Reputation: 33608
CDK: There are no 'Private' subnet groups in this VPC after private group is deployed
I have deployed rivate subnets in default vpc (java):
var stack = new Stack(app, "system-resource", StackProps.builder().env(env).build());
final IVpc vpc = Vpc.fromLookup(stack, "default-vpc", VpcLookupOptions.builder().isDefault(true).build());
final AtomicInteger index = new AtomicInteger();
var zones = stack.getAvailabilityZones();
var subnets = zones.stream().map(z -> {
var subnet = new PrivateSubnet(stack, "priavte-subnet-" + index.getAndIncrement(), PrivateSubnetProps.builder()
.vpcId(vpc.getVpcId())
.cidrBlock(String.format(cidrTemplate, start.get()))
.availabilityZone(z)
.build());
start.addAndGet(increment);
return subnet;
}).collect(Collectors.toList());
Then I tried to use SubnetSelection:
final IVpc vpc = Vpc.fromLookup(this, "default-vpc", VpcLookupOptions.builder().isDefault(true).build());
final SubnetSelection vpcSubnets = SubnetSelection.builder().subnetType(SubnetType.PRIVATE).build();
And got exception:
An exception occured while executing the Java class. There are no 'Private' subnet groups in this VPC. Available types: Public
[ERROR] Error: There are no 'Private' subnet groups in this VPC. Available types: Public
How it determine a VPC to select from?
Why all my PrivateSubnets which had created before are "marketed" as public and can no be selected?
Upvotes: 7
Views: 7899
Answers (2)
Reputation: 835
In my case, I was using a VPC created in CDK itself with only ISOLATED subnets.
const vpc = new ec2.Vpc(this, 'private_vpc', {
subnetConfiguration: [
{
name: 'application-subnet',
subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
}
]
});
I got this error when I tried to create a StepFunction task for ECS.
const task = new sfnTasks.EcsRunTask(this, 'my_task', {
integrationPattern: sfn.IntegrationPattern.WAIT_FOR_TASK_TOKEN,
containerOverrides: [{
containerDefinition: myContainerDefinition,
}],
cluster,mytextExtractionTaskDefinition,
launchTarget: new sfnTasks.EcsFargateLaunchTarget(),
securityGroups: [vpcSecurityGroup],
});
The fix was to specify the subnets explicitly.
const subnets = vpc.selectSubnets({
subnetType: ec2.SubnetType.PRIVATE_ISOLATED
}).subnets;
const task = new sfnTasks.EcsRunTask(this, 'my_task', {
integrationPattern: sfn.IntegrationPattern.WAIT_FOR_TASK_TOKEN,
containerOverrides: [{
containerDefinition: myContainerDefinition,
}],
cluster,mytextExtractionTaskDefinition,
launchTarget: new sfnTasks.EcsFargateLaunchTarget(),
subnets: subnets, // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< ADDED
securityGroups: [vpcSecurityGroup],
});
Upvotes: 6
Reputation: 542
fromLookup method used to find an existing (already deployed) VPC in your account, when you define a VPC in CDK code you need to use the object you just created.
static fromLookup(scope, id, options) Import an existing VPC from by querying the AWS environment this stack is deployed to.
This function only needs to be used to use VPCs not defined in your CDK application. If you are looking to share a VPC between stacks, you can pass the Vpc object between stacks and use it as normal.
Upvotes: 1
Related Questions
- use existing vpc and security group when adding an ec2 instance
- How do you assign a VPC and security group to a Lambda in AWS CDK?
- How to add security group to VPC Endpoint in CDK (AWS)
- AWS-CDK error: There are no 'Public' subnets in this VPC. Use a different VPC subnet selection
- There are no 'Private' subnet groups in this VPC. Available types: Public when creating RDS cluster
- cdk warning No routeTableId was provided to the subnet at 'PrivateSubnet1'
- AWS-CDK EKS Cluster can not be created in a VPC without at least 1 private subnet
- Why does CDK complain about missing public subnet groups?
- Error when creating private subnets within AWS VPC
- VPC "fromLookup" results in all Private Subnets and no Public Subnets