search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.57k stars 3.88k forks source link

(aws_ec2): Unable to create dual-stack VPC if no subnets are defined #31641

Open tpflueger opened 5 hours ago

tpflueger commented 5 hours ago

Describe the bug

Our initial CDK setup uses the VPC construct but delays the creation of subnets until later. Note, this worked but it may not be the way CDK is intended to be used. Switching to dual stack IPV4/IPV6, the construct now requires subnets to be defined.

Regression Issue

Last Known Working CDK Version

No response

Expected Behavior

An ipv6 cidr block to be created that I could use for later subnet creation.

Current Behavior

CDK throws an exception. Unhandled exception. System.Exception: Fn::Cidr's count attribute must be between 1 and 256, 0 was provided.

Reproduction Steps

new Vpc(parent.Construct, Name, new VpcProps
        {
            IpProtocol = IpProtocol.DUAL_STACK,
            VpcName = _name,
            IpAddresses = IpAddresses.Cidr(_cidrBlock.ToString()),
            DefaultInstanceTenancy = DefaultInstanceTenancy.DEFAULT,
            Ipv6Addresses = Ipv6Addresses.AmazonProvided(),
            EnableDnsHostnames = true,
            EnableDnsSupport = true,
            SubnetConfiguration = Array.Empty<SubnetConfiguration>()
        })

Possible Solution

Is subnet now a requirement? If not, it might be useful to allow specifying the Ipv6 CIDR block size.

Additional Information/Context

No response

CDK CLI Version

2.160.0

Framework Version

No response

Node.js Version

v22.1.0

OS

Windows 11

Language

.NET

Language Version

.NET 8.0.402

Other information

No response

ashishdhingra commented 3 hours ago

The error is thrown at Ipv6Addresses.amazonProvided() > AmazonProvided.createIpv6CidrBlocks() (invoked from here > Fn.cidr() > FnCidr().

Since AmazonProvided Ipv6Addresses is used, it expects subnet configuration to be created.

pahud commented 1 hour ago

yes subnet configuration is like the topology definition of your subnets for this vpc which tells the subnet cidr, subnet count as well as the mask, which is required for createIpv6CidrBlocks.

https://github.com/aws/aws-cdk/blob/d0c99d85e0bd85beea78ce65f843d319abd493ce/packages/aws-cdk-lib/aws-ec2/lib/ip-addresses.ts#L513-L517

ashishdhingra commented 1 hour ago

@pahud Thanks for elaborating the design.