Skip to content

Commit

Permalink
feat(ec2): Add SubnetFilter for CIDR Range (#27425)
Browse files Browse the repository at this point in the history
This PR adds a new SubnetFilter ,`CidrRangesSubnetFilter`, which filter subnets if they are included in a given list of CIDR ranges. This becomes helpful if a VPC has multiple CIDR ranges and you want to select subnets for only a specific CIDR range or multiple.

Note: It is a bit difficult to write unit tests as CDK doesn't have the ability to add a secondary CIDR to a VPC.

Closes #27421 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
AlemanCS authored Oct 11, 2023
1 parent e418409 commit b1ce47b
Show file tree
Hide file tree
Showing 11 changed files with 285 additions and 160 deletions.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,6 @@
"VpcPublicSubnet1Subnet5C2D37C4": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"AvailabilityZone": {
"Fn::Select": [
0,
Expand All @@ -44,21 +41,24 @@
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PublicSubnet1"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPublicSubnet1RouteTable6C95E38E": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"Tags": [
{
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PublicSubnet1"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPublicSubnet1RouteTableAssociation97140677": {
Expand All @@ -75,12 +75,12 @@
"VpcPublicSubnet1DefaultRoute3DA9E72A": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VpcPublicSubnet1RouteTable6C95E38E"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
},
"RouteTableId": {
"Ref": "VpcPublicSubnet1RouteTable6C95E38E"
}
},
"DependsOn": [
Expand All @@ -102,15 +102,15 @@
"VpcPublicSubnet1NATGateway4D7517AA": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"SubnetId": {
"Ref": "VpcPublicSubnet1Subnet5C2D37C4"
},
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet1EIPD7E02669",
"AllocationId"
]
},
"SubnetId": {
"Ref": "VpcPublicSubnet1Subnet5C2D37C4"
},
"Tags": [
{
"Key": "Name",
Expand All @@ -126,9 +126,6 @@
"VpcPublicSubnet2Subnet691E08A3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"AvailabilityZone": {
"Fn::Select": [
1,
Expand All @@ -152,21 +149,24 @@
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PublicSubnet2"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPublicSubnet2RouteTable94F7E489": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"Tags": [
{
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PublicSubnet2"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPublicSubnet2RouteTableAssociationDD5762D8": {
Expand All @@ -183,12 +183,12 @@
"VpcPublicSubnet2DefaultRoute97F91067": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VpcPublicSubnet2RouteTable94F7E489"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
},
"RouteTableId": {
"Ref": "VpcPublicSubnet2RouteTable94F7E489"
}
},
"DependsOn": [
Expand All @@ -210,15 +210,15 @@
"VpcPublicSubnet2NATGateway9182C01D": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"SubnetId": {
"Ref": "VpcPublicSubnet2Subnet691E08A3"
},
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet2EIP3C605A87",
"AllocationId"
]
},
"SubnetId": {
"Ref": "VpcPublicSubnet2Subnet691E08A3"
},
"Tags": [
{
"Key": "Name",
Expand All @@ -234,9 +234,6 @@
"VpcPrivateSubnet1Subnet536B997A": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"AvailabilityZone": {
"Fn::Select": [
0,
Expand All @@ -260,21 +257,24 @@
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PrivateSubnet1"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPrivateSubnet1RouteTableB2C5B500": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"Tags": [
{
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PrivateSubnet1"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
Expand All @@ -291,21 +291,18 @@
"VpcPrivateSubnet1DefaultRouteBE02A9ED": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet1NATGateway4D7517AA"
},
"RouteTableId": {
"Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
}
}
},
"VpcPrivateSubnet2Subnet3788AAA1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"AvailabilityZone": {
"Fn::Select": [
1,
Expand All @@ -329,21 +326,24 @@
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PrivateSubnet2"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPrivateSubnet2RouteTableA678073B": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"Tags": [
{
"Key": "Name",
"Value": "VPCFilterSubnetsTestStack/Vpc/PrivateSubnet2"
}
]
],
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
},
"VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
Expand All @@ -360,12 +360,12 @@
"VpcPrivateSubnet2DefaultRoute060D2087": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VpcPrivateSubnet2RouteTableA678073B"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet2NATGateway9182C01D"
},
"RouteTableId": {
"Ref": "VpcPrivateSubnet2RouteTableA678073B"
}
}
},
Expand All @@ -383,11 +383,11 @@
"VpcVPCGWBF912B6E": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "Vpc8378EB38"
},
"InternetGatewayId": {
"Ref": "VpcIGWD7BA715C"
},
"VpcId": {
"Ref": "Vpc8378EB38"
}
}
}
Expand All @@ -397,6 +397,11 @@
"Value": {
"Ref": "VpcPrivateSubnet1Subnet536B997A"
}
},
"PublicSubnet01": {
"Value": {
"Ref": "VpcPublicSubnet1Subnet5C2D37C4"
}
}
},
"Parameters": {
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit b1ce47b

Please sign in to comment.