-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ec2.Vpc.fromLookup: Unable to find VPC by matching tags (2.167.x) #32214
Comments
@paulthiele1311 Good morning. Thanks for reporting the issue. I tested using CDK version import * as cdk from 'aws-cdk-lib';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
export class CdktestStackNew extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const testVpcLookup = ec2.Vpc.fromLookup(this, 'VpcLookup', {
tags: {
vertical: "testvertical",
environment: "testenvironment",
},
})
console.log(testVpcLookup.vpcId);
}
} Running
The reason it returns {
"vpc-provider:account=<<ACCOUNT_ID>>:filter.tag:environment=testenvironment:filter.tag:vertical=testvertical:region=us-east-2:returnAsymmetricSubnets=true": {
"vpcId": "vpc-04c4f1a40d0XXXXXX",
"vpcCidrBlock": "10.0.0.0/16",
"ownerAccountId": "<<ACCOUNT_ID>>",
"availabilityZones": [],
"subnetGroups": [
{
"name": "Private",
"type": "Private",
"subnets": [
{
"subnetId": "subnet-0f2ac00efb1XXXXXX",
"cidr": "10.0.96.0/19",
"availabilityZone": "us-east-2a",
"routeTableId": "rtb-047542de8dXXXXXX"
},
{
"subnetId": "subnet-0973d1b6f4XXXXXX",
"cidr": "10.0.128.0/19",
"availabilityZone": "us-east-2b",
"routeTableId": "rtb-0a6a99913bXXXXXX"
},
{
"subnetId": "subnet-0831ed5867eXXXXXX",
"cidr": "10.0.160.0/19",
"availabilityZone": "us-east-2c",
"routeTableId": "rtb-0a055f39223XXXXXX"
}
]
},
{
"name": "Public",
"type": "Public",
"subnets": [
{
"subnetId": "subnet-01d2dc3b68eXXXXXX",
"cidr": "10.0.0.0/19",
"availabilityZone": "us-east-2a",
"routeTableId": "rtb-0bf9d36b94XXXXXX"
},
{
"subnetId": "subnet-0255a18d22cXXXXXX",
"cidr": "10.0.32.0/19",
"availabilityZone": "us-east-2b",
"routeTableId": "rtb-047d0e4f0eXXXXXX"
},
{
"subnetId": "subnet-0a8f926ec8XXXXXX",
"cidr": "10.0.64.0/19",
"availabilityZone": "us-east-2c",
"routeTableId": "rtb-003d2ad607XXXXXX"
}
]
}
]
}
} Refer to #14066 (comment) for possible workaround to pre-populate CDK context before executing lookup on main stack. Thanks, |
export class DummyStack2 extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
function lookupVpc(scope: Construct) {
return ec2.Vpc.fromLookup(scope, 'VpcLookup', {
vpcId: 'vpc-1f5b7e78'
})
}
const vpc = lookupVpc(this);
console.log("VpcId=" + vpc.vpcId);
new CfnOutput(this, 'VpcId', { value: vpc.vpcId });
}
}
In CDK, some from* method would use context provider to invoke SDK calls to query resources if they are not cached in the context(cdk.context.json). In synth stage, CDK would first insert a placeholder( |
Hi @ashishdhingra and @pahud, thank you for your answers. |
@paulthiele1311 Have you tried using workaround in #14066 (comment)? I'm unsure if we could change the behavior of |
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
Although the exact error is different this feels related to #32228 While the error we see is proxy timeouts, it is also while trying to fetch VPC lookups for context and both occur on the same version which aligns to the sdkv3 upgrade. |
The issue is different in that the context lookup works once populated initially. |
Describe the bug
We noticed that with versions 2.167.x we are not able to do a lookup on the VPC based on tags.
What we can see when deploying with -vv, is that the lookup is done using random values that are not provided by ourselves.
As you can see CDK is trying to find the VPC using the vpc-id "vpc-12345", which is clearly not from us.
The lookup we are performing is the following:
What we noticed is that when looking up the ALB, CDK produces this output:
What's interesting here is that (fixed in 2.167.2*) the lookup for ALB works fine and also gets the correct VPC and Security Groups. Currently our workaround to get the VPC (and therefore the Security Groups) is to reference it from the ALB:
The problem when not finding the VPC of course is, that we also can't find the Security Groups.
Even though in the end the ALB is found we see outputs like these:
* There was another issue with looking up Load Balancers, which is already fixed:
#32161
Regression Issue
Last Known Working CDK Version
2.166.0
Expected Behavior
The expected behavior is that our lookup function which calls ec2.Vpc.fromLookup is finding the correct VPC using the correct passed tags.
Current Behavior
Currently the ec2.Vpc.fromLookup method is behaving not intended and is using random ("dummy") values and therefore can't find a VPC which blocks the deployment.
Reproduction Steps
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.167.2
Framework Version
No response
Node.js Version
20.18.0
OS
Ubuntu 22.04.5 LTS (on GitHub Runner)
Language
TypeScript
Language Version
No response
Other information
No response
The text was updated successfully, but these errors were encountered: