1

We are trying to create a Network Load Balancer through cloudformation in the private subnet and we have 6 private subnets - 2 in each availability zone.

Currently we pass in the SubnetIDs manually by picking one subnet in each AZ as below.

LoadBalancer:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties:
          Type: network
          Scheme: internal
          Subnets: !Ref SubnetID
          Tags:
            - Key: Name
              Value: !Ref EnvName

where SubnetID is a parameter that accepts a list of strings.

Is there a way to get this subnet information automatically in cloudformation (pick private subnet ids one for each availability zone) through infrastructure as code

P.S: Passing all the 6 subnets as a list fails the load balancer creation because LB somehow picks 2 subnets in the same AZ and that is not allowed.

I am looking for a fully automated solution or any best practice to do this?

fledgling
  • 991
  • 4
  • 25
  • 48

1 Answers1

4

If you know which subnets in the list are private you can manually hand pick them. For example:

Subnets:
  - !Select [0, !Ref SubnetID]
  - !Select [1, !Ref SubnetID]

For fully autonomous solution when you don't know which subnets are private, which not, you would have to develop a custom resource lambda function which would return the list of subnets of interest into your CFN stack.

Marcin
  • 215,873
  • 14
  • 235
  • 294
  • Thanks for this. But what I am looking for is a fully automated solution. Is it possible to share a pseudo code of the custom resource lambda? or what is the best practice to do this – fledgling May 16 '20 at 03:03
  • @vkr So custom resource is the only way to go. I don't have such lambda, but for developing my custom resources I usually use this aws's [custom resource helper](https://github.com/aws-cloudformation/custom-resource-helper). It simplifies development of custom resources quite a bit. – Marcin May 16 '20 at 03:45