fix(efs): EFS fails to create when using a VPC with multiple subnets per availability zone (#12097)

daisuke-yoshimoto · web-flow · commit 889d6734c101 · 2021-01-31T18:44:15.000Z
Fixes #10170 ### Fixes This PR has been modified so that it does not create a mount target if only VPC is specified in the EFS file system. ### Bug Currently, if a VPC is specified and no subnet is specified, the subnet search criteria are passed as undefined, all subnets in the VPC are retrieved, and mount targets are generated for all subnets in the VPC. I will. Since mount targets can only be created in one subnet for each Availability Zone, the above behavior will result in duplicate Availability Zones between mount targets, resulting in an error when creating the mount target. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/@aws-cdk/aws-efs/lib/efs-file-system.ts b/packages/@aws-cdk/aws-efs/lib/efs-file-system.ts
@@ -272,7 +272,7 @@ export class FileSystem extends Resource implements IFileSystem {
       defaultPort: ec2.Port.tcp(FileSystem.DEFAULT_PORT),
     });
 
-    const subnets = props.vpc.selectSubnets(props.vpcSubnets);
+    const subnets = props.vpc.selectSubnets(props.vpcSubnets ?? { onePerAz: true });
 
     // We now have to create the mount target for each of the mentioned subnet
     let mountTargetCount = 0;
diff --git a/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts b/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts
@@ -1,4 +1,4 @@
-import { expect as expectCDK, haveResource, ResourcePart } from '@aws-cdk/assert';
+import { expect as expectCDK, haveResource, ResourcePart, countResources } from '@aws-cdk/assert';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as kms from '@aws-cdk/aws-kms';
 import { RemovalPolicy, Size, Stack, Tags } from '@aws-cdk/core';
@@ -240,3 +240,17 @@ test('can specify backup policy', () => {
     },
   }));
 });
+
+test('can create when using a VPC with multiple subnets per availability zone', () => {
+  // create a vpc with two subnets in the same availability zone.
+  const oneAzVpc = new ec2.Vpc(stack, 'Vpc', {
+    maxAzs: 1,
+    subnetConfiguration: [{ name: 'One', subnetType: ec2.SubnetType.ISOLATED }, { name: 'Two', subnetType: ec2.SubnetType.ISOLATED }],
+    natGateways: 0,
+  });
+  new FileSystem(stack, 'EfsFileSystem', {
+    vpc: oneAzVpc,
+  });
+  // make sure only one mount target is created.
+  expectCDK(stack).to(countResources('AWS::EFS::MountTarget', 1));
+});
