adding cross validation for ipv4 address in subnet

aws · Jun 27, 2024 · 1ea70b8 · 1ea70b8
1 parent 1bcfd8b
commit 1ea70b8
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 11 deletions.
diff --git a/packages/@aws-cdk/aws-vpcv2-alpha/lib/subnet-v2.ts b/packages/@aws-cdk/aws-vpcv2-alpha/lib/subnet-v2.ts
@@ -5,7 +5,6 @@ import { CfnRouteTable, CfnSubnet, CfnSubnetRouteTableAssociation, INetworkAcl,
 import { Construct, DependencyGroup, IDependable } from 'constructs';
 import { IVpcV2 } from './vpc-v2-base';
 import { CidrBlock } from './util';
-//import { CidrBlock } from '../lib/util';
 
 export interface ICidr {
   readonly cidr: string;
@@ -130,7 +129,19 @@ export class SubnetV2 extends Resource implements ISubnet {
     if(!checkCidrRanges(props.vpc, props.cidrBlock.cidr)){
       throw new Error('CIDR block should be in the same VPC');
     };
-    //validateOverlappingCidrRanges(props.vpc, ipv4CidrBlock);
+
+
+    let overlap: boolean = false;
+    try{
+      overlap = validateOverlappingCidrRanges(props.vpc,  props.cidrBlock.cidr);
+    }
+    catch(e){
+      "No Subnets in VPC";
+    }
+
+    if (overlap){
+      throw new Error('CIDR block should not overlap with existing subnet blocks');
+    }
 
     //check whether VPC supports ipv6
     if (ipv6CidrBlock) {
@@ -246,4 +257,30 @@ function checkCidrRanges(vpc: IVpcV2, cidrRange: string) {
 
   return cidrs.some(vpcCidrBlock => vpcCidrBlock.containsCidr(subnetCidrBlock));
 
-}
+}
+
+function validateOverlappingCidrRanges(vpc: IVpcV2, ipv4CidrBlock: string): boolean {
+
+  let allSubnets: ISubnet[] = vpc.selectSubnets().subnets;
+
+  const ipMap: [string, string][] = new Array();
+
+  const inputRange = new CidrBlock(ipv4CidrBlock);
+
+  const inputIpMap: [string, string] = [inputRange.minIp(), inputRange.maxIp()];
+
+  for (const subnet of allSubnets){
+    const cidrBlock = new CidrBlock(subnet.ipv4CidrBlock);
+    ipMap.push([cidrBlock.minIp(), cidrBlock.maxIp()]);
+  }
+
+  for(const range of ipMap) {
+    if (inputRange.rangesOverlap(range, inputIpMap)) {
+      return true;
+    }
+  }
+  return false;
+}
+
+
+
diff --git a/packages/@aws-cdk/aws-vpcv2-alpha/lib/util.ts b/packages/@aws-cdk/aws-vpcv2-alpha/lib/util.ts
@@ -264,4 +264,12 @@ export class CidrBlock {
     return (this.maxAddress() >= other.maxAddress()) &&
       (this.minAddress() <= other.minAddress());
   }
+
+  public rangesOverlap(range1: [string, string], range2: [string, string]): boolean {
+    const [start1, end1] = range1;
+    const [start2, end2] = range2;
+
+    // Check if ranges overlap
+    return start1 <= end2 && start2 <= end1;
+  }
 }
diff --git a/packages/@aws-cdk/aws-vpcv2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json b/packages/@aws-cdk/aws-vpcv2-alpha/test/integ.vpc-v2-alpha.js.snapshot/manifest.json
diff --git a/packages/@aws-cdk/aws-vpcv2-alpha/test/integ.vpc-v2-alpha.ts b/packages/@aws-cdk/aws-vpcv2-alpha/test/integ.vpc-v2-alpha.ts
@@ -16,6 +16,7 @@ import { SubnetType } from 'aws-cdk-lib/aws-ec2';
 import { SubnetV2, Ipv4Cidr } from '../lib/subnet-v2';
 
 
+
 const app = new cdk.App();
 
 const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha');
Original file line number	Diff line number	Diff line change
Expand Up		@@ -16,6 +16,7 @@ import { SubnetType } from 'aws-cdk-lib/aws-ec2';
		import { SubnetV2, Ipv4Cidr } from '../lib/subnet-v2';



		const app = new cdk.App();

		const stack = new cdk.Stack(app, 'aws-cdk-vpcv2-alpha');
Expand Down