feat: deploying routetable to nested stack and migrate to single route table per subnets isMigration (#18)

mr-robot-in · web-flow · commit bacc625ecb19 · 2025-06-13T13:18:01.000+05:30
diff --git a/API.md b/API.md
diff --git a/src/constructs/network.ts b/src/constructs/network.ts
@@ -4,6 +4,7 @@ import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2';
 import * as targets from 'aws-cdk-lib/aws-elasticloadbalancingv2-targets';
 import { AwsCustomResource, AwsCustomResourcePolicy, PhysicalResourceId } from 'aws-cdk-lib/custom-resources';
 import { Construct } from 'constructs';
+import { RouteTableManager } from './routeTableManager';
 import { ObjToStrMap } from '../utils/common';
 export interface NetworkACL {
   readonly cidr: ec2.AclCidr;
@@ -61,6 +62,7 @@ export interface ISubnetsProps {
   readonly routes?: AddRouteOptions[];
   readonly tags?: Record<string, string>;
   readonly useSubnetForNAT?: boolean;
+  readonly isMigration?: boolean;
 }
 export interface VPCProps {
   readonly vpc: ec2.VpcProps;
@@ -256,6 +258,14 @@ export class Network extends Construct {
       );
     }
 
+    // Create a single RouteTableManager for the entire subnet group if migration is enabled
+    const routeTableManager = option.isMigration ? new RouteTableManager(this, `${option.subnetGroupName}RouteTableManager`, {
+      vpc,
+      subnetGroupName: option.subnetGroupName,
+      routes: option.routes,
+      peeringConnectionId,
+    }) : undefined;
+
     option.availabilityZones.forEach((az, index) => {
       let subnet: ec2.PrivateSubnet | ec2.PublicSubnet =
         option.subnetType === ec2.SubnetType.PUBLIC
@@ -267,7 +277,6 @@ export class Network extends Construct {
               cidrBlock: option.cidrBlock[index],
               vpcId: vpc.vpcId,
               mapPublicIpOnLaunch: true,
-
             },
           )
           : new ec2.PrivateSubnet(
@@ -280,31 +289,35 @@ export class Network extends Construct {
               mapPublicIpOnLaunch: false,
             },
           );
-      option.routes?.forEach((route, routeIndex) => {
-        if (peeringConnectionId != undefined && route.existingVpcPeeringRouteKey != undefined) {
-          let routeId: ec2.CfnVPCPeeringConnection | undefined = peeringConnectionId[route.existingVpcPeeringRouteKey];
-          if (routeId != undefined) {
+      if (option.isMigration && routeTableManager) {
+        routeTableManager.associateSubnet(subnet, index);
+      } else {
+        option.routes?.forEach((route, routeIndex) => {
+          if (peeringConnectionId != undefined && route.existingVpcPeeringRouteKey != undefined) {
+            let routeId: ec2.CfnVPCPeeringConnection | undefined = peeringConnectionId[route.existingVpcPeeringRouteKey];
+            if (routeId != undefined) {
+              subnet.addRoute(
+                `${option.subnetGroupName}${routeIndex}RouteEntry`,
+                {
+                  routerId: routeId.ref,
+                  routerType: route.routerType,
+                  destinationCidrBlock: route.destinationCidrBlock,
+                },
+              );
+            }
+          } else if (route.routerId != undefined) {
             subnet.addRoute(
               `${option.subnetGroupName}${routeIndex}RouteEntry`,
               {
-                routerId: routeId.ref,
+                routerId: route.routerId ?? '',
                 routerType: route.routerType,
                 destinationCidrBlock: route.destinationCidrBlock,
               },
             );
           }
-        } else if (route.routerId != undefined) {
-          subnet.addRoute(
-            `${option.subnetGroupName}${routeIndex}RouteEntry`,
-            {
-              routerId: route.routerId ?? '',
-              routerType: route.routerType,
-              destinationCidrBlock: route.destinationCidrBlock,
-            },
-          );
-        }
+        });
+      }
 
-      });
       Tags.of(subnet).add(SUBNETNAME_TAG, option.subnetGroupName);
       Tags.of(subnet).add(SUBNETTYPE_TAG, option.subnetType);
       if (option.tags != undefined) {
diff --git a/src/constructs/routeTableManager.ts b/src/constructs/routeTableManager.ts
@@ -0,0 +1,68 @@
+import { NestedStack, Tags } from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import { Construct } from 'constructs';
+import { AddRouteOptions } from './network';
+
+export interface RouteTableManagerProps {
+  readonly vpc: ec2.Vpc;
+  readonly subnetGroupName: string;
+  readonly routes?: AddRouteOptions[];
+  readonly peeringConnectionId?: { [key: string]: ec2.CfnVPCPeeringConnection };
+}
+
+export class RouteTableManager extends Construct {
+  public readonly routeTable: ec2.CfnRouteTable;
+  private readonly nestedStack: NestedStack;
+
+  constructor(scope: Construct, id: string, props: RouteTableManagerProps) {
+    super(scope, id);
+
+    // Create a nested stack for route table resources
+    this.nestedStack = new NestedStack(this, `${props.subnetGroupName}RouteTableStack`, {
+      description: `Route table stack for ${props.subnetGroupName} subnet group`,
+    });
+
+    // Create a single route table for the subnet group in the nested stack
+    this.routeTable = new ec2.CfnRouteTable(this.nestedStack, `${props.subnetGroupName}RouteTable`, {
+      vpcId: props.vpc.vpcId,
+    });
+    // Add Name tag
+    Tags.of(this.routeTable).add('Name', `${props.subnetGroupName}`);
+
+    // Add routes to the route table in the nested stack
+    props.routes?.forEach((route) => {
+      if (props.peeringConnectionId && route.existingVpcPeeringRouteKey) {
+        const routeId = props.peeringConnectionId[route.existingVpcPeeringRouteKey];
+        if (routeId) {
+          const destinationCidr = route.destinationCidrBlock?.replace(/[./]/g, '-') ?? 'default';
+          new ec2.CfnRoute(this.nestedStack, `${props.subnetGroupName}-${destinationCidr}-Route`, {
+            routeTableId: this.routeTable.ref,
+            destinationCidrBlock: route.destinationCidrBlock,
+            gatewayId: route.routerType === ec2.RouterType.GATEWAY ? routeId.ref : undefined,
+            natGatewayId: route.routerType === ec2.RouterType.NAT_GATEWAY ? routeId.ref : undefined,
+            transitGatewayId: route.routerType === ec2.RouterType.TRANSIT_GATEWAY ? routeId.ref : undefined,
+            vpcPeeringConnectionId: route.routerType === ec2.RouterType.VPC_PEERING_CONNECTION ? routeId.ref : undefined,
+          });
+        }
+      } else if (route.routerId) {
+        const destinationCidr = route.destinationCidrBlock?.replace(/[./]/g, '-') ?? 'default';
+        new ec2.CfnRoute(this.nestedStack, `${props.subnetGroupName}-${destinationCidr}-Route`, {
+          routeTableId: this.routeTable.ref,
+          destinationCidrBlock: route.destinationCidrBlock,
+          gatewayId: route.routerType === ec2.RouterType.GATEWAY ? route.routerId : undefined,
+          natGatewayId: route.routerType === ec2.RouterType.NAT_GATEWAY ? route.routerId : undefined,
+          transitGatewayId: route.routerType === ec2.RouterType.TRANSIT_GATEWAY ? route.routerId : undefined,
+          vpcPeeringConnectionId: route.routerType === ec2.RouterType.VPC_PEERING_CONNECTION ? route.routerId : undefined,
+        });
+      }
+    });
+  }
+
+  public associateSubnet(subnet: ec2.ISubnet, index: number): void {
+    // Create subnet-route table association in the nested stack
+    new ec2.CfnSubnetRouteTableAssociation(this.nestedStack, `${subnet.node.id}RouteTableAssociation${index}`, {
+      subnetId: subnet.subnetId,
+      routeTableId: this.routeTable.ref,
+    });
+  }
+}
