通过 AWS CDK 列出账户的所有现有 VPC [英] Listing all the existing VPCs of an account via AWS CDK

问题描述

想知道 AWS CDK 是否有办法列出当前账户的所有可用 VPC.

Wondering if there's a way with the AWS CDK to list all the available VPCs for the current account.

例如，CLI 提供了 aws ec2 describe-vpcs，它非常方便地检索所有可用的 VPC.

For example the CLI provides aws ec2 describe-vpcs which is very handy to retrieve all the available VPCs.

如果我知道 VPC 的标识符，我也可以导入它(python 示例):

I can also import a VPC if I know its identifier (python example) :

vpc = ec2.Vpc.from_lookup(self, "vpc", vpc_id=vpc_id)

但是，目前我还没有找到使用 CDK 检索所有(或过滤的)VPC(或其 ID)的方法.有什么指点吗?

However at this point, I haven't found a way to retrieve all (or filtered) VPCs (or their ids) using the CDK. Any pointers ?

注意:我们目前正在将 CIDR 块字符串传递到 cdk 命令行，以便我们可以配置 aw2s_ec2.Vpccidr 参数代码> 构造函数.我们希望避免这种情况，让应用程序自己找到下一个可用的 CIDR 块(或者如果之前创建过用于此部署的那个块).例如，Vpc.private_subnets 提供了一种列出现有 vpc 的所有私有子网(及其 CIDR 块)的方法，因此我认为可以为 AWS 帐户中的 vpc 获得相同的信息.

Note : we're currently passing a CIDR block string to the cdk command line so we can configure the cidr parameter of the aw2s_ec2.Vpc constructor. We would like to avoid that and let the application find the next available CIDR block on its own (or the one that was used for this deployment if previously created). For example, Vpc.private_subnets offers a way to list all private subnets (and their CIDR blocks) for an existing vpc, so I would have assumed the same could be obtained for vpcs in an AWS account.

推荐答案

简短回答:不要.

长答案:这违反了 AWS CDK 最佳实践.如关于该主题的文档中所述，CDK应用程序应该是确定性的.也就是说，您的 VCS 中的 CDK 代码(连同上下文)应始终合成到相同的模板:

Long answer: This is against AWS CDK best practices. As described in the docs on the topic, CDK apps should be deterministic. That is, CDK code (along with context) in your VCS should always synth to the same template:

确定性是成功部署 AWS CDK 的关键.AWS CDK 应用程序无论何时部署都应该具有基本相同的结果(尽管基于所处环境的必要差异它已部署).

Determinism is key to successful AWS CDK deployments. A AWS CDK app should have essentially the same result whenever it is deployed (notwithstanding necessary differences based on the environment where it's deployed).

在您的 CDK 代码中使用 AWS 开发工具包打破了这种确定性，因此重新思考您的方法是个好主意.

Using AWS SDK in your CDK code breaks this determinism, so it's a good idea to rethink your approach.

这篇关于通过 AWS CDK 列出账户的所有现有 VPC的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！