search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.59k stars 3.89k forks source link

aws_ec2: `InterfaceVpcEndpoint.from_interface_vpc_endpoint_attributes` returns incorrect type #27653

Closed TheToddLuci0 closed 11 months ago

TheToddLuci0 commented 11 months ago

Describe the bug

When calling aws_ec2.InterfaceVpcEndpoint.from_interface_vpc_endpoint_attributes the returned object is of type jsii._reference_map.InterfaceDynamicProxy, while the doccumented return type is aws_ec2.IInterfaceVpcEndpoint

Expected Behavior

The return type should be IInterfaceVpcEndpoint

Current Behavior

Traceback (most recent call last):
  File "/home/kali/git/email_instance_summary/app.py", line 28, in <module>
    DashboardStack(app, "NodeDashboardStack", env=cdk.Environment(account='641971825827', region='us-east-1'))
  File "/home/kali/git/email_instance_summary/.venv/lib/python3.11/site-packages/jsii/_runtime.py", line 118, in __call__
    inst = super(JSIIMeta, cast(JSIIMeta, cls)).__call__(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/kali/git/email_instance_summary/dashboard/dashboard_stack.py", line 119, in __init__
    targets.InterfaceVpcEndpointTarget(vpc_endpoint=endpoint)
  File "/home/kali/git/email_instance_summary/.venv/lib/python3.11/site-packages/jsii/_runtime.py", line 118, in __call__
    inst = super(JSIIMeta, cast(JSIIMeta, cls)).__call__(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/kali/git/email_instance_summary/.venv/lib/python3.11/site-packages/aws_cdk/aws_route53_targets/__init__.py", line 675, in __init__
    check_type(argname="argument vpc_endpoint", value=vpc_endpoint, expected_type=type_hints["vpc_endpoint"])
  File "/home/kali/git/email_instance_summary/.venv/lib/python3.11/site-packages/typeguard/__init__.py", line 785, in check_type
    raise TypeError(
TypeError: type of argument vpc_endpoint must be aws_cdk.aws_ec2.InterfaceVpcEndpoint; got jsii._reference_map.InterfaceDynamicProxy instead

Reproduction Steps

from aws_cdk import (
    Duration,
    Stack,
    aws_apigateway as apigateway,
    aws_lambda as lambda_,
    aws_route53 as route53,
    aws_lambda_python_alpha as pylambda,
    aws_certificatemanager as acm,
    aws_iam as iam,
    aws_route53_targets as targets,
    aws_ec2 as ec2,
)
from os import path
from constructs import Construct

DOMAIN_NAME = "example.com"

class DashboardStack(Stack):
    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        # Lookup elements
        endpoint_sg = ec2.SecurityGroup.from_lookup_by_id(
            self, "endpointsg", security_group_id="sg-XXXXXXXXXXX"
        )
        endpoint = ec2.InterfaceVpcEndpoint.from_interface_vpc_endpoint_attributes(
            self,
            "APIGW-endpoint",
            vpc_endpoint_id="vpce-XXXXXXXXXXXXXXXXX",
            port=443,
            security_groups=[endpoint_sg],
        )
        zone = route53.HostedZone.from_hosted_zone_attributes(
            self,
            "Zone",
            hosted_zone_id="XXXXXXXXXXXXXXX",
            zone_name="example.com",
        )

        route53.ARecord(
            self,
            "DashboardDomainAlias",
            zone=zone,
            record_name=DOMAIN_NAME,
            target=route53.RecordTarget.from_alias(
                targets.InterfaceVpcEndpointTarget(vpc_endpoint=endpoint)
            ),
        )

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.102.0 (build 2abc59a)

Framework Version

No response

Node.js Version

v20.2.0

OS

Debian linux

Language

Python

Language Version

Python (3.11.5)

Other information

https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_ec2/InterfaceVpcEndpoint.html#aws_cdk.aws_ec2.InterfaceVpcEndpoint.from_interface_vpc_endpoint_attributes

gshpychka commented 11 months ago

The error message is just a jsii quirk - the issue is that it expects an InterfaceVpcEndpoint, and you're passing an IInterfaceVpcEndpoint. In other words, this doesn't work with imported endpoints.

peterwoodworth commented 11 months ago

Yes, that's correct, thanks @gshpychka

I should note that the underlying code requires that it's not imported, so this wouldn't work by design. https://github.com/aws/aws-cdk/blob/2abc59a9a145123458197d792772f3472167a736/packages/aws-cdk-lib/aws-route53-targets/lib/interface-vpc-endpoint-target.ts#L11

With the current contract, it's probably going to be easiest to use escape hatches to modify the ARecord's default child's aliasTarget property

github-actions[bot] commented 11 months ago

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

chimauwah commented 7 months ago

Another solution, perhaps a little less hacky, is to use CfnRecordSet:

route53.CfnRecordSet(self, "ARecord",
                             hosted_zone_id=<target_hosted_zone_id>,
                             type="A",
                             name=<record_name>,
                             alias_target=route53.CfnRecordSet.AliasTargetProperty(
                                 dns_name=<vpce_dns_name>,
                                 hosted_zone_id=<vpce_hosted_zone_id>,
                             ),
                             )

You will need different properties from the VPCE (HostedZoneId and DNSName), which you can get using the AWS CLI command describe-vpc-endpoints.