Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws-ec2): SubnetSelection Returns - Error: Cannot create a VPC Endpoint with no subnets #32460

Open
1 task
zachaws opened this issue Dec 10, 2024 · 3 comments
Open
1 task

(aws-ec2): SubnetSelection Returns - Error: Cannot create a VPC Endpoint with no subnets #32460

zachaws opened this issue Dec 10, 2024 · 3 comments
Assignees
@GavinZZ
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug. effort/medium Medium work item – several days of effort p1

Comments

@zachaws
Copy link

zachaws commented Dec 10, 2024

Describe the bug

When creating a Interface VPC Endpoint and using the availabilityZones filter on the Subnets property you will get a "Error: Cannot create a VPC Endpoint with no subnets" message when no context is present in cdk.context.json.

Regression Issue

  • Select this option if this issue appears to be a regression.

Last Known Working CDK Version

No response

Expected Behavior

The availabilityZones is a property of the SubnetSelection interface. The expectation here is that setting an availability zone will filter all the subnets and only specify the ones that match that availability zone.

Current Behavior

Currently, the following validation error is being returned: "Error: Cannot create a VPC Endpoint with no subnets."

Reproduction Steps

Using the following code snippet, perform a cdk synth and ensure your cdk.context.json file is empty.

const vpc = new ec2.Vpc(this, 'ReplicationVPC', {
      maxAzs: 3,
      cidr: '10.0.0.0/16',
      subnetConfiguration: [
        {
          cidrMask: 24,
          name: 'Public',
          subnetType: ec2.SubnetType.PUBLIC,
        },
        {
          cidrMask: 24,
          name: 'Private Egress',
          subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
        },
        {
          cidrMask: 24,
          name: 'Private Isolated',
          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
        },
      ],
    });

    const InterfaceEndpoint = new ec2.InterfaceVpcEndpoint(this, 'Replication Endpoint', {
      vpc: vpc,
      service: ec2.InterfaceVpcEndpointAwsService.SECRETS_MANAGER,
      subnets: {
        availabilityZones: ["us-east-1a"]
      }
    });

Possible Solution

No response

Additional Information/Context

When creating the VPC, use the availabilityZones property instead of the maxAzs property. When the VPC created makes use of the availabilityZones property, this error does not occur.

Testing with other constructs that implement the SubnetSelection interface, I confirmed that with an empty cdk.context.json and specifying the availabilityZones property, no subnets will be returned.

CDK CLI Version

2.171.0

Framework Version

No response

Node.js Version

v22.2.0

OS

macOS

Language

TypeScript

Language Version

No response

Other information

No response
@zachaws zachaws added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Dec 10, 2024
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Dec 10, 2024
@khushail khushail changed the title InterfaceVpcEndpoint: SubnetSelection Returns - Error: Cannot create a VPC Endpoint with no subnets (aws-ec2): SubnetSelection Returns - Error: Cannot create a VPC Endpoint with no subnets Dec 10, 2024
@ashishdhingra
Copy link
Contributor

ashishdhingra commented Dec 10, 2024
edited
Loading

Reproducible after running cdk context --clear. Temporarily using availabilityZones property (matching with the region for current configured AWS credentials and region) populates cdk.context.json like below (as an example):

{
  "availability-zones:account=<<ACCOUNT-ID>>:region=us-east-2": [
    "us-east-2a",
    "us-east-2b",
    "us-east-2c"
  ]
}

Thereafter, reverting to use maxAzs property works fine.

The error occurs when defining InterfaceEndpoint with availabilityZones filter and cdk.context.json is empty:

const InterfaceEndpoint = new ec2.InterfaceVpcEndpoint(this, 'Replication Endpoint', {
      vpc: vpc,
      service: ec2.InterfaceVpcEndpointAwsService.SECRETS_MANAGER,
      subnets: {
        availabilityZones: ["us-east-1a"]
      }
    });

@ashishdhingra ashishdhingra added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Dec 10, 2024
@pahud
Copy link
Contributor

pahud commented Dec 11, 2024

internal: P176585888

@pahud pahud added p1 and removed p2 labels Dec 11, 2024
@ashishdhingra
Copy link
Contributor

internal: P176585888

Thanks @pahud for reviewing the priority.

@GavinZZ GavinZZ self-assigned this Dec 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GavinZZ GavinZZ

Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug. effort/medium Medium work item – several days of effort p1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@pahud @GavinZZ @ashishdhingra @zachaws