1

I have created a private subnet and a NAT gateway in AWS CDK using Python. I have done this by mostly referring to aws docs https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_ec2/ My private and public subnets look like this -

    PUBLIC_SUBNET: {
        'availability_zone': 'us-east-1a', 'cidr_block': '10.0.1.0/24', 'map_public_ip_on_launch': True,
        'route_table_id': PUBLIC_ROUTE_TABLE,
        'instances': {
            PUBLIC_INSTANCE: {
                'disable_api_termination': False,
                'key_name': KEY_PAIR_NAME,
                'image_id': AMI,
                'instance_type': 't2.micro',
                'security_group_ids': [SECURITY_GROUP],
                'tags': [
                    {'key': 'Name', 'value': PUBLIC_INSTANCE},
                ],
            },
        }
    },
    PRIVATE_SUBNET: {
        'availability_zone': 'us-east-1b', 'cidr_block': '10.0.2.0/24', 'map_public_ip_on_launch': False,
        'route_table_id': PRIVATE_ROUTE_TABLE,
        'instances': {
            PRIVATE_INSTANCE: {
                'disable_api_termination': False,
                'key_name': KEY_PAIR_NAME,
                'image_id': AMI,
                'instance_type': 't2.micro',
                'security_group_ids': [SECURITY_GROUP],
                'tags': [
                    {'key': 'Name', 'value': PRIVATE_INSTANCE},
                ],
            },
        }
    }
}

And my NAT Gateway code looks like this -


 def attach_nat_gateway(self):
        # elastic_ip = CfnEIP(self, "EIP",
        # domain="vpc",
        # instance_id="instance_id")
        
        cfn_nat_gateway = CfnNatGateway(self, "MyCfnNatGateway",
        subnet_id="subnetId",

        allocation_id="allocation_id",
        connectivity_type="connectivityType")

        return cfn_nat_gateway

And the constructor looks like this -


def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        #creating a VPC
        self.bifrost_vpc = Vpc(
            self, 'custom-VPC', cidr='10.0.0.0/16', nat_gateways=1, 
            subnet_configuration=[SubnetConfiguration(name="public", subnet_type=SubnetType.PUBLIC), SubnetConfiguration(name="private", subnet_type=SubnetType.PUBLIC)], enable_dns_support=True,
            enable_dns_hostnames=True,
        )

After changing the code many times , i've encountered the error:The maximum number of addresses has been reached I am able to create a private and public subnet , but unable to create and attach a nat gateway to my private subnet using CDK. Also in the constructor , the SubnetType.PRIVATE says it's deprecated in docs so I'm not able to use it. Please provide some insight.

Mahesh M
  • 69
  • 1
  • 10
  • go to your console, then VPC, the NAT Gateways - are there a ton of stuff still in there that hasnt been destroyed? If so thats your reason. If not, then you likely have an issue with the Cidr block – lynkfox Jun 21 '22 at 19:21
  • thank you @lynkfox, yes , destroying everything including the cdktoolkit and the s3 bucket associated with the stack. re-deploying everything from the scratch one resource at a time helped solve my issue. Just a side note - for creating and associating resources using cdk , refer - https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_ec2/ – Mahesh M Jun 22 '22 at 16:44

1 Answers1

1

I was able to figure it out. The answer is to not create everything in the vpc creation call itself in the cdk but rather create every resource that you's require one by one so that all the associations can be configured. I'm fairly new to CDK and I did not know this was how it was supposed to be done.

Mahesh M
  • 69
  • 1
  • 10
  • ahh yes. The tutorials love to pile all the things together. Each CDK Construct (ie: a subnet group or a nat gateway or a vpc) are actually instantiated as an object. If you want to re-use any of them, then instantiating them and storing them as a variable is 100% the necessary method. – lynkfox Jun 22 '22 at 17:42