search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.51k stars 3.85k forks source link

CfnVPNConnection: Support IPv6 Inside tunnel #22518

Open laurentlgm opened 1 year ago

laurentlgm commented 1 year ago

Describe the feature

It seems that ec2.CfnVPNConnection does not support IPv6 (or is not documented). I would like to be able to create IPv6 site-to-site VPNs via CDK but the standard SDK "TunnelInsideIpVersion" is not available. Example of how this is available in Boto3: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2.html#EC2.Client.create_vpn_connection

Using a custom resource to create VPNs is really not ideal because VPNs take a long time to become available and thus probably require asynchronous checking.

Can we please enable IPv6 site-to-site VPNs in CDK?

Use Case

Connecting site-to-side with IPv6 internal addresses/traffic.

Proposed Solution

Add TunnelInsideIpVersion and TunnelInsideIpv6Cidr to tunnel options.

Other Information

No response

Acknowledgements

CDK version used

2.46.0 (build 5a0595e)

Environment details (OS name and version, etc.)

MacOS Monterey 12.4

corymhall commented 1 year ago

This is not currently supported by CloudFormation (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html). There is an open issue on the CloudFormation roadmap that I think covers this, if not then you may want to create a new one.