Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-ec2: InterfaceVpcEndpoint does not allow private DNS disabling #2556

Closed
strax opened this issue May 16, 2019 · 0 comments · Fixed by #2596 or MechanicalRock/tech-radar#14 · May be fixed by MechanicalRock/cdk-constructs#5, MechanicalRock/cdk-constructs#6 or MechanicalRock/cdk-constructs#7
Closed

aws-ec2: InterfaceVpcEndpoint does not allow private DNS disabling #2556

strax opened this issue May 16, 2019 · 0 comments · Fixed by #2596 or MechanicalRock/tech-radar#14 · May be fixed by MechanicalRock/cdk-constructs#5, MechanicalRock/cdk-constructs#6 or MechanicalRock/cdk-constructs#7
Labels
bug This issue is a bug.

Comments

@strax
Copy link
Contributor

strax commented May 16, 2019
edited
Loading

Describe the bug

The construct @aws-cdk/aws-ec2.InterfaceVpcEndpoint cannot be used to connect to endpoint services that do not support private DNS due to a logic bug.

The issue is at https://github.com/awslabs/aws-cdk/blob/master/packages/%40aws-cdk/aws-ec2/lib/vpc-endpoint.ts#L398 – if the user passes privateDnsEnabled: false to the construct props, the expression at the aforementioned line expands to false || true which always evaluates to true.

To Reproduce

Synthesize this:

 new InterfaceVpcEndpoint(this, "MyTestEndpoint", {
      service,
      vpc,
      privateDnsEnabled: false
})

The resulting template has property PrivateDnsEnabled: true in the endpoint resource definition.

Expected behavior

PrivateDnsEnabled is set to false iff it is missing (undefined) in props.

Version:

  • OS: MacOS 10.14.4
  • Programming Language: TypeScript
  • CDK Version: 0.31.0
@strax strax added the bug This issue is a bug. label May 16, 2019
CaerusKaru added a commit to CaerusKaru/aws-cdk that referenced this issue May 20, 2019
@CaerusKaru
fix(aws-ec2): correctly set private DNS based on user props for inter…
6b529f0 
…face VPCe

Fixes aws#2556
@CaerusKaru CaerusKaru mentioned this issue May 20, 2019
Merged
4 tasks
rix0rrr pushed a commit that referenced this issue May 21, 2019
@CaerusKaru @rix0rrr
fix(ec2): allow disabling privateDnsEnabled on VPCs (#2596)
4d2fbe9 
Fixes #2556.
This was referenced Aug 22, 2019
Open
Open
Open
Open
Open
This was referenced Dec 12, 2019
Closed
Closed
Closed
Merged
Closed
Closed
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
This was referenced Jan 20, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(aws-ec2): correctly set private DNS based on user props for interface VPCe CaerusKaru/aws-cdk
[Snyk] Upgrade @aws-cdk/aws-iam from 0.22.0 to 0.39.0 MechanicalRock/tech-radar
[Snyk] Upgrade @aws-cdk/aws-codebuild from 0.24.1 to 0.39.0 MechanicalRock/cdk-constructs
[Snyk] Upgrade @aws-cdk/aws-codepipeline from 0.24.1 to 0.39.0 MechanicalRock/cdk-constructs
[Snyk] Upgrade @aws-cdk/aws-s3 from 0.24.1 to 0.39.0 MechanicalRock/cdk-constructs
[Snyk] Upgrade @aws-cdk/aws-cloudfront from 0.15.2 to 0.39.0 MechanicalRock/cdk-products
[Snyk] Upgrade @aws-cdk/aws-codebuild from 0.15.2 to 0.39.0 MechanicalRock/cdk-products
[Snyk] Upgrade @aws-cdk/aws-codecommit from 0.15.2 to 0.39.0 MechanicalRock/cdk-products
[Snyk] Upgrade @aws-cdk/aws-codepipeline from 0.15.2 to 0.39.0 MechanicalRock/cdk-products
[Snyk] Upgrade @aws-cdk/cdk from 0.24.1 to 0.35.0 MechanicalRock/account-reaper
1 participant
@strax