Skip to content

Resource: awsSubnet

Provides an VPC subnet resource.

\~> NOTE: Due to AWS Lambda improved VPC networking changes that began deploying in September 2019, subnets associated with Lambda Functions can take up to 45 minutes to successfully delete. Terraform AWS Provider version 2.31.0 and later automatically handles this increased timeout, however prior versions require setting the customizable deletion timeout to 45 minutes (delete = "45M"). AWS and HashiCorp are working together to reduce the amount of time required for resource deletion and updates can be tracked in this GitHub issue.

Example Usage

Basic Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.subnet.Subnet(this, "main", {
  cidrBlock: "10.0.1.0/24",
  tags: {
    Name: "Main",
  },
  vpcId: "${aws_vpc.main.id}",
});

Subnets In Secondary VPC CIDR Blocks

When managing subnets in one of a VPC's secondary CIDR blocks created using a awsVpcIpv4CidrBlockAssociation resource, it is recommended to reference that resource's vpcId attribute to ensure correct dependency ordering.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcIpv4CidrBlockAssociationSecondaryCidr =
  new aws.vpcIpv4CidrBlockAssociation.VpcIpv4CidrBlockAssociation(
    this,
    "secondary_cidr",
    {
      cidrBlock: "172.2.0.0/16",
      vpcId: "${aws_vpc.main.id}",
    }
  );
new aws.subnet.Subnet(this, "in_secondary_cidr", {
  cidrBlock: "172.2.0.0/24",
  vpcId: awsVpcIpv4CidrBlockAssociationSecondaryCidr.vpcId,
});

Argument Reference

The following arguments are supported:

  • assignIpv6AddressOnCreation - (Optional) Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. Default is false
  • availabilityZone - (Optional) AZ for the subnet.
  • availabilityZoneId - (Optional) AZ ID of the subnet. This argument is not supported in all regions or partitions. If necessary, use availabilityZone instead.
  • cidrBlock - (Optional) The IPv4 CIDR block for the subnet.
  • customerOwnedIpv4Pool - (Optional) The customer owned IPv4 address pool. Typically used with the mapCustomerOwnedIpOnLaunch argument. The outpostArn argument must be specified when configured.
  • enableDns64 - (Optional) Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. Default: false.
  • enableResourceNameDnsAaaaRecordOnLaunch - (Optional) Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. Default: false.
  • enableResourceNameDnsARecordOnLaunch - (Optional) Indicates whether to respond to DNS queries for instance hostnames with DNS A records. Default: false.
  • ipv6CidrBlock - (Optional) The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.
  • ipv6Native - (Optional) Indicates whether to create an IPv6-only subnet. Default: false.
  • mapCustomerOwnedIpOnLaunch - (Optional) Specify true to indicate that network interfaces created in the subnet should be assigned a customer owned IP address. The customerOwnedIpv4Pool and outpostArn arguments must be specified when set to true. Default is false.
  • mapPublicIpOnLaunch - (Optional) Specify true to indicate that instances launched into the subnet should be assigned a public IP address. Default is false.
  • outpostArn - (Optional) The Amazon Resource Name (ARN) of the Outpost.
  • privateDnsHostnameTypeOnLaunch - (Optional) The type of hostnames to assign to instances in the subnet at launch. For IPv6-only subnets, an instance DNS name must be based on the instance ID. For dual-stack and IPv4-only subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: ipName, resourceName.
  • vpcId - (Required) The VPC ID.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the subnet
  • arn - The ARN of the subnet.
  • ipv6CidrBlockAssociationId - The association ID for the IPv6 CIDR block.
  • ownerId - The ID of the AWS account that owns the subnet.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Timeouts

Configuration options:

  • create - (Default 10M)
  • delete - (Default 20M)

Import

Subnets can be imported using the subnetId, e.g.,

$ terraform import aws_subnet.public_subnet subnet-9d4a7b6c