adding arn field to populate account and region

aws · Oct 18, 2024 · 13d1458 · 13d1458
1 parent 00eebb9
commit 13d1458
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 17 deletions.
diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md
@@ -37,8 +37,6 @@ new VpcV2(this, 'Vpc', {
 
 `VpcV2` does not automatically create subnets or allocate IP addresses, which is different from the `Vpc` construct.
 
-Importing existing VPC in an account into CDK as a `VpcV2` is not yet supported.
-
 ## SubnetV2
 
 `SubnetV2` is a re-write of the [`ec2.Subnet`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2.Subnet.html) construct.
@@ -62,8 +60,6 @@ new SubnetV2(this, 'subnetA', {
 })
 ```
 
-Same as `VpcV2`, importing existing subnets is not yet supported.
-
 ## IP Addresses Management
 
 By default `VpcV2` uses `10.0.0.0/16` as the primary CIDR if none is defined. 

diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2-base.ts
@@ -97,6 +97,20 @@ export interface IVpcV2 extends IVpc {
    */
   readonly ipv4CidrBlock: string;
 
+  /**
+   * Optional to override inferred region
+   *
+   * @default - current stack's environment region
+   */
+  readonly region?: string;
+
+  /**
+   * The ID of the AWS account that owns the VPC
+   *
+   * @default - the account id of the parent stack
+   */
+  readonly ownerAccountId?: string;
+
   /**
    * IPv4 CIDR provisioned under pool
    * Required to check for overlapping CIDRs after provisioning

diff --git a/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts b/packages/@aws-cdk/aws-ec2-alpha/lib/vpc-v2.ts
@@ -1,9 +1,9 @@
 import { CfnVPC, CfnVPCCidrBlock, DefaultInstanceTenancy, ISubnet } from 'aws-cdk-lib/aws-ec2';
-import { Arn, CfnResource, Lazy, Names, Resource, Stack } from 'aws-cdk-lib/core';
+import { Arn, CfnResource, Lazy, Names, Resource } from 'aws-cdk-lib/core';
 import { Construct, DependencyGroup, IDependable } from 'constructs';
 import { IpamOptions, IIpamPool } from './ipam';
 import { IVpcV2, VpcV2Base } from './vpc-v2-base';
-import { ISubnetV2, ImportedSubnetV2, SubnetV2Attributes } from './subnet-v2';;
+import { ISubnetV2, ImportedSubnetV2, SubnetV2Attributes } from './subnet-v2';
 
 /**
  * Additional props needed for secondary Address
@@ -196,18 +196,20 @@ export interface VpcV2Props {
  */
 export interface VpcV2Attributes {
 
-  /**
-   * The region in which the VPC is located
-   * @default - No region information
-   */
-  readonly region?: string;
-
   /**
    * The VPC ID
    * Refers to physical Id of the resource
    */
   readonly vpcId: string;
 
+  /**
+   * Arn of the VPC
+   * will be used to set value for account and region
+   * which then later can be used for establishing VPC peering connection
+   * @default - constructed with stack account and region value
+   */
+  readonly vpcArn?: string;
+
   /**
    * Primary VPC CIDR Block of the imported VPC
    * Can only be IPv4
@@ -334,6 +336,16 @@ export class VpcV2 extends VpcV2Base {
    */
   public readonly ipv4IpamProvisionedCidrs?: string[];
 
+  /**
+  * Region for this VPC
+  */
+  public readonly region?: string;
+
+  /**
+  * Identifier of the owner for this VPC
+  */
+  public readonly ownerAccountId?: string;
+
   /**
    * For validation to define IPv6 subnets, set to true in case of
    * Amazon Provided IPv6 cidr range
@@ -379,6 +391,8 @@ export class VpcV2 extends VpcV2Base {
       resource: 'vpc',
       resourceName: this.vpcId,
     }, this.stack);
+    this.region = this.stack.region;
+    this.ownerAccountId = this.stack.account;
 
     if (props.secondaryAddressBlocks) {
       const secondaryAddressBlocks: IIpAddresses[] = props.secondaryAddressBlocks;
@@ -536,6 +550,8 @@ class ImportedVpcV2 extends VpcV2Base {
   public readonly isolatedSubnets: ISubnetV2[] = [];
   public readonly internetConnectivityEstablished: IDependable = new DependencyGroup();
   public readonly ipv4CidrBlock: string;
+  public readonly region?: string;
+  public readonly ownerAccountId?: string;
 
   /*
   * Reference to all secondary blocks attached
@@ -552,15 +568,18 @@ class ImportedVpcV2 extends VpcV2Base {
   public readonly ipv4IpamProvisionedCidrs: string[] = [];
 
   constructor(scope: Construct, id: string, props: VpcV2Attributes) {
-    super(scope, id, {
-      region: props. region,
-    });
+    super(scope, id);
     this.vpcId = props.vpcId,
-    this.vpcArn = Arn.format({
+    this.vpcArn = props.vpcArn ?? Arn.format({
       service: 'ec2',
       resource: 'vpc',
       resourceName: this.vpcId,
-    }, Stack.of(this));
+    }, this.stack);
+    // Populate region and account fields that can be used to set up peering connection
+    // sample vpc Arn - arn:aws:ec2:us-west-2:123456789012:vpc/vpc-0123456789abcdef0
+    this.region = this.vpcArn.split(':')[3];
+    this.ownerAccountId = this.vpcArn.split(':')[4];
+    // Refers to actual VPC Resource attribute in non-imported VPC
     this.vpcCidrBlock = props.vpcCidrBlock;
     // Required for subnet range related checks
     this.ipv4CidrBlock = props.vpcCidrBlock;

diff --git a/packages/@aws-cdk/aws-ec2-alpha/test/vpcv2-import.test.ts b/packages/@aws-cdk/aws-ec2-alpha/test/vpcv2-import.test.ts
@@ -186,4 +186,16 @@ describe('Vpc V2 with full control', () => {
       Ipv6CidrBlock: '2600:1f24:6c:4000::/64',
     });
   });
+  test('Fetch correct account id and region ', () => {
+    const vpc = VpcV2.fromVpcV2Attributes(stack, 'ImportedVpc', {
+      vpcId: 'mockVpcID',
+      vpcCidrBlock: '10.0.0.0/16',
+      secondaryCidrBlocks: [{
+        amazonProvidedIpv6CidrBlock: true,
+      }],
+      vpcArn: 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID',
+    });
+    expect(vpc.ownerAccountId).toBe('123456789012');
+    expect(vpc.region).toBe('us-west-2');
+  });
 });