AWS CDK requires a "public" subnet to deploy


I am new to AWS CDK and I am trying to deploy resources like Lambda function, 2 Security Groups in an existing VPC. I use this code in order to use the existing VPC:

const vpc = ec2.Vpc.fromLookup(this, 'ExistingVPC', {
  vpcName: 'TT-DD-vpc01',

So when I run cdk synth , I get the error:

Error: There are no 'Public' subnet groups in this VPC. Available types: at LookedUpVpc.selectSubnetObjectsByType (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\node_modules\aws-cdk-lib\aws-ec2\lib\vpc.js:1:6197) at LookedUpVpc.selectSubnetObjects (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\node_modules\aws-cdk-lib\aws-ec2\lib\vpc.js:1:4915) at LookedUpVpc.selectSubnets (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\node_modules\aws-cdk-lib\aws-ec2\lib\vpc.js:1:2603) at Function.configureVpc (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\node_modules\aws-cdk-lib\aws-lambda\lib\function.js:1:23508) at new Function (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\node_modules\aws-cdk-lib\aws-lambda\lib\function.js:1:12479) at new MyCdkProjectStack (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\lib\my_cdk_project-stack.js:85:30) at Object.<anonymous> (C:\Users\dimit\Projects\awscdk\AWSCDK\MyCdkProject\bin\my_cdk_project.js:6:1) at Module._compile (node:internal/modules/cjs/loader:1256:14) at Module._extensions..js (node:internal/modules/cjs/loader:1310:10) at Module.load (node:internal/modules/cjs/loader:1119:32)

why cdk needs to have a "public" subnet configured ? I created a subnet in AWS UI but I dont know how to make it "Public".

Any help would be appreciated !

1 Resposta


A subnet is called a Public subnet if it has a direct route to an internet gateway. Resources in a public subnet can access the public internet. To read more about Subnets in VPC

If the subnet has a route to anywhere through Internet gateway. It's a Public subnet. Here is how the route table will look like

To resolve your issue:

  1. VPC Configuration: Check if your VPC has the necessary subnets (public, private, etc.) created.
  2. Subnet Group Names: Ensure that you’re using the correct subnet group names in your configuration.
  3. Internet Gateway: If you’re expecting a public subnet, make sure it has an associated internet gateway.
  4. Route Tables: Check the route tables associated with your subnets. Public subnets should have a route to the internet gateway (

Additionally, you can refer here:

tag: Key: aws-cdk:subnet-type Value: Public
profile picture
respondido há 2 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas