(aws-ec2): L1 VPC to L2 VPC transformation

[brockuniera]

Static method on Vpc akin to .fromLookup with signature .fromCfnVpc(cfnvpc: CfnVpc): IVpc that performs a hopefully simple transform on a CfnVpc to return a IVpc.

Use Case

More convenient and supported method for mixing CfnInclude'd CloudFormation templates with CDK constructs.

Proposed Solution

Implement the described static method.

Other

• [x] :wave: I may be able to implement this feature request
• [ ] :warning: This feature might incur a breaking change

---

This is a :rocket: Feature Request

[skinny85]

Thanks for opening the issue @brockuniera. We are thinking about this.

Related: #14795

[github-actions[bot]]

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

[mattsoftware]

I would love to see this - I have my vpc defined with a CfnVpc to get a little more control over the creation of subnets etc, and I need to use this vpc in the rest of my stack. At the moment I am doing a lookup based on tags which breaks if the stacks do not run in the correct order.

[moosius]

I'm dealing with a similar scenario as mattsoftware and would find this extremely useful as well.

[dsmurrell]

Same here @moosius ! This CDK seems much more complicated than it needs to be.

[elaurijssens]

This would be so useful! We cannot create our own VPC code because we have to connect to a corporate network infastructure through pre-provisioned TGWs, so we're getting pre-baked CFN templates that we have to import. Not having the L2 object without using lookups is quite a pain.

[shmuel-torii]

+1 My use-case: I had to create a VPC using CfnVPC since I imported an existing one. Now I want to pass it to another L2 construct that accept IVpc

[skinny85]

BTW, I wrote a Tweet about this topic, but let me repeat it here.

If you have a template with a VPC, and you want to turn it into an IVpc, you can use the Vpc.fromAttributes() method.

Example code in TypeScript, but something very similar should work for other languages too:

const cfnInclude = new cfn_inc.CfnInclude(this, 'VpcTemplate’,
    templateFile: ‘vpc-template.yaml',
});

const cfnVpc = cfnInclude.getResource('VPC') as ec2.CfnVPC;
const privateSubnet1 = cfnInclude.getResource('PrivateSubnet1') as ec2.CfnSubnet;
const privateSubnet2 = cfnInclude.getResource('PrivateSubnet2') as ec2.CfnSubnet;
const cfnRouteTable1 = cfnInclude.getResource('PrivateRouteTable1') as ec2.CfnRouteTable;
const cfnRouteTable2 = cfnInclude.getResource('PrivateRouteTable2') as ec2.CfnRouteTable;

const vpc = ec2.Vpc.fromVpcAttributes(this, ‘ImportedVpc', {
    vpcId: cfnVpc.ref,
    availabilityZones: cdk.Fn.getAzs(),
    privateSubnetIds: [privateSubnetl.ref, privateSubnet2.ref],
    privateSubnetRouteTableIds: [cfnRouteTablel.ref, cfnRouteTable2.ref],
});

Of course, adjust to the exact contents of your template as needed!

[jpSimkins]

@skinny85 Your comment is about an CF Template and this is asking for CfnVpc to be able to return an IVpc. Is there a way to use this to make CfnVpc return an IVpc?

I don't see any way to get the data needed to get the IVpc object needed with CfnVpc.

I am hitting a wall with this and I really need to be able to convert a CfnVpc to an IVpc or I will be needing to refactor systems for the next couple months...

[skinny85]

@skinny85 Your comment is about an CF Template and this is asking for CfnVpc to be able to return an IVpc. Is there a way to use this to make CfnVpc return an IVpc?

It shouldn't matter where the CfnVPC is coming from - the same principle applies.

[jpSimkins]

Pardon my ignorance but this seems to work mostly due to the CfnInclude which the getters are not available on the cfnVpc.

const privateSubnet1 = cfnInclude.getResource('PrivateSubnet1') as ec2.CfnSubnet;
const privateSubnet2 = cfnInclude.getResource('PrivateSubnet2') as ec2.CfnSubnet;
const cfnRouteTable1 = cfnInclude.getResource('PrivateRouteTable1') as ec2.CfnRouteTable;
const cfnRouteTable2 = cfnInclude.getResource('PrivateRouteTable2') as ec2.CfnRouteTable;

I don't see any way to get these values from the CfnVpc.

[skinny85]

What the CDK Construct Library calls the Vpc construct is a high-level resource that combines many lower-level ones inside it: CfnVPC, CfnSubnet, CfnRouteTable, etc. In fact, there's over 20 Cfn* constructs in every Vpc instance.

In order to instantiate a Vpc, the CDK needs information about many of these low-level resources. So, going from only a CfnVPC to a Vpc is not possible.

[coding-velociraptor]

I would like to add that it comes in handy, when used with copilot CLI. It started to support transforming resources through overrides: https://aws.github.io/copilot-cli/docs/developing/overrides/cdk/