From 4b90bfc3cebcb38d312dcecc46bbfe856b39a44f Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Thu, 12 Sep 2024 09:26:15 -0700 Subject: [PATCH] feat(vpcv2): implementation of add gateway method (#31224) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Issue # (if applicable) Tracking #[30762](https://github.com/aws/aws-cdk/issues/30762). ### Reason for this change implementing below methods for vpcV2. `routeTable.addroute(destination, target)`: Adds a new route to the existing route table of the subnet. `vpc.enableVpnGatewayV2()`: added a new function for the customer to add VPNGateway to their VPC. In the options, user can specify list of subnets for VPNRoutePropogation. This is similar to previous implementation, only difference is with VPNGateway L2, it is now creating VPNGatewayV2 which implements IRouteTarget and hence can be used a destination to be set up in route tables. `addInternetGateway` : adds internetGW to the VPC. **Default behaviour:** add default route with destination set to ‘0.0.0.0’ and ‘::0’(in case of subnet with ipv6). Also a check in place to verify SubnetType is set to public as IGW is meant to be added to public subnets. `addNatGateway`: NatGateways are subnet specific and are usually associated with PRIVATE_WITH_EGRESS or PUBLIC subnet. Also, one can’t attach NGW(Public) to subnet if VPC doesn’t have an IGW attached to it. This is validated in method implementation to prevent runtime deployment error. **No default behaviour** for the routes, it takes in the single subnet option and associates a NATGW with it. `vpc.addEgressOnlyInternetGateway()`: Egress Only internet GW are meant for outbound ipv6 traffic which can be custom or all ipv6(::/0). **Default behaviour:** Associates a EIGW to the vpc and takes optional input for subnets to define a default route in associated route Table, if a destination is not provided, then it is defined as all outbound ipv6 in subnet’s route table. **Additional changes:** -> Modify Readme -> Separate ipam related Tests ### Use Case Allows user to define gateways in their vpc with a simple method and an optional default route setup on provided subnets. Note: Breaking change since previously VPNGateway was released under route class, we’ve modified it to VPNGatewayV2. `vpc.enableVpnGateway` is marked as deprecated in vpcv2 base class. ### Description of how you validated changes Added unit tests and integration tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2-alpha/README.md | 239 ++++- packages/@aws-cdk/aws-ec2-alpha/awslint.json | 3 +- packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts | 38 +- packages/@aws-cdk/aws-ec2-alpha/lib/route.ts | 233 +++-- .../@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts | 49 +- .../@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts | 250 +++++- packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts | 41 +- .../aws-ec2-alpha/rosetta/default.ts-fixture | 7 +- .../aws-cdk-vpcv2-alpha.assets.json | 19 + .../aws-cdk-vpcv2-alpha.template.json | 192 ++++ .../test/integ.ipam.js.snapshot/cdk.out | 1 + .../test/integ.ipam.js.snapshot/integ.json | 12 + ...efaultTestDeployAssertCF40BD53.assets.json | 19 + ...aultTestDeployAssertCF40BD53.template.json | 36 + .../test/integ.ipam.js.snapshot/manifest.json | 167 ++++ .../test/integ.ipam.js.snapshot/tree.json | 388 ++++++++ .../@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts | 84 ++ .../aws-cdk-routev2-alpha.assets.json | 6 +- .../aws-cdk-routev2-alpha.template.json | 2 +- ...routev2-dynamodbendpoint-alpha.assets.json | 6 +- ...utev2-dynamodbendpoint-alpha.template.json | 2 +- ...dk-routev2-egressonlyigw-alpha.assets.json | 6 +- ...-routev2-egressonlyigw-alpha.template.json | 40 +- .../aws-cdk-routev2-igw-alpha.assets.json | 6 +- .../aws-cdk-routev2-igw-alpha.template.json | 73 +- ...ws-cdk-routev2-networkif-alpha.assets.json | 6 +- ...-cdk-routev2-networkif-alpha.template.json | 2 +- ...cdk-routev2-privatenatgw-alpha.assets.json | 6 +- ...k-routev2-privatenatgw-alpha.template.json | 39 +- ...-cdk-routev2-publicnatgw-alpha.assets.json | 6 +- ...dk-routev2-publicnatgw-alpha.template.json | 110 ++- ...routev2-virtualprivategw-alpha.assets.json | 6 +- ...utev2-virtualprivategw-alpha.template.json | 73 +- ...outev2-vpcpeerconnection-alpha.assets.json | 6 +- ...tev2-vpcpeerconnection-alpha.template.json | 2 +- .../test/integ.route-v2.js.snapshot/cdk.out | 2 +- .../integ.route-v2.js.snapshot/integ.json | 2 +- ...efaultTestDeployAssertA16689B0.assets.json | 2 +- ...efaultTestDeployAssert46FEDE40.assets.json | 2 +- ...efaultTestDeployAssert04E3783E.assets.json | 2 +- ...efaultTestDeployAssertF3FA2F74.assets.json | 2 +- ...efaultTestDeployAssert4B12233C.assets.json | 2 +- ...efaultTestDeployAssertC0DDB875.assets.json | 2 +- ...efaultTestDeployAssert90B004F4.assets.json | 2 +- ...efaultTestDeployAssert4C509DCE.assets.json | 2 +- ...efaultTestDeployAssert77221752.assets.json | 2 +- .../integ.route-v2.js.snapshot/manifest.json | 125 ++- .../test/integ.route-v2.js.snapshot/tree.json | 689 +++++++------- .../aws-ec2-alpha/test/integ.route-v2.ts | 76 +- .../aws-cdk-vpcv2-alpha-new.assets.json | 4 +- .../aws-cdk-vpcv2-alpha-new.template.json | 208 ++--- .../integ.subnet-v2.js.snapshot/manifest.json | 171 +++- .../integ.subnet-v2.js.snapshot/tree.json | 405 +++++---- .../aws-ec2-alpha/test/integ.subnet-v2.ts | 58 +- .../aws-cdk-vpcv2-alpha.assets.json | 4 +- .../aws-cdk-vpcv2-alpha.template.json | 459 +++++++--- .../manifest.json | 124 ++- .../integ.vpc-v2-alpha.js.snapshot/tree.json | 815 ++++++++++++----- .../aws-ec2-alpha/test/integ.vpc-v2-alpha.ts | 139 +-- .../@aws-cdk/aws-ec2-alpha/test/route.test.ts | 840 +++++++----------- .../aws-ec2-alpha/test/subnet-v2.test.ts | 1 - .../aws-ec2-alpha/test/vpc-add-method.test.ts | 401 +++++++++ 62 files changed, 4568 insertions(+), 2148 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts create mode 100644 packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index 4b8aa99a446ca..32852b802bb05 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -27,10 +27,10 @@ To create a VPC with both IPv4 and IPv6 support: ```ts const stack = new Stack(); -new vpc_v2.VpcV2(this, 'Vpc', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/24'), +new VpcV2(this, 'Vpc', { + primaryAddressBlock: IpAddresses.ipv4('10.0.0.0/24'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({cidrBlockName: 'AmazonProvidedIpv6'}), + IpAddresses.amazonProvidedIpv6({cidrBlockName: 'AmazonProvidedIpv6'}), ], }); ``` @@ -47,18 +47,18 @@ This new construct can be used to add subnets to a `VpcV2` instance: ```ts const stack = new Stack(); -const myVpc = new vpc_v2.VpcV2(this, 'Vpc', { +const myVpc = new VpcV2(this, 'Vpc', { secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvidedIp'}), + IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvidedIp'}), ], }); -new vpc_v2.SubnetV2(this, 'subnetA', { +new SubnetV2(this, 'subnetA', { vpc: myVpc, availabilityZone: 'us-east-1a', - ipv4CidrBlock: new vpc_v2.IpCidr('10.0.0.0/24'), - ipv6CidrBlock: new vpc_v2.IpCidr('2a05:d02c:25:4000::/60'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED, + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + ipv6CidrBlock: new IpCidr('2a05:d02c:25:4000::/60'), + subnetType: SubnetType.PRIVATE_ISOLATED, }) ``` @@ -77,28 +77,28 @@ const ipam = new Ipam(this, 'Ipam', { operatingRegion: ['us-west-1'] }); const ipamPublicPool = ipam.publicScope.addPool('PublicPoolA', { - addressFamily: vpc_v2.AddressFamily.IP_V6, + addressFamily: AddressFamily.IP_V6, awsService: AwsServiceName.EC2, locale: 'us-west-1', - publicIpSource: vpc_v2.IpamPoolPublicIpSource.AMAZON, + publicIpSource: IpamPoolPublicIpSource.AMAZON, }); ipamPublicPool.provisionCidr('PublicPoolACidrA', { netmaskLength: 52 } ); const ipamPrivatePool = ipam.privateScope.addPool('PrivatePoolA', { - addressFamily: vpc_v2.AddressFamily.IP_V4, + addressFamily: AddressFamily.IP_V4, }); ipamPrivatePool.provisionCidr('PrivatePoolACidrA', { netmaskLength: 8 } ); -new vpc_v2.VpcV2(this, 'Vpc', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/24'), +new VpcV2(this, 'Vpc', { + primaryAddressBlock: IpAddresses.ipv4('10.0.0.0/24'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonIpv6' }), - vpc_v2.IpAddresses.ipv6Ipam({ + IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonIpv6' }), + IpAddresses.ipv6Ipam({ ipamPool: ipamPublicPool, netmaskLength: 52, cidrBlockName: 'ipv6Ipam', }), - vpc_v2.IpAddresses.ipv4Ipam({ + IpAddresses.ipv4Ipam({ ipamPool: ipamPrivatePool, netmaskLength: 8, cidrBlockName: 'ipv4Ipam', @@ -116,64 +116,88 @@ Since `VpcV2` does not create subnets automatically, users have full control ove ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, routeTable, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED, + subnetType: SubnetType.PRIVATE_ISOLATED, }); ``` -`Route`s can be created to link subnets to various different AWS services via gateways and endpoints. Each unique route target has its own dedicated construct that can be routed to a given subnet via the `Route` construct. An example using the `InternetGateway` construct can be seen below: +`Routes` can be created to link subnets to various different AWS services via gateways and endpoints. Each unique route target has its own dedicated construct that can be routed to a given subnet via the `Route` construct. An example using the `InternetGateway` construct can be seen below: ```ts const stack = new Stack(); -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); + subnetType: SubnetType.PRIVATE_ISOLATED }); -const igw = new vpc_v2.InternetGateway(this, 'IGW', { +const igw = new InternetGateway(this, 'IGW', { vpc: myVpc, }); -new vpc_v2.Route(this, 'IgwRoute', { +new Route(this, 'IgwRoute', { routeTable, destination: '0.0.0.0/0', target: { gateway: igw }, }); ``` +Alternatively, `Routes` can also be created via method `addRoute` in the `RouteTable` class. An example using the `EgressOnlyInternetGateway` construct can be seen below: +Note: `EgressOnlyInternetGateway` can only be used to set up outbound IPv6 routing. + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc',{ + primaryAddressBlock: IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [IpAddresses.amazonProvidedIpv6({ + cidrBlockName: 'AmazonProvided', + })] + }); + +const eigw = new EgressOnlyInternetGateway(this, 'EIGW', { + vpc: myVpc, +}); + +const routeTable = new RouteTable(this, 'RouteTable', { + vpc: myVpc, +}); + +routeTable.addRoute('EIGW', '::/0', { gateway: eigw }); +``` + Other route targets may require a deeper set of parameters to set up properly. For instance, the example below illustrates how to set up a `NatGateway`: ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE_ISOLATED }); + subnetType: SubnetType.PRIVATE_ISOLATED }); -const natgw = new vpc_v2.NatGateway(this, 'NatGW', { +const natgw = new NatGateway(this, 'NatGW', { subnet: subnet, vpc: myVpc, connectivityType: NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', }); -new vpc_v2.Route(this, 'NatGwRoute', { +new Route(this, 'NatGwRoute', { routeTable, destination: '0.0.0.0/0', target: { gateway: natgw }, @@ -184,24 +208,161 @@ It is also possible to set up endpoints connecting other AWS services. For insta ```ts -const myVpc = new vpc_v2.VpcV2(this, 'Vpc'); -const routeTable = new vpc_v2.RouteTable(this, 'RouteTable', { +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { vpc: myVpc, }); -const subnet = new vpc_v2.SubnetV2(this, 'Subnet', { +const subnet = new SubnetV2(this, 'Subnet', { vpc: myVpc, availabilityZone: 'eu-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), - subnetType: ec2.SubnetType.PRIVATE }); + subnetType: SubnetType.PRIVATE }); const dynamoEndpoint = new ec2.GatewayVpcEndpoint(this, 'DynamoEndpoint', { service: ec2.GatewayVpcEndpointAwsService.DYNAMODB, vpc: myVpc, subnets: [subnet], }); -new vpc_v2.Route(this, 'DynamoDBRoute', { +new Route(this, 'DynamoDBRoute', { routeTable, destination: '0.0.0.0/0', target: { endpoint: dynamoEndpoint }, }); ``` + +## Adding Egress-Only Internet Gateway to VPC + +An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. + +For more information see [Enable outbound IPv6 traffic using an egress-only internet gateway](https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html). + +VpcV2 supports adding an egress only internet gateway to VPC using the `addEgressOnlyInternetGateway` method. + +By default, this method sets up a route to all outbound IPv6 address ranges, unless a specific destination is provided by the user. It can only be configured for IPv6-enabled VPCs. +The `Subnets` parameter accepts a `SubnetFilter`, which can be based on a `SubnetType` in VpcV2. A new route will be added to the route tables of all subnets that match this filter. + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc',{ + primaryAddressBlock: IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [IpAddresses.amazonProvidedIpv6({ + cidrBlockName: 'AmazonProvided', + })] + }); +const routeTable = new RouteTable(this, 'RouteTable', { + vpc: myVpc, +}); +const subnet = new SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + ipv6CidrBlock: new IpCidr('2001:db8:1::/64'), + subnetType: SubnetType.PRIVATE }); + +myVpc.addEgressOnlyInternetGateway({ + subnets: [{subnetType: SubnetType.PRIVATE}], + destination: '::/60', +}) +``` + +## Adding NATGateway to the VPC + +A NAT gateway is a Network Address Translation (NAT) service.You can use a NAT gateway so that instances in a private subnet can connect to services outside your VPC but external services cannot initiate a connection with those instances. + +For more information, see [NAT gateway basics](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html). + +When you create a NAT gateway, you specify one of the following connectivity types: + +**Public – (Default)**: Instances in private subnets can connect to the internet through a public NAT gateway, but cannot receive unsolicited inbound connections from the internet + +**Private**: Instances in private subnets can connect to other VPCs or your on-premises network through a private NAT gateway. + +To define the NAT gateway connectivity type as `ConnectivityType.Public`, you need to ensure that there is an IGW(Internet Gateway) attached to the subnet's VPC. +Since a NATGW is associated with a particular subnet, providing `subnet` field in the input props is mandatory. + +Additionally, you can set up a route in any route table with the target set to the NAT Gateway. The function `addNatGateway` returns a `NATGateway` object that you can reference later. + +The code example below provides the definition for adding a NAT gateway to your subnet: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); +const routeTable = new RouteTable(this, 'RouteTable', { + vpc: myVpc, +}); +const subnet = new SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + subnetType: SubnetType.PUBLIC }); + +myVpc.addInternetGateway(); +myVpc.addNatGateway({ + subnet: subnet, + connectivityType: NatConnectivityType.PUBLIC, +}); +``` + +## Enable VPNGateway for the VPC + +A virtual private gateway is the endpoint on the VPC side of your VPN connection. + +For more information, see [What is AWS Site-to-Site VPN?](https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html). + +VPN route propagation is a feature in Amazon Web Services (AWS) that automatically updates route tables in your Virtual Private Cloud (VPC) with routes learned from a VPN connection. + +To enable VPN route propogation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs. + +Additionally, you can set up a route in any route table with the target set to the VPN Gateway. The function `enableVpnGatewayV2` returns a `VPNGatewayV2` object that you can reference later. + +The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropogation` enabled: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); +const vpnGateway = myVpc.enableVpnGatewayV2({ + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + type: VpnConnectionType.IPSEC_1, +}); + +const routeTable = new RouteTable(stack, 'routeTable', { + vpc: myVpc + } ); + +new Route(stack, 'route', { + destination: '172.31.0.0/24', + target: { gateway: vpnGateway }, + routeTable: routeTable, +}); +``` + +## Adding InternetGateway to the VPC + +An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. It supports both IPv4 and IPv6 traffic. + +For more information, see [Enable VPC internet access using internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html). + +You can add an internet gateway to a VPC using `addInternetGateway` method. By default, this method creates a route in all Public Subnets with outbound destination set to `0.0.0.0` for IPv4 and `::0` for IPv6 enabled VPC. +Instead of using the default settings, you can configure a custom destinatation range by providing an optional input `destination` to the method. + +The code example below shows how to add an internet gateway with a custom outbound destination IP range: + +```ts + +const stack = new Stack(); +const myVpc = new VpcV2(this, 'Vpc'); + +const subnet = new SubnetV2(this, 'Subnet', { + vpc: myVpc, + availabilityZone: 'eu-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + subnetType: SubnetType.PUBLIC }); + +myVpc.addInternetGateway({ + ipv4Destination: '192.168.0.0/16', +}); +``` diff --git a/packages/@aws-cdk/aws-ec2-alpha/awslint.json b/packages/@aws-cdk/aws-ec2-alpha/awslint.json index 35de7712d8ef5..6ea89091a597a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/awslint.json +++ b/packages/@aws-cdk/aws-ec2-alpha/awslint.json @@ -2,6 +2,7 @@ "exclude": [ "from-method:@aws-cdk/aws-ec2-alpha.VpcV2", "attribute-tag:@aws-cdk/aws-ec2-alpha.RouteTable.routeTableId", - "from-method:@aws-cdk/aws-ec2-alpha.SubnetV2" + "from-method:@aws-cdk/aws-ec2-alpha.SubnetV2", + "from-method:@aws-cdk/aws-ec2-alpha.Route" ] } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts index c6600d43315f0..dc393fb149192 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts @@ -52,20 +52,22 @@ export enum AwsServiceName { /** * Options to create a new Ipam in the account */ -export interface IpamProps{ +export interface IpamProps { /** * The operating Regions for an IPAM. * Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs * For more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* . * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html#cfn-ec2-ipam-operatingregions - * @default Stack.region if defined else [] + * + * @default - Stack.region if defined in the stack */ readonly operatingRegion?: string[]; /** * Name of IPAM that can be used for tagging resource - * @default none + * + * @default - If no name provided, no tags will be added to the IPAM */ readonly ipamName?: string; } @@ -99,6 +101,7 @@ export interface PoolOptions{ /** * Information about the CIDRs provisioned to the pool. + * * @default - No CIDRs are provisioned */ readonly ipv4ProvisionedCidrs?: string[]; @@ -109,7 +112,8 @@ export interface PoolOptions{ * You can only allocate a CIDR for a VPC, for example, from an IPAM pool that shares a locale with the VPC’s Region. * Note that once you choose a Locale for a pool, you cannot modify it. If you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error. * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipampool.html#cfn-ec2-ipampool-locale - * @default - Current operating region + * + * @default - Current operating region of IPAM */ readonly locale?: string; @@ -117,6 +121,7 @@ export interface PoolOptions{ * The IP address source for pools in the public scope. * Only used for IPv6 address * Only allowed values to this are 'byoip' or 'amazon' + * * @default amazon */ readonly publicIpSource?: IpamPoolPublicIpSource; @@ -128,7 +133,7 @@ export interface PoolOptions{ * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipampool.html#cfn-ec2-ipampool-awsservice * - * @default - No service + * @default - required in case of an IPv6, throws an error if not provided. */ readonly awsService?: AwsServiceName; } @@ -145,7 +150,8 @@ interface IpamPoolProps extends PoolOptions { /** * IPAM resource name - * @default autogenerated by CDK + * + * @default - autogenerated by CDK if not provided */ readonly ipamPoolName?: string; } @@ -158,13 +164,15 @@ interface IpamPoolProps extends PoolOptions { export interface IpamPoolCidrProvisioningOptions { /** * Ipv6 Netmask length for the CIDR - * @default none + * + * @default - pool provisioned without netmask length, need cidr range in this case */ readonly netmaskLength?: number; /** * Ipv6 CIDR block for the IPAM pool - * @default none + * + * @default - pool provisioned without netmask length, need netmask length in this case */ readonly cidr?: string; } @@ -195,7 +203,7 @@ export interface IIpamPool{ * IPAM scope is the highest-level container within IPAM. An IPAM contains two default scopes. * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html */ -interface IpamScopeProps extends IpamScopeOptions{ +interface IpamScopeProps extends IpamScopeOptions { /** * IPAM id to which scope needs to be added */ @@ -209,7 +217,8 @@ interface IpamScopeProps extends IpamScopeOptions{ /** * Custom ipam scope id to add a pool in order to support default scopes - * @default none + * + * @default - throws an error if no scope id is provided */ readonly ipamScopeId?: string; @@ -222,7 +231,8 @@ export interface IpamScopeOptions { /** * IPAM scope name that will be used for tagging - * @default none + * + * @default - no tags will be added to the scope */ readonly ipamScopeName?: string; } @@ -238,7 +248,7 @@ export interface IpamOptions { * CIDR Mask for Vpc * Only required when using AWS Ipam * - * @default - None + * @default - no netmask length for IPAM attached to VPC secondary address */ readonly netmaskLength?: number; @@ -246,7 +256,7 @@ export interface IpamOptions { * Ipv4 or an Ipv6 IPAM pool * Only required when using AWS Ipam * - * @default - None + * @default - no pool attached to VPC secondary address */ readonly ipamPool?: IIpamPool; @@ -260,7 +270,7 @@ export interface IpamOptions { /** * Interface for IpamScope Class */ -export interface IIpamScopeBase{ +export interface IIpamScopeBase { /** * Reference to the current scope of stack to be passed in order to create diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts index 3a6a0ea5cd717..64ec3932aa03e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/route.ts @@ -1,7 +1,9 @@ -import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, GatewayVpcEndpoint, IRouteTable, ISubnet, IVpcEndpoint, RouterType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; -import { Construct, IDependable } from 'constructs'; -import { Duration, Resource } from 'aws-cdk-lib/core'; -import { IVpcV2 } from './vpc-v2-base'; +import { CfnEIP, CfnEgressOnlyInternetGateway, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnVPCGatewayAttachment, CfnVPNGateway, CfnVPNGatewayRoutePropagation, GatewayVpcEndpoint, IRouteTable, IVpcEndpoint, RouterType } from 'aws-cdk-lib/aws-ec2'; +import { Construct, IConstruct, IDependable } from 'constructs'; +import { Annotations, Duration, IResource, Resource } from 'aws-cdk-lib/core'; +import { IVpcV2, VPNGatewayV2Options } from './vpc-v2-base'; +import { NetworkUtils, allRouteTableIds } from './util'; +import { ISubnetV2 } from './subnet-v2'; /** * Indicates whether the NAT gateway supports public or private connectivity. @@ -23,7 +25,7 @@ export enum NatConnectivityType { * Interface to define a routing target, such as an * egress-only internet gateway or VPC endpoint. */ -export interface IRouteTarget { +export interface IRouteTarget extends IDependable { /** * The type of router used in the route. */ @@ -46,7 +48,8 @@ export interface EgressOnlyInternetGatewayProps { /** * The resource name of the egress-only internet gateway. - * @default none + * + * @default - provisioned without a resource name */ readonly egressOnlyInternetGatewayName?: string; } @@ -62,7 +65,8 @@ export interface InternetGatewayProps { /** * The resource name of the internet gateway. - * @default none + * + * @default - provisioned without a resource name */ readonly internetGatewayName?: string; @@ -71,78 +75,60 @@ export interface InternetGatewayProps { /** * Properties to define a VPN gateway. */ -export interface VPNGatewayProps { - /** - * The type of VPN connection the virtual private gateway supports. - * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html#cfn-ec2-vpngateway-type - */ - readonly type: VpnConnectionType; +export interface VPNGatewayV2Props extends VPNGatewayV2Options { /** * The ID of the VPC for which to create the VPN gateway. */ readonly vpc: IVpcV2; - - /** - * The private Autonomous System Number (ASN) for the Amazon side of a BGP session. - * @default none - */ - readonly amazonSideAsn?: number; - - /** - * The resource name of the VPN gateway. - * @default none - */ - readonly vpnGatewayName?: string; } /** - * Properties to define a NAT gateway. + * Options to define a NAT gateway. */ -export interface NatGatewayProps { +export interface NatGatewayOptions { /** * The subnet in which the NAT gateway is located. */ - readonly subnet: ISubnet; - - /** - * The ID of the VPC in which the NAT gateway is located. - * @default none - */ - readonly vpc?: IVpcV2; + readonly subnet: ISubnetV2; /** * AllocationID of Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT * gateway and cannot be specified with a private NAT gateway. - * @default attr.allocationID of a new Elastic IP created by default + * + * @default - attr.allocationID of a new Elastic IP created by default * //TODO: ADD L2 for elastic ip */ readonly allocationId?: string; /** * Indicates whether the NAT gateway supports public or private connectivity. - * @default public + * + * @default NatConnectivityType.Public */ readonly connectivityType?: NatConnectivityType; /** * The maximum amount of time to wait before forcibly releasing the * IP addresses if connections are still in progress. - * @default 350 seconds + * + * @default 350seconds */ readonly maxDrainDuration?: Duration; /** - * The private IPv4 address to assign to the NAT gateway. If you don't provide an - * address, a private IPv4 address will be automatically assigned. - * @default none + * The private IPv4 address to assign to the NAT gateway. + * + * @default - If you don't provide an address, a private IPv4 address will be automatically assigned. */ readonly privateIpAddress?: string; /** * Secondary EIP allocation IDs. - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary allocation IDs attached to NATGW + * */ readonly secondaryAllocationIds?: string[]; @@ -152,9 +138,9 @@ export interface NatGatewayProps { * * `SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be * set at the same time. - * - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary allocation IDs associated with NATGW */ readonly secondaryPrivateIpAddressCount?: number; @@ -163,18 +149,30 @@ export interface NatGatewayProps { * * `SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be * set at the same time. - * - * @default none * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating + * + * @default - no secondary private IpAddresses associated with NATGW */ readonly secondaryPrivateIpAddresses?: string[]; /** * The resource name of the NAT gateway. - * @default none + * + * @default - NATGW provisioned without any name */ readonly natGatewayName?: string; +} +/** + * Properties to define a NAT gateway. + */ +export interface NatGatewayProps extends NatGatewayOptions { + /** + * The ID of the VPC in which the NAT gateway is located. + * + * @default - no elastic ip associated, required in case of public connectivity if `AllocationId` is not defined + */ + readonly vpc?: IVpcV2; } /** @@ -246,6 +244,11 @@ export class InternetGateway extends Resource implements IRouteTarget { this.routerTargetId = this.resource.attrInternetGatewayId; this.vpcId = props.vpc.vpcId; + + new CfnVPCGatewayAttachment(this, 'GWAttachment', { + vpcId: this.vpcId, + internetGatewayId: this.routerTargetId, + }); } } @@ -253,7 +256,7 @@ export class InternetGateway extends Resource implements IRouteTarget { * Creates a virtual private gateway * @resource AWS::EC2::VPNGateway */ -export class VPNGateway extends Resource implements IRouteTarget { +export class VPNGatewayV2 extends Resource implements IRouteTarget { /** * The type of router used in the route. */ @@ -274,7 +277,17 @@ export class VPNGateway extends Resource implements IRouteTarget { */ public readonly resource: CfnVPNGateway; - constructor(scope: Construct, id: string, props: VPNGatewayProps) { + /** + * The VPN Gateway Attachment + */ + private readonly _attachment: CfnVPCGatewayAttachment; + + /** + * The VPN Gateway Route Propogation + */ + private readonly _routePropagation: CfnVPNGatewayRoutePropagation; + + constructor(scope: Construct, id: string, props: VPNGatewayV2Props) { super(scope, id); this.routerType = RouterType.GATEWAY; @@ -286,7 +299,30 @@ export class VPNGateway extends Resource implements IRouteTarget { this.node.defaultChild = this.resource; this.routerTargetId = this.resource.attrVpnGatewayId; + this.vpcId = props.vpc.vpcId; + this._attachment = new CfnVPCGatewayAttachment(this, 'VPCVPNGW', { + vpcId: this.vpcId, + vpnGatewayId: this.resource.attrVpnGatewayId, + }); + + // Propagate routes on route tables associated with the right subnets + const vpnRoutePropagation = props.vpnRoutePropagation ?? []; + const subnets = vpnRoutePropagation.map(s => props.vpc.selectSubnets(s).subnets).flat(); + const routeTableIds = allRouteTableIds(subnets); + + if (routeTableIds.length === 0) { + Annotations.of(this).addWarningV2('@aws-cdk:aws-ec2-elpha:enableVpnGatewayV2', `No subnets matching selection: '${JSON.stringify(vpnRoutePropagation)}'. Select other subnets to add routes to.`); + } + + this._routePropagation = new CfnVPNGatewayRoutePropagation(this, 'RoutePropagation', { + routeTableIds, + vpnGatewayId: this.routerTargetId, + }); + // The AWS::EC2::VPNGatewayRoutePropagation resource cannot use the VPN gateway + // until it has successfully attached to the VPC. + // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpn-gatewayrouteprop.html + this._routePropagation.node.addDependency(this._attachment); } } @@ -307,14 +343,16 @@ export class NatGateway extends Resource implements IRouteTarget { /** * Indicates whether the NAT gateway supports public or private connectivity. + * * @default public */ - public readonly connectivityType?: string; + public readonly connectivityType?: NatConnectivityType; /** * The maximum amount of time to wait before forcibly releasing the * IP addresses if connections are still in progress. - * @default 350 seconds + * + * @default '350 seconds' */ public readonly maxDrainDuration?: Duration; @@ -331,9 +369,15 @@ export class NatGateway extends Resource implements IRouteTarget { this.connectivityType = props.connectivityType || NatConnectivityType.PUBLIC; this.maxDrainDuration = props.maxDrainDuration || Duration.seconds(350); + if (this.connectivityType === NatConnectivityType.PUBLIC) { + if (!props.vpc && !props.allocationId) { + throw new Error('Either provide vpc or allocationId'); + } + } + // If user does not provide EIP, generate one for them var aId: string | undefined; - if (this.connectivityType == 'public') { + if (this.connectivityType === NatConnectivityType.PUBLIC) { if (!props.allocationId) { let eip = new CfnEIP(this, 'EIP', { domain: props.vpc?.vpcId, @@ -365,14 +409,16 @@ export interface RouteTargetProps { /** * The gateway route target. This is used for targets such as * egress-only internet gateway or VPC peering connection. - * @default none + * + * @default - target is not set to a gateway, in this case an endpoint is needed. */ readonly gateway?: IRouteTarget; /** * The endpoint route target. This is used for targets such as * VPC endpoints. - * @default none + * + * @default - target is not set to an endpoint, in this case a gateway is needed. */ readonly endpoint?: IVpcEndpoint; } @@ -384,20 +430,22 @@ export class RouteTargetType { /** * The gateway route target. This is used for targets such as * egress-only internet gateway or VPC peering connection. - * @default none + * + * @default - target is not set to a gateway, in this case an endpoint is needed. */ readonly gateway?: IRouteTarget; /** * The endpoint route target. This is used for targets such as * VPC endpoints. - * @default none + * + * @default - target is not set to an endpoint, in this case a gateway is needed. */ readonly endpoint?: IVpcEndpoint; constructor(props: RouteTargetProps) { - if (props.gateway && props.endpoint) { - throw new Error('Cannot specify both gateway and endpoint'); + if ((props.gateway && props.endpoint) || (!props.gateway && !props.endpoint)) { + throw new Error('Exactly one of `gateway` or `endpoint` must be specified.'); } else { this.gateway = props.gateway; this.endpoint = props.endpoint; @@ -408,7 +456,7 @@ export class RouteTargetType { /** * Interface to define a route. */ -export interface IRouteV2 { +export interface IRoute extends IConstruct, IResource { /** * The ID of the route table for the route. * @attribute routeTable @@ -435,6 +483,7 @@ export interface IRouteV2 { export interface RouteProps { /** * The ID of the route table for the route. + * * @attribute routeTable */ readonly routeTable: IRouteTable; @@ -453,7 +502,8 @@ export interface RouteProps { /** * The resource name of the route. - * @default none + * + * @default - provisioned without a route name */ readonly routeName?: string; } @@ -462,7 +512,7 @@ export interface RouteProps { * Creates a new route with added functionality. * @resource AWS::EC2::Route */ -export class Route extends Resource implements IRouteV2 { +export class Route extends Resource implements IRoute, IDependable { /** * The IPv4 or IPv6 CIDR block used for the destination match. * @@ -491,39 +541,53 @@ export class Route extends Resource implements IRouteV2 { */ public readonly resource?: CfnRoute; + /** + * Destination cidr block for ipv6 + */ + private destinationIpv6Cidr?: string; + + /** + * Destination cidr block for ipv4 + */ + private destinationIpv4Cidr?: string; + constructor(scope: Construct, id: string, props: RouteProps) { super(scope, id); - this.destination = props.destination; this.target = props.target; this.routeTable = props.routeTable; + this.destination = props.destination; + const isDestinationIpv4 = NetworkUtils.validIp(props.destination); + if (!isDestinationIpv4) { + //TODO Validate for IPv6 CIDR range + this.destinationIpv6Cidr = props.destination; + } else { + this.destinationIpv4Cidr = props.destination; + } + if (this.target.gateway?.routerType === RouterType.EGRESS_ONLY_INTERNET_GATEWAY && isDestinationIpv4) { + throw new Error('Egress only internet gateway does not support IPv4 routing'); + } this.targetRouterType = this.target.gateway ? this.target.gateway.routerType : RouterType.VPC_ENDPOINT; // Gateway generates route automatically via its RouteTable, thus we don't need to generate the resource for it if (!(this.target.endpoint instanceof GatewayVpcEndpoint)) { this.resource = new CfnRoute(this, 'Route', { routeTableId: this.routeTable.routeTableId, - destinationCidrBlock: this.destination, - destinationIpv6CidrBlock: this.destination, + destinationCidrBlock: this.destinationIpv4Cidr, + destinationIpv6CidrBlock: this.destinationIpv6Cidr, [routerTypeToPropName(this.targetRouterType)]: this.target.gateway ? this.target.gateway.routerTargetId : this.target.endpoint ? this.target.endpoint.vpcEndpointId : null, }); } this.node.defaultChild = this.resource; - if (this.targetRouterType == RouterType.GATEWAY) { - if (this.target.gateway instanceof InternetGateway) { - new CfnVPCGatewayAttachment(this, 'GWAttachment', { - vpcId: this.target.gateway.vpcId, - internetGatewayId: this.target.gateway.routerTargetId, - }); - } else if (this.target.gateway instanceof VPNGateway) { - new CfnVPCGatewayAttachment(this, 'GWAttachment', { - vpcId: this.target.gateway.vpcId, - vpnGatewayId: this.target.gateway.routerTargetId, - }); - } + //Create a route only after target gateway or endpoint is created + if (this.target.gateway) { + this.node.addDependency(this.target.gateway); + } + if (this.target.endpoint) { + this.node.addDependency(this.target.endpoint); } } } @@ -539,7 +603,8 @@ export interface RouteTableProps { /** * The resource name of the route table. - * @default none + * + * @default - provisioned without a route table name */ readonly routeTableName?: string; } @@ -548,7 +613,7 @@ export interface RouteTableProps { * Creates a route table for the specified VPC * @resource AWS::EC2::RouteTable */ -export class RouteTable extends Resource implements IRouteTable, IDependable { +export class RouteTable extends Resource implements IRouteTable { /** * The ID of the route table. */ @@ -569,6 +634,20 @@ export class RouteTable extends Resource implements IRouteTable, IDependable { this.routeTableId = this.resource.attrRouteTableId; } + + /** + * Adds a new custom route to the route table. + * + * @param destination The IPv4 or IPv6 CIDR block used for the destination match. + * @param target The gateway or endpoint targeted by the route. + */ + public addRoute(id: string, destination: string, target: RouteTargetType) { + new Route(this, id, { + routeTable: this, + destination: destination, + target: target, + }); + } } function routerTypeToPropName(routerType: RouterType) { diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts index a71277d441cbc..8b84cf66b68ce 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/subnet-v2.ts @@ -1,8 +1,9 @@ import { Resource, Names, Lazy } from 'aws-cdk-lib'; -import { CfnRouteTable, CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl, IRouteTable, ISubnet, NetworkAcl, SubnetNetworkAclAssociation, SubnetType } from 'aws-cdk-lib/aws-ec2'; import { Construct, DependencyGroup, IDependable } from 'constructs'; import { IVpcV2 } from './vpc-v2-base'; import { CidrBlock, CidrBlockIpv6 } from './util'; +import { RouteTable } from './route'; /** * Interface to define subnet CIDR @@ -43,7 +44,8 @@ export interface SubnetV2Props { /** * Ipv6 CIDR Range for subnet - * @default No Ipv6 address + * + * @default - No Ipv6 address */ readonly ipv6CidrBlock?: IpCidr; @@ -54,7 +56,8 @@ export interface SubnetV2Props { /** * Custom Route for subnet - * @default Default route table + * + * @default - a default route table created */ readonly routeTable?: IRouteTable; @@ -70,16 +73,16 @@ export interface SubnetV2Props { /** * Subnet name - * @default none + * + * @default - provisioned with an autogenerated name by CDK */ readonly subnetName?: string; /** * Indicates whether a network interface created in this subnet receives an IPv6 address. - * * If you specify AssignIpv6AddressOnCreation, you must also specify Ipv6CidrBlock. * - * @default false + * @default - undefined in case not provided as an input */ readonly assignIpv6AddressOnCreation?: boolean; @@ -95,6 +98,13 @@ export interface ISubnetV2 extends ISubnet { */ readonly ipv6CidrBlock?: string; + /** + * The type of subnet (public or private) that this subnet represents. + * + * @attribute SubnetType + */ + readonly subnetType?: SubnetType; + } /** @@ -145,19 +155,16 @@ export class SubnetV2 extends Resource implements ISubnetV2 { */ public readonly ipv6CidrBlock?: string; - /** - * The route table for this subnet - */ - public readonly routeTable: IRouteTable; - /** * The type of subnet (public or private) that this subnet represents. * @attribute SubnetType */ - public readonly subnetType: SubnetType; + public readonly subnetType?: SubnetType; private _networkAcl: INetworkAcl; + private _routeTable: IRouteTable; + /** * Constructs a new SubnetV2 instance. * @param scope The parent Construct that this resource will be part of. @@ -214,19 +221,21 @@ export class SubnetV2 extends Resource implements ISubnetV2 { this._networkAcl = NetworkAcl.fromNetworkAclId(this, 'Acl', subnet.attrNetworkAclAssociationId); if (props.routeTable) { - this.routeTable = props.routeTable; + this._routeTable = props.routeTable; } else { - const defaultTable = new CfnRouteTable(this, 'RouteTable', { - vpcId: props.vpc.vpcId, + // Assigning a default route table + this._routeTable = new RouteTable(this, 'RouteTable', { + vpc: props.vpc, }); - this.routeTable = { routeTableId: defaultTable.ref }; } const routeAssoc = new CfnSubnetRouteTableAssociation(this, 'RouteTableAssociation', { subnetId: this.subnetId, routeTableId: this.routeTable.routeTableId, }); + this._internetConnectivityEstablished.add(routeAssoc); + this.internetConnectivityEstablished = this._internetConnectivityEstablished; this.subnetType = props.subnetType; @@ -250,6 +259,14 @@ export class SubnetV2 extends Resource implements ISubnetV2 { subnet: this, }); } + + /** + * Return the Route Table associated with this subnet + */ + public get routeTable(): IRouteTable { + return this._routeTable; + } + /** * Returns the Network ACL associated with this subnet. */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts index 1be8c35744356..013bcfd501243 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts @@ -1,7 +1,80 @@ import { Resource, Annotations } from 'aws-cdk-lib'; import { IVpc, ISubnet, SubnetSelection, SelectedSubnets, EnableVpnGatewayOptions, VpnGateway, VpnConnectionType, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, VpnConnectionOptions, VpnConnection, ClientVpnEndpointOptions, ClientVpnEndpoint, InterfaceVpcEndpointOptions, InterfaceVpcEndpoint, GatewayVpcEndpointOptions, GatewayVpcEndpoint, FlowLogOptions, FlowLog, FlowLogResourceType, SubnetType, SubnetFilter, CfnVPCCidrBlock } from 'aws-cdk-lib/aws-ec2'; import { allRouteTableIds, flatten, subnetGroupNameFromConstructId } from './util'; -import { IDependable, Dependable, IConstruct } from 'constructs'; +import { IDependable, Dependable, IConstruct, DependencyGroup } from 'constructs'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, NatGatewayOptions, Route, VPNGatewayV2 } from './route'; +import { ISubnetV2 } from './subnet-v2'; + +/** + * Options to define EgressOnlyInternetGateway for VPC + */ +export interface EgressOnlyInternetGatewayOptions { + /** + * List of subnets where route to EGW will be added + * + * @default - no route created + */ + readonly subnets?: SubnetSelection[]; + + /** + * Destination Ipv6 address for EGW route + * + * @default - '::/0' all Ipv6 traffic + */ + readonly destination?: string; +} + +/** + * Options to define InternetGateway for VPC + */ +export interface InternetGatewayOptions{ + + /** + * Destination Ipv6 address for EGW route + * + * @default - '0.0.0.0' all Ipv4 traffic + */ + readonly ipv4Destination?: string; + + /** + * Destination Ipv6 address for EGW route + * + * @default - '::/0' all Ipv6 traffic + */ + readonly ipv6Destination?: string; +} + +/** + * Options to define VPNGatewayV2 for VPC + */ +export interface VPNGatewayV2Options { + /** + * The type of VPN connection the virtual private gateway supports. + * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html#cfn-ec2-vpngateway-type + */ + readonly type: VpnConnectionType; + + /** + * The private Autonomous System Number (ASN) for the Amazon side of a BGP session. + * + * @default - no ASN set for BGP session + */ + readonly amazonSideAsn?: number; + + /** + * The resource name of the VPN gateway. + * + * @default - resource provisioned without any name + */ + readonly vpnGatewayName?: string; + + /** + * Subnets where the route propagation should be added. + * + * @default - no propogation for routes + */ + readonly vpnRoutePropagation?: SubnetSelection[]; +} /** * Placeholder to see what extra props we might need, @@ -23,6 +96,38 @@ export interface IVpcV2 extends IVpc { */ readonly ipv4CidrBlock: string; + /** + * Add an Egress only Internet Gateway to current VPC. + * Can only be used for ipv6 enabled VPCs. + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway-basics.html}. + */ + addEgressOnlyInternetGateway(options?: EgressOnlyInternetGatewayOptions): void; + + /** + * Adds an Internet Gateway to current VPC. + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html}. + * + * @default - defines route for all ipv4('0.0.0.0') and ipv6 addresses('::/0') + */ + addInternetGateway(options?: InternetGatewayOptions): void; + + /** + * Adds VPN Gateway to VPC and set route propogation. + * For more information, see the {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpngateway.html}. + * + * @default - no route propogation + */ + enableVpnGatewayV2(options: VPNGatewayV2Options): VPNGatewayV2; + + /** + * Adds a new NAT Gateway to VPC + * A NAT gateway is a Network Address Translation (NAT) service. NAT Gateway Connectivity can be of type `Public` or `Private`. + * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html}. + * + * @default ConnectivityType.Public + */ + addNatGateway(options: NatGatewayOptions): NatGateway; + } /** @@ -72,6 +177,13 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { */ public abstract readonly internetConnectivityEstablished: IDependable; + /** + * Dependable that can be depended upon to force internet connectivity established on the VPC + * Add igw to this if its a public subnet + * @internal + */ + protected readonly _internetConnectivityEstablished = new DependencyGroup(); + /** * Secondary IPs for the VPC, can be multiple Ipv4 or Ipv6 * Ipv4 should be within RFC#1918 range @@ -93,11 +205,16 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Mutable private field for the vpnGatewayId - * * @internal */ protected _vpnGatewayId?: string; + /** + * Mutable private field for the internetGatewayId + * @internal + */ + protected _internetGatewayId = ''; + /** * Return information on the subnets appropriate for the given selection strategy * @@ -120,6 +237,7 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { /** * Adds a VPN Gateway to this VPC + * @deprecated use enableVpnGatewayV2 for compatibility with VPCV2.Route */ public enableVpnGateway(options: EnableVpnGatewayOptions): void { if (this.vpnGatewayId) { @@ -156,6 +274,25 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { routePropagation.node.addDependency(attachment); } + /** + * Adds VPNGAtewayV2 to this VPC + */ + public enableVpnGatewayV2(options: VPNGatewayV2Options): VPNGatewayV2 { + if (this.vpnGatewayId) { + throw new Error('The VPN Gateway has already been enabled.'); + } + + const vpnGateway = new VPNGatewayV2(this, 'VpnGateway', { + vpc: this, + ...options, + }); + + this._internetConnectivityEstablished.add(vpnGateway); + this._vpnGatewayId = vpnGateway.routerTargetId; + + return vpnGateway; + } + /** * Adds a new VPN connection to this VPC */ @@ -196,6 +333,108 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { }); } + /** + * Adds a new Egress Only Internet Gateway to this VPC and defines a new route + * to the route table of given subnets. + * + * @default - in case of no input subnets, no route is created + */ + public addEgressOnlyInternetGateway(options?: EgressOnlyInternetGatewayOptions): void { + const egw = new EgressOnlyInternetGateway(this, 'EgressOnlyGW', { + vpc: this, + }); + + const useIpv6 = (this.secondaryCidrBlock.some((secondaryAddress) => secondaryAddress.amazonProvidedIpv6CidrBlock === true || + secondaryAddress.ipv6IpamPoolId != undefined)); + + if (!useIpv6) { + throw new Error('Egress only IGW can only be added to Ipv6 enabled VPC'); + }; + + if (options?.subnets) { + const subnets = flatten(options.subnets.map(s => this.selectSubnets(s).subnets)); + subnets.forEach((subnet) => { + this.createEgressRoute(subnet, egw, options.destination); + }); + } + } + + /** + * Creates a route for EGW with destination set to outbound IPv6('::/0') or custom ipv6 address. + * @internal + */ + private createEgressRoute(subnet: ISubnetV2, egw: EgressOnlyInternetGateway, destination?: string): void { + const destinationIpv6 = destination ?? '::/0'; + new Route(this, `${subnet.node.id}-EgressRoute`, { + routeTable: subnet.routeTable, + destination: destinationIpv6, // IPv6 default route + target: { gateway: egw }, + }); + } + + /** + * Adds a new Internet Gateway to this VPC + * + * @default - creates a new route for public subnets(with all outbound access) to the Internet Gateway. + */ + public addInternetGateway(options?: InternetGatewayOptions): void { + if (this._internetGatewayId) { + throw new Error('The Internet Gateway has already been enabled.'); + } + + const igw = new InternetGateway(this, 'InternetGateway', { + vpc: this, + }); + + this._internetConnectivityEstablished.add(igw); + this._internetGatewayId = igw.routerTargetId; + + // If there are no public subnets defined, no default route will be added + if (this.publicSubnets) { + this.publicSubnets.forEach( (s) => this.addDefaultInternetRoute(s, igw, options)); + } + } + + /** + * Adds default route for the internet gateway + * @internal + */ + private addDefaultInternetRoute(subnet: ISubnetV2, igw: InternetGateway, options?: InternetGatewayOptions): void { + + if (subnet.subnetType !== SubnetType.PUBLIC) { + throw new Error('No public subnets defined to add route for internet gateway'); + } + + // Add default route to IGW for IPv6 + if (subnet.ipv6CidrBlock) { + new Route(this, `${subnet.node.id}-DefaultIPv6Route`, { + routeTable: subnet.routeTable, + destination: options?.ipv6Destination ?? '::/0', + target: { gateway: igw }, + }); + } + //Add default route to IGW for IPv4 + new Route(this, `${subnet.node.id}-DefaultRoute`, { + routeTable: subnet.routeTable, + destination: options?.ipv4Destination ?? '0.0.0.0/0', + target: { gateway: igw }, + }); + } + + /** + * Adds a new NAT Gateway to the given subnet of this VPC + * of given subnets. + */ + public addNatGateway(options: NatGatewayOptions): NatGateway { + if (options.connectivityType === NatConnectivityType.PUBLIC && !this._internetGatewayId) { + throw new Error('Cannot add a Public NAT Gateway without an Internet Gateway enabled on VPC'); + } + return new NatGateway(this, 'NATGateway', { + vpc: this, + ...options, + }); + } + /** * Adds a new flow log to this VPC */ @@ -213,6 +452,13 @@ export abstract class VpcV2Base extends Resource implements IVpcV2 { return this._vpnGatewayId; } + /** + * Returns the id of the Internet Gateway (if enabled) + */ + public get internetGatewayId(): string | undefined { + return this._internetGatewayId; + } + /** * Return the subnets appropriate for the placement strategy */ diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts index 76fc7c654921b..a4477c69a6587 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts @@ -1,6 +1,6 @@ import { CfnVPC, CfnVPCCidrBlock, DefaultInstanceTenancy, ISubnet } from 'aws-cdk-lib/aws-ec2'; import { Arn, CfnResource, Lazy, Names } from 'aws-cdk-lib/core'; -import { Construct, DependencyGroup, IDependable } from 'constructs'; +import { Construct, IDependable } from 'constructs'; import { IpamOptions, IIpamPool } from './ipam'; import { VpcV2Base } from './vpc-v2-base'; @@ -56,7 +56,8 @@ export interface VpcCidrOptions { /** * IPv4 CIDR Block - * @default - '10.0.0.0/16' + * + * @default '10.0.0.0/16' */ readonly ipv4CidrBlock?: string; @@ -74,12 +75,6 @@ export interface VpcCidrOptions { */ readonly ipv4IpamPool?: IIpamPool; - /** - * Implementing Ipv6 - * @default - No ipv6 address - */ - readonly ipv6CidrBlock?: string; - /** * CIDR Mask for Vpc * @@ -97,12 +92,14 @@ export interface VpcCidrOptions { /** * Use amazon provided IP range + * * @default false */ readonly amazonProvided?: boolean; /** * Dependency to associate Ipv6 CIDR block + * * @default - No dependency */ readonly dependencies?: CfnResource[]; @@ -110,7 +107,8 @@ export interface VpcCidrOptions { /** * Required to set Secondary cidr block resource name * in order to generate unique logical id for the resource. - * @default : no name for primary addresses + * + * @default - no name for primary addresses */ readonly cidrBlockName?: string; } @@ -135,27 +133,31 @@ export interface IIpAddresses { export interface VpcV2Props { /** A must IPv4 CIDR block for the VPC - * https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html + * @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html + * * @default - Ipv4 CIDR Block ('10.0.0.0/16') - */ + */ readonly primaryAddressBlock?: IIpAddresses; /** * The secondary CIDR blocks associated with the VPC. * Can be IPv4 or IPv6, two IPv4 ranges must follow RFC#1918 convention - * For more information, see the {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html#vpc-resize}. + * For more information, @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html#vpc-resize}. + * * @default - No secondary IP address - */ + */ readonly secondaryAddressBlocks?: IIpAddresses[]; /** - * Indicates whether the instances launched in the VPC get DNS hostnames + * Indicates whether the instances launched in the VPC get DNS hostnames. + * * @default true */ readonly enableDnsHostnames?: boolean; /** * Indicates whether the DNS resolution is supported for the VPC. + * * @default true */ readonly enableDnsSupport?: boolean; @@ -174,7 +176,8 @@ export interface VpcV2Props { /** * Physical name for the VPC - * @default: autogenerated by CDK + * + * @default - autogenerated by CDK */ readonly vpcName?: string; } @@ -249,11 +252,6 @@ export class VpcV2 extends VpcV2Base { */ public readonly internetConnectivityEstablished: IDependable; - /** - * To define dependency on internet connectivity - */ - private readonly _internetConnectivityEstablished = new DependencyGroup(); - /** * reference to all secondary blocks attached */ @@ -262,7 +260,8 @@ export class VpcV2 extends VpcV2Base { /** * For validation to define IPv6 subnets, set to true in case of * Amazon Provided IPv6 cidr range - * IPv6 addresses can be attached to the subnets + * if true, IPv6 addresses can be attached to the subnets. + * * @default false */ public readonly useIpv6: boolean = false; diff --git a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture index d7bc142e3497e..9643806d2973b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-ec2-alpha/rosetta/default.ts-fixture @@ -1,9 +1,10 @@ // Fixture with packages imported, but nothing else import { Construct } from 'constructs'; import { Stack, App, Fn } from 'aws-cdk-lib'; -import * as vpc_v2 from '@aws-cdk/aws-ec2-alpha'; -import { Ipam, AwsServiceName, IpCidr } from '@aws-cdk/aws-ec2-alpha'; -import { NatConnectivityType } from '@aws-cdk/aws-ec2-alpha' +import { VpcV2, SubnetV2, IpAddresses, IpamPoolPublicIpSource, RouteTable, InternetGateway, Route, NatGateway, EgressOnlyInternetGateway } from '@aws-cdk/aws-ec2-alpha'; +import { Ipam, AwsServiceName, IpCidr, AddressFamily } from '@aws-cdk/aws-ec2-alpha'; +import { NatConnectivityType } from '@aws-cdk/aws-ec2-alpha'; +import { SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; class Fixture extends Stack { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json new file mode 100644 index 0000000000000..8a2f77121d709 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc": { + "source": { + "path": "aws-cdk-vpcv2-alpha.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json new file mode 100644 index 0000000000000..2c44184f9db15 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -0,0 +1,192 @@ +{ + "Resources": { + "IpamTestIpam6C9298EF": { + "Type": "AWS::EC2::IPAM", + "Properties": { + "OperatingRegions": [ + { + "RegionName": "us-west-2" + } + ] + } + }, + "IpamTestPrivatePool039C763DC": { + "Type": "AWS::EC2::IPAMPool", + "Properties": { + "AddressFamily": "ipv4", + "IpamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" + ] + }, + "Locale": "us-west-2", + "ProvisionedCidrs": [ + { + "Cidr": "10.2.0.0/16" + } + ] + } + }, + "IpamTestPublicPool0C44B7C49": { + "Type": "AWS::EC2::IPAMPool", + "Properties": { + "AddressFamily": "ipv6", + "AwsService": "ec2", + "IpamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" + ] + }, + "Locale": "us-west-2", + "PublicIpSource": "amazon" + } + }, + "IpamTestPublicPool0PublicPool0CidrC57CE00C": { + "Type": "AWS::EC2::IPAMPoolCidr", + "Properties": { + "IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "NetmaskLength": 52 + } + }, + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" + } + }, + "VPCintegtest1ipv4IpamCidr8105B4E4": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" + ] + }, + "Ipv4NetmaskLength": 20, + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "VPCintegtest1Ipv6IpamCidrEF56F8F7": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "Ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "Ipv6NetmaskLength": 60, + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "IpamTestPublicPool0PublicPool0CidrC57CE00C" + ] + }, + "testsbubnetSubnet77337845": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": false, + "AvailabilityZone": "us-west-2a", + "CidrBlock": "10.0.0.0/24", + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + }, + "testsbubnetRouteTableD0136BEA": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + }, + "testsbubnetRouteTableAssociationD6D083FA": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] + }, + "SubnetId": { + "Ref": "testsbubnetSubnet77337845" + } + }, + "DependsOn": [ + "VPCintegtest1ipv4IpamCidr8105B4E4", + "VPCintegtest1Ipv6IpamCidrEF56F8F7" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out new file mode 100644 index 0000000000000..bd5311dc372de --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json new file mode 100644 index 0000000000000..b73b42e18e04e --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.5", + "testCases": { + "integtest-model/DefaultTest": { + "stacks": [ + "aws-cdk-vpcv2-alpha" + ], + "assertionStack": "integtest-model/DefaultTest/DeployAssert", + "assertionStackName": "integtestmodelDefaultTestDeployAssertCF40BD53" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json new file mode 100644 index 0000000000000..e93a555169b11 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "integtestmodelDefaultTestDeployAssertCF40BD53.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/integtestmodelDefaultTestDeployAssertCF40BD53.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json new file mode 100644 index 0000000000000..663212ef1077a --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/manifest.json @@ -0,0 +1,167 @@ +{ + "version": "36.0.5", + "artifacts": { + "aws-cdk-vpcv2-alpha.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-vpcv2-alpha.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-vpcv2-alpha": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-vpcv2-alpha.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/12b670f0da573a7daa252fe7ca5b1dd687f4248e204c38b0323beaf64d0400bc.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-vpcv2-alpha.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-vpcv2-alpha.assets" + ], + "metadata": { + "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestIpam6C9298EF" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPrivatePool039C763DC" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0C44B7C49" + } + ], + "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1EBA1CB75" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Ipv6IpamCidr": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1Ipv6IpamCidrEF56F8F7" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetSubnet77337845" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableD0136BEA" + } + ], + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableAssociationD6D083FA" + } + ], + "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-vpcv2-alpha/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-vpcv2-alpha" + }, + "integtestmodelDefaultTestDeployAssertCF40BD53.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integtestmodelDefaultTestDeployAssertCF40BD53.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integtestmodelDefaultTestDeployAssertCF40BD53": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integtestmodelDefaultTestDeployAssertCF40BD53.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integtestmodelDefaultTestDeployAssertCF40BD53.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integtestmodelDefaultTestDeployAssertCF40BD53.assets" + ], + "metadata": { + "/integtest-model/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integtest-model/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integtest-model/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json new file mode 100644 index 0000000000000..87201a2c1351a --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.js.snapshot/tree.json @@ -0,0 +1,388 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-vpcv2-alpha": { + "id": "aws-cdk-vpcv2-alpha", + "path": "aws-cdk-vpcv2-alpha", + "children": { + "IpamTest": { + "id": "IpamTest", + "path": "aws-cdk-vpcv2-alpha/IpamTest", + "children": { + "Ipam": { + "id": "Ipam", + "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", + "aws:cdk:cloudformation:props": { + "operatingRegions": [ + { + "regionName": "us-west-2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", + "version": "0.0.0" + } + }, + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", + "children": { + "PrivatePool0": { + "id": "PrivatePool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv4", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PrivateDefaultScopeId" + ] + }, + "locale": "us-west-2", + "provisionedCidrs": [ + { + "cidr": "10.2.0.0/16" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", + "children": { + "PublicPool0": { + "id": "PublicPool0", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:props": { + "addressFamily": "ipv6", + "awsService": "ec2", + "ipamScopeId": { + "Fn::GetAtt": [ + "IpamTestIpam6C9298EF", + "PublicDefaultScopeId" + ] + }, + "locale": "us-west-2", + "publicIpSource": "amazon" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "version": "0.0.0" + } + }, + "PublicPool0Cidr": { + "id": "PublicPool0Cidr", + "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", + "aws:cdk:cloudformation:props": { + "ipamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "netmaskLength": 52 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", + "version": "0.0.0" + } + }, + "VPC-integ-test-1": { + "id": "VPC-integ-test-1", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "ipv4IpamCidr": { + "id": "ipv4IpamCidr", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "ipv4IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPrivatePool039C763DC", + "IpamPoolId" + ] + }, + "ipv4NetmaskLength": 20, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "Ipv6IpamCidr": { + "id": "Ipv6IpamCidr", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Ipv6IpamCidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "ipv6IpamPoolId": { + "Fn::GetAtt": [ + "IpamTestPublicPool0C44B7C49", + "IpamPoolId" + ] + }, + "ipv6NetmaskLength": 60, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", + "version": "0.0.0" + } + }, + "testsbubnet": { + "id": "testsbubnet", + "path": "aws-cdk-vpcv2-alpha/testsbubnet", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": false, + "availabilityZone": "us-west-2a", + "cidrBlock": "10.0.0.0/24", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] + }, + "subnetId": { + "Ref": "testsbubnetSubnet77337845" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-vpcv2-alpha/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-vpcv2-alpha/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "integtest-model": { + "id": "integtest-model", + "path": "integtest-model", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "integtest-model/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "integtest-model/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "integtest-model/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integtest-model/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integtest-model/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts new file mode 100644 index 0000000000000..133aa6e9649cd --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.ipam.ts @@ -0,0 +1,84 @@ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ + +import * as vpc_v2 from '../lib/vpc-v2'; +import { AddressFamily, AwsServiceName, IpCidr, Ipam, IpamPoolPublicIpSource, SubnetV2 } from '../lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as cdk from 'aws-cdk-lib'; +import { SubnetType } from 'aws-cdk-lib/aws-ec2'; + +/** + * Integ test for VPC with IPAM pool to be run with --no-clean + */ + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); + +const ipam = new Ipam(stack, 'IpamTest', { + operatingRegion: ['us-west-2'], +}); + +/**Test Ipam Pool Ipv4 */ + +const pool1 = ipam.privateScope.addPool('PrivatePool0', { + addressFamily: AddressFamily.IP_V4, + ipv4ProvisionedCidrs: ['10.2.0.0/16'], + locale: 'us-west-2', +}); + +const pool2 = ipam.publicScope.addPool('PublicPool0', { + addressFamily: AddressFamily.IP_V6, + awsService: AwsServiceName.EC2, + locale: 'us-west-2', + publicIpSource: IpamPoolPublicIpSource.AMAZON, +}); +pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); + +/** Test Ipv4 Primary and Secondary address IpvIPAM */ +const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { + primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), + secondaryAddressBlocks: [ + vpc_v2.IpAddresses.ipv4Ipam({ + ipamPool: pool1, + netmaskLength: 20, + cidrBlockName: 'ipv4IpamCidr', + }), + vpc_v2.IpAddresses.ipv6Ipam({ + ipamPool: pool2, + netmaskLength: 60, + cidrBlockName: 'Ipv6IpamCidr', + }), + ], + enableDnsHostnames: true, + enableDnsSupport: true, +}); + +/** + * Since source for IPAM IPv6 is set to amazonProvidedIPAM CIDR, + * can assign IPv6 address only after the allocation + * uncomment ipv6CidrBlock and provide valid IPv6 range + */ +new SubnetV2(stack, 'testsbubnet', { + vpc, + availabilityZone: 'us-west-2a', + ipv4CidrBlock: new IpCidr('10.0.0.0/24'), + //defined on the basis of allocation done in IPAM console + //ipv6CidrBlock: new Ipv6Cidr('2a05:d02c:25:4000::/60'), + subnetType: SubnetType.PRIVATE_ISOLATED, +}); + +/** + * Integ test for VPC with IPAM pool to be run with --no-clean + * due to dependency on de-allocation of provisioned ipv6 CIDR + */ +new IntegTest(app, 'integtest-model', { + testCases: [stack], +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json index f61a2717f93a6..953b3a4ae82e9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f": { + "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7": { "source": { "path": "aws-cdk-routev2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "objectKey": "a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json index 140f9ebf102e0..0aa074e2e7b1f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json index b9734dc366438..6f27e2c04e801 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3": { + "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50": { "source": { "path": "aws-cdk-routev2-dynamodbendpoint-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "objectKey": "8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json index 1fc8a4ff1bbe3..7aaf0a70fd923 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-dynamodbendpoint-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json index b27c0c57931d5..d17484319eef3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d": { + "b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385": { "source": { "path": "aws-cdk-routev2-egressonlyigw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "objectKey": "b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json index 1c4d9adad8e08..cd3a0c0a42484 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-egressonlyigw-alpha.template.json @@ -32,11 +32,30 @@ } } }, + "TestRoottableeigwRouteF867084E": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "::/0", + "DestinationIpv6CidrBlock": "::/0", + "EgressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWEIGW54CCAD37", + "Id" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "eigwSubnetCC28B9F9": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ @@ -76,25 +95,6 @@ ] } } - }, - "testEIGWRouteEB4FE8D5": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "EgressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json index 677f15417b1ed..a62abd102c23c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038": { + "62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b": { "source": { "path": "aws-cdk-routev2-igw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "objectKey": "62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json index 1ddb6c3cc40d9..1e21b3bc2c96f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-igw-alpha.template.json @@ -32,11 +32,46 @@ } } }, + "TestRoottableigwRouteC52EF731": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottableigwRouteGWAttachment4B3E8FD9": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "igw127F1970", + "VpcId" + ] + } + } + }, "igwSubnetF238E402": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -79,42 +114,6 @@ }, "testIGW8D947AF2": { "Type": "AWS::EC2::InternetGateway" - }, - "testIGWRoute7696715B": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testIGWRouteGWAttachmentB0836D42": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "igw127F1970", - "VpcId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json index 733952daae63f..805e32a041de3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f": { + "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38": { "source": { "path": "aws-cdk-routev2-networkif-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "objectKey": "434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json index d796497fc5388..1e157df23a14a 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-networkif-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json index 591ec9e8d3066..6fae013fe0a29 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239": { + "a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd": { "source": { "path": "aws-cdk-routev2-privatenatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "objectKey": "a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json index f2ed7e0d44c03..654e1e1de840e 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-privatenatgw-alpha.template.json @@ -32,11 +32,29 @@ } } }, + "TestRoottablenatGwPrivRoute9F8908DE": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "natgwprivSubnetE547C5A0": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -94,25 +112,6 @@ "DependsOn": [ "natgwprivSubnetRouteTableAssociation9E115869" ] - }, - "testNATGWRoute7A26EC80": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json index 29398ffe76faa..f59abe7b20923 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441": { + "85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047": { "source": { "path": "aws-cdk-routev2-publicnatgw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "objectKey": "85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json index 5f80cf56a0aa5..81030e32ede4d 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-publicnatgw-alpha.template.json @@ -32,11 +32,64 @@ } } }, + "TestRoottablenatGwRoute31868FBF": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottablenatGwRouteGWAttachment1D9CDF77": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "natgwpub2FB85986", + "VpcId" + ] + } + } + }, + "TestRoottablenatGwPubRoute0463E2F5": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, "natgwpubSubnet79D316E5": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -80,42 +133,6 @@ "testNATgwIGW6AC97E9A": { "Type": "AWS::EC2::InternetGateway" }, - "testnatgwigwRouteE8D2BF39": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "242.0.0.0/32", - "DestinationIpv6CidrBlock": "242.0.0.0/32", - "GatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testnatgwigwRouteGWAttachmentB8E1033C": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "VpcId": { - "Fn::GetAtt": [ - "natgwpub2FB85986", - "VpcId" - ] - } - } - }, "testNATgwEIP1C260FAD": { "Type": "AWS::EC2::EIP", "Properties": { @@ -146,25 +163,6 @@ "DependsOn": [ "natgwpubSubnetRouteTableAssociation019CE26A" ] - }, - "testNATGWRoute7A26EC80": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json index 601d17d534bb8..0cd2e52e78a44 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107": { + "fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924": { "source": { "path": "aws-cdk-routev2-virtualprivategw-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "objectKey": "fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json index f96743310fabe..b25f6ff502905 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-virtualprivategw-alpha.template.json @@ -32,11 +32,46 @@ } } }, + "TestRoottablevpgwRouteAD510A2A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "TestRoottablevpgwRouteGWAttachmentDD0077EE": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "vpgw2AB64B6B", + "VpcId" + ] + }, + "VpnGatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + } + } + }, "vpgwSubnet5E7F36AD": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ @@ -82,42 +117,6 @@ "Properties": { "Type": "ipsec.1" } - }, - "testVPGWRouteA169B1AA": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "DestinationIpv6CidrBlock": "0.0.0.0/0", - "GatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - }, - "RouteTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "testVPGWRouteGWAttachment01E74575": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "vpgw2AB64B6B", - "VpcId" - ] - }, - "VpnGatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - } - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json index fa96e660e9d19..94cc48acf6542 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { - "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473": { + "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8": { "source": { "path": "aws-cdk-routev2-vpcpeerconnection-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "objectKey": "fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json index 804f7b179ac91..7f195e58f758f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/aws-cdk-routev2-vpcpeerconnection-alpha.template.json @@ -36,7 +36,7 @@ "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "us-west-1a", + "AvailabilityZone": "us-east-1a", "CidrBlock": "10.0.0.0/24", "Ipv6CidrBlock": { "Fn::Select": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out index 1f0068d32659a..bd5311dc372de 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"36.0.0"} \ No newline at end of file +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json index 4ba304a14b0f1..488691ab97ceb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "testCases": { "integtest-model-8/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json index db0c4fcd06799..6f5363d26cf89 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel0DefaultTestDeployAssertA16689B0.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json index 494dbc93fd34d..9094ce35beea5 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel1DefaultTestDeployAssert46FEDE40.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json index 063e77bfac0d8..29387894579ea 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel2DefaultTestDeployAssert04E3783E.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json index 3b7039646f51f..6afa1f9195a7b 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel3DefaultTestDeployAssertF3FA2F74.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json index a760a50f08dc1..2170d2cd526f2 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel4DefaultTestDeployAssert4B12233C.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json index 34f6c443f8be6..aed458dfb9b1f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel5DefaultTestDeployAssertC0DDB875.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json index 933d02b8072da..29423943325fc 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel6DefaultTestDeployAssert90B004F4.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json index 57cecd7995331..6fe2b5a955f17 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel7DefaultTestDeployAssert4C509DCE.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json index c9d2f2fc69193..d9fd3cff95553 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/integtestmodel8DefaultTestDeployAssert77221752.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json index 2dec0815f28b0..2e922475b66bf 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "36.0.5", "artifacts": { "aws-cdk-routev2-alpha.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b3d06cef480a17aaf78379d18a13893141f2d689a23bcbbcf34b284e77752b0f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a963276e8401c096a74f0dc50ac7d80bb5f2bff399fce8c571660a0684ff54b7.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -97,7 +97,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6cd56bb964ed1f90f0206d705f085aef381173834b50d5ba372fa2185156d51d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b0e303439a83ae17adf592a6599e13f880529abf2f46f433af0742284a224385.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -132,6 +132,12 @@ "data": "TestRoottableRouteTableFA28AA38" } ], + "/aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottableeigwRouteF867084E" + } + ], "/aws-cdk-routev2-egressonlyigw-alpha/eigwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -150,12 +156,6 @@ "data": "testEOIGWEIGW54CCAD37" } ], - "/aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "testEIGWRouteEB4FE8D5" - } - ], "/aws-cdk-routev2-egressonlyigw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -188,7 +188,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/44c69eec973961e184209d04e6e45c230320a2f7a110f0275431dc0587273038.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/62f0873928dbdff7cc7c914e7275014da0d4f8e188fb633ea74a8cae7129ea0b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -223,34 +223,34 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-igw-alpha/igwSubnet/Subnet": [ + "/aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "igwSubnetF238E402" + "data": "TestRoottableigwRouteC52EF731" } ], - "/aws-cdk-routev2-igw-alpha/igwSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "igwSubnetRouteTableAssociationA48C27F3" + "data": "TestRoottableigwRouteGWAttachment4B3E8FD9" } ], - "/aws-cdk-routev2-igw-alpha/testIGW/IGW": [ + "/aws-cdk-routev2-igw-alpha/igwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testIGW8D947AF2" + "data": "igwSubnetF238E402" } ], - "/aws-cdk-routev2-igw-alpha/testIGWRoute/Route": [ + "/aws-cdk-routev2-igw-alpha/igwSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testIGWRoute7696715B" + "data": "igwSubnetRouteTableAssociationA48C27F3" } ], - "/aws-cdk-routev2-igw-alpha/testIGWRoute/GWAttachment": [ + "/aws-cdk-routev2-igw-alpha/testIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testIGWRouteGWAttachmentB0836D42" + "data": "testIGW8D947AF2" } ], "/aws-cdk-routev2-igw-alpha/BootstrapVersion": [ @@ -285,7 +285,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2318541485e9424ef1bba0f0bb0e0e91e2759dc53597436fb250a8605e5e0107.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa2b156112be3f11361259d8aaafcd552d28499bba4cc881642fdc98bc04c924.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -320,34 +320,34 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/Subnet": [ + "/aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "vpgwSubnet5E7F36AD" + "data": "TestRoottablevpgwRouteAD510A2A" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "vpgwSubnetRouteTableAssociation49921F90" + "data": "TestRoottablevpgwRouteGWAttachmentDD0077EE" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGW/IGW": [ + "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWIGW816C7C4F" + "data": "vpgwSubnet5E7F36AD" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/Route": [ + "/aws-cdk-routev2-virtualprivategw-alpha/vpgwSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWRouteA169B1AA" + "data": "vpgwSubnetRouteTableAssociation49921F90" } ], - "/aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/GWAttachment": [ + "/aws-cdk-routev2-virtualprivategw-alpha/testVPGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testVPGWRouteGWAttachment01E74575" + "data": "testVPGWIGW816C7C4F" } ], "/aws-cdk-routev2-virtualprivategw-alpha/BootstrapVersion": [ @@ -382,7 +382,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6592172436ea6af85dd73663ffd81cc1342c29574aa00f4dacf5179cf3054441.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/85cd968be34ab2030a45e0e808082aa88035954029c2b379b38368ed20327047.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -417,52 +417,52 @@ "data": "TestRoottableRouteTableFA28AA38" } ], - "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/Subnet": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "natgwpubSubnet79D316E5" + "data": "TestRoottablenatGwRoute31868FBF" } ], - "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/RouteTableAssociation": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "natgwpubSubnetRouteTableAssociation019CE26A" + "data": "TestRoottablenatGwRouteGWAttachment1D9CDF77" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgwIGW/IGW": [ + "/aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwIGW6AC97E9A" + "data": "TestRoottablenatGwPubRoute0463E2F5" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/Route": [ + "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "testnatgwigwRouteE8D2BF39" + "data": "natgwpubSubnet79D316E5" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/GWAttachment": [ + "/aws-cdk-routev2-publicnatgw-alpha/natgw_pubSubnet/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "testnatgwigwRouteGWAttachmentB8E1033C" + "data": "natgwpubSubnetRouteTableAssociation019CE26A" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/EIP": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgwIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwEIP1C260FAD" + "data": "testNATgwIGW6AC97E9A" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/NATGateway": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/EIP": [ { "type": "aws:cdk:logicalId", - "data": "testNATgwNATGateway1533420D" + "data": "testNATgwEIP1C260FAD" } ], - "/aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute/Route": [ + "/aws-cdk-routev2-publicnatgw-alpha/testNATgw/NATGateway": [ { "type": "aws:cdk:logicalId", - "data": "testNATGWRoute7A26EC80" + "data": "testNATgwNATGateway1533420D" } ], "/aws-cdk-routev2-publicnatgw-alpha/BootstrapVersion": [ @@ -497,7 +497,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/89c945d2b4cb2aa79cca0e52ea8fa68849a586495b0a27b7de229ae44b3c5239.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a4d43e15d95d55923771937ed74a05c6bd09a65f55f0c99a5ba9ca05069d7cbd.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -532,6 +532,12 @@ "data": "TestRoottableRouteTableFA28AA38" } ], + "/aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "TestRoottablenatGwPrivRoute9F8908DE" + } + ], "/aws-cdk-routev2-privatenatgw-alpha/natgw_privSubnet/Subnet": [ { "type": "aws:cdk:logicalId", @@ -550,12 +556,6 @@ "data": "testNATgwNATGateway1533420D" } ], - "/aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute/Route": [ - { - "type": "aws:cdk:logicalId", - "data": "testNATGWRoute7A26EC80" - } - ], "/aws-cdk-routev2-privatenatgw-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -588,7 +588,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/087e3b456bae228983dc7a31eea1570bfeccfd6b4f163b7e10a2af07dc31291f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/434c826abb6c12fb9eebf4adb6aae43788ba6e2a204ad7eea6f60321e69d3b38.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -667,7 +667,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7b04eb9c84a61a91a957fceb96a85b38336f8b5999d1c0b5b972cd191926c473.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa56ca630709a15070b4208becd94454c974906d445fd83b73389524957f89e8.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -746,7 +746,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7711ae87a96bcf4e738e5904b6071f21ac59ee14247c420b0bf33d20a87348a3.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8b4b159425cc7d11fa6fd993c53e299319dd2fcea18d745e873a18d3ee156a50.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -810,15 +810,6 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } - ], - "dynamodbSecondaryIp4EEF58BFBEFB": [ - { - "type": "aws:cdk:logicalId", - "data": "dynamodbSecondaryIp4EEF58BFBEFB", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-cdk-routev2-dynamodbendpoint-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json index 7adf7f1621505..68cca1ffdc6ab 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.js.snapshot/tree.json @@ -51,7 +51,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -80,7 +80,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -95,7 +95,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -153,7 +153,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -226,7 +226,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -252,10 +252,47 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "eigwRoute": { + "id": "eigwRoute", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-egressonlyigw-alpha/TestRoottable/eigwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "::/0", + "destinationIpv6CidrBlock": "::/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "testEOIGWEIGW54CCAD37", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -270,7 +307,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ @@ -317,7 +354,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -346,44 +383,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.EgressOnlyInternetGateway", - "version": "0.0.0" - } - }, - "testEIGWRoute": { - "id": "testEIGWRoute", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-egressonlyigw-alpha/testEIGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "egressOnlyInternetGatewayId": { - "Fn::GetAtt": [ - "testEOIGWEIGW54CCAD37", - "Id" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, @@ -456,7 +456,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -482,10 +482,71 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "igwRoute": { + "id": "igwRoute", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-igw-alpha/TestRoottable/igwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "igw127F1970", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -500,7 +561,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -558,7 +619,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -580,69 +641,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "testIGWRoute": { - "id": "testIGWRoute", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-igw-alpha/testIGWRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "testIGW8D947AF2", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "igw127F1970", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -715,7 +714,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -741,10 +740,71 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "vpgwRoute": { + "id": "vpgwRoute", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-virtualprivategw-alpha/TestRoottable/vpgwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "vpgw2AB64B6B", + "VpcId" + ] + }, + "vpnGatewayId": { + "Fn::GetAtt": [ + "testVPGWIGW816C7C4F", + "VPNGatewayId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -759,7 +819,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -817,7 +877,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -841,69 +901,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VPNGateway", - "version": "0.0.0" - } - }, - "testVPGWRoute": { - "id": "testVPGWRoute", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "gatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-virtualprivategw-alpha/testVPGWRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "vpgw2AB64B6B", - "VpcId" - ] - }, - "vpnGatewayId": { - "Fn::GetAtt": [ - "testVPGWIGW816C7C4F", - "VPNGatewayId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGateway", "version": "0.0.0" } }, @@ -976,7 +974,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1002,10 +1000,107 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "natGwRoute": { + "id": "natGwRoute", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwRoute/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testNATgwIGW6AC97E9A", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "natgwpub2FB85986", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "natGwPubRoute": { + "id": "natGwPubRoute", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-publicnatgw-alpha/TestRoottable/natGwPubRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1020,7 +1115,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1078,7 +1173,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1100,69 +1195,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.InternetGateway", - "version": "0.0.0" - } - }, - "testnatgwigwRoute": { - "id": "testnatgwigwRoute", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "242.0.0.0/32", - "destinationIpv6CidrBlock": "242.0.0.0/32", - "gatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "GWAttachment": { - "id": "GWAttachment", - "path": "aws-cdk-routev2-publicnatgw-alpha/testnatgwigwRoute/GWAttachment", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Fn::GetAtt": [ - "testNATgwIGW6AC97E9A", - "InternetGatewayId" - ] - }, - "vpcId": { - "Fn::GetAtt": [ - "natgwpub2FB85986", - "VpcId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, @@ -1213,44 +1246,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", - "version": "0.0.0" - } - }, - "testNATGWRoute": { - "id": "testNATGWRoute", - "path": "aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-publicnatgw-alpha/testNATGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1323,7 +1319,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1349,10 +1345,46 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "natGwPrivRoute": { + "id": "natGwPrivRoute", + "path": "aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-routev2-privatenatgw-alpha/TestRoottable/natGwPrivRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Fn::GetAtt": [ + "testNATgwNATGateway1533420D", + "NatGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoottableRouteTableFA28AA38", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1367,7 +1399,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1425,7 +1457,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1458,44 +1490,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.NatGateway", - "version": "0.0.0" - } - }, - "testNATGWRoute": { - "id": "testNATGWRoute", - "path": "aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute", - "children": { - "Route": { - "id": "Route", - "path": "aws-cdk-routev2-privatenatgw-alpha/testNATGWRoute/Route", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "destinationIpv6CidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Fn::GetAtt": [ - "testNATgwNATGateway1533420D", - "NatGatewayId" - ] - }, - "routeTableId": { - "Fn::GetAtt": [ - "TestRoottableRouteTableFA28AA38", - "RouteTableId" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } }, @@ -1568,7 +1563,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1597,7 +1592,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1612,7 +1607,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1670,7 +1665,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1743,7 +1738,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1772,7 +1767,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1787,7 +1782,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -1845,7 +1840,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -1918,7 +1913,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.VpcV2", + "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", "version": "0.0.0" } }, @@ -1944,10 +1939,18 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } + }, + "dynamoRoute": { + "id": "dynamoRoute", + "path": "aws-cdk-routev2-dynamodbendpoint-alpha/TestRoottable/dynamoRoute", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.RouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -1962,7 +1965,7 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "us-west-1a", + "availabilityZone": "us-east-1a", "cidrBlock": "10.0.0.0/24", "ipv6CidrBlock": { "Fn::Select": [ @@ -2020,7 +2023,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.SubnetV2", + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", "version": "0.0.0" } }, @@ -2074,14 +2077,6 @@ "version": "0.0.0" } }, - "testDynamoRoute": { - "id": "testDynamoRoute", - "path": "aws-cdk-routev2-dynamodbendpoint-alpha/testDynamoRoute", - "constructInfo": { - "fqn": "@aws-cdk/aws-vpcv2-alpha.Route", - "version": "0.0.0" - } - }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-routev2-dynamodbendpoint-alpha/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts index 579800e7dfcb3..4f9d98b92471f 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.route-v2.ts @@ -1,39 +1,31 @@ -// /* -// * Our integration tests act as snapshot tests to make sure the rendered template is stable. -// * If any changes to the result are required, -// * you need to perform an actual CloudFormation deployment of this application, -// * and, if it is successful, a new snapshot will be written out. -// * -// * For more information on CDK integ tests, -// * see the main CONTRIBUTING.md file. -// */ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ import * as vpc_v2 from '../lib/vpc-v2'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; -// import { CarrierGateway, TransitGateway } from '../lib/route'; -import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, Route, RouteTable, VPNGateway } from '../lib/route'; +import { EgressOnlyInternetGateway, InternetGateway, NatConnectivityType, NatGateway, RouteTable, VPNGatewayV2 } from '../lib/route'; import { GatewayVpcEndpoint, GatewayVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { Fn } from 'aws-cdk-lib'; -//import { log } from 'console'; - -// as in unit tests, we use a qualified import, -// not bring in individual classes -//import * as er from '../lib'; const app = new cdk.App(); const stacks: {[id: string] : cdk.Stack} = { default: new cdk.Stack(app, 'aws-cdk-routev2-alpha', { stackName: 'DefaultVpcDeploy' }), - // 'cgw': new cdk.Stack(app, 'aws-cdk-routev2-carriergw-alpha', {stackName: 'CarrierGatewayVpc'}), eigw: new cdk.Stack(app, 'aws-cdk-routev2-egressonlyigw-alpha', { stackName: 'EgressOnlyIgwVpc' }), igw: new cdk.Stack(app, 'aws-cdk-routev2-igw-alpha', { stackName: 'InternetGatewayVpc' }), vpgw: new cdk.Stack(app, 'aws-cdk-routev2-virtualprivategw-alpha', { stackName: 'VirtualPrivateGwVpc' }), natgw_pub: new cdk.Stack(app, 'aws-cdk-routev2-publicnatgw-alpha', { stackName: 'NatGwPubVpc' }), natgw_priv: new cdk.Stack(app, 'aws-cdk-routev2-privatenatgw-alpha', { stackName: 'NatGwPrivVpc' }), nif: new cdk.Stack(app, 'aws-cdk-routev2-networkif-alpha', { stackName: 'NetworkInterfaceVpc' }), - // 'tgw': new cdk.Stack(app, 'aws-cdk-routev2-transitgw-alpha', {stackName: 'TransitGwVpc'}), vpcpc: new cdk.Stack(app, 'aws-cdk-routev2-vpcpeerconnection-alpha', { stackName: 'VpcPeerConnection' }), dynamodb: new cdk.Stack(app, 'aws-cdk-routev2-dynamodbendpoint-alpha', { stackName: 'DynamodbEndpointVpc' }), }; @@ -59,7 +51,7 @@ for (const stackName in stacks) { if (stackName == 'eigw') { const subnet = new SubnetV2(stacks[stackName], stackName + 'Subnet', { vpc: vpc, - availabilityZone: 'us-west-1a', + availabilityZone: 'us-east-1a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), subnetType: SubnetType.PRIVATE_WITH_EGRESS, routeTable: routeTables[stackName], @@ -69,7 +61,7 @@ for (const stackName in stacks) { // use empty ipv6 that doesn't overlap const subnet = new SubnetV2(stacks[stackName], stackName + 'Subnet', { vpc: vpc, - availabilityZone: 'us-west-1a', + availabilityZone: 'us-east-1a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), ipv6CidrBlock: new IpCidr(Fn.select(0, vpc.ipv6CidrBlocks)), subnetType: SubnetType.PRIVATE_WITH_EGRESS, @@ -82,48 +74,28 @@ for (const stackName in stacks) { const eigw = new EgressOnlyInternetGateway(stacks.eigw, 'testEOIGW', { vpc: vpcs.eigw, }); -new Route(stacks.eigw, 'testEIGWRoute', { - routeTable: routeTables.eigw, - destination: '0.0.0.0/0', - target: { gateway: eigw }, -}); +routeTables.eigw.addRoute('eigwRoute', '::/0', { gateway: eigw }); const igw = new InternetGateway(stacks.igw, 'testIGW', { vpc: vpcs.igw, }); -new Route(stacks.igw, 'testIGWRoute', { - routeTable: routeTables.igw, - destination: '0.0.0.0/0', - target: { gateway: igw }, -}); +routeTables.igw.addRoute('igwRoute', '0.0.0.0/0', { gateway: igw }); -const vpgw = new VPNGateway(stacks.vpgw, 'testVPGW', { +const vpgw = new VPNGatewayV2(stacks.vpgw, 'testVPGW', { type: VpnConnectionType.IPSEC_1, vpc: vpcs.vpgw, }); -new Route(stacks.vpgw, 'testVPGWRoute', { - routeTable: routeTables.vpgw, - destination: '0.0.0.0/0', - target: { gateway: vpgw }, -}); +routeTables.vpgw.addRoute('vpgwRoute', '0.0.0.0/0', { gateway: vpgw }); const natGwIgw = new InternetGateway(stacks.natgw_pub, 'testNATgwIGW', { vpc: vpcs.natgw_pub, }); -new Route(stacks.natgw_pub, 'testnatgwigwRoute', { - routeTable: routeTables.natgw_pub, - destination: '242.0.0.0/32', - target: { gateway: natGwIgw }, -}); +routeTables.natgw_pub.addRoute('natGwRoute', '0.0.0.0/0', { gateway: natGwIgw }); const natGwPub = new NatGateway(stacks.natgw_pub, 'testNATgw', { subnet: subnets.natgw_pub, vpc: vpcs.natgw_pub, }); -new Route(stacks.natgw_pub, 'testNATGWRoute', { - routeTable: routeTables.natgw_pub, - destination: '0.0.0.0/0', - target: { gateway: natGwPub }, -}); +routeTables.natgw_pub.addRoute('natGwPubRoute', '0.0.0.0/0', { gateway: natGwPub }); const natGwPriv = new NatGateway(stacks.natgw_priv, 'testNATgw', { subnet: subnets.natgw_priv, @@ -134,22 +106,14 @@ const natGwPriv = new NatGateway(stacks.natgw_priv, 'testNATgw', { '10.0.0.43', '10.0.0.44', '10.0.0.45', ], }); -new Route(stacks.natgw_priv, 'testNATGWRoute', { - routeTable: routeTables.natgw_priv, - destination: '0.0.0.0/0', - target: { gateway: natGwPriv }, -}); +routeTables.natgw_priv.addRoute('natGwPrivRoute', '0.0.0.0/0', { gateway: natGwPriv }); const dynamoEndpoint = new GatewayVpcEndpoint(stacks.dynamodb, 'testDynamoEndpoint', { service: GatewayVpcEndpointAwsService.DYNAMODB, vpc: vpcs.dynamodb, subnets: [subnets.dynamodb], }); -new Route(stacks.dynamodb, 'testDynamoRoute', { - routeTable: routeTables.dynamodb, - destination: '0.0.0.0/0', - target: { endpoint: dynamoEndpoint }, -}); +routeTables.dynamodb.addRoute('dynamoRoute', '0.0.0.0/0', { endpoint: dynamoEndpoint }); var i = 0; for (const stackName in stacks) { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json index 8fa7b0508afb2..d72a02628c295 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c": { + "3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628": { "source": { "path": "aws-cdk-vpcv2-alpha-new.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "objectKey": "3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json index f6cffbdb23c5d..50fbb4892afdb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/aws-cdk-vpcv2-alpha-new.template.json @@ -1,43 +1,6 @@ { "Resources": { - "Ipam50346F82": { - "Type": "AWS::EC2::IPAM", - "Properties": { - "OperatingRegions": [ - { - "RegionName": "eu-west-2" - } - ] - } - }, - "IpamPublicPool050D6AA6C": { - "Type": "AWS::EC2::IPAMPool", - "Properties": { - "AddressFamily": "ipv6", - "AwsService": "ec2", - "IpamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, - "Locale": "eu-west-2", - "PublicIpSource": "amazon" - } - }, - "IpamPublicPool0PublicPool0CidrAC7F711E": { - "Type": "AWS::EC2::IPAMPoolCidr", - "Properties": { - "IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "NetmaskLength": 52 - } - }, - "VPCTestFB735C86": { + "SubnetTest3296A161": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", @@ -46,106 +9,64 @@ "InstanceTenancy": "default" } }, - "VPCTestIpv6IpamCidrD5C271DD": { + "SubnetTestSecondaryTestBDE45F82": { "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "Ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "Ipv6NetmaskLength": 56, + "AmazonProvidedIpv6CidrBlock": true, "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } - }, - "DependsOn": [ - "IpamPublicPool0PublicPool0CidrAC7F711E" - ] - }, - "VPCTestVpnGateway51EEED38": { - "Type": "AWS::EC2::VPNGateway", - "Properties": { - "Type": "ipsec.1" } }, - "VPCTestVPCVPNGW0A869280": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "VpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - }, - "VpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "VPCTestRoutePropagationFEA3011A": { - "Type": "AWS::EC2::VPNGatewayRoutePropagation", - "Properties": { - "RouteTableIds": [ - { - "Ref": "testsbubnetRouteTableF40F025B" - } - ], - "VpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - }, - "DependsOn": [ - "VPCTestVPCVPNGW0A869280" - ] - }, - "testsbubnetSubnet77337845": { + "testSubnet1Subnet72087287": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-west-2a", + "AvailabilityZone": "us-west-2a", "CidrBlock": "10.0.0.0/24", "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, - "testsbubnetRouteTableF40F025B": { + "testSubnet1RouteTableB5FDDF81": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, - "testsbubnetRouteTableAssociationD6D083FA": { + "testSubnet1RouteTableAssociation1DA9E185": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testSubnet1RouteTableB5FDDF81", + "RouteTableId" + ] }, "SubnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" } }, "DependsOn": [ - "VPCTestIpv6IpamCidrD5C271DD" + "SubnetTestSecondaryTestBDE45F82" ] }, "InstanceInstanceSecurityGroupF0E2D5BE": { @@ -167,7 +88,7 @@ ], "VpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -209,7 +130,7 @@ "InstanceC1063A87": { "Type": "AWS::EC2::Instance", "Properties": { - "AvailabilityZone": "eu-west-2a", + "AvailabilityZone": "us-west-2a", "IamInstanceProfile": { "Ref": "InstanceInstanceProfileAB5AEF02" }, @@ -226,7 +147,7 @@ } ], "SubnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" }, "Tags": [ { @@ -241,6 +162,93 @@ "DependsOn": [ "InstanceInstanceRoleE9785DE5" ] + }, + "testIGW8D947AF2": { + "Type": "AWS::EC2::InternetGateway" + }, + "testIGWGWAttachment682A6782": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "TestRoutetableRouteTable7B7B907D": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "TestRoutetableeigwRouteCDE8BBAF": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "testIGWGWAttachment682A6782", + "testIGW8D947AF2" + ] + }, + "testSubnet2Subnet4681911A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": false, + "AvailabilityZone": "us-west-2a", + "CidrBlock": "10.0.1.0/24", + "VpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + }, + "DependsOn": [ + "SubnetTestSecondaryTestBDE45F82" + ] + }, + "testSubnet2RouteTableAssociation40DCE4CD": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + }, + "SubnetId": { + "Ref": "testSubnet2Subnet4681911A" + } + }, + "DependsOn": [ + "SubnetTestSecondaryTestBDE45F82" + ] } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json index f6b54e8178156..63a3c3fdc4a8c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/936d55c8ae74b8dbe0de8c85d4bec3718ce3f73a71342f5852a5a5586485c23c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3d3ee41ce855ed1f43bd76cb02f20825b0d6ea6965e4974823890801f598e628.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,100 +34,106 @@ "aws-cdk-vpcv2-alpha-new.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha-new/Ipam/Ipam": [ + "/aws-cdk-vpcv2-alpha-new/SubnetTest/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Ipam50346F82" + "data": "SubnetTest3296A161" } ], - "/aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0": [ + "/aws-cdk-vpcv2-alpha-new/SubnetTest/SecondaryTest": [ { "type": "aws:cdk:logicalId", - "data": "IpamPublicPool050D6AA6C" + "data": "SubnetTestSecondaryTestBDE45F82" } ], - "/aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0Cidr": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "IpamPublicPool0PublicPool0CidrAC7F711E" + "data": "testSubnet1Subnet72087287" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestFB735C86" + "data": "testSubnet1RouteTableB5FDDF81" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/Ipv6IpamCidr": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestIpv6IpamCidrD5C271DD" + "data": "testSubnet1RouteTableAssociation1DA9E185" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway/Default": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestVpnGateway51EEED38" + "data": "InstanceInstanceSecurityGroupF0E2D5BE", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/VPCVPNGW": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestVPCVPNGW0A869280" + "data": "InstanceInstanceRoleE9785DE5" } ], - "/aws-cdk-vpcv2-alpha-new/VPCTest/RoutePropagation": [ + "/aws-cdk-vpcv2-alpha-new/Instance/InstanceProfile": [ { "type": "aws:cdk:logicalId", - "data": "VPCTestRoutePropagationFEA3011A" + "data": "InstanceInstanceProfileAB5AEF02" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/Subnet": [ + "/aws-cdk-vpcv2-alpha-new/Instance/Resource": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetSubnet77337845" + "data": "InstanceC1063A87", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha-new/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" } ], - "/aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation": [ + "/aws-cdk-vpcv2-alpha-new/testIGW/IGW": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableAssociationD6D083FA" + "data": "testIGW8D947AF2" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceSecurityGroup/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testIGW/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceSecurityGroupF0E2D5BE" + "data": "testIGWGWAttachment682A6782" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceRole/Resource": [ + "/aws-cdk-vpcv2-alpha-new/TestRoutetable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceRoleE9785DE5" + "data": "TestRoutetableRouteTable7B7B907D" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/InstanceProfile": [ + "/aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceProfileAB5AEF02" + "data": "TestRoutetableeigwRouteCDE8BBAF" } ], - "/aws-cdk-vpcv2-alpha-new/Instance/Resource": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "InstanceC1063A87" + "data": "testSubnet2Subnet4681911A" } ], - "/aws-cdk-vpcv2-alpha-new/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + "/aws-cdk-vpcv2-alpha-new/testSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + "data": "testSubnet2RouteTableAssociation40DCE4CD" } ], "/aws-cdk-vpcv2-alpha-new/BootstrapVersion": [ @@ -141,6 +147,105 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "Ipam50346F82": [ + { + "type": "aws:cdk:logicalId", + "data": "Ipam50346F82", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamPublicPool050D6AA6C": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamPublicPool050D6AA6C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "IpamPublicPool0PublicPool0CidrAC7F711E": [ + { + "type": "aws:cdk:logicalId", + "data": "IpamPublicPool0PublicPool0CidrAC7F711E", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestFB735C86": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestFB735C86", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestIpv6IpamCidrD5C271DD": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestIpv6IpamCidrD5C271DD", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestVpnGateway51EEED38": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestVpnGateway51EEED38", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestVPCVPNGW0A869280": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestVPCVPNGW0A869280", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCTestRoutePropagationFEA3011A": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCTestRoutePropagationFEA3011A", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetSubnet77337845": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetSubnet77337845", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetRouteTableF40F025B": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableF40F025B", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "testsbubnetRouteTableAssociationD6D083FA": [ + { + "type": "aws:cdk:logicalId", + "data": "testsbubnetRouteTableAssociationD6D083FA", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha-new" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json index f1f62b0a8a30e..8cee5fa9bf37c 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.js.snapshot/tree.json @@ -8,94 +8,13 @@ "id": "aws-cdk-vpcv2-alpha-new", "path": "aws-cdk-vpcv2-alpha-new", "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha-new/Ipam", - "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/Ipam", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", - "aws:cdk:cloudformation:props": { - "operatingRegions": [ - { - "regionName": "eu-west-2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", - "version": "0.0.0" - } - }, - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0", - "children": { - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", - "aws:cdk:cloudformation:props": { - "addressFamily": "ipv6", - "awsService": "ec2", - "ipamScopeId": { - "Fn::GetAtt": [ - "Ipam50346F82", - "PublicDefaultScopeId" - ] - }, - "locale": "eu-west-2", - "publicIpSource": "amazon" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", - "version": "0.0.0" - } - }, - "PublicPool0Cidr": { - "id": "PublicPool0Cidr", - "path": "aws-cdk-vpcv2-alpha-new/Ipam/PublicPool0/PublicPool0Cidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", - "aws:cdk:cloudformation:props": { - "ipamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "netmaskLength": 52 - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", - "version": "0.0.0" - } - }, - "VPCTest": { - "id": "VPCTest", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest", + "SubnetTest": { + "id": "SubnetTest", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest", "children": { "Resource": { "id": "Resource", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/Resource", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { @@ -110,22 +29,16 @@ "version": "0.0.0" } }, - "Ipv6IpamCidr": { - "id": "Ipv6IpamCidr", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/Ipv6IpamCidr", + "SecondaryTest": { + "id": "SecondaryTest", + "path": "aws-cdk-vpcv2-alpha-new/SubnetTest/SecondaryTest", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { - "ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamPublicPool050D6AA6C", - "IpamPoolId" - ] - }, - "ipv6NetmaskLength": 56, + "amazonProvidedIpv6CidrBlock": true, "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -135,73 +48,6 @@ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } - }, - "VpnGateway": { - "id": "VpnGateway", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VpnGateway/Default", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPNGateway", - "aws:cdk:cloudformation:props": { - "type": "ipsec.1" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.VpnGateway", - "version": "0.0.0" - } - }, - "VPCVPNGW": { - "id": "VPCVPNGW", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/VPCVPNGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] - }, - "vpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - }, - "RoutePropagation": { - "id": "RoutePropagation", - "path": "aws-cdk-vpcv2-alpha-new/VPCTest/RoutePropagation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", - "aws:cdk:cloudformation:props": { - "routeTableIds": [ - { - "Ref": "testsbubnetRouteTableF40F025B" - } - ], - "vpnGatewayId": { - "Ref": "VPCTestVpnGateway51EEED38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", - "version": "0.0.0" - } } }, "constructInfo": { @@ -209,22 +55,22 @@ "version": "0.0.0" } }, - "testsbubnet": { - "id": "testsbubnet", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet", + "testSubnet1": { + "id": "testSubnet1", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/Subnet", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-west-2a", + "availabilityZone": "us-west-2a", "cidrBlock": "10.0.0.0/24", "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -237,7 +83,7 @@ }, "Acl": { "id": "Acl", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/Acl", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/Acl", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -245,34 +91,47 @@ }, "RouteTable": { "id": "RouteTable", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "VPCTestFB735C86", - "VpcId" - ] + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "aws-cdk-vpcv2-alpha-new/testsbubnet/RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testSubnet1RouteTableB5FDDF81", + "RouteTableId" + ] }, "subnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" } } }, @@ -317,7 +176,7 @@ ], "vpcId": { "Fn::GetAtt": [ - "VPCTestFB735C86", + "SubnetTest3296A161", "VpcId" ] } @@ -407,7 +266,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Instance", "aws:cdk:cloudformation:props": { - "availabilityZone": "eu-west-2a", + "availabilityZone": "us-west-2a", "iamInstanceProfile": { "Ref": "InstanceInstanceProfileAB5AEF02" }, @@ -424,7 +283,7 @@ } ], "subnetId": { - "Ref": "testsbubnetSubnet77337845" + "Ref": "testSubnet1Subnet72087287" }, "tags": [ { @@ -464,6 +323,180 @@ "version": "0.0.0" } }, + "testIGW": { + "id": "testIGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha-new/testIGW/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha-new/testIGW/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", + "version": "0.0.0" + } + }, + "TestRoutetable": { + "id": "TestRoutetable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "eigwRoute": { + "id": "eigwRoute", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha-new/TestRoutetable/eigwRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Fn::GetAtt": [ + "testIGW8D947AF2", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "testSubnet2": { + "id": "testSubnet2", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": false, + "availabilityZone": "us-west-2a", + "cidrBlock": "10.0.1.0/24", + "vpcId": { + "Fn::GetAtt": [ + "SubnetTest3296A161", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-vpcv2-alpha-new/testSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Fn::GetAtt": [ + "TestRoutetableRouteTable7B7B907D", + "RouteTableId" + ] + }, + "subnetId": { + "Ref": "testSubnet2Subnet4681911A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.SubnetV2", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha-new/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts index 529b1cdcc5f40..a584b26038aeb 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.subnet-v2.ts @@ -10,7 +10,7 @@ import * as vpc_v2 from '../lib/vpc-v2'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; -import { AddressFamily, AwsServiceName, IpCidr, Ipam, IpamPoolPublicIpSource, SubnetV2 } from '../lib'; +import { InternetGateway, IpCidr, RouteTable, SubnetV2 } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; import { SubnetType } from 'aws-cdk-lib/aws-ec2'; @@ -19,28 +19,10 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha-new'); -const ipam = new Ipam(stack, 'Ipam', { - operatingRegion: ['eu-west-2'], //set to the region stack is being deployed to -}); - -/** - * Integ test for VPC with IPAM pool to be run with --no-clean - */ -const pool2 = ipam.publicScope.addPool('PublicPool0', { - addressFamily: AddressFamily.IP_V6, - awsService: AwsServiceName.EC2, - locale: 'eu-west-2', //set to the region stack is being deployed to - publicIpSource: IpamPoolPublicIpSource.AMAZON, -}); - -pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); - -const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { +const vpc = new vpc_v2.VpcV2(stack, 'SubnetTest', { primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), - secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ - ipamPool: pool2, - netmaskLength: 56, - cidrBlockName: 'Ipv6IpamCidr', + secondaryAddressBlocks: [vpc_v2.IpAddresses.amazonProvidedIpv6( { + cidrBlockName: 'SecondaryTest', })], enableDnsHostnames: true, enableDnsSupport: true, @@ -51,28 +33,42 @@ const vpc = new vpc_v2.VpcV2(stack, 'VPCTest', { * can assign IPv6 address only after the allocation * uncomment ipv6CidrBlock and provide valid IPv6 range */ -new SubnetV2(stack, 'testsbubnet', { +new SubnetV2(stack, 'testSubnet1', { vpc, - availabilityZone: 'eu-west-2a', + availabilityZone: 'us-west-2a', ipv4CidrBlock: new IpCidr('10.0.0.0/24'), //defined on the basis of allocation done in IPAM console //ipv6CidrBlock: new Ipv6Cidr('2a05:d02c:25:4000::/60'), subnetType: SubnetType.PRIVATE_ISOLATED, }); -vpc.enableVpnGateway({ - vpnRoutePropagation: [{ - subnetType: SubnetType.PRIVATE_ISOLATED, // optional, defaults to "PUBLIC" - }], - type: 'ipsec.1', -}); - +/**Test compatibility with existing construct */ new ec2.Instance(stack, 'Instance', { vpc, instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO), machineImage: new ec2.AmazonLinuxImage(), }); +/** Test route table association */ + +const igw = new InternetGateway(stack, 'testIGW', { + vpc, +}); + +const routeTable = new RouteTable(stack, 'TestRoutetable', { + vpc, +}); + +routeTable.addRoute('eigwRoute', '0.0.0.0/0', { gateway: igw }); + +new SubnetV2(stack, 'testSubnet2', { + vpc, + availabilityZone: 'us-west-2a', + ipv4CidrBlock: new IpCidr('10.0.1.0/24'), + routeTable: routeTable, + subnetType: SubnetType.PUBLIC, +}); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json index edea907079f09..ec6f321d9d708 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.assets.json @@ -1,7 +1,7 @@ { "version": "36.0.5", "files": { - "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0": { + "353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf": { "source": { "path": "aws-cdk-vpcv2-alpha.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "objectKey": "353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json index 69b67454af10b..444a4d76a15c3 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/aws-cdk-vpcv2-alpha.template.json @@ -1,79 +1,121 @@ { "Resources": { - "IpamTestIpam6C9298EF": { - "Type": "AWS::EC2::IPAM", + "VPCintegtest1EBA1CB75": { + "Type": "AWS::EC2::VPC", "Properties": { - "OperatingRegions": [ - { - "RegionName": "eu-central-1" - } - ] + "CidrBlock": "10.1.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default" } }, - "IpamTestPrivatePool039C763DC": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1SecondaryAddress256BAC1D3": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv4", - "IpamScopeId": { + "CidrBlock": "10.2.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "ProvisionedCidrs": [ - { - "Cidr": "10.2.0.0/16" - } - ] + } } }, - "IpamTestPublicPool0C44B7C49": { - "Type": "AWS::EC2::IPAMPool", + "VPCintegtest1AmazonProvidedE0445E5C": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "AddressFamily": "ipv6", - "AwsService": "ec2", - "IpamScopeId": { + "AmazonProvidedIpv6CidrBlock": true, + "VpcId": { "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "Locale": "eu-central-1", - "PublicIpSource": "amazon" + } } }, - "IpamTestPublicPool0PublicPool0CidrC57CE00C": { - "Type": "AWS::EC2::IPAMPoolCidr", + "VPCintegtest1SecondaryAddress3BCA08E40": { + "Type": "AWS::EC2::VPCCidrBlock", "Properties": { - "IpamPoolId": { + "CidrBlock": "10.3.0.0/16", + "VpcId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EBA1CB75", + "VpcId" ] - }, - "NetmaskLength": 52 + } } }, - "VPCintegtest1EBA1CB75": { - "Type": "AWS::EC2::VPC", + "VPCintegtest1TestGWendpoint6276409E": { + "Type": "AWS::EC2::VPCEndpoint", "Properties": { - "CidrBlock": "10.0.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + "RouteTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] + ] + }, + "VpcEndpointType": "Gateway", + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, - "VPCintegtest1ipv4IpamCidr8105B4E4": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7": { + "Type": "AWS::EC2::SecurityGroup", "Properties": { - "Ipv4IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" - ] - }, - "Ipv4NetmaskLength": 20, + "GroupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "SecurityGroupIngress": [ + { + "CidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "Description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + }, + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -82,10 +124,39 @@ } } }, - "VPCintegtest1AmazonProvidedE0445E5C": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1TestInterfaceEndpoint7B63C4C3": { + "Type": "AWS::EC2::VPCEndpoint", "Properties": { - "AmazonProvidedIpv6CidrBlock": true, + "PrivateDnsEnabled": true, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] + } + ], + "ServiceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] + ] + }, + "SubnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "VpcEndpointType": "Interface", "VpcId": { "Fn::GetAtt": [ "VPCintegtest1EBA1CB75", @@ -94,211 +165,357 @@ } } }, - "Vpcintegtest20DAD8F9D": { - "Type": "AWS::EC2::VPC", + "VPCintegtest1EgressOnlyGWEIGW440911B4": { + "Type": "AWS::EC2::EgressOnlyInternetGateway", "Properties": { - "CidrBlock": "10.1.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default" + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, - "Vpcintegtest2Ipv6IpamCidrFF84EC2B": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1validateIpv6EgressRouteB2A1DA27": { + "Type": "AWS::EC2::Route", "Properties": { - "Ipv6IpamPoolId": { + "DestinationIpv6CidrBlock": "::/0", + "EgressOnlyInternetGatewayId": { "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" ] }, - "Ipv6NetmaskLength": 60, - "VpcId": { + "RouteTableId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" + "validateIpv6RouteTable09389F8D", + "RouteTableId" ] } }, "DependsOn": [ - "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "VPCintegtest1EgressOnlyGWEIGW440911B4" ] }, - "Vpcintegtest2SecondaryAddress2A96C0AF8": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1VpnGatewayIGWBC493574": { + "Type": "AWS::EC2::VPNGateway", + "Properties": { + "Type": "ipsec.1" + } + }, + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6": { + "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { - "CidrBlock": "10.2.0.0/16", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] + }, + "VpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] } } }, - "Vpcintegtest2SecondaryAddress36FC60BBC": { - "Type": "AWS::EC2::VPCCidrBlock", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7": { + "Type": "AWS::EC2::VPNGatewayRoutePropagation", "Properties": { - "CidrBlock": "10.3.0.0/16", + "RouteTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "VpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" + ] + }, + "VPCintegtest1InternetGatewayIGWAA29FB02": { + "Type": "AWS::EC2::InternetGateway" + }, + "VPCintegtest1InternetGatewayGWAttachment69B1C71E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } } }, + "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "192.168.0.0/16", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1InternetGatewayGWAttachment69B1C71E", + "VPCintegtest1InternetGatewayIGWAA29FB02" + ] + }, + "VPCintegtest1NATGateway31DAF7F4": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "ConnectivityType": "private", + "SubnetId": { + "Ref": "testsbubnetSubnet77337845" + } + }, + "DependsOn": [ + "testsbubnetRouteTableAssociationD6D083FA", + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" + ] + }, "testsbubnetSubnet77337845": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1a", + "AvailabilityZone": "us-west-2a", "CidrBlock": "10.1.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsbubnetRouteTableF40F025B": { + "testsbubnetRouteTableD0136BEA": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsbubnetRouteTableAssociationD6D083FA": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsbubnetSubnet77337845" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetSubnetDD417829": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-2b", "CidrBlock": "10.2.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "testsubnetRouteTable55223C61": { + "testsubnetRouteTable682580B2": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "testsubnetRouteTableAssociationC106676D": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "SubnetId": { "Ref": "testsubnetSubnetDD417829" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6Subnet07BD40AE": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": false, - "AvailabilityZone": "eu-central-1b", + "AvailabilityZone": "us-west-2b", "CidrBlock": "10.3.0.0/24", "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, - "validateIpv6RouteTable10861B00": { + "validateIpv6RouteTable09389F8D": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" ] }, "validateIpv6RouteTableAssociationD6330457": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "SubnetId": { "Ref": "validateIpv6Subnet07BD40AE" } }, "DependsOn": [ - "Vpcintegtest2Ipv6IpamCidrFF84EC2B", - "Vpcintegtest2SecondaryAddress2A96C0AF8", - "Vpcintegtest2SecondaryAddress36FC60BBC" + "VPCintegtest1AmazonProvidedE0445E5C", + "VPCintegtest1SecondaryAddress256BAC1D3", + "VPCintegtest1SecondaryAddress3BCA08E40" + ] + }, + "routeTableRouteTable23B79F0B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "routeTableNATGWRouteF45BEF45": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "172.32.0.0/24", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" + ] + }, + "routeRouteFC6D4F1F": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "172.31.0.0/24", + "GatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "RouteTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + }, + "DependsOn": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPCintegtest1VpnGatewayRoutePropagation2E585DD7", + "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" ] } }, diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json index 07729bcb92768..88e5763bc3db9 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a7489230071452bf2d95e6aff482ada8c6c5139402293c5aadfaa9821bd931a0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/353ce11111b0142986244849c029324fb6a6870f15c9cc910200712386cd1cbf.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,70 +34,100 @@ "aws-cdk-vpcv2-alpha.assets" ], "metadata": { - "/aws-cdk-vpcv2-alpha/IpamTest/Ipam": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestIpam6C9298EF" + "data": "VPCintegtest1EBA1CB75" } ], - "/aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPrivatePool039C763DC" + "data": "VPCintegtest1SecondaryAddress256BAC1D3" } ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0C44B7C49" + "data": "VPCintegtest1AmazonProvidedE0445E5C" } ], - "/aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3": [ { "type": "aws:cdk:logicalId", - "data": "IpamTestPublicPool0PublicPool0CidrC57CE00C" + "data": "VPCintegtest1SecondaryAddress3BCA08E40" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1EBA1CB75" + "data": "VPCintegtest1TestGWendpoint6276409E" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1ipv4IpamCidr8105B4E4" + "data": "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7" } ], - "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCintegtest1AmazonProvidedE0445E5C" + "data": "VPCintegtest1TestInterfaceEndpoint7B63C4C3" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1EgressOnlyGWEIGW440911B4" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1validateIpv6EgressRouteB2A1DA27" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1VpnGatewayIGWBC493574" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/VPCVPNGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1VpnGatewayVPCVPNGW127CC7F6" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/RoutePropagation": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest20DAD8F9D" + "data": "VPCintegtest1VpnGatewayRoutePropagation2E585DD7" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/IGW": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2Ipv6IpamCidrFF84EC2B" + "data": "VPCintegtest1InternetGatewayIGWAA29FB02" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/GWAttachment": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress2A96C0AF8" + "data": "VPCintegtest1InternetGatewayGWAttachment69B1C71E" } ], - "/aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3": [ + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route": [ { "type": "aws:cdk:logicalId", - "data": "Vpcintegtest2SecondaryAddress36FC60BBC" + "data": "VPCintegtest1validateIpv6DefaultRoute5D6BE9AD" + } + ], + "/aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1NATGateway31DAF7F4" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/Subnet": [ @@ -106,10 +136,10 @@ "data": "testsbubnetSubnet77337845" } ], - "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsbubnetRouteTableF40F025B" + "data": "testsbubnetRouteTableD0136BEA" } ], "/aws-cdk-vpcv2-alpha/testsbubnet/RouteTableAssociation": [ @@ -124,10 +154,10 @@ "data": "testsubnetSubnetDD417829" } ], - "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable": [ + "/aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "testsubnetRouteTable55223C61" + "data": "testsubnetRouteTable682580B2" } ], "/aws-cdk-vpcv2-alpha/testsubnet/RouteTableAssociation": [ @@ -142,10 +172,10 @@ "data": "validateIpv6Subnet07BD40AE" } ], - "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable": [ + "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "validateIpv6RouteTable10861B00" + "data": "validateIpv6RouteTable09389F8D" } ], "/aws-cdk-vpcv2-alpha/validateIpv6/RouteTableAssociation": [ @@ -154,6 +184,24 @@ "data": "validateIpv6RouteTableAssociationD6330457" } ], + "/aws-cdk-vpcv2-alpha/routeTable/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "routeTableRouteTable23B79F0B" + } + ], + "/aws-cdk-vpcv2-alpha/routeTable/NATGWRoute/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "routeTableNATGWRouteF45BEF45" + } + ], + "/aws-cdk-vpcv2-alpha/route/Route": [ + { + "type": "aws:cdk:logicalId", + "data": "routeRouteFC6D4F1F" + } + ], "/aws-cdk-vpcv2-alpha/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -165,6 +213,24 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "VPCintegtest1RoutePropagation062BDAD5": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1RoutePropagation062BDAD5", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "VPCintegtest1TestNATGateway54FD55E6": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCintegtest1TestNATGateway54FD55E6", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-vpcv2-alpha" diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json index 4ef8722255a1d..cb254995dba28 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.js.snapshot/tree.json @@ -8,280 +8,509 @@ "id": "aws-cdk-vpcv2-alpha", "path": "aws-cdk-vpcv2-alpha", "children": { - "IpamTest": { - "id": "IpamTest", - "path": "aws-cdk-vpcv2-alpha/IpamTest", + "VPC-integ-test-1": { + "id": "VPC-integ-test-1", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", "children": { - "Ipam": { - "id": "Ipam", - "path": "aws-cdk-vpcv2-alpha/IpamTest/Ipam", + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAM", + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { - "operatingRegions": [ - { - "regionName": "eu-central-1" - } - ] + "cidrBlock": "10.1.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "SecondaryAddress2": { + "id": "SecondaryAddress2", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.2.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "AmazonProvided": { + "id": "AmazonProvided", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "amazonProvidedIpv6CidrBlock": true, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAM", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "version": "0.0.0" + } + }, + "SecondaryAddress3": { + "id": "SecondaryAddress3", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/SecondaryAddress3", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.3.0.0/16", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", "version": "0.0.0" } }, - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0", + "TestGWendpoint": { + "id": "TestGWendpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint", "children": { - "PrivatePool0": { - "id": "PrivatePool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PrivatePool0/PrivatePool0", + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestGWendpoint/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", "aws:cdk:cloudformation:props": { - "addressFamily": "ipv4", - "ipamScopeId": { - "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PrivateDefaultScopeId" - ] - }, - "locale": "eu-central-1", - "provisionedCidrs": [ + "routeTableIds": [ { - "cidr": "10.2.0.0/16" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] } - ] + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".s3" + ] + ] + }, + "vpcEndpointType": "Gateway", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "aws-cdk-lib.aws_ec2.GatewayVpcEndpoint", "version": "0.0.0" } }, - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0", + "TestInterfaceEndpoint": { + "id": "TestInterfaceEndpoint", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint", "children": { - "PublicPool0": { - "id": "PublicPool0", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPool", - "aws:cdk:cloudformation:props": { - "addressFamily": "ipv6", - "awsService": "ec2", - "ipamScopeId": { - "Fn::GetAtt": [ - "IpamTestIpam6C9298EF", - "PublicDefaultScopeId" - ] + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "securityGroupIngress": [ + { + "cidrIp": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + "ipProtocol": "tcp", + "fromPort": 443, + "toPort": 443, + "description": { + "Fn::Join": [ + "", + [ + "from ", + { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "CidrBlock" + ] + }, + ":443" + ] + ] + } + } + ], + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } }, - "locale": "eu-central-1", - "publicIpSource": "amazon" + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPool", + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", "version": "0.0.0" } }, - "PublicPool0Cidr": { - "id": "PublicPool0Cidr", - "path": "aws-cdk-vpcv2-alpha/IpamTest/PublicPool0/PublicPool0Cidr", + "Resource": { + "id": "Resource", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/TestInterfaceEndpoint/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::IPAMPoolCidr", + "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpoint", "aws:cdk:cloudformation:props": { - "ipamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" + "privateDnsEnabled": true, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "VPCintegtest1TestInterfaceEndpointSecurityGroup06066BE7", + "GroupId" + ] + } + ], + "serviceName": { + "Fn::Join": [ + "", + [ + "com.amazonaws.", + { + "Ref": "AWS::Region" + }, + ".sns" + ] ] }, - "netmaskLength": 52 + "subnetIds": [ + { + "Ref": "testsbubnetSubnet77337845" + }, + { + "Ref": "testsubnetSubnetDD417829" + } + ], + "vpcEndpointType": "Interface", + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnIPAMPoolCidr", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpoint", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.Ipam", - "version": "0.0.0" - } - }, - "VPC-integ-test-1": { - "id": "VPC-integ-test-1", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default" - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "fqn": "aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint", "version": "0.0.0" } }, - "ipv4IpamCidr": { - "id": "ipv4IpamCidr", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/ipv4IpamCidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "ipv4IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPrivatePool039C763DC", - "IpamPoolId" - ] + "EgressOnlyGW": { + "id": "EgressOnlyGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW", + "children": { + "EIGW": { + "id": "EIGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/EgressOnlyGW/EIGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } }, - "ipv4NetmaskLength": 20, - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEgressOnlyInternetGateway", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.EgressOnlyInternetGateway", "version": "0.0.0" } }, - "AmazonProvided": { - "id": "AmazonProvided", - "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/AmazonProvided", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "amazonProvidedIpv6CidrBlock": true, - "vpcId": { - "Fn::GetAtt": [ - "VPCintegtest1EBA1CB75", - "VpcId" - ] + "validateIpv6-EgressRoute": { + "id": "validateIpv6-EgressRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-EgressRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationIpv6CidrBlock": "::/0", + "egressOnlyInternetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1EgressOnlyGWEIGW440911B4", + "Id" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2-alpha.VpcV2", - "version": "0.0.0" - } - }, - "Vpc-integ-test-2": { - "id": "Vpc-integ-test-2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.1.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default" + }, + "VpnGateway": { + "id": "VpnGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGateway", + "aws:cdk:cloudformation:props": { + "type": "ipsec.1" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGateway", + "version": "0.0.0" + } + }, + "VPCVPNGW": { + "id": "VPCVPNGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/VPCVPNGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + }, + "vpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + }, + "RoutePropagation": { + "id": "RoutePropagation", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/VpnGateway/RoutePropagation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPNGatewayRoutePropagation", + "aws:cdk:cloudformation:props": { + "routeTableIds": [ + { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + ], + "vpnGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPNGatewayRoutePropagation", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "fqn": "@aws-cdk/aws-ec2-alpha.VPNGatewayV2", "version": "0.0.0" } }, - "Ipv6IpamCidr": { - "id": "Ipv6IpamCidr", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/Ipv6IpamCidr", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "ipv6IpamPoolId": { - "Fn::GetAtt": [ - "IpamTestPublicPool0C44B7C49", - "IpamPoolId" - ] + "InternetGateway": { + "id": "InternetGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway", + "children": { + "IGW": { + "id": "IGW", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": {} }, - "ipv6NetmaskLength": 60, - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "GWAttachment": { + "id": "GWAttachment", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/InternetGateway/GWAttachment", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.InternetGateway", "version": "0.0.0" } }, - "SecondaryAddress2": { - "id": "SecondaryAddress2", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress2", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.2.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "validateIpv6-DefaultRoute": { + "id": "validateIpv6-DefaultRoute", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/validateIpv6-DefaultRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "192.168.0.0/16", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1InternetGatewayIGWAA29FB02", + "InternetGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.Route", "version": "0.0.0" } }, - "SecondaryAddress3": { - "id": "SecondaryAddress3", - "path": "aws-cdk-vpcv2-alpha/Vpc-integ-test-2/SecondaryAddress3", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.3.0.0/16", - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway", + "children": { + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-vpcv2-alpha/VPC-integ-test-1/NATGateway/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "connectivityType": "private", + "subnetId": { + "Ref": "testsbubnetSubnet77337845" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCCidrBlock", + "fqn": "@aws-cdk/aws-ec2-alpha.NatGateway", "version": "0.0.0" } } @@ -302,11 +531,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1a", + "availabilityZone": "us-west-2a", "cidrBlock": "10.1.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -328,19 +557,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsbubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -351,7 +590,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsbubnetRouteTableF40F025B" + "Fn::GetAtt": [ + "testsbubnetRouteTableD0136BEA", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsbubnetSubnet77337845" @@ -380,11 +622,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-2b", "cidrBlock": "10.2.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -406,19 +648,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/testsubnet/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -429,7 +681,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "testsubnetRouteTable55223C61" + "Fn::GetAtt": [ + "testsubnetRouteTable682580B2", + "RouteTableId" + ] }, "subnetId": { "Ref": "testsubnetSubnetDD417829" @@ -458,11 +713,11 @@ "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { "assignIpv6AddressOnCreation": false, - "availabilityZone": "eu-central-1b", + "availabilityZone": "us-west-2b", "cidrBlock": "10.3.0.0/24", "vpcId": { "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", + "VPCintegtest1EBA1CB75", "VpcId" ] } @@ -484,19 +739,29 @@ "RouteTable": { "id": "RouteTable", "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "vpcId": { - "Fn::GetAtt": [ - "Vpcintegtest20DAD8F9D", - "VpcId" - ] + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/validateIpv6/RouteTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", "version": "0.0.0" } }, @@ -507,7 +772,10 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "validateIpv6RouteTable10861B00" + "Fn::GetAtt": [ + "validateIpv6RouteTable09389F8D", + "RouteTableId" + ] }, "subnetId": { "Ref": "validateIpv6Subnet07BD40AE" @@ -525,6 +793,107 @@ "version": "0.0.0" } }, + "routeTable": { + "id": "routeTable", + "path": "aws-cdk-vpcv2-alpha/routeTable", + "children": { + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-vpcv2-alpha/routeTable/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Fn::GetAtt": [ + "VPCintegtest1EBA1CB75", + "VpcId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "NATGWRoute": { + "id": "NATGWRoute", + "path": "aws-cdk-vpcv2-alpha/routeTable/NATGWRoute", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/routeTable/NATGWRoute/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "172.32.0.0/24", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.RouteTable", + "version": "0.0.0" + } + }, + "route": { + "id": "route", + "path": "aws-cdk-vpcv2-alpha/route", + "children": { + "Route": { + "id": "Route", + "path": "aws-cdk-vpcv2-alpha/route/Route", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "172.31.0.0/24", + "gatewayId": { + "Fn::GetAtt": [ + "VPCintegtest1VpnGatewayIGWBC493574", + "VPNGatewayId" + ] + }, + "routeTableId": { + "Fn::GetAtt": [ + "routeTableRouteTable23B79F0B", + "RouteTableId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2-alpha.Route", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-vpcv2-alpha/BootstrapVersion", diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts index b4174e8e3d2aa..24eb82241ddc4 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/integ.vpc-v2-alpha.ts @@ -1,93 +1,55 @@ -// /* -// * Our integration tests act as snapshot tests to make sure the rendered template is stable. -// * If any changes to the result are required, -// * you need to perform an actual CloudFormation deployment of this application, -// * and, if it is successful, a new snapshot will be written out. -// * -// * For more information on CDK integ tests, -// * see the main CONTRIBUTING.md file. -// */ +/* + * Our integration tests act as snapshot tests to make sure the rendered template is stable. + * If any changes to the result are required, + * you need to perform an actual CloudFormation deployment of this application, + * and, if it is successful, a new snapshot will be written out. + * + * For more information on CDK integ tests, + * see the main CONTRIBUTING.md file. + */ import * as vpc_v2 from '../lib/vpc-v2'; -import { AddressFamily, AwsServiceName, Ipam, IpamPoolPublicIpSource } from '../lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; -import { SubnetType } from 'aws-cdk-lib/aws-ec2'; +import { GatewayVpcEndpointAwsService, InterfaceVpcEndpointAwsService, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; import { SubnetV2, IpCidr } from '../lib/subnet-v2'; +import { NatConnectivityType, Route, RouteTable } from '../lib'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha'); -const ipam = new Ipam(stack, 'IpamTest', { - operatingRegion: ['eu-central-1'], -}); - -/**Test Ipam Pool Ipv4 */ - -const pool1 = ipam.privateScope.addPool('PrivatePool0', { - addressFamily: AddressFamily.IP_V4, - ipv4ProvisionedCidrs: ['10.2.0.0/16'], - locale: 'eu-central-1', -}); - -const pool2 = ipam.publicScope.addPool('PublicPool0', { - addressFamily: AddressFamily.IP_V6, - awsService: AwsServiceName.EC2, - locale: 'eu-central-1', - publicIpSource: IpamPoolPublicIpSource.AMAZON, -}); -pool2.provisionCidr('PublicPool0Cidr', { netmaskLength: 52 } ); - -/** Test Ipv4 Primary and Secondary address */ -new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.0.0.0/16'), +/** Test Multiple Ipv4 Primary and Secondary address */ +const vpc = new vpc_v2.VpcV2(stack, 'VPC-integ-test-1', { + primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), secondaryAddressBlocks: [ - vpc_v2.IpAddresses.ipv4Ipam({ - ipamPool: pool1, - netmaskLength: 20, - cidrBlockName: 'ipv4IpamCidr', + vpc_v2.IpAddresses.ipv4('10.2.0.0/16', { + cidrBlockName: 'SecondaryAddress2', }), - //Test secondary ipv6 address + //Test Amazon provided secondary ipv6 address vpc_v2.IpAddresses.amazonProvidedIpv6({ cidrBlockName: 'AmazonProvided', }), + vpc_v2.IpAddresses.ipv4('10.3.0.0/16', { + cidrBlockName: 'SecondaryAddress3', + }), ], enableDnsHostnames: true, enableDnsSupport: true, }); -/** - * Integ test for VPC with IPAM pool to be run with --no-clean - */ -const vpc = new vpc_v2.VpcV2(stack, 'Vpc-integ-test-2', { - primaryAddressBlock: vpc_v2.IpAddresses.ipv4('10.1.0.0/16'), - secondaryAddressBlocks: [vpc_v2.IpAddresses.ipv6Ipam({ - ipamPool: pool2, - netmaskLength: 60, - cidrBlockName: 'Ipv6IpamCidr', - }), - vpc_v2.IpAddresses.ipv4('10.2.0.0/16', { - cidrBlockName: 'SecondaryAddress2', - }), - vpc_v2.IpAddresses.ipv4('10.3.0.0/16', { - cidrBlockName: 'SecondaryAddress3', - }, - )], -}); - -new SubnetV2(stack, 'testsbubnet', { +const subnet = new SubnetV2(stack, 'testsbubnet', { vpc, - availabilityZone: 'eu-central-1a', + availabilityZone: 'us-west-2a', ipv4CidrBlock: new IpCidr('10.1.0.0/24'), subnetType: SubnetType.PRIVATE_ISOLATED, }); new SubnetV2(stack, 'testsubnet', { vpc, - availabilityZone: 'eu-central-1b', + availabilityZone: 'us-west-2b', ipv4CidrBlock: new IpCidr('10.2.0.0/24'), - //Test secondary ipv6 address after IPAM pool creation + //Test secondary ipv6 address after Amazon Provided ipv6 allocation //ipv6CidrBlock: new Ipv6Cidr('2001:db8:1::/64'), subnetType: SubnetType.PRIVATE_ISOLATED, }); @@ -96,12 +58,57 @@ new SubnetV2(stack, 'testsubnet', { new SubnetV2(stack, 'validateIpv6', { vpc, ipv4CidrBlock: new IpCidr('10.3.0.0/24'), - availabilityZone: 'eu-central-1b', - //Test secondary ipv6 address after IPAM pool creation - //ipv6CidrBlock: new Ipv6Cidr('2001:db8::/48'), - subnetType: SubnetType.PRIVATE_ISOLATED, + availabilityZone: 'us-west-2b', + //Test secondary ipv6 address after Amazon Provided ipv6 allocation + //ipv6CidrBlock: new IpCidr('2600:1f14:3283:9501::/64'), + subnetType: SubnetType.PUBLIC, }); +//Test to add Gateway Endpoint +vpc.addGatewayEndpoint('TestGWendpoint', { + service: GatewayVpcEndpointAwsService.S3, + subnets: [{ subnetType: SubnetType.PUBLIC }], +}); + +//Test to add Interface Endpoint +vpc.addInterfaceEndpoint('TestInterfaceEndpoint', { + service: InterfaceVpcEndpointAwsService.SNS, + subnets: { subnetType: SubnetType.PRIVATE_ISOLATED }, +}); + +//Add an Egress only Internet Gateway +vpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], +}); + +const vpnGateway = vpc.enableVpnGatewayV2({ + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + type: VpnConnectionType.IPSEC_1, +}); + +//Can define a route with VPN gateway as a target +const routeTable = new RouteTable(stack, 'routeTable', { vpc } ); + +new Route(stack, 'route', { + destination: '172.31.0.0/24', + target: { gateway: vpnGateway }, + routeTable: routeTable, +}); + +//Add Internet Gateway with routes set to custom IP range +vpc.addInternetGateway({ + ipv4Destination: '192.168.0.0/16', +}); + +//Add a NAT Gateway +vpc.addNatGateway({ + subnet: subnet, + connectivityType: NatConnectivityType.PRIVATE, +}).node.addDependency(vpnGateway); + +//Can define a route with Nat gateway as a target +routeTable.addRoute( 'NATGWRoute', '172.32.0.0/24', { gateway: vpnGateway }); + new IntegTest(app, 'integtest-model', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts index e5dc355fc1aea..6504622ae4611 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/route.test.ts @@ -43,118 +43,83 @@ describe('EC2 Routing', () => { const eigw = new route.EgressOnlyInternetGateway(stack, 'TestEIGW', { vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: eigw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // EIGW should be in stack - TestEIGW4E4CDA8D: { - Type: 'AWS::EC2::EgressOnlyInternetGateway', - Properties: { - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - }, - }, - // Route linking IP to EIGW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - EgressOnlyInternetGatewayId: { - 'Fn::GetAtt': [ - 'TestEIGW4E4CDA8D', 'Id', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, + routeTable.addRoute('Route', '::/0', { gateway: eigw }); + + const template = Template.fromStack(stack); + // EIGW should be in stack + template.hasResourceProperties('AWS::EC2::EgressOnlyInternetGateway', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + }); + // Route linking IP to EIGW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationIpv6CidrBlock: '::/0', + EgressOnlyInternetGatewayId: { + 'Fn::GetAtt': [ + 'TestEIGW4E4CDA8D', 'Id', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], }, }); }); test('Route to VPN Gateway', () => { - const vpngw = new route.VPNGateway(stack, 'TestVpnGw', { + const vpngw = new route.VPNGatewayV2(stack, 'TestVpnGw', { type: VpnConnectionType.IPSEC_1, vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: vpngw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // VPN Gateway should be in stack - TestVpnGwIGW11AF5344: { - Type: 'AWS::EC2::VPNGateway', - Properties: { - Type: 'ipsec.1', - }, - }, - // Route linking IP to VPN GW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - GatewayId: { - 'Fn::GetAtt': [ - 'TestVpnGwIGW11AF5344', 'VPNGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, - // Route Gateway attachment should be in stack - TestRouteGWAttachmentDD69361B: { - Type: 'AWS::EC2::VPCGatewayAttachment', - Properties: { - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - VpnGatewayId: { - 'Fn::GetAtt': [ - 'TestVpnGwIGW11AF5344', 'VPNGatewayId', - ], - }, - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: vpngw }); + const template = Template.fromStack(stack); + // VPN Gateway should be in stack + template.hasResourceProperties('AWS::EC2::VPNGateway', { + Type: 'ipsec.1', + }); + // Route linking IP to VPN GW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + GatewayId: { + 'Fn::GetAtt': [ + 'TestVpnGwIGW11AF5344', 'VPNGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], + }, + }); + // Route Gateway attachment should be in stack + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + VpnGatewayId: { + 'Fn::GetAtt': [ + 'TestVpnGwIGW11AF5344', 'VPNGatewayId', + ], }, }); }), test('Route to VPN Gateway with optional properties', () => { - new route.VPNGateway(stack, 'TestVpnGw', { + new route.VPNGatewayV2(stack, 'TestVpnGw', { type: VpnConnectionType.IPSEC_1, vpc: myVpc, amazonSideAsn: 12345678, }); - Template.fromStack(stack).templateMatches({ - Resources: { - // VPN Gateway should be in stack - TestVpnGwIGW11AF5344: { - Type: 'AWS::EC2::VPNGateway', - Properties: { - AmazonSideAsn: 12345678, - Type: 'ipsec.1', - }, - }, - }, + // VPN Gateway should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGateway', { + AmazonSideAsn: 12345678, + Type: 'ipsec.1', }); }), @@ -162,50 +127,35 @@ describe('EC2 Routing', () => { const igw = new route.InternetGateway(stack, 'TestIGW', { vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: igw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // Internet Gateway should be in stack - TestIGW1B4DB37D: { - Type: 'AWS::EC2::InternetGateway', - }, - // Route linking IP to IGW should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - GatewayId: { - 'Fn::GetAtt': [ - 'TestIGW1B4DB37D', 'InternetGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', 'RouteTableId', - ], - }, - }, - }, - // Route Gateway attachment should be in stack - TestRouteGWAttachmentDD69361B: { - Type: 'AWS::EC2::VPCGatewayAttachment', - Properties: { - InternetGatewayId: { - 'Fn::GetAtt': [ - 'TestIGW1B4DB37D', 'InternetGatewayId', - ], - }, - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', 'VpcId', - ], - }, - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: igw }); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + // Route linking IP to IGW should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + GatewayId: { + 'Fn::GetAtt': [ + 'TestIGW1B4DB37D', 'InternetGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', 'RouteTableId', + ], + }, + }); + // Route Gateway attachment should be in stack + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', 'VpcId', + ], + }, + InternetGatewayId: { + 'Fn::GetAtt': [ + 'TestIGW1B4DB37D', 'InternetGatewayId', + ], }, }); }); @@ -216,47 +166,35 @@ describe('EC2 Routing', () => { connectivityType: route.NatConnectivityType.PRIVATE, privateIpAddress: '10.0.0.42', }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, }); }); @@ -270,33 +208,24 @@ describe('EC2 Routing', () => { '10.0.2.0/28', ], }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SecondaryPrivateIpAddresses: [ - '10.0.1.0/28', - '10.0.2.0/28', - ], - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, - }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -307,101 +236,79 @@ describe('EC2 Routing', () => { privateIpAddress: '10.0.0.42', secondaryPrivateIpAddressCount: 2, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - ConnectivityType: 'private', - PrivateIpAddress: '10.0.0.42', - SecondaryPrivateIpAddressCount: 2, - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddressCount: 2, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, }); }); test('Route to public NAT Gateway', () => { const natgw = new route.NatGateway(stack, 'TestNATGW', { subnet: mySubnet, + vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be created when not provided - TestNATGWEIP0A279819: { - Type: 'AWS::EC2::EIP', - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -413,57 +320,42 @@ describe('EC2 Routing', () => { subnet: mySubnet, allocationId: eip.attrAllocationId, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be in stack - MyEIP: { - Type: 'AWS::EC2::EIP', - Properties: { - Domain: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be in stack + template.hasResourceProperties('AWS::EC2::EIP', { + Domain: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], + }, }); }); @@ -472,61 +364,44 @@ describe('EC2 Routing', () => { subnet: mySubnet, connectivityType: route.NatConnectivityType.PUBLIC, maxDrainDuration: cdk.Duration.seconds(2001), + vpc: myVpc, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { gateway: natgw }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // NAT Gateway should be in stack - TestNATGWNATGatewayBE4F6F2D: { - Type: 'AWS::EC2::NatGateway', - Properties: { - AllocationId: { - 'Fn::GetAtt': [ - 'TestNATGWEIP0A279819', - 'AllocationId', - ], - }, - ConnectivityType: 'public', - MaxDrainDurationSeconds: 2001, - SubnetId: { - Ref: 'TestSubnet2A4BE4CA', - }, - }, - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], - }, - // Route linking private IP to NAT Gateway should be in stack - TestRoute4CB59404: { - Type: 'AWS::EC2::Route', - Properties: { - DestinationCidrBlock: '0.0.0.0/0', - NatGatewayId: { - 'Fn::GetAtt': [ - 'TestNATGWNATGatewayBE4F6F2D', - 'NatGatewayId', - ], - }, - RouteTableId: { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - }, - }, - // EIP should be created when not provided - TestNATGWEIP0A279819: { - Type: 'AWS::EC2::EIP', - DependsOn: [ - 'TestSubnetRouteTableAssociationFE267B30', - ], + routeTable.addRoute('Route', '0.0.0.0/0', { gateway: natgw }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'public', + MaxDrainDurationSeconds: 2001, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', }, }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // Route linking private IP to NAT Gateway should be in stack + template.hasResourceProperties('AWS::EC2::Route', { + DestinationCidrBlock: '0.0.0.0/0', + NatGatewayId: { + 'Fn::GetAtt': [ + 'TestNATGWNATGatewayBE4F6F2D', + 'NatGatewayId', + ], + }, + RouteTableId: { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], + }, + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], }); }); @@ -535,44 +410,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.DYNAMODB, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // DynamoDB endpoint should be in stack - TestDB27CDA92F: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.dynamodb', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // DynamoDB endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.dynamodb', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); @@ -582,44 +446,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.S3, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // S3 endpoint should be in stack - TestS38FCC715C: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.s3', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // S3 endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.s3', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); @@ -629,44 +482,33 @@ describe('EC2 Routing', () => { vpc: myVpc, service: GatewayVpcEndpointAwsService.S3_EXPRESS, }); - new route.Route(stack, 'TestRoute', { - routeTable: routeTable, - destination: '0.0.0.0/0', - target: { endpoint: dynamodb }, - }); - Template.fromStack(stack).templateMatches({ - Resources: { - // S3 endpoint should be in stack - TestS3E055E5994: { - Type: 'AWS::EC2::VPCEndpoint', - Properties: { - RouteTableIds: [ - { - 'Fn::GetAtt': [ - 'TestRouteTableC34C2E1C', - 'RouteTableId', - ], - }, - ], - ServiceName: { - 'Fn::Join': [ - '', - [ - 'com.amazonaws.', - { Ref: 'AWS::Region' }, - '.s3express', - ], - ], - }, - VpcEndpointType: 'Gateway', - VpcId: { - 'Fn::GetAtt': [ - 'TestVpcE77CE678', - 'VpcId', - ], - }, - }, + routeTable.addRoute('Route', '0.0.0.0/0', { endpoint: dynamodb }); + // S3 endpoint should be in stack + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + RouteTableIds: [ + { + 'Fn::GetAtt': [ + 'TestRouteTableC34C2E1C', + 'RouteTableId', + ], }, + ], + ServiceName: { + 'Fn::Join': [ + '', + [ + 'com.amazonaws.', + { Ref: 'AWS::Region' }, + '.s3express', + ], + ], + }, + VpcEndpointType: 'Gateway', + VpcId: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], }, }); }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts index bf1c3209dacce..caf371cc524d4 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts +++ b/packages/@aws-cdk/aws-ec2-alpha/test/subnet-v2.test.ts @@ -301,5 +301,4 @@ describe('Subnet V2 with custom IP and routing', () => { expect(Template.fromStack(stack).hasResource('AWS::EC2::SubnetNetworkAclAssociation', {})); }); - }); diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts new file mode 100644 index 0000000000000..9ac84c7646237 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2-alpha/test/vpc-add-method.test.ts @@ -0,0 +1,401 @@ +import { Template } from 'aws-cdk-lib/assertions'; +import * as cdk from 'aws-cdk-lib'; +import * as vpc from '../lib/vpc-v2'; +import { IpCidr, SubnetV2 } from '../lib/subnet-v2'; +import * as route from '../lib/route'; +import { CfnEIP, SubnetType, VpnConnectionType } from 'aws-cdk-lib/aws-ec2'; + +describe('Vpc V2 with full control', () => { + let stack: cdk.Stack; + let myVpc: vpc.VpcV2; + let mySubnet: SubnetV2; + + beforeEach(() => { + const app = new cdk.App({ + context: { + '@aws-cdk/core:newStyleStackSynthesis': false, + }, + }); + stack = new cdk.Stack(app); + myVpc = new vpc.VpcV2(stack, 'TestVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + mySubnet = new SubnetV2(stack, 'TestSubnet', { + vpc: myVpc, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + subnetType: SubnetType.PUBLIC, + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + }); + }); + test('Method to add a new Egress-Only IGW', () => { + myVpc.addEgressOnlyInternetGateway({}); + Template.fromStack(stack).hasResource('AWS::EC2::EgressOnlyInternetGateway', 1); + }); + + test('addEIGW throws error if VPC does not have IPv6', () => { + const vpc1 = new vpc.VpcV2(stack, 'TestIpv4Vpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + }); + expect(() => { + vpc1.addEgressOnlyInternetGateway({}); + }).toThrow('Egress only IGW can only be added to Ipv6 enabled VPC'); + }); + + test('addEIGW defines a route under subnet to default destination', () => { + myVpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::Route', { + DestinationIpv6CidrBlock: '::/0', + }); + }); + + test('addEIGW defines a route under subnet to given destination', () => { + myVpc.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + destination: '::/48', + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::Route', { + DestinationIpv6CidrBlock: '::/48', + }); + }); + + test('addEIGW should not associate a route to an incorrect subnet', () => { + const vpc1 = new vpc.VpcV2(stack, 'TestPrivateVpc', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + }); + new SubnetV2(stack, 'validateIpv6', { + vpc: vpc1, + ipv4CidrBlock: new IpCidr('10.1.0.0/24'), + availabilityZone: 'ap-south-1b', + //Test secondary ipv6 address after IPAM pool creation + ipv6CidrBlock: new IpCidr('2001:db8::/48'), + subnetType: SubnetType.PRIVATE_ISOLATED, + }); + expect(() => { + vpc1.addEgressOnlyInternetGateway({ + subnets: [{ subnetType: SubnetType.PUBLIC }], + destination: '::/48', + }); + }).toThrow("There are no 'Public' subnet groups in this VPC. Available types: Isolated,Deprecated_Isolated"); + }); + + test('addNatGateway defines a private gateway', () => { + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines private gateway with secondary IP addresses', () => { + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + secondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddresses: [ + '10.0.1.0/28', + '10.0.2.0/28', + ], + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines private gateway with secondary IP address count', () => { + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PRIVATE, + privateIpAddress: '10.0.0.42', + secondaryPrivateIpAddressCount: 2, + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'private', + PrivateIpAddress: '10.0.0.42', + SecondaryPrivateIpAddressCount: 2, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines public gateway', () => { + myVpc.addNatGateway({ + subnet: mySubnet, + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway defines public gateway with provided EIP', () => { + const eip = new CfnEIP(stack, 'MyEIP', { + domain: myVpc.vpcId, + }); + myVpc.addNatGateway({ + subnet: mySubnet, + allocationId: eip.attrAllocationId, + }); + const template = Template.fromStack(stack); + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be in stack + template.hasResourceProperties('AWS::EC2::EIP', { + Domain: { + 'Fn::GetAtt': [ + 'TestVpcE77CE678', + 'VpcId', + ], + }, + }); + }); + + test('addNatGateway defines public gateway with many parameters', () => { + myVpc.addInternetGateway(); + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PUBLIC, + maxDrainDuration: cdk.Duration.seconds(2001), + }); + const template = Template.fromStack(stack); + // NAT Gateway should be in stack + template.hasResource('AWS::EC2::NatGateway', { + Properties: { + ConnectivityType: 'public', + MaxDrainDurationSeconds: 2001, + SubnetId: { + Ref: 'TestSubnet2A4BE4CA', + }, + }, + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + // EIP should be created when not provided + template.hasResource('AWS::EC2::EIP', { + DependsOn: [ + 'TestSubnetRouteTableAssociationFE267B30', + ], + }); + }); + + test('addNatGateway fails for public gateway without IGW attached', () => { + expect (() => { + myVpc.addNatGateway({ + subnet: mySubnet, + connectivityType: route.NatConnectivityType.PUBLIC, + maxDrainDuration: cdk.Duration.seconds(2001), + }); + }).toThrow('Cannot add a Public NAT Gateway without an Internet Gateway enabled on VPC'); + }); + + test('addinternetGateway defines a new internet gateway with attachment and no route', () => { + const vpc2 = new vpc.VpcV2(stack, 'TestVpcNoSubnet', { + primaryAddressBlock: vpc.IpAddresses.ipv4('10.1.0.0/16'), + secondaryAddressBlocks: [vpc.IpAddresses.amazonProvidedIpv6( { cidrBlockName: 'AmazonProvided' })], + enableDnsHostnames: true, + enableDnsSupport: true, + }); + vpc2.addInternetGateway(); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + template.hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + InternetGatewayId: { + 'Fn::GetAtt': ['TestVpcNoSubnetInternetGatewayIGWC957CF52', 'InternetGatewayId'], + }, + VpcId: { + 'Fn::GetAtt': ['TestVpcNoSubnetF2A028F4', 'VpcId'], + }, + }); + template.resourceCountIs('AWS::EC2::Route', 0); + }); + + test('addinternetGateway defines a new internet gateway with new route in case of public subnet', () => { + myVpc.addInternetGateway(); + const template = Template.fromStack(stack); + // Internet Gateway should be in stack + template.hasResource('AWS::EC2::InternetGateway', {}); + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationCidrBlock: '0.0.0.0/0', + }); + }); + + test('addinternetGateway defines a new internet gateway with Ipv6 route in case of ipv6 enabled subnet', () => { + myVpc.addInternetGateway(); + const template = Template.fromStack(stack); + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationIpv6CidrBlock: '::/0', + }); + }); + + test('Throws error if there is already an IGW attached', () => { + myVpc.addInternetGateway(); + expect(() => { + myVpc.addInternetGateway(); + }).toThrow('The Internet Gateway has already been enabled.'); + }); + + test('addinternetGateway defines a new route in case of input destination', () => { + myVpc.addInternetGateway({ + ipv4Destination: '203.0.113.25', + ipv6Destination: '2001:db8::/48', + }); + const template = Template.fromStack(stack); + //Route for custom IPv4 destination + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationCidrBlock: '203.0.113.25', + }); + //Route for custom IPv6 destination + template.hasResourceProperties('AWS::EC2::Route', { + GatewayId: { + 'Fn::GetAtt': ['TestVpcInternetGatewayIGW4C825874', 'InternetGatewayId'], + }, + RouteTableId: { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + DestinationIpv6CidrBlock: '2001:db8::/48', + }); + }); + + //Tests for VPNGatewayV2 + test('enableVpnGatewayV2 defines a new VPNGateway with attachment', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + }); + Template.fromStack(stack).hasResource('AWS::EC2::VPNGateway', 1); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCGatewayAttachment', { + VpnGatewayId: { + 'Fn::GetAtt': ['TestVpcVpnGatewayIGWF1052317', 'VPNGatewayId'], + }, + VpcId: { + 'Fn::GetAtt': ['TestVpcE77CE678', 'VpcId'], + }, + }); + }); + + test('check vpngateway has correct connection type', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGateway', { + Type: 'ipsec.1', + }); + }); + + test('Check vpngateway has routePropogation for input subnets', () => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + vpnRoutePropagation: [{ subnetType: SubnetType.PUBLIC }], + }); + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPNGatewayRoutePropagation', { + VpnGatewayId: { + 'Fn::GetAtt': ['TestVpcVpnGatewayIGWF1052317', 'VPNGatewayId'], + }, + RouteTableIds: [ + { + 'Fn::GetAtt': ['TestSubnetRouteTable5AF4379E', 'RouteTableId'], + }, + ], + }); + }); + + test('Throws error when no subnet identified for route propogation', () => { + expect(() => { + myVpc.enableVpnGatewayV2({ + type: VpnConnectionType.IPSEC_1, + vpnRoutePropagation: [{ subnetType: SubnetType.PRIVATE_ISOLATED }], + }); + }).toThrow("There are no 'Isolated' subnet groups in this VPC. Available types: Public"); + }); + + test('Throws error when VPN GW is already enabled', () => { + myVpc.enableVpnGatewayV2({ type: VpnConnectionType.IPSEC_1 }); + expect(() => { + myVpc.enableVpnGatewayV2({ type: VpnConnectionType.IPSEC_1 }); + }).toThrow('The VPN Gateway has already been enabled.'); + }); + +}); \ No newline at end of file