Skip to content

(aws-ec2): Vpc creates EgressOnlyInternetGateway without private subnets #30981

New issue
New issue
Closed
#34437
Closed
(aws-ec2): Vpc creates EgressOnlyInternetGateway without private subnets#30981
#34437
Assignees
maharajhaider
Labels
@aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/smallSmall work item – less than a day of effortp2
@danilobuerger

Description

@danilobuerger
danilobuerger
opened on Jul 30, 2024

Describe the bug

When creating a Dual Stack VPC, an EgressOnlyInternetGateway is created even if there are no private subnets. This comes from a vaulty condition, in vpc.ts:

aws-cdk/packages/aws-cdk-lib/aws-ec2/lib/vpc.ts

Lines 1644 to 1647 in 3f93027

if (this.useIpv6 && this.privateSubnets) {
const eigw = new CfnEgressOnlyInternetGateway(this, 'EIGW6', {
vpcId: this.vpcId,
});

this.privateSubnets check will also evaluate to true on empty arrays.

Expected Behavior

No EgressOnlyInternetGateway is created without private subnets

Current Behavior

EgressOnlyInternetGateway is created without private subnets

Reproduction Steps

new Vpc(this, "Vpc", {
  ipProtocol: IpProtocol.DUAL_STACK,
  subnetConfiguration: [
    {
      subnetType: SubnetType.PUBLIC,
      name: "public",
    },
  ],
});

Possible Solution

Check the length:

this.privateSubnets.length > 0

Additional Information/Context

No response

CDK CLI Version

2.150.0 (build 3f93027)

Framework Version

No response

Node.js Version

v22.5.1

OS

MacOS

Language

TypeScript

Language Version

No response

Other information

No response

Metadata

Metadata

Assignees

Labels

@aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/smallSmall work item – less than a day of effortp2

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions