Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support to Subnet and VPC L2 constructs for deploying to an Outpost #33545

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat: add support to Subnet and VPC L2 constructs for deploying to an Outpost #33545

wants to merge 5 commits into from
+32,932 −42

Conversation

RyanFrench
Copy link

Issue # (if applicable)

Closes #33542.

Reason for this change

This PR extends the L2 VPC Construct to allow developers to provision a VPC that extends the Subnets onto an Outpost, and provides simplified configuration of the routing via the Local Gateway (on-premise router) or NAT/Internet Gateway (in-region routers)

Description of changes

This PR changes the VPC and Subnet L2 constructs with new subnet types, adds additional configuration options to the SubnetConfig in the VPC construct, and changes the default route setup based on the SubnetConfig.

Describe any new or updated permissions being added

None

Description of how you validated changes

We have written tests covering the new configuration options for subnets, as well as validated that this worked by deploying a VPC to an account with an Outpost attached, using the example code in the original Issue.

Example usage for deploying a VPC with on-premise networking routing traffic via the Local Gateway

const vpcCidr = this.node.tryGetContext("vpcCidr");
const outpostAvailabilityZone = this.node.tryGetContext("outpostAvailabilityZone");
const outpostArn = this.node.tryGetContext("outpostArn");
const localGatewayId = this.node.tryGetContext("localGatewayId");
const localGatewayRouteTableId = this.node.tryGetContext("localGatewayRouteTableId");
new ec2.Vpc(this, "OutpostVPC", {
    cidr: vpcCidr,
    maxAzs: 2,
    localGatewayRouteTableIds: [localGatewayRouteTableId],
    subnetConfiguration: [
        {
            cidrMask: 26,
            name: "Public",
            subnetType: ec2.SubnetType.PUBLIC,
        },
        {
            cidrMask: 26,
            name: "Private",
            subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
        },
        {
            cidrMask: 26,
            name: "OutpostPublic",
            outpostArn,
            outpostAvailabilityZone: outpostAvailabilityZone,
            outpostDefaultRoute: ec2.OutpostDefaultRoute.ON_PREMISE,
            localGatewayId: localGatewayId,
            subnetType: ec2.SubnetType.PUBLIC_OUTPOST,
        },
        {
            cidrMask: 26,
            name: "OutpostPrivate",
            outpostArn,
            outpostAvailabilityZone: outpostAvailabilityZone,
            outpostDefaultRoute: ec2.OutpostDefaultRoute.ON_PREMISE,
            localGatewayId: localGatewayId,
            subnetType: ec2.SubnetType.PRIVATE_OUTPOST_WITH_EGRESS,
        },
    ],
});

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@RyanFrench RyanFrench requested a review from a team as a code owner February 21, 2025 13:37
@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Feb 21, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team February 21, 2025 13:37
@github-actions github-actions bot added feature-request A feature should be added or improved. p2 labels Feb 21, 2025
aws-cdk-automation
aws-cdk-automation requested changes Feb 21, 2025
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter fails with the following errors:

❌ Features must contain a change to an integration test file and the resulting snapshot.
❌ CLI code has changed. A maintainer must run the code through the testing pipeline (git fetch origin pull/33545/head && git push -f origin FETCH_HEAD:test-main-pipeline), then add the 'pr-linter/cli-integ-tested' label when the pipeline succeeds.

If you believe this pull request should receive an exemption, please comment and provide a justification. A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed, add Clarification Request to a comment.

✅ A exemption request has been requested. Please wait for a maintainer's review.

@RyanFrench RyanFrench changed the title Extend the VPC L2 Construct to support provisioning a VPC that extends subnets onto an AWS Outpost Feat - Extend the VPC L2 Construct to support provisioning a VPC that extends subnets onto an AWS Outpost Feb 21, 2025
@ashishdhingra ashishdhingra changed the title Feat - Extend the VPC L2 Construct to support provisioning a VPC that extends subnets onto an AWS Outpost feat: Extend the VPC L2 Construct to support provisioning a VPC that extends subnets onto an AWS Outpost Feb 21, 2025
@RyanFrench RyanFrench changed the title feat: Extend the VPC L2 Construct to support provisioning a VPC that extends subnets onto an AWS Outpost feat: add support to Subnet and VPC L2 constructs for deploying to an Outpost Feb 24, 2025
@github-actions github-actions bot added the effort/medium Medium work item – several days of effort label Feb 24, 2025
@RyanFrench
Copy link
Author

Exemption Request - I have some Integ tests that I can add, however, they will always fail unless the account has an Outpost attached to it, and the test is able to dynamically find the correct values for OutpostARN, Local Gateway ID, Local Gateway Route Table ID, and the CIDR range associated with the ServiceLink. Some of these values cannot be programatically determined.

@aws-cdk-automation aws-cdk-automation added the pr-linter/exemption-requested The contributor has requested an exemption to the PR Linter feedback. label Feb 24, 2025
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Feb 24, 2025
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 8db364e
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@github-actions github-actions bot mentioned this pull request Mar 1, 2025
Open
@shikha372 shikha372 self-assigned this Mar 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aws-cdk-automation aws-cdk-automation Awaiting requested review from aws-cdk-automation

Requested changes must be addressed to merge this pull request.

Assignees

@shikha372 shikha372

Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. pr-linter/exemption-requested The contributor has requested an exemption to the PR Linter feedback.
Projects
None yet
Milestone
No milestone
3 participants
@RyanFrench @aws-cdk-automation @shikha372