Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AWS::EC2::SubnetRouteTableAssociation] - [Enhancement] - CFN to not delete the route table association with the old subnet during an update to the subnet with UpdateReplacePolicy: Retain. #2166

Open
Waqiah opened this issue Oct 19, 2024 · 0 comments
Open

[AWS::EC2::SubnetRouteTableAssociation] - [Enhancement] - CFN to not delete the route table association with the old subnet during an update to the subnet with UpdateReplacePolicy: Retain. #2166

Waqiah opened this issue Oct 19, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@Waqiah
Copy link

Waqiah commented Oct 19, 2024

Name of the resource

AWS::EC2::SubnetRouteTableAssociation

Resource name

No response

Description

It is understood that UpdateReplacePolicy: Retain keeps the physical instance of a resource when it's replaced during a stack update.

Currently it is seen that when updating the Subnet resource that the AWS::EC2::SubnetRouteTableAssociation resource is associated with, and specifying UpdateReplacePolicy: Retain for both resources, CFN disassociates the route table association with the old subnet and replaces both resources during the update.

Would like to request that CFN doesn't delete the route table association with the old subnet when updating the SubnetId of AWS::EC2::SubnetRouteTableAssociation resource with UpdateReplacePolicy: Retain.

Behaviour can be replicated using sample template below:
....
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.16.0.0/16

PrivateRouteTable:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"

PrivateSubnet:
Type: "AWS::EC2::Subnet"
UpdateReplacePolicy: Retain
Properties:
VpcId: !Ref VPC
AvailabilityZone:
CidrBlock: 10.16.0.0/24

PrivateSubnetRouteTableAssociation:
Type: "AWS::EC2::SubnetRouteTableAssociation"
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
Properties:
SubnetId: !Ref PrivateSubnet
RouteTableId: !Ref PrivateRouteTable
....

Let's say the subnet ID is subnet-abc and the Route Table Association ID is rtbassoc-123.

Next when performing an update to the subnet resource, for example changing the CidrBlock from 10.16.0.0/24 to 10.16.1.0/24, the update will require replacement on the Route Table Association resource as expected. Meaning the new subnet ID is subnet-def and the Route Table Association ID is rtbassoc-456, albeit subnet-abc still remains in the account.

Hoping to have the old route table association with the old subnet not be deleted as currently it makes it complicated when deploying using Lamdba, etc.

Other Details

No response
@Waqiah Waqiah added the enhancement New feature or request label Oct 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Waqiah