc.addInternetGateway({ + ipv4Destination: '192.168.0.0/16', +}); //Add a NAT Gateway vpc.addNatGateway({ @@ -101,6 +106,9 @@ vpc.addNatGateway({ connectivityType: NatConnectivityType.PRIVATE, }).node.addDependency(vpnGateway); +//Can define a route with Nat gateway as a target +routeTable.addRoute( 'NATGWRoute', '172.32.0.0/24', { gateway: vpnGateway }); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 5f5ad1dedbfe6..3b19eff93b6f9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -244,6 +244,16 @@ describe('Vpc V2 with full control', () => { }); }); + test('addNatGateway fails for public gateway without IGW attached', () => { + expect (() => { + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PUBLIC, + maxDrainDuration: cdk.Duration.seconds(2001), + }); + }).toThrow('Cannot add a Public NAT Gateway without an Internet Gateway enabled on VPC'); + }); + test('addinternetGateway defines a new internet gateway with attachment and no route', () => { const vpc2 = new vpc.VpcV2(stack, 'TestVpcNoSubnet', { primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), From 5d63c6cf7f5eac960e8c24f30031955ee3df4921 Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Wed, 4 Sep 2024 18:05:58 -0700 Subject: [PATCH 39/44] Apply suggestions from code review add documentation nits Co-authored-by: paulhcsun <47882901+paulhcsun@users.noreply.github.com> --- packages/@aws-cdk/aws-ec2-alpha/README.md | 4 ++-- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 3 +-- packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 3f6101bc321d7..7dc61f4b52aa0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -226,8 +226,8 @@ An egress-only internet gateway is a horizontally scaled, redundant, and highly VPCv2 supports adding an egress only internet gateway to VPC with the help of `addEgressOnlyInternetGateway` method as well. -By Default, it sets up a route to all outbound IPv6 Address ranges unless specified to a specific destination by the user. It can only be set up for IPv6 enabled VPCs. -`Subnets` takes in value of `SubnetFilter` which can be based on a SubnetType in VPCV2. A new route will be added to route tables of all subnets filtered out with this property. +By default, this sets up a route to all outbound IPv6 address ranges unless the user specifies a particular destination. It can only be configured for IPv6 enabled VPCs. +`Subnets` accepts a value of `SubnetFilter`, which can be based on a `SubnetType` in VPCV2. A new route will be added to the route tables of all subnets that match this filter. ```ts diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 9d6e58d8b7ecc..8985d80947433 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -161,7 +161,7 @@ export interface NatGatewayOptions { export interface NatGatewayProps extends NatGatewayOptions { /** * The ID of the VPC in which the NAT gateway is located. - * Required in case of public connectivity if allocation id is not defined + * Required in case of public connectivity if `AllocationId` is not defined * @default none */ readonly vpc?: IVpcV2; @@ -314,7 +314,6 @@ export class VPNGatewayV2 extends Resource implements IRouteTarget { // until it has successfully attached to the VPC. // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html this._routePropagation.node.addDependency(this._attachment); - } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 32751ee838ad0..36c7681629db2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -63,7 +63,7 @@ export interface VPNGatewayV2Options { readonly vpnGatewayName?: string; /** - * Provide an array of subnets where the route propagation should be added. + * Subnets where the route propagation should be added. * @default noPropagation */ readonly vpnRoutePropagation?: SubnetSelection[]; From 669c735bfcc1b7f51b97d18a8c36b04289202179 Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Thu, 5 Sep 2024 00:37:48 -0700 Subject: [PATCH 40/44] Apply suggestions from code review Co-authored-by: GZ Co-authored-by: paulhcsun <47882901+paulhcsun@users.noreply.github.com> --- packages/@aws-cdk/aws-ec2-alpha/README.md | 2 +- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 1 + packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 1 + packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 12 ++++++++---- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 7dc61f4b52aa0..57a3288da10d7 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -222,7 +222,7 @@ new Route(this, 'DynamoDBRoute', { ## Adding Egress-Only Internet Gateway to VPC -An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. For more information see@ https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html +For more information see [Enable outbound IPv6 traffic using an egress-only internet gateway](https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html) VPCv2 supports adding an egress only internet gateway to VPC with the help of `addEgressOnlyInternetGateway` method as well. diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 8985d80947433..aa2a32fe659e6 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -619,6 +619,7 @@ export class RouteTable extends Resource implements IRouteTable { /** * Adds a new custom route to the route table. + * * @param destination The IPv4 or IPv6 CIDR block used for the destination match. * @param target The gateway or endpoint targeted by the route. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index b342b92f954d5..1544380ccfcb0 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -98,6 +98,7 @@ export interface ISubnetV2 extends ISubnet { /** * The type of subnet (public or private) that this subnet represents. + * * @attribute SubnetType */ readonly subnetType?: SubnetType; diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 36c7681629db2..f8aff1b5e134c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -11,13 +11,15 @@ import { ISubnetV2 } from './subnet-v2'; export interface EgressOnlyInternetGatewayOptions{ /** * List of subnets where route to EGW will be added - * @default no route created + * + * @default - no route created */ readonly subnets?: SubnetSelection[]; /** * Destination Ipv6 address for EGW route - * @default '::/0' all Ipv6 traffic + * + * @default - '::/0' all Ipv6 traffic */ readonly destination?: string; } @@ -29,13 +31,15 @@ export interface InternetGatewayOptions{ /** * Destination Ipv6 address for EGW route - * @default '0.0.0.0' all Ipv4 traffic + * + * @default - '0.0.0.0' all Ipv4 traffic */ readonly ipv4Destination?: string; /** * Destination Ipv6 address for EGW route - * @default '::/0' all Ipv6 traffic + * + * @default - '::/0' all Ipv6 traffic */ readonly ipv6Destination?: string; } From a9096f55170933c2ec1747b0936652c57479116c Mon Sep 17 00:00:00 2001 From: shikha372 Date: Thu, 5 Sep 2024 03:00:26 -0700 Subject: [PATCH 41/44] fix readme --- packages/@aws-cdk/aws-ec2-alpha/README.md | 159 +++++++++++++++--- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 10 +- .../aws-ec2-alpha/rosetta/default.ts-fixture | 5 +- 3 files changed, 143 insertions(+), 31 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 57a3288da10d7..bfc064e47b353 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -54,7 +54,7 @@ new SubnetV2(this, 'subnetA', { availabilityZone: 'us-east-1a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), ipv6CidrBlock: new IpCidr('2a05:d02c:25:4000::/60'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED, + subnetType: SubnetType.PRIVATE_ISOLATED, }) ``` @@ -121,11 +121,11 @@ const subnet = new SubnetV2(this, 'Subnet', { routeTable, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED, + subnetType: SubnetType.PRIVATE_ISOLATED, }); ``` -`Route`s can be created to link subnets to various different AWS services via gateways and endpoints. Each unique route target has its own dedicated construct that can be routed to a given subnet via the `Route` construct. An example using the `InternetGateway` construct can be seen below: +`Routes` can be created to link subnets to various different AWS services via gateways and endpoints. Each unique route target has its own dedicated construct that can be routed to a given subnet via the `Route` construct. An example using the `InternetGateway` construct can be seen below: ```ts const stack = new Stack(); @@ -137,7 +137,7 @@ const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); + subnetType: SubnetType.PRIVATE_ISOLATED }); const igw = new InternetGateway(this, 'IGW', { vpc: myVpc, @@ -149,22 +149,28 @@ new Route(this, 'IgwRoute', { }); ``` -Alternatively, `Route`s can be created via a method in the `RouteTable` class. An example using the `EgressOnlyInternetGateway` construct can be seen below: +Alternatively, `Routes` can also be created via method `addRoute` in the `RouteTable` class. An example using the `EgressOnlyInternetGateway` construct can be seen below: Note: `EgressOnlyInternetGateway` can only be used to set up outbound IPv6 routing. ```ts -import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; -const myVpc = new VpcV2(stack, 'Vpc', {...}); -const routeTable = new RouteTable(stack, 'RouteTable', { - vpc: vpc.myVpc, +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc',{ + primaryAddressBlock: IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [IpAddresses.amazonProvidedIpv6({ + cidrBlockName: 'AmazonProvided', + })] + }); + +const eigw = new EgressOnlyInternetGateway(this, 'EIGW', { + vpc: myVpc, }); -const subnet = new SubnetV2(stack, 'Subnet', {...}); -const eigw = new EgressOnlyInternetGateway(stack, 'EIGW', { - vpcId: vpc.myVpc, +const routeTable = new RouteTable(this, 'RouteTable', { + vpc: myVpc, }); -routeTable.addRoute('::/0', { gateway: eigw }); + +routeTable.addRoute('EIGW', '::/0', { gateway: eigw }); ``` Other route targets may require a deeper set of parameters to set up properly. For instance, the example below illustrates how to set up a `NatGateway`: @@ -179,7 +185,7 @@ const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); + subnetType: SubnetType.PRIVATE_ISOLATED }); const natgw = new NatGateway(this, 'NatGW', { subnet: subnet, @@ -198,6 +204,7 @@ It is also possible to set up endpoints connecting other AWS services. For insta ```ts +const stack = new Stack(); const myVpc = new VpcV2(this, 'Vpc'); const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, @@ -206,7 +213,7 @@ const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE }); + subnetType: SubnetType.PRIVATE }); const dynamoEndpoint = new ec2.GatewayVpcEndpoint(this, 'DynamoEndpoint', { service: ec2.GatewayVpcEndpointAwsService.DYNAMODB, @@ -222,16 +229,24 @@ new Route(this, 'DynamoDBRoute', { ## Adding Egress-Only Internet Gateway to VPC -For more information see [Enable outbound IPv6 traffic using an egress-only internet gateway](https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html) +An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. + +For more information see [Enable outbound IPv6 traffic using an egress-only internet gateway](https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html). -VPCv2 supports adding an egress only internet gateway to VPC with the help of `addEgressOnlyInternetGateway` method as well. +VpcV2 supports adding an egress only internet gateway to VPC using the `addEgressOnlyInternetGateway` method. -By default, this sets up a route to all outbound IPv6 address ranges unless the user specifies a particular destination. It can only be configured for IPv6 enabled VPCs. -`Subnets` accepts a value of `SubnetFilter`, which can be based on a `SubnetType` in VPCV2. A new route will be added to the route tables of all subnets that match this filter. +By default, this method sets up a route to all outbound IPv6 address ranges, unless a specific destination is provided by the user. It can only be configured for IPv6-enabled VPCs. +The `Subnets` parameter accepts a `SubnetFilter`, which can be based on a `SubnetType` in VpcV2. A new route will be added to the route tables of all subnets that match this filter. ```ts -const myVpc = new VpcV2(this, 'Vpc'); +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc',{ + primaryAddressBlock: IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [IpAddresses.amazonProvidedIpv6({ + cidrBlockName: 'AmazonProvided', + })] + }); const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); @@ -239,11 +254,111 @@ const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE }); + ipv6CidrBlock: new IpCidr('2001:db8:1::/64'), + subnetType: SubnetType.PRIVATE }); myVpc.addEgressOnlyInternetGateway({ - subnets: [{SubnetType.PUBLIC}], + subnets: [{subnetType: SubnetType.PRIVATE}], destination: '::/60', }) +``` + +## Adding NATGateway to the VPC + +A NAT gateway is a Network Address Translation (NAT) service.You can use a NAT gateway so that instances in a private subnet can connect to services outside your VPC but external services cannot initiate a connection with those instances. + +For more information, see [NAT gateway basics](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html). + +When you create a NAT gateway, you specify one of the following connectivity types: + +**Public – (Default)**: Instances in private subnets can connect to the internet through a public NAT gateway, but cannot receive unsolicited inbound connections from the internet + +**Private**: Instances in private subnets can connect to other VPCs or your on-premises network through a private NAT gateway. + +To define the NAT gateway connectivity type as `ConnectivityType.Public`, you need to ensure that there is an IGW(Internet Gateway) attached to the subnet's VPC. +Since a NATGW is associated with a particular subnet, providing `subnet` field in the input props is mandatory. + +Additionally, you can set up a route in any route table with the target set to the NAT Gateway. The function `addNatGateway` returns a `NATGateway` object that you can reference later. + +The code example below provides the definition for adding a NAT gateway to your subnet: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { + vpc: myVpc, +}); +const subnet = new SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + subnetType: SubnetType.PUBLIC }); + +myVpc.addInternetGateway(); +myVpc.addNatGateway({ + subnet: subnet, + connectivityType: NatConnectivityType.PUBLIC, +}); +``` + +## Enable VPNGateway for the VPC + +A virtual private gateway is the endpoint on the VPC side of your VPN connection. + +For more information, see [What is AWS Site-to-Site VPN?](https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html). + +VPN route propagation is a feature in Amazon Web Services (AWS) that automatically updates route tables in your Virtual Private Cloud (VPC) with routes learned from a VPN connection. + +To enable VPN route propogation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs. + +Additionally, you can set up a route in any route table with the target set to the VPN Gateway. The function `enableVpnGatewayV2` returns a `VPNGatewayV2` object that you can reference later. + +The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropogation` enabled: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); +const vpnGateway = myVpc.enableVpnGatewayV2({ + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + type: VpnConnectionType.IPSEC_1, +}); + +const routeTable = new RouteTable(stack, 'routeTable', { + vpc: myVpc + } ); + +new Route(stack, 'route', { + destination: '172.31.0.0/24', + target: { gateway: vpnGateway }, + routeTable: routeTable, +}); +``` + +## Adding InternetGateway to the VPC + +An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. It supports both IPv4 and IPv6 traffic. + +For more information, see [Enable VPC internet access using internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html). + +You can add an internet gateway to a VPC using `addInternetGateway` method. By default, this method creates a route in all Public Subnets with outbound destination set to `0.0.0.0` for IPv4 and `::0` for IPv6 enabled VPC. +Instead of using the default settings, you can configure a custom destinatation range by providing an optional input `destination` to the method. +The code example below shows how to add an internet gateway with a custom outbound destination IP range: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); + +const subnet = new SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + subnetType: SubnetType.PUBLIC }); + +myVpc.addInternetGateway({ + ipv4Destination: '192.168.0.0/16', +}); ``` diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index aa2a32fe659e6..15fb70a324e81 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -25,7 +25,7 @@ export enum NatConnectivityType { * Interface to define a routing target, such as an * egress-only internet gateway or VPC endpoint. */ -export interface IRouteTarget extends IDependable{ +export interface IRouteTarget extends IDependable { /** * The type of router used in the route. */ @@ -429,8 +429,8 @@ export class RouteTargetType { readonly endpoint?: IVpcEndpoint; constructor(props: RouteTargetProps) { - if (props.gateway && props.endpoint) { - throw new Error('Cannot specify both gateway and endpoint'); + if ((props.gateway && props.endpoint) || (!props.gateway && !props.endpoint)) { + throw new Error('Exactly one of `gateway` or `endpoint` must be specified.'); } else { this.gateway = props.gateway; this.endpoint = props.endpoint; @@ -624,10 +624,6 @@ export class RouteTable extends Resource implements IRouteTable { * @param target The gateway or endpoint targeted by the route. */ public addRoute(id: string, destination: string, target: RouteTargetType) { - if (!target.gateway && !target.endpoint) { - throw new Error('Target is defined without a gateway or endpoint.'); - } - new Route(this, id, { routeTable: this, destination: destination, diff --git a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture index 9671a592cda88..9643806d2973b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture @@ -1,9 +1,10 @@ // Fixture with packages imported, but nothing else import { Construct } from 'constructs'; import { Stack, App, Fn } from 'aws-cdk-lib'; -import { VpcV2, SubnetV2, IpAddresses, IpamPoolPublicIpSource, RouteTable, InternetGateway, Route, NatGateway } from '@aws-cdk/aws-ec2-alpha'; +import { VpcV2, SubnetV2, IpAddresses, IpamPoolPublicIpSource, RouteTable, InternetGateway, Route, NatGateway, EgressOnlyInternetGateway } from '@aws-cdk/aws-ec2-alpha'; import { Ipam, AwsServiceName, IpCidr, AddressFamily } from '@aws-cdk/aws-ec2-alpha'; -import { NatConnectivityType } from '@aws-cdk/aws-ec2-alpha' +import { NatConnectivityType } from '@aws-cdk/aws-ec2-alpha'; +import { SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; class Fixture extends Stack { From 5c7548c4954c8b3433cef4b45e7f0955825ddf1b Mon Sep 17 00:00:00 2001 From: shikha372 Date: Mon, 9 Sep 2024 16:30:02 -0700 Subject: [PATCH 42/44] fixing nits for defining default --- packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts | 38 +++++---- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 84 +++++++++++-------- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 14 ++-- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 38 +++++---- packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts | 34 ++++---- 5 files changed, 125 insertions(+), 83 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts index c6600d43315f0..dc393fb149192 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts @@ -52,20 +52,22 @@ export enum AwsServiceName { /** * Options to create a new Ipam in the account */ -export interface IpamProps{ +export interface IpamProps { /** * The operating Regions for an IPAM. * Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs * For more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* . * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html#cfn-ec2-ipam-operatingregions - * @default Stack.region if defined else [] + * + * @default - Stack.region if defined in the stack */ readonly operatingRegion?: string[]; /** * Name of IPAM that can be used for tagging resource - * @default none + * + * @default - If no name provided, no tags will be added to the IPAM */ readonly ipamName?: string; } @@ -99,6 +101,7 @@ export interface PoolOptions{ /** * Information about the CIDRs provisioned to the pool. + * * @default - No CIDRs are provisioned */ readonly ipv4ProvisionedCidrs?: string[]; @@ -109,7 +112,8 @@ export interface PoolOptions{ * You can only allocate a CIDR for a VPC, for example, from an IPAM pool that shares a locale with the VPC’s Region. * Note that once you choose a Locale for a pool, you cannot modify it. If you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error. * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipampool.html#cfn-ec2-ipampool-locale - * @default - Current operating region + * + * @default - Current operating region of IPAM */ readonly locale?: string; @@ -117,6 +121,7 @@ export interface PoolOptions{ * The IP address source for pools in the public scope. * Only used for IPv6 address * Only allowed values to this are 'byoip' or 'amazon' + * * @default amazon */ readonly publicIpSource?: IpamPoolPublicIpSource; @@ -128,7 +133,7 @@ export interface PoolOptions{ * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipampool.html#cfn-ec2-ipampool-awsservice * - * @default - No service + * @default - required in case of an IPv6, throws an error if not provided. */ readonly awsService?: AwsServiceName; } @@ -145,7 +150,8 @@ interface IpamPoolProps extends PoolOptions { /** * IPAM resource name - * @default autogenerated by CDK + * + * @default - autogenerated by CDK if not provided */ readonly ipamPoolName?: string; } @@ -158,13 +164,15 @@ interface IpamPoolProps extends PoolOptions { export interface IpamPoolCidrProvisioningOptions { /** * Ipv6 Netmask length for the CIDR - * @default none + * + * @default - pool provisioned without netmask length, need cidr range in this case */ readonly netmaskLength?: number; /** * Ipv6 CIDR block for the IPAM pool - * @default none + * + * @default - pool provisioned without netmask length, need netmask length in this case */ readonly cidr?: string; } @@ -195,7 +203,7 @@ export interface IIpamPool{ * IPAM scope is the highest-level container within IPAM. An IPAM contains two default scopes. * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html */ -interface IpamScopeProps extends IpamScopeOptions{ +interface IpamScopeProps extends IpamScopeOptions { /** * IPAM id to which scope needs to be added */ @@ -209,7 +217,8 @@ interface IpamScopeProps extends IpamScopeOptions{ /** * Custom ipam scope id to add a pool in order to support default scopes - * @default none + * + * @default - throws an error if no scope id is provided */ readonly ipamScopeId?: string; @@ -222,7 +231,8 @@ export interface IpamScopeOptions { /** * IPAM scope name that will be used for tagging - * @default none + * + * @default - no tags will be added to the scope */ readonly ipamScopeName?: string; } @@ -238,7 +248,7 @@ export interface IpamOptions { * CIDR Mask for Vpc * Only required when using AWS Ipam * - * @default - None + * @default - no netmask length for IPAM attached to VPC secondary address */ readonly netmaskLength?: number; @@ -246,7 +256,7 @@ export interface IpamOptions { * Ipv4 or an Ipv6 IPAM pool * Only required when using AWS Ipam * - * @default - None + * @default - no pool attached to VPC secondary address */ readonly ipamPool?: IIpamPool; @@ -260,7 +270,7 @@ export interface IpamOptions { /** * Interface for IpamScope Class */ -export interface IIpamScopeBase{ +export interface IIpamScopeBase { /** * Reference to the current scope of stack to be passed in order to create diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 15fb70a324e81..da9337f54572d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -2,7 +2,7 @@ import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway import { Construct, IConstruct, IDependable } from 'constructs'; import { Annotations, Duration, IResource, Resource } from 'aws-cdk-lib/core'; import { IVpcV2, VPNGatewayV2Options } from './vpc-v2-base'; -import { NetworkUtils, allRouteTableIds, flatten } from './util'; +import { NetworkUtils, allRouteTableIds } from './util'; import { ISubnetV2 } from './subnet-v2'; /** @@ -48,7 +48,8 @@ export interface EgressOnlyInternetGatewayProps { /** * The resource name of the egress-only internet gateway. - * @default none + * + * @default - provisioned without a resource name */ readonly egressOnlyInternetGatewayName?: string; } @@ -64,7 +65,8 @@ export interface InternetGatewayProps { /** * The resource name of the internet gateway. - * @default none + * + * @default - provisioned without a resource name */ readonly internetGatewayName?: string; @@ -73,7 +75,7 @@ export interface InternetGatewayProps { /** * Properties to define a VPN gateway. */ -export interface VPNGatewayV2Props extends VPNGatewayV2Options{ +export interface VPNGatewayV2Props extends VPNGatewayV2Options { /** * The ID of the VPC for which to create the VPN gateway. @@ -93,35 +95,40 @@ export interface NatGatewayOptions { /** * AllocationID of Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT * gateway and cannot be specified with a private NAT gateway. - * @default attr.allocationID of a new Elastic IP created by default + * + * @default - attr.allocationID of a new Elastic IP created by default * //TODO: ADD L2 for elastic ip */ readonly allocationId?: string; /** * Indicates whether the NAT gateway supports public or private connectivity. - * @default public + * + * @default NatConnectivityType.Public */ readonly connectivityType?: NatConnectivityType; /** * The maximum amount of time to wait before forcibly releasing the * IP addresses if connections are still in progress. - * @default 350 seconds + * + * @default 350seconds */ readonly maxDrainDuration?: Duration; /** - * The private IPv4 address to assign to the NAT gateway. If you don't provide an - * address, a private IPv4 address will be automatically assigned. - * @default none + * The private IPv4 address to assign to the NAT gateway. + * + * @default - If you don't provide an address, a private IPv4 address will be automatically assigned. */ readonly privateIpAddress?: string; /** * Secondary EIP allocation IDs. - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary allocation IDs attached to NATGW + * */ readonly secondaryAllocationIds?: string[]; @@ -131,9 +138,9 @@ export interface NatGatewayOptions { * * `SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be * set at the same time. - * - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary allocation IDs associated with NATGW */ readonly secondaryPrivateIpAddressCount?: number; @@ -142,15 +149,16 @@ export interface NatGatewayOptions { * * `SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be * set at the same time. - * - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary private IpAddresses associated with NATGW */ readonly secondaryPrivateIpAddresses?: string[]; /** * The resource name of the NAT gateway. - * @default none + * + * @default - NATGW provisioned without any name */ readonly natGatewayName?: string; } @@ -161,8 +169,8 @@ export interface NatGatewayOptions { export interface NatGatewayProps extends NatGatewayOptions { /** * The ID of the VPC in which the NAT gateway is located. - * Required in case of public connectivity if `AllocationId` is not defined - * @default none + * + * @default - no elastic ip associated, required in case of public connectivity if `AllocationId` is not defined */ readonly vpc?: IVpcV2; } @@ -299,11 +307,12 @@ export class VPNGatewayV2 extends Resource implements IRouteTarget { }); // Propagate routes on route tables associated with the right subnets - const vpnRoutePropagation = props.vpnRoutePropagation ?? [{}]; - const routeTableIds = allRouteTableIds(flatten(vpnRoutePropagation.map(s => props.vpc.selectSubnets(s).subnets))); + const vpnRoutePropagation = props.vpnRoutePropagation ?? []; + const subnets = vpnRoutePropagation.map(s => props.vpc.selectSubnets(s).subnets).flat(); + const routeTableIds = allRouteTableIds(subnets); if (routeTableIds.length === 0) { - Annotations.of(this).addError(`enableVpnGateway: no subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); + Annotations.of(this).addWarningV2('@aws-cdk:aws-ec2-elpha:enableVpnGatewayV2', `No subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); } this._routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { @@ -334,14 +343,16 @@ export class NatGateway extends Resource implements IRouteTarget { /** * Indicates whether the NAT gateway supports public or private connectivity. + * * @default public */ - public readonly connectivityType?: string; + public readonly connectivityType?: NatConnectivityType; /** * The maximum amount of time to wait before forcibly releasing the * IP addresses if connections are still in progress. - * @default 350 seconds + * + * @default '350 seconds' */ public readonly maxDrainDuration?: Duration; @@ -358,7 +369,7 @@ export class NatGateway extends Resource implements IRouteTarget { this.connectivityType = props.connectivityType || NatConnectivityType.PUBLIC; this.maxDrainDuration = props.maxDrainDuration || Duration.seconds(350); - if (this.connectivityType == NatConnectivityType.PUBLIC) { + if (this.connectivityType === NatConnectivityType.PUBLIC) { if (!props.vpc && !props.allocationId) { throw new Error('Either provide vpc or allocationId'); } @@ -366,7 +377,7 @@ export class NatGateway extends Resource implements IRouteTarget { // If user does not provide EIP, generate one for them var aId: string | undefined; - if (this.connectivityType == 'public') { + if (this.connectivityType == NatConnectivityType.PUBLIC) { if (!props.allocationId) { let eip = new CfnEIP(this, 'EIP', { domain: props.vpc?.vpcId, @@ -398,14 +409,16 @@ export interface RouteTargetProps { /** * The gateway route target. This is used for targets such as * egress-only internet gateway or VPC peering connection. - * @default none + * + * @default - target is not set to a gateway, in this case an endpoint is needed. */ readonly gateway?: IRouteTarget; /** * The endpoint route target. This is used for targets such as * VPC endpoints. - * @default none + * + * @default - target is not set to an endpoint, in this case a gateway is needed. */ readonly endpoint?: IVpcEndpoint; } @@ -417,14 +430,16 @@ export class RouteTargetType { /** * The gateway route target. This is used for targets such as * egress-only internet gateway or VPC peering connection. - * @default none + * + * @default - target is not set to a gateway, in this case an endpoint is needed. */ readonly gateway?: IRouteTarget; /** * The endpoint route target. This is used for targets such as * VPC endpoints. - * @default none + * + * @default - target is not set to an endpoint, in this case a gateway is needed. */ readonly endpoint?: IVpcEndpoint; @@ -441,7 +456,7 @@ export class RouteTargetType { /** * Interface to define a route. */ -export interface IRoute extends IConstruct, IResource{ +export interface IRoute extends IConstruct, IResource { /** * The ID of the route table for the route. * @attribute routeTable @@ -468,6 +483,7 @@ export interface IRoute extends IConstruct, IResource{ export interface RouteProps { /** * The ID of the route table for the route. + * * @attribute routeTable */ readonly routeTable: IRouteTable; @@ -486,7 +502,8 @@ export interface RouteProps { /** * The resource name of the route. - * @default none + * + * @default - provisioned without a route name */ readonly routeName?: string; } @@ -548,7 +565,7 @@ export class Route extends Resource implements IRoute, IDependable { this.destinationIpv4Cidr = props.destination; } - if (this.target.gateway?.routerType == RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4) { + if (this.target.gateway?.routerType === RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4) { throw new Error('Egress only internet gateway does not support IPv4 routing'); } this.targetRouterType = this.target.gateway ? this.target.gateway.routerType : RouterType.VPC_ENDPOINT; @@ -586,7 +603,8 @@ export interface RouteTableProps { /** * The resource name of the route table. - * @default none + * + * @default - provisioned without a route table name */ readonly routeTableName?: string; } diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index 1544380ccfcb0..8b84cf66b68ce 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -44,7 +44,8 @@ export interface SubnetV2Props { /** * Ipv6 CIDR Range for subnet - * @default No Ipv6 address + * + * @default - No Ipv6 address */ readonly ipv6CidrBlock?: IpCidr; @@ -55,7 +56,8 @@ export interface SubnetV2Props { /** * Custom Route for subnet - * @default Default route table + * + * @default - a default route table created */ readonly routeTable?: IRouteTable; @@ -71,16 +73,16 @@ export interface SubnetV2Props { /** * Subnet name - * @default none + * + * @default - provisioned with an autogenerated name by CDK */ readonly subnetName?: string; /** * Indicates whether a network interface created in this subnet receives an IPv6 address. - * * If you specify AssignIpv6AddressOnCreation, you must also specify Ipv6CidrBlock. * - * @default false + * @default - undefined in case not provided as an input */ readonly assignIpv6AddressOnCreation?: boolean; @@ -229,7 +231,7 @@ export class SubnetV2 extends Resource implements ISubnetV2 { const routeAssoc = new CfnSubnetRouteTableAssociation(this, 'RouteTableAssociation', { subnetId: this.subnetId, - routeTableId: this._routeTable.routeTableId, + routeTableId: this.routeTable.routeTableId, }); this._internetConnectivityEstablished.add(routeAssoc); diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index f8aff1b5e134c..3e31a3671de10 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -56,20 +56,23 @@ export interface VPNGatewayV2Options { /** * The private Autonomous System Number (ASN) for the Amazon side of a BGP session. - * @default none + * + * @default - no ASN set for BGP session */ readonly amazonSideAsn?: number; /** - * The resource name of the VPN gateway. - * @default none - */ + * The resource name of the VPN gateway. + * + * @default - resource provisioned without any name + */ readonly vpnGatewayName?: string; /** - * Subnets where the route propagation should be added. - * @default noPropagation - */ + * Subnets where the route propagation should be added. + * + * @default - no propogation for routes + */ readonly vpnRoutePropagation?: SubnetSelection[]; } @@ -103,22 +106,25 @@ export interface IVpcV2 extends IVpc { /** * Adds an Internet Gateway to current VPC. * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html}. - * @default defines route for all ipv4('0.0.0.0') and ipv6 addresses('::/0') + * + * @default - defines route for all ipv4('0.0.0.0') and ipv6 addresses('::/0') */ addInternetGateway(options?: InternetGatewayOptions): void; /** * Adds VPN Gateway to VPC and set route propogation. * For more information, see the {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html}. - * @default no route propogation + * + * @default - no route propogation */ enableVpnGatewayV2(options: VPNGatewayV2Options): VPNGatewayV2; /** * Adds a new NAT Gateway to VPC - * A NAT gateway is a Network Address Translation (NAT) service. NAT Gateway Connectivity can be of type `Public` or `Private` - * @default ConnectivityType.Public + * A NAT gateway is a Network Address Translation (NAT) service. NAT Gateway Connectivity can be of type `Public` or `Private`. * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html}. + * + * @default ConnectivityType.Public */ addNatGateway(options: NatGatewayOptions): NatGateway; @@ -329,8 +335,9 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds a new Egress Only Internet Gateway to this VPC and defines a new route - * to the route table of given subnets - * @default in case of no input subnets, no route is created. + * to the route table of given subnets. + * + * @default - in case of no input subnets, no route is created */ public addEgressOnlyInternetGateway(options?: EgressOnlyInternetGatewayOptions): void { const egw = new EgressOnlyInternetGateway(this, 'EgressOnlyGW', { @@ -338,7 +345,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { }); const useIpv6 = (this.secondaryCidrBlock.some((secondaryAddress) => secondaryAddress.amazonProvidedIpv6CidrBlock === true || - secondaryAddress.ipv6IpamPoolId != undefined))? true : false; + secondaryAddress.ipv6IpamPoolId != undefined)); if (!useIpv6) { throw new Error('Egress only IGW can only be added to Ipv6 enabled VPC'); @@ -367,7 +374,8 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds a new Internet Gateway to this VPC - * @default creates a new route for public subnets(with all outbound access) to the Internet Gateway. + * + * @default - creates a new route for public subnets(with all outbound access) to the Internet Gateway. */ public addInternetGateway(options?: InternetGatewayOptions): void { if (this._internetGatewayId) { diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts index da99d82352c66..a4477c69a6587 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts @@ -56,7 +56,8 @@ export interface VpcCidrOptions { /** * IPv4 CIDR Block - * @default - '10.0.0.0/16' + * + * @default '10.0.0.0/16' */ readonly ipv4CidrBlock?: string; @@ -74,12 +75,6 @@ export interface VpcCidrOptions { */ readonly ipv4IpamPool?: IIpamPool; - /** - * Implementing Ipv6 - * @default - No ipv6 address - */ - readonly ipv6CidrBlock?: string; - /** * CIDR Mask for Vpc * @@ -97,12 +92,14 @@ export interface VpcCidrOptions { /** * Use amazon provided IP range + * * @default false */ readonly amazonProvided?: boolean; /** * Dependency to associate Ipv6 CIDR block + * * @default - No dependency */ readonly dependencies?: CfnResource[]; @@ -110,7 +107,8 @@ export interface VpcCidrOptions { /** * Required to set Secondary cidr block resource name * in order to generate unique logical id for the resource. - * @default : no name for primary addresses + * + * @default - no name for primary addresses */ readonly cidrBlockName?: string; } @@ -135,27 +133,31 @@ export interface IIpAddresses { export interface VpcV2Props { /** A must IPv4 CIDR block for the VPC - * https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html + * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html + * * @default - Ipv4 CIDR Block ('10.0.0.0/16') - */ + */ readonly primaryAddressBlock?: IIpAddresses; /** * The secondary CIDR blocks associated with the VPC. * Can be IPv4 or IPv6, two IPv4 ranges must follow RFC#1918 convention - * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html#vpc-resize}. + * For more information, @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html#vpc-resize}. + * * @default - No secondary IP address - */ + */ readonly secondaryAddressBlocks?: IIpAddresses[]; /** - * Indicates whether the instances launched in the VPC get DNS hostnames + * Indicates whether the instances launched in the VPC get DNS hostnames. + * * @default true */ readonly enableDnsHostnames?: boolean; /** * Indicates whether the DNS resolution is supported for the VPC. + * * @default true */ readonly enableDnsSupport?: boolean; @@ -174,7 +176,8 @@ export interface VpcV2Props { /** * Physical name for the VPC - * @default: autogenerated by CDK + * + * @default - autogenerated by CDK */ readonly vpcName?: string; } @@ -257,7 +260,8 @@ export class VpcV2 extends VpcV2Base { /** * For validation to define IPv6 subnets, set to true in case of * Amazon Provided IPv6 cidr range - * IPv6 addresses can be attached to the subnets + * if true, IPv6 addresses can be attached to the subnets. + * * @default false */ public readonly useIpv6: boolean = false; From 4b4fb6b324a8b2d6c2a52f1d203db091bf846808 Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Tue, 10 Sep 2024 17:09:51 -0700 Subject: [PATCH 43/44] Apply suggestions from code review Co-authored-by: GZ --- packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 3e31a3671de10..013bcfd501243 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -8,7 +8,7 @@ import { ISubnetV2 } from './subnet-v2'; /** * Options to define EgressOnlyInternetGateway for VPC */ -export interface EgressOnlyInternetGatewayOptions{ +export interface EgressOnlyInternetGatewayOptions { /** * List of subnets where route to EGW will be added * @@ -389,7 +389,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { this._internetConnectivityEstablished.add(igw); this._internetGatewayId = igw.routerTargetId; - //If there are no public subnets defined, no default route will be added + // If there are no public subnets defined, no default route will be added if (this.publicSubnets) { this.publicSubnets.forEach( (s) => this.addDefaultInternetRoute(s, igw, options)); } @@ -405,7 +405,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { throw new Error('No public subnets defined to add route for internet gateway'); } - //Add deffault route to IGW for IPv6 + // Add default route to IGW for IPv6 if (subnet.ipv6CidrBlock) { new Route(this, `${subnet.node.id}-DefaultIPv6Route`, { routeTable: subnet.routeTable, From dcb11e636046b918177d4a0ea62aa48050f30868 Mon Sep 17 00:00:00 2001 From: shikha372 Date: Tue, 10 Sep 2024 17:24:15 -0700 Subject: [PATCH 44/44] fix nits --- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 2 +- .../@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts | 18 +++++++-------- .../aws-ec2-alpha/test/integ.route-v2.ts | 22 ++++++++----------- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 18 +++++++-------- .../aws-ec2-alpha/test/vpc-add-method.test.ts | 1 - 5 files changed, 28 insertions(+), 33 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index da9337f54572d..64ec3932aa03e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -377,7 +377,7 @@ export class NatGateway extends Resource implements IRouteTarget { // If user does not provide EIP, generate one for them var aId: string | undefined; - if (this.connectivityType == NatConnectivityType.PUBLIC) { + if (this.connectivityType === NatConnectivityType.PUBLIC) { if (!props.allocationId) { let eip = new CfnEIP(this, 'EIP', { domain: props.vpc?.vpcId, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts index a8796f61ca294..133aa6e9649cd 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts @@ -1,12 +1,12 @@ -// /* -// * Our integration tests act as snapshot tests to make sure the rendered template is stable. -// * If any changes to the result are required, -// * you need to perform an actual CloudFormation deployment of this application, -// * and, if it is successful, a new snapshot will be written out. -// * -// * For more information on CDK integ tests, -// * see the main CONTRIBUTING.md file. -// */ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ import * as vpc_v2 from '../lib/vpc-v2'; import { AddressFamily, AwsServiceName, IpCidr, Ipam, IpamPoolPublicIpSource, SubnetV2 } from '../lib'; diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index 4458b93dcf35d..4f9d98b92471f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -1,12 +1,12 @@ -// /* -// * Our integration tests act as snapshot tests to make sure the rendered template is stable. -// * If any changes to the result are required, -// * you need to perform an actual CloudFormation deployment of this application, -// * and, if it is successful, a new snapshot will be written out. -// * -// * For more information on CDK integ tests, -// * see the main CONTRIBUTING.md file. -// */ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; @@ -16,10 +16,6 @@ import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGat import { GatewayVpcEndpoint, GatewayVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Fn } from 'aws-cdk-lib'; -// as in unit tests, we use a qualified import, -// not bring in individual classes -//import * as er from '../lib'; - const app = new cdk.App(); const stacks: {[id: string] : cdk.Stack} = { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index 776903b9c043d..24eb82241ddc4 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -1,12 +1,12 @@ -// /* -// * Our integration tests act as snapshot tests to make sure the rendered template is stable. -// * If any changes to the result are required, -// * you need to perform an actual CloudFormation deployment of this application, -// * and, if it is successful, a new snapshot will be written out. -// * -// * For more information on CDK integ tests, -// * see the main CONTRIBUTING.md file. -// */ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts index 3b19eff93b6f9..9ac84c7646237 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -4,7 +4,6 @@ import * as vpc from '../lib/vpc-v2'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; import * as route from '../lib/route'; import { CfnEIP, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; -/* eslint-disable no-console */ describe('Vpc V2 with full control', () => { let stack: cdk.Stack;