-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws-cdk-lib/aws-ec2: Missing parameter options #20796
Comments
@DBS-RoSe it looks like we have an open issue for adding support for providing the If you want to try and remove the security group that is created you can do something like instance.node.tryRemoveChild('InstanceSecurityGroup'); |
|
Describe the feature
Server:
Type: AWS::EC2::Instance
Properties:
...
NetworkInterfaces:
- NetworkInterfaceId:
Fn::ImportValue: !Sub "${ApplicationName}-${Environment}2-ENIID"
DeviceIndex: '0'
my solution:
// Add networkinterface via addPropertyOverride
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyOverride("NetworkInterfaces", [{ NetworkInterfaceId: eni.ref, DeviceIndex: 0 }]);
// Delete property SubnetId because of an error in cdk synth
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyDeletionOverride("SubnetId");
If i create a network interface on my own then i have to add the security groups to my ENI.
But if i didn't add any security groups to my ec2 instance, then the ec2 instance will create a default security group on their own.
So i have overridden these parameter:
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyDeletionOverride("SecurityGroupIds");
BUT now i have a empty security group that i didn't use and that per stack.s
Use Case
Because it's ugly to have an empty default security group, without any use case and i would like to have the same possibilities like in cloudformation.
Proposed Solution
new parameter option and deactivate the default securitygroup, if an ENI is handed over
My own workaround is mentioned above
Other Information
Code snippet:
import { Size, Tags, Duration, Stack } from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as cdk from 'aws-cdk-lib';
import * as kms from 'aws-cdk-lib/aws-kms';
import * as dbs from '@cdkdbs/enterprise-library';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
import * as ct from '../bin/constants';
import * as iam from 'aws-cdk-lib/aws-iam';
import * as r53 from 'aws-cdk-lib/aws-route53';
import * as ssm from 'aws-cdk-lib/aws-ssm';
import * as sns from 'aws-cdk-lib/aws-sns';
import * as cw from 'aws-cdk-lib/aws-cloudwatch';
import * as cwac from 'aws-cdk-lib/aws-cloudwatch-actions';
});
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyOverride("NetworkInterfaces", [{ NetworkInterfaceId: eni.ref, DeviceIndex: 0 }]);
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyDeletionOverride("SubnetId");
(ec2Instance.node.defaultChild as ec2.CfnInstance).addPropertyDeletionOverride("SecurityGroupIds");
Acknowledgements
CDK version used
2.25.0
Environment details (OS name and version, etc.)
Amazon Linux 2
The text was updated successfully, but these errors were encountered: