Skip to content

feat: New CloudWAN and Transit Gateway subnets #1181

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

feat: New CloudWAN and Transit Gateway subnets #1181

wants to merge 3 commits into from

Conversation

@wiseelf
Copy link
Contributor

@wiseelf wiseelf commented Apr 22, 2025
edited
Loading

Description

Added two additional subnets for Transit Gateway and CloudWAN.

Motivation and Context

In order to follow AWS best practices for CloudWAN and Transit Gateway there is a need in two additional subnets for each. Example of documentation: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-best-design-practices.html

Use a separate subnet for each transit gateway VPC attachment. For each subnet, use a small CIDR, for example /28, so that you have more addresses for EC2 resources. When you use a separate subnet, you can configure the following:

  1. Keep the inbound and outbound network ACLs associated with the transit gateway subnets open.
  2. Depending on your traffic flow, you can apply network ACLs to your workload subnets.

Breaking Changes

No breaking changes

How Has This Been Tested?

  • I have updated at least one of the examples/* to demonstrate and validate my change(s)
  • I have tested and validated these changes using one or more of the provided examples/* projects
  • I have executed pre-commit run -a on my pull request

@wiseelf
Copy link
Contributor Author

wiseelf commented Apr 22, 2025

@antonbabenko @bryantbiggs sorry for the mention, but please review, not sure how to assign reviewers here.

@sknmi
Copy link

sknmi commented Apr 24, 2025

We would like to have this as well. Also this fixes: #888

@sknmi
Copy link

sknmi commented May 8, 2025

@antonbabenko @bryantbiggs could you guys have a look at this and get this merged?

@antonbabenko
Copy link
Member

antonbabenko commented May 8, 2025

This is not something we would like to get implemented in the current version of the module because technically, these new types of subnets are the same as the available types (probably, private). We will have possibility to manage such resources in the next major release of this module. Closing for now.

@wiseelf
Copy link
Contributor Author

wiseelf commented May 8, 2025

@antonbabenko they are basically internal. The main idea is to have separate ACL attached to them. It is not a breaking change or something, so why you so against of implementing this?

@antonbabenko
Copy link
Member

antonbabenko commented May 8, 2025

Right, internal. Maintenance cost is the main reason for not adding "just one more resource" to this module but rather refactoring it smarter.

@github-actions
Copy link

github-actions bot commented Jun 8, 2025

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 8, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@wiseelf @sknmi @antonbabenko