Due to the significant limitations of the Vpc construct, our team had to make a switch in our code to utilize CfnVpc in order to avoid having to dismantle the VPC every time we add or remove subnets.
This transition has brought about various challenges...
The main issue we encountered is that many constructs anticipate an IVpc during their creation; for instance, BastionHostLinux requires this.
error TS2322: Type 'CfnVPC' is not assignable to type 'Vpc | IVpc'
By implementing the CfnVpc, I have had to create a separate stack and then import it utilizing a lookup in the new stack. While this doesn't pose an issue moving forward, updating all existing legacy deployments to work with the new code (hundreds of them) presents a challenge.
I am currently exploring ways to convert CfnVpc into an IVpc, but I'm facing some difficulties in achieving this.
There's already a GitHub ticket discussing this matter: https://github.com/aws/aws-cdk/issues/14809
In response to this, Skinny85 suggested a method as follows:
const cfnInclude = new cfn_inc.CfnInclude(this, 'VpcTemplate’,
templateFile: ‘vpc-template.yaml',
});
const cfnVpc = cfnInclude.getResource('VPC') as ec2.CfnVPC;
const privateSubnet1 = cfnInclude.getResource('PrivateSubnet1') as ec2.CfnSubnet;
const privateSubnet2 = cfnInclude.getResource('PrivateSubnet2') as ec2.CfnSubnet;
const cfnRouteTable1 = cfnInclude.getResource('PrivateRouteTable1') as ec2.CfnRouteTable;
const cfnRouteTable2 = cfnInclude.getResource('PrivateRouteTable2') as ec2.CfnRouteTable;
const vpc = ec2.Vpc.fromVpcAttributes(this, ‘ImportedVpc', {
vpcId: cfnVpc.ref,
availabilityZones: cdk.Fn.getAzs(),
privateSubnetIds: [privateSubnetl.ref, privateSubnet2.ref],
privateSubnetRouteTableIds: [cfnRouteTablel.ref, cfnRouteTable2.ref],
});
However, importing a CloudFormation template file raises concerns.
Upon seeking clarification from Skinny85, he replied:
It shouldn't matter where the CfnVPC is coming from - the same principle applies.
While he claims it's feasible, the exact process was not clearly outlined:
const privateSubnet1 = cfnInclude.getResource('PrivateSubnet1') as ec2.CfnSubnet;
const privateSubnet2 = cfnInclude.getResource('PrivateSubnet2') as ec2.CfnSubnet;
const cfnRouteTable1 = cfnInclude.getResource('PrivateRouteTable1') as ec2.CfnRouteTable;
const cfnRouteTable2 = cfnInclude.getResource('PrivateRouteTable2') as ec2.CfnRouteTable;
This can be achieved using CfnVpc.
I've attempted to access the necessary data such as subnets using the node from my CfnVpc, but I've struggled to make it work with Typescript.
For instance,
this.vpc.node.scope?.publicSubnetspublicSubnets are not part of IConstruct.
Given my limited experience with Typescript lately, I haven't been able to troubleshoot this successfully.
Has anyone else managed to solve this? Is there a simple solution that I might be overlooking?
Any help on this matter would be greatly appreciated. Thank you.