pulumi/pulumi-awsx

VPC should filter out Local Zones & Wavelength Zones when fetching the list of AZs

flostadler opened this issue ยท 0 comments

flostadler commented

Hello!

  • Vote on this issue by adding a ๐Ÿ‘ reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

When the users do not provide the AZs to use for the VPC, the component retrieves the available AZs from AWS:

pulumi-awsx/awsx/ec2/vpc.ts

Line 513 in 01d90b4

const result = await aws.getAvailabilityZones(undefined, { parent: this });

This takes into account all availability zones - including local zones or wavelength zones - the user opted into for their account. Those special zones do not support all features (e.g. NAT gateways) meaning the VPC most certainly fails deploying and is in a broken state.

To prevent this from happening we should only take regular AZs into account. This can be done like so:

aws.getAvailabilityZones({
    filters: [{
        name: "opt-in-status",
        values: ["opt-in-not-required"],
    }],
});

Affected area/feature

  • awsx.ec2.Vpc