I have three subnets in AWS.
One is public because it has internet-gateway
And other two are not.
However when cdk synth, there comes template cdk.context.json
It judges every three subnets are Public
However other two are Isolated
in fact(without NAT gateway and public IP)
Why cdk think they are Public
??
"vpc-provider:account=678100XXXXXX:filter.vpc-id=vpc-0867d6797e62dd78b:region=ap-northeast-1:returnAsymmetricSubnets=true": {
"vpcId": "vpc-0867d6797e62dd78b",
"vpcCidrBlock": "10.0.0.0/24",
"availabilityZones": [],
"subnetGroups": [
{
"name": "Public",
"type": "Public",
"subnets": [
{
"subnetId": "subnet-0b5985476dee1f20c",
"cidr": "10.0.0.0/25",
"availabilityZone": "ap-northeast-1c",
"routeTableId": "rtb-02a749d8d4415bbfb"
},
{
"subnetId": "subnet-0fdd37150bfff91f0",
"cidr": "10.0.0.128/26",
"availabilityZone": "ap-northeast-1c",
"routeTableId": "rtb-02a749d8d4415bbfb"
},
{
"subnetId": "subnet-085c85398f27adbfd",
"cidr": "10.0.0.192/26",
"availabilityZone": "ap-northeast-1d",
"routeTableId": "rtb-02a749d8d4415bbfb"
}
]
}
]
}
}
CodePudding user response:
Whether a subnet is public or private is determined by its route tables only. Public subnets will have route tables to the internet gateway, whereas private subnets will not. Instead private subnets may have routes to NAT gateways, but this still does not make them public subnets.