How to Import Security group from another stack using #AWS-CDK?

Create a sample security group like this in STACK A.

const sampleSecurityGroup = new ec2.SecurityGroup(this, 'security-group', { vpc: vpc, allowAllOutbound: true, description: 'Security Group Sample', securityGroupName: "SAMPLE-SG" });

Export the SG using below in STACK A.

const myoutput = new cdk.CfnOutput(this, 'Security-group-id-output', { description: 'Security group in Stack A', exportName: 'security-id-output', value: sampleSecurityGroup.securityGroupId });

Check the Cloud formation service in in UI you should see the Exports by the name "security-id-output".

In STACK B import the value using

cdk.Fn.importValue("security-id-output");

Assuming that the Stacks in question are both under your CDK Application, you can use Stack Outputs to share resources.

Docs here: https://docs.aws.amazon.com/cdk/api/latest/docs/core-readme.html#stack-outputs

I found this blog post to be useful as an example (not written by me)

It should work for any resource you might want to reference between stacks.

EDIT: This is what I'm working with at the moment.

// I have a resource which is a cloudfront dist id in StackA
new cdk.CfnOutput(this, 'cloudfront-dist-id-output', {
      description: 'cloudfront-dist-id-output',
      exportName: 'cloudfront-dist-id-output',
      value: cloudFrontDistribution.distributionId
    });

// Stack B needs the DistributionId (it's dynamic), so I pass it in as a parameter.
new StackB(app, 'StackB', Fn.importValue('cloudfront-dist-id-output'));

The only 'known' thing ahead of time is the name of the parameter that you're outputting.

This is effectively the same thing you've provided in your other answer, but the CDK writes the Fn.importValue for you.

Warning: Does not work with resources in stacks that are in different regions. The limitation is imposed by CloudFormation and will also happen in @Kane's answer.


You can directly refer the cross-stack resources in an app.

Below is a code snippet,

export class InfraCdkStack extends cdk.Stack {
  // Create a readonly property to reference on an instance.
  readonly vpc: ec2.IVpc;

  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // The code that defines your stack goes here.
    // Assign your vpc to your previously created property.
    // Creates a vpc in two AZs.
    this.vpc = new ec2.Vpc(this, 'MyVPC');
  }
}

// Create an interface to hold the vpc information.
interface ECSStackProps extends cdk.StackProps {
  vpc: ec2.IVpc;
}

// Have your class constructor accept the interface.
export class ECSCdkStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props: ECSStackProps) {
    super(scope, id, props);
}

const app = new cdk.App();
const infraStack = new InfraCdkStack(app, 'InfraCdkStack');
// Pass the infraStack.vpc property to the ECSCdkStack class.
const gameECSStack = new ECSCdkStack(app, 'ECSCdkStack', {
    vpc: infraStack.vpc
});

There is an example in official doc to demonstrate how sharing s3 bucket.

Tags:

Aws Cdk

Related

java.lang.IllegalArgumentException: Invalid Region.Op - only INTERSECT and DIFFERENCE in Button background failure RuntimeError: "exp" not implemented for 'torch.LongTensor' org.hibernate.tool.schema.spi.CommandAcceptanceException: Error executing DDL via JDBC Statement in SpringBoot with h2 and JPA Unable to resolve ILogger from Microsoft.Extensions.Logging Improve performance of Bitconverter.ToInt16 Java says the year 0 is a leap year but year 0 never existed Access to Script at ' from origin 'null' has been blocked by CORS policy The "WireUpCoreRuntime" task failed unexpectedly Visual studio 2017 IHttpClientFactory in .NET Core 2.1 Console App references System.Net.Http Docker compose volume Permissions linux How to highlight a word in string in flutter programmatically minikube dashboard returns 503 error on macOS

Recent Posts