subnetNames and securityGroupNames both required (documentation)

Question

subnetNames and securityGroupNames both required (documentation)

kjudson opened this issue 4 years ago · comments

In the documentation, there's this:

vpcDiscovery:
    vpcName: '${opt:env}'
    subnetNames: # optional if securityGroupNames are specified
      - '${opt:env}_NAME OF SUBNET'
    securityGroupNames: # optional if subnetNames are specified
      - '${opt:env}_NAME OF SECURITY GROUP'

which suggests that you don't need to provide both securityGroupNames and subnetNames.

However, this doesn't seem to work for AWS. There's this condition in the serverless aws package:

      if (
        !functionResource.Properties.VpcConfig.SecurityGroupIds ||
        !functionResource.Properties.VpcConfig.SubnetIds
      ) {
        delete functionResource.Properties.VpcConfig;
      }

(https://github.com/serverless/serverless/blob/306656e97d6782e1a13bed60ec0cec8b3e521e10/lib/plugins/aws/package/compile/functions/index.js#L323)

If you don't specify both properties, then the vpcConfig section isn't created.

I'm not sure if this is the case with other providers.

Dima Revutskyi · Answer 1 · Wed Nov 25 2020 00:56:32 GMT+0800 (China Standard Time)

Hi @kjudson
Thank you for your issue

This is specific plugin behavior and it's optional for the plugin

You can specify a mixed config for example:

provider:
  name: aws
  vpc:
    securityGroupIds:
      - securityGroupId1

vpcDiscovery:
    vpcName: '${opt:env}'
    subnetNames:
      - '${opt:env}_NAME OF SUBNET'

Kevin Judson · Answer 2 · Wed Nov 25 2020 01:59:14 GMT+0800 (China Standard Time)

Thanks @rddimon, that makes sense. It's optional in the sense that the plugin doesn't enforce both. But AWS does still require both. I'll close the issue.