-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws-ec2: Using IPV6 CIDR as input to Security Group IPeer results in parsing error #28213
Comments
Yes this could relate to #894. I am making it p1. |
Found a temporary workaround for anyone who might want to implement this in the time being whilst this change is being implemented:
|
Took a deeper look into this issue as we are trying to fully implement ipv6 across our entire stack. Using the following code:
doesn't work because of the code here is doing a lookup of the Token. This should work in theory because the type of Here's what happens when its parsed:
Since the typeof cidrIpv6 in Given this, I guess there is 2 ways which cdk can help make this easier for devs looking to implement this.
Not sure which would be more ideal... |
Describe the bug
Using the aws-ec2.SecurityGroup's
addIngressRule
method to add a rule allowing an IPV6 CIDR block results in aToken
error if the input for theaws-ec2.Peer.ipv6()
function is a IPV6 CIDR block derived fromaws_ec2.CfnVPCCidrBlock
. The error I received isError: Invalid IPv6 CIDR: "#{Token[TOKEN.53]}"
Expected Behavior
Since
aws_ec2.CfnVPCCidrBlock
only gets the CIDR block at deploy time as its AWS-assigned, we should allow the address range here to be interoperable with existing Security Groups. Otherwise, we will not be able to add ingress rules in code when we use IPV6.Current Behavior
A token error is thrown when trying to synth the stack as the
Peer.ipv6()
is expecting a string but a token is provided in this case.Reproduction Steps
Possible Solution
Ideally,Peer
needs to implementIResolvable
so that it can be parsed at runtimeEdit: See last comment below for the possible workarounds
Additional Information/Context
Related to #894
CDK CLI Version
2.103.1 (build 3bb19ac)
Framework Version
No response
Node.js Version
v18.16.0
OS
Mac OS 13.6
Language
TypeScript
Language Version
No response
Other information
No response
The text was updated successfully, but these errors were encountered: