Aws-cdk: For the SubnetSelection interface, support Subnet ID

+1. Even better would be a list of subnet ids. The Subnet does not support adding a subnet name, so I don't clear way to specify a lambda goes in particular set of subnets.

+1 for a list of subnet ids.

+1 for a list of subnet ids.

+1 for a list of subnet ids

+1 for list of subnet ids.

I'm adding my +1 to this issue, but I need to clarify. I need to pass a LIST of subnet IDs. Use case:

I have a VPC with, say, 20 subnets. Basically there are multiple apps running in the same account and each application has a set of subnets defined. Network isolation and all that. Most of them are private (backend), some are public (frontend).

I'm setting up a Fargate service for a new application, or a new component to an existing application. I need to tell the service to use subnets X, Y and Z. That's it. I have the subnet IDs, either in a config file or I can look them up using the SDK. The subnets are already set up, I don't need the CDK to build them and I don't want to run in all private subnets.

Because it's not possible to pass a list of subnets to FargateService() at the moment I have to build the entire service from low level CfnResources.

+1 for list of subnet ids or, even better, [Public|Private]Subnet objects directly.

I found a workaround for specifying specific subnet ids when deploying lambda. It might work with fargate too. https://github.com/aws/aws-cdk/issues/3923#issuecomment-527669650
You just forge a vpc object via aws_ec2.Vpc.from_vpc_attributes().

Thank you for the feature request and its popular support. We are aware of the limitations here and are going to do something about it.

I'd like to make this even better for users, and while specifying subnet IDs might feel like the right solution since that's what you're used to doing today, is there something even better you could be specifying instead?

For me, the core issue is access to the private, public and isolated subnet arrays from Python. I should be able to simply say which is which, and add Subnets to Vpcs as needed.

In lieu of that, it would be good to add a parameter to the Vpc constructor to specify a secondary CIDR block, and the corresponding ability to add Subnets into it via SubnetConfiguration.

This is a huge issue for us BTW, I’m fighting with the CDK in my code at the moment.

On 4 Sep 2019, 7:15 PM +1000, Rico Huijbers notifications@github.com, wrote:

Thank you for the feature request and its popular support. We are aware of the limitations here and are going to do something about it.
I'd like to make this even better for users, and while specifying subnet IDs might feel like the right solution since that's what you're used to doing today, is there something even better you could be specifying instead?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.

In my personal opinion, from the point of view of systems engineer with more than five years AWS experience [1], using Python [2] and shell scripts for day-to-day job...

Subnet IDs are the right solution FOR ME because that's what all the other AWS tools use. The same goes for other resource IDs and for ARNs. The web console, AWS CLI, SDK, all of them use and return subnet IDs (and VPC IDs and ARNs, etc.). I can use any one of those to find the list of subnets and then pass it to the CDK.

Coming from Python, I also prefer to work with lists, dictionaries, strings, rather than custom objects. Keep it simple. These are things I already know, I don't have to dig through documentation to figure out what that SubnetSelection object is.

Case in point: I want to build a FargateService (Pyhton), that runs a container in a couple of subnets.

• The vpc_subnets parameter takes a SubnetSelection object and there's a helpful link to it. Great, follow it.
• I can't pass subnet ID to SubnetSelection, but I can pass subnet name, except I'm not sure what that is. It says it's the name supplied in subnetConfiguration, but I don't know what that means.
• I google, I figure out it's another object parameter of a VPC object. But I don't have a VPC object, because I already have a VPC.
• I guess I need to create that VPC object now?. Another page of documentation to read, because simply passing a VPC ID is not an option.
• And so on.

Having to go through all the steps above is not the right solution FOR ME. Worse, I won't remember much of that, because I have so many other things to remember. So every time I have to run something in a subnet I have to go back to those pages.

Instead I would like to

• pass a list (I already know what that is) of subnet IDs (I already know what those are and where to find them).

Much simpler FOR ME. And that applies to many other resources.

This particular example is a bit of an exception in the number of clicks it takes to figure it out, but that's been much of my experience with the CDK so far. I'm starting to think I'm not the target audience of this tool. Which is fine, but I'd like to know that before I invest too much time in it.

I guess I would like to

• be able to mix the CDK with other tools, especially the SDK
• use the knowledge I already have, and is presented in all the AWS docs and courses, to enjoy a smoother learning curve. New objects that make my life easier, sure, totally, but first I'd like to be able to use existing and well known primitives.

Just my two cents, in case it's relevant. Either way, thank you for the CDK, it does help.

[1] Meaning that yes, I'm used to certain things
[2] Mentioning Python because Python users seem to have a slightly different frame of mind than JS/Typescript devs

It is possible these days to pick out specific subnets in a subnetselection object.