By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Why does ec2.Vpc produce different output for same code when migrating from AWS CDK v1 to v2?

0

I am working on migrating an AWS CDK project from v1 to v2. The following piece of code produce different output for

        self._vpc = vpc(
            self,
            "vpc",
            cidr="10.0.0.0/16",
            enable_dns_hostnames=True,
            enable_dns_support=True,
            max_azs=3,
        )

When I upgrade to AWS CDK v2, and run cdk diff [stackname] I get the following output :

[WARNING] aws-cdk-lib.aws_ec2.VpcProps#cidr is deprecated.
  Use ipAddresses instead
  This API will be removed in the next major release.
[WARNING] aws-cdk-lib.aws_ec2.VpcProps#cidr is deprecated.
  Use ipAddresses instead
  This API will be removed in the next major release.
Stack UprightPipelineStack/test/network-stack (test-network-stack)
Resources
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet1/NATGateway uprightvpcPublicSubnet1NATGateway86E25FDE 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet1DefaultRoute900852B5","uprightvpcPublicSubnet1RouteTableAssociation7B05C537"]
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet2/NATGateway uprightvpcPublicSubnet2NATGateway117AA26A 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet2DefaultRouteC847382C","uprightvpcPublicSubnet2RouteTableAssociation517ECEEF"]
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet3/NATGateway uprightvpcPublicSubnet3NATGateway27BAB1E3 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet3DefaultRoute2A9BF176","uprightvpcPublicSubnet3RouteTableAssociation39653CF8"]

What does this change mean, and what can I do to have v2 produce the same infrastructure as v1?

Topics
Management & GovernanceAWS Cloud Development Kit (CDK)
Tags
AWS CloudFormationAWS Cloud Development Kit (CDK)
Language
English
sbrattla
asked a year ago1057 views
1 Answer
1

I'll help you break down the output from the CDK.

Deprecation Warning

First, you have a deprecation warning appearing twice:

[WARNING] aws-cdk-lib.aws_ec2.VpcProps#cidr is deprecated.
  Use ipAddresses instead
  This API will be removed in the next major release.

This is to inform you that the VpcProps interface will no longer use the cidr property in the future and will instead use the ipAddresses property. On the overview page for the EC2 module, you can see the new way to input a CIDR value.

CDK diff output

The output from the cdk diff command can be challenging to understand sometimes, but is immensely helpful when performing upgrades or refactoring.

Stack UprightPipelineStack/test/network-stack (test-network-stack)
Resources
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet1/NATGateway uprightvpcPublicSubnet1NATGateway86E25FDE 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet1DefaultRoute900852B5","uprightvpcPublicSubnet1RouteTableAssociation7B05C537"]
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet2/NATGateway uprightvpcPublicSubnet2NATGateway117AA26A 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet2DefaultRouteC847382C","uprightvpcPublicSubnet2RouteTableAssociation517ECEEF"]
[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet3/NATGateway uprightvpcPublicSubnet3NATGateway27BAB1E3 
 └─ [+] DependsOn
     └─ ["uprightvpcPublicSubnet3DefaultRoute2A9BF176","uprightvpcPublicSubnet3RouteTableAssociation39653CF8"]

I will go line-by-line for the first three lines of the diff to explain the output.

[~] AWS::EC2::NatGateway test/network-stack/upright_vpc/PublicSubnet1/NATGateway uprightvpcPublicSubnet1NATGateway86E25FDE
  • [~] means that the resource indicated here might change
  • AWS::EC2::NatGateway indicates the resource is a NAT Gateway
  • test/network-stack/upright_vpc/PublicSubnet1/NATGateway is the path to the resource in your CDK Stacks. The path might be a combination of file path and the hierarchy of constructs used to define your CDK stack
  • uprightvpcPublicSubnet1NATGateway86E25FDE is the logical ID for the resource, it's the identifier in your CloudFormation stack
 └─ [+] DependsOn

This indicates that the preceding resource in the CloudFormation stack will have a DependsOn property added. If it were [-], that would mean it was being removed.

     └─ ["uprightvpcPublicSubnet1DefaultRoute900852B5","uprightvpcPublicSubnet1RouteTableAssociation7B05C537"]

This identifies the logical IDs of the resources the NAT Gateway will be marked as depending upon. Based upon the IDs I am guessing it had to do with your route tables.

You can view additional information on the docs page for the AWS CDK CLI toolkit.

Based on the diff you shared, I doubt you will have any issues if you deploy your migrated coded. The DependsOn property is there to help CloudFormation deploy resources in the correct order.

profile picture
Jason Butz
answered a year ago
  • sbrattla
    a year ago

    Thank you very much for your very detailed explanation! I assume this new dependency may be a result of AWS CDK v2 being able to establish these dependencies, while v1 did not.

  • Jason Butz
    a year ago

    @sbrattla, I think it's more of a change where they are improving the CDK constructs to mitigate issues. CDK v1 supports DependsOn

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content