feat(ec2-alpha): adding imports for SubnetV2 and VpcV2(WIP)

packages/@aws-cdk/aws-ec2-alpha/README.md

@@ -37,8 +37,6 @@ new VpcV2(this, 'Vpc', {
 
 `VpcV2` does not automatically create subnets or allocate IP addresses, which is different from the `Vpc` construct.
 
-Importing existing VPC in an account into CDK as a `VpcV2` is not yet supported.
-
 ## SubnetV2
 
 `SubnetV2` is a re-write of the [`ec2.Subnet`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2.Subnet.html) construct.
@@ -62,8 +60,6 @@ new SubnetV2(this, 'subnetA', {
 })
 ```
 
-Same as `VpcV2`, importing existing subnets is not yet supported.
-
 ## IP Addresses Management
 
 By default `VpcV2` uses `10.0.0.0/16` as the primary CIDR if none is defined. 
@@ -366,3 +362,135 @@ myVpc.addInternetGateway({
   ipv4Destination: '192.168.0.0/16',
 });
 ```
+
+## Importing an existing VPC
+
+You can import an existing VPC and its subnets using the `VpcV2.fromVpcV2Attributes()` method or an individual subnet using `SubnetV2.fromSubnetV2Attributes()` method.
+
+### Importing a VPC
+
+To import an existing VPC, use the `VpcV2.fromVpcV2Attributes()` method. You'll need to provide the VPC ID, primary CIDR block, and information about the subnets. You can import secondary address as well created through IPAM, BYOIP(IPv4) or enabled through Amazon Provided IPv6. You must provide VPC Id and its primary CIDR block for importing it.
+
+If you wish to add a new subnet to imported VPC, new subnet's IP range(IPv4) will be validated against provided secondary and primary address block to confirm that it is within the the range of VPC.
+
+Here's an example of importing a VPC with only the required parameters
+
+``` ts
+
+const stack = new Stack();
+
+const importedVpc = VpcV2.fromVpcV2Attributes(stack, 'ImportedVpc', {
+      vpcId: 'mockVpcID',
+      vpcCidrBlock: '10.0.0.0/16',
+});
+
+```
+
+In case of cross account or cross region VPC, its recommended to provide region and ownerAccountId so that these values for the VPC can be used to populate correct arn value for the VPC. If a VPC region and account ID is not provided, then region and account configured in the stack will be used. Furthermore, these fields will be referenced later while setting up VPC peering connection, so its necessary to set these fields to a correct value.
+
+Below is an example of importing a cross region and cross acount VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID'
+
+``` ts
+
+const stack = new Stack();
+
+//Importing a cross acount or cross region VPC
+const importedVpc = VpcV2.fromVpcV2Attributes(stack, 'ImportedVpc', {
+      vpcId: 'mockVpcID',
+      vpcCidrBlock: '10.0.0.0/16',
+      ownerAccountId: '123456789012',
+      region: 'us-west-2',
+});
+
+```
+
+Here's an example of how to import a VPC with multiple CIDR blocks, IPv6 support, and different subnet types:
+
+In this example, we're importing a VPC with:
+
+ - A primary CIDR block (10.1.0.0/16)
+ - One secondary IPv4 CIDR block (10.2.0.0/16)
+ - Two secondary address using IPAM pool (IPv4 and IPv6)
+ - VPC has Amazon-provided IPv6 CIDR enabled
+ - An isolated subnet in us-west-2a
+ - A public subnet in us-west-2b
+
+```ts
+
+const stack = new Stack();
+
+const importedVpc = VpcV2.fromVpcV2Attributes(this, 'ImportedVPC', {
+  vpcId: 'vpc-XXX',
+  vpcCidrBlock: '10.1.0.0/16',
+  secondaryCidrBlocks: [
+    {
+      cidrBlock: '10.2.0.0/16',
+      cidrBlockName: 'ImportedBlock1',
+    },
+    {
+      ipv6IpamPoolId: 'ipam-pool-XXX',
+      ipv6NetmaskLength: 52,
+      cidrBlockName: 'ImportedIpamIpv6',
+    },
+    {
+      ipv4IpamPoolId: 'ipam-pool-XXX',
+      ipv4IpamProvisionedCidrs: ['10.2.0.0/16'],
+      cidrBlockName: 'ImportedIpamIpv4',
+    },
+    {
+      amazonProvidedIpv6CidrBlock: true,
+    }
+  ],
+  subnets: [{
+    subnetName: 'IsolatedSubnet2',
+    subnetId: 'subnet-03cd773c0fe08ed26',
+    subnetType: SubnetType.PRIVATE_ISOLATED,
+    availabilityZone: 'us-west-2a',
+    ipv4CidrBlock: '10.2.0.0/24',
+    routeTableId: 'rtb-0871c310f98da2cbb',
+  },
+  {
+    subnetId: 'subnet-0fa477e01db27d820',
+    subnetType: SubnetType.PUBLIC,
+    availabilityZone: 'us-west-2b',
+    ipv4CidrBlock: '10.3.0.0/24',
+    routeTableId: 'rtb-014f3043098fe4b96',
+  }],
+});
+
+// You can now use the imported VPC in your stack
+
+// Adding a new subnet to the imported VPC
+const importedSubnet = new SubnetV2(this, 'NewSubnet', {
+  availabilityZone: 'us-west-2a',
+  ipv4CidrBlock: new IpCidr('10.2.2.0/24'),
+  vpc: importedVpc,
+  subnetType: SubnetType.PUBLIC,
+});
+
+// Adding gateways to the imported VPC
+importedVpc.addInternetGateway();
+importedVpc.addNatGateway({ subnet: importedSubnet });
+importedVpc.addEgressOnlyInternetGateway();
+```
+
+You can add more subnets as needed by including additional entries in the `isolatedSubnets`, `publicSubnets`, or other subnet type arrays (e.g., `privateSubnets`).
+
+### Importing Subnets
+
+You can also import individual subnets using the `SubnetV2.fromSubnetV2Attributes()` method. This is useful when you need to work with specific subnets independently of a VPC.
+
+Here's an example of how to import a subnet:
+
+```ts
+
+SubnetV2.fromSubnetV2Attributes(this, 'ImportedSubnet', {
+  subnetId: 'subnet-0123456789abcdef0',
+  availabilityZone: 'us-west-2a',
+  ipv4CidrBlock: '10.2.0.0/24',
+  routeTableId: 'rtb-0871c310f98da2cbb',
+  subnetType: SubnetType.PRIVATE_ISOLATED,
+});
+```
+
+By importing existing VPCs and subnets, you can easily integrate your existing AWS infrastructure with new resources created through CDK. This is particularly useful when you need to work with pre-existing network configurations or when you're migrating existing infrastructure to CDK.

packages/@aws-cdk/aws-ec2-alpha/awslint.json

@@ -1,8 +1,6 @@
 {
     "exclude": [
-      "from-method:@aws-cdk/aws-ec2-alpha.VpcV2",
       "attribute-tag:@aws-cdk/aws-ec2-alpha.RouteTable.routeTableId",
-      "from-method:@aws-cdk/aws-ec2-alpha.SubnetV2",
       "from-method:@aws-cdk/aws-ec2-alpha.Route"
     ]
 }

packages/@aws-cdk/aws-ec2-alpha/lib/ipam.ts

@@ -92,7 +92,7 @@ export enum IpamScopeType {
  *
  * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipampool.html
  */
-export interface PoolOptions{
+export interface PoolOptions {
 
   /**
    * addressFamily - The address family of the pool (ipv4 or ipv6).
@@ -180,7 +180,7 @@ export interface IpamPoolCidrProvisioningOptions {
 /**
  * Definition used to add or create a new IPAM pool
  */
-export interface IIpamPool{
+export interface IIpamPool {
   /**
  * Pool ID to be passed to the VPC construct
  * @attribute IpamPoolId
@@ -192,6 +192,12 @@ export interface IIpamPool{
    */
   readonly ipamCidrs: CfnIPAMPoolCidr[];
 
+  /**
+   * Pool CIDR for IPv4 to be provisioned using IPAM
+   * Required to check for subnet IP range is within the VPC range
+   */
+  readonly ipamIpv4Cidrs?: string[];
+
   /**
    * Function to associate a IPv6 address with IPAM pool
    */
@@ -315,6 +321,12 @@ class IpamPool extends Resource implements IIpamPool {
    */
   public readonly ipamCidrs: CfnIPAMPoolCidr[] = []
 
+  /**
+   * Pool CIDR for IPv4 to be provisioned using IPAM
+   * Required to check for subnet IP range is within the VPC range
+   */
+  public readonly ipamIpv4Cidrs: string[] = []
+
   /**
    * Reference to ipamPool resource created in this class
    */
@@ -340,6 +352,9 @@ class IpamPool extends Resource implements IIpamPool {
       awsService: props.awsService,
     });
     this.ipamPoolId = this._ipamPool.attrIpamPoolId;
+
+    // Populating to check for subnet range against all IPv4 ranges assigned to VPC including IPAM
+    props.ipv4ProvisionedCidrs?.map(cidr => (this.ipamIpv4Cidrs.push(cidr)));
     this.node.defaultChild = this._ipamPool;
   }