How to find public subnet ids for a vpc in AWS

I have created an AWS VPC using the terraform-aws-modules/vpc/aws module. Specifically, I’m using the high-level Vpc class.

In a separate cdktf deployment, I am creating a Lambda function. I want to assign the lambda function to specific subnets of the VPC created previously.

How can I retrieve the private subnet ids from the existing VPC? I’ve looked at the DataAwsSubnetIds class, but I don’t know how to filter the only the private subnets. The subnet name (i.e., tag) is of the form: <vpc-name>-private-<region><az>.

I’m starting to suspect that I will need to recreate the VPC using the lower-level resources so that I can tag the individual subnets in a way that I am able to retrieve them.

I’m hoping there is a way in my cdktf code to actually retrieve and use python to filter to the subnets I’m interested in.

Any ideas?

A couple options come to mind.

1. If you are using remote state, you can create a TerraformOuput based on Vpc.PrivateSubnets and then reference the remote state in the other stack.
2. You could retrieve using DataAwsSubnetIds by using the Filter parameter. Since you know the name, you could filter based on that. You could also tag them as private or similar when creating the vpc (PrivateSubnetTags) and filter based on that tag instead.

Filtering directly in python isn’t really possible at this time, though you can technically call aws apis directly.

Yes, I missed the ability to add tags to each type of subnet. That will do nicely.