Skip to content

(ec2): ipv6AssignAddressOnCreation(true) on isolated subnet configuration produces an error #28843

New issue
Jump to bottom
New issue
Jump to bottom
Closed
#28902
Closed
(ec2): ipv6AssignAddressOnCreation(true) on isolated subnet configuration produces an error#28843
#28902
Labels
@aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/mediumMedium work item – several days of effortp1
@disordered

Description

@disordered
disordered
opened on Jan 24, 2024

Describe the bug

Creating isolated subnet configuration for a new VPC with ipv6AssignAddressOnCreation(true), causes an error during first deployment.

Expected Behavior

I'm not entirely sure what is expected behaviour here. I would probably expect this to work, even though IPV6 addresses are public by default, there still won't be a route created to internet. My understanding of this property, would be that I won't have to set similar property when creating EC2 instances that need IPV6 address on isolated subnet.
Curiously, if you deploy without this property first, then add it later, there's no difference in the stack template. Therefore, I'm not sure what this property actually supposed to do.

Current Behavior

The error:

6:39:48 PM | CREATE_FAILED        | AWS::EC2::Subnet                      | vpcisolatedSubnet1Subnet06BBE51F
Template error: Fn::Select  cannot select nonexistent value at index 0

Reproduction Steps

Below code causes deployment error on first deploy:

var subnet = SubnetConfiguration
  .builder()
  .subnetType(SubnetType.PRIVATE_ISOLATED)
  .name("isolated")
  .cidrMask(21)
  .ipv6AssignAddressOnCreation(true)
  .build();
var vpc = Vpc
  .Builder
  .create(stack, "vpc")
  .vpcName("some-vpc")
  .ipProtocol(IpProtocol.DUAL_STACK)
  .ipv6Addresses(Ipv6Addresses.amazonProvided())
  .ipAddresses(IpAddresses.cidr("172.16.0.0/16"))
  .natGateways(0)
  .subnetConfiguration(Collections.singletonList(subnet))
  .build();

Possible Solution

It works if the property is not specified. I believe the cause is a race condition between subnet and ipv6 cidr creation, since dependency is created for other types, but not for isolated subnet: https://github.com/aws/aws-cdk/blob/v2.122.0/packages/aws-cdk-lib/aws-ec2/lib/vpc.ts#L1792

Additional Information/Context

No response

CDK CLI Version

2.121.1 (build d86bb1a)

Framework Version

2.121.1

Node.js Version

18.17.0

OS

OSX 14.2.1

Language

Java

Language Version

OpenJDK Runtime Environment Temurin-17.0.10+7 (build 17.0.10+7)

Other information

No response

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/mediumMedium work item – several days of effortp1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions