Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Imported VPC Subnets show as Private (while they're public)

See original GitHub issue

🐛 Bug Report

What is the problem?

When I import a VPC with a single public subnet, CDK says there are no Public Subnets. Specifically: There are no 'Public' subnets in this VPC. Use a different VPC subnet selection.

I’m using this to deploy a public ALB.

Reproduction Steps

Here’s my route-table:

{
    "RouteTables": [
        {
            "Associations": [
                {
                    "Main": true,
                    "RouteTableAssociationId": "rtbassoc-xxxxxx",
                    "RouteTableId": "rtb-xxxxxx"
                },
                {
                    "Main": false,
                    "RouteTableAssociationId": "rtbassoc-xxxxxx",
                    "RouteTableId": "rtb-xxxxxx",
                    "SubnetId": "subnet-xxxxxx"
                }
            ],
            "PropagatingVgws": [],
            "RouteTableId": "rtb-xxxxxx",
            "Routes": [
                {
                    "DestinationCidrBlock": "10.0.2.0/26",
                    "Origin": "CreateRoute",
                    "State": "active",
                    "VpcPeeringConnectionId": "pcx-xxxxxx"
                },
                {
                    "DestinationCidrBlock": "10.0.1.0/24",
                    "GatewayId": "local",
                    "Origin": "CreateRouteTable",
                    "State": "active"
                },
                {
                    "DestinationCidrBlock": "0.0.0.0/0",
                    "GatewayId": "igw-xxxxxx",
                    "Origin": "CreateRoute",
                    "State": "active"
                }
            ],
            "Tags": [],
            "VpcId": "vpc-xxxxxx",
            "OwnerId": "xxxxxx"
        }
    ]
}

Stack:

export class SampleStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, { env: { account: "xxxxxx", region: "eu-west-1" } });

    const vpcpub = ec2.Vpc.fromLookup(this, "pub", {
      vpcId: "vpc-xxxxx"
    });

    const lb = new elb.ApplicationLoadBalancer(this, "alb", {
      vpc: vpcpub,
      internetFacing: true
    });

    const listener = lb.addListener("pub", { port: 80, open: true });

    listener.addTargets("ecs", {
      port: 8000,
      targets: []
    });

    new cdk.CfnOutput(this, "LoadBalancerDNS", {
      value: lb.loadBalancerDnsName
    });
  }
}

Verbose Log

CDK_CONTEXT_JSON: 
{
   "vpc-provider:account=xxxxxx:filter.vpc-id=vpc-xxxxxx:region=eu-west-1":{
      "vpcId":"vpc-xxxxxx",
      "availabilityZones":[
         "eu-west-1a"
      ],
      "privateSubnetIds":[
         "subnet-xxxxxx"
      ],
      "privateSubnetNames":[
         "Private"
      ],
      "privateSubnetRouteTableIds":[
         "rtb-xxxxxx"
      ]
   }
   "aws:cdk:enable-path-metadata":true,
   "aws:cdk:enable-asset-metadata":true
}

Environment

CDK CLI Version: 1.4.0
Module Version: 1.4.0
OS: MacOS 10.14.6
Language: TypeScript

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:6 (1 by maintainers)

Top GitHub Comments

1reaction

reeseyccommented, Aug 28, 2019

@fulghum Hi Jason; we are facing 2 major challenges with CDK documentation. Firstly (and most challenging) is the lack of examples (especially working examples). Secondly, although the API documentation is actually pretty good, the nuances of using CDK are not documented. For instance, take the VPCfromlookup method - where does it say in the documentation that the subnets need to be tagged for this to work properly (as per above)? Happy to be corrected if i am not looking in the right place

1reaction

reeseyccommented, Aug 23, 2019

Hahahaa dude if you want documentation don’t use CDK. Your subnets need to be tagged to load them Key name is aws-cdk then the subnet type in the field. (Public/Private/Isolated)

there is some information about it in this bug report (which is how i figured it out).

https://github.com/aws/aws-cdk/issues/3407

Top Results From Across the Web

VPC with public and private subnets (NAT)

Create a VPC with a public subnet and a private subnet so that you can run a public-facing web application, while maintaining back-end...

AWS-CDK error: There are no 'Public' subnets in this VPC ...

I have a predefined VPC from my AWS account and I simply just import it to the stack. The same subnet works fine...

Subnets | VPC - Google Cloud

For VPC Network Peering, subnet routes for public IP addresses are not automatically exchanged. The subnet routes are automatically exported by default, but ......

Import Existing VPCs and Subnets into a CDK Python Project

For some operations AWS tries to guess the type of the subnets in your VPC ( isolated , private or public ) and...

Importing VPC IDs into a stack with CDK - DEV Community ‍ ‍

When we want to import a VPC ID from another stack using CDK, ... We can import not only private but also public...