(aws-ec2): RouterType.GATEWAY comment is misleading - it also supports Virtual Private Gateway
#37,632 创建于 2026年4月18日
描述
Describe the feature
The doc comment on RouterType.GATEWAY only mentions "Internet Gateway", but the underlying CloudFormation GatewayId property actually accepts both an Internet Gateway ID and a Virtual Private Gateway ID. This makes the API misleading for users who want to add a route targeting a VGW.
https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-ec2/lib/vpc.ts#L2402-L2405
CloudFormation reference: The AWS::EC2::Route documentation states that GatewayId is:
The ID of an internet gateway or virtual private gateway attached to your VPC.
Use Case
When defining a route on a subnet using addRoute() (or creating a CfnRoute via the higher-level API), RouterType is used to specify the target router. For example, when connecting an on-premises network to a VPC via a Virtual Private Gateway, users need to add a route that targets the VGW
(vpc.privateSubnets[0] as ec2.Subnet).addRoute('VgwRoute', {
routerId: vpnGateway.gatewayId,
routerType: ec2.RouterType.GATEWAY, // ← works for VGW too, but the comment says only "Internet Gateway"
destinationCidrBlock: '10.1.0.0/16',
});
Proposed Solution
export enum RouterType {
/**
* Internet Gateway or Virtual Private Gateway
*/
GATEWAY = 'Gateway',
...
}
Other Information
No response
Acknowledgements
- I may be able to implement this feature request
- This feature might incur a breaking change
AWS CDK Library version (aws-cdk-lib)
aws-cdk-lib@2.250.0
AWS CDK CLI version
2.1115.1 (build e979d8d)
Environment details (OS name and version, etc.)
OS wsl Ubuntu24.04