Handle aws implicit and shared routing tables

Fix the AWS subnet lookup that checks if a subnet is public, which was missing a few cases: - Subnets without explicit routing tables, which use the main VPC routing table. - Routing tables not tagged with KubernetesCluster. The filter for this is now removed.
2026-01-06 07:57:35 +00:00 · 2016-02-25 22:25:35 +00:00
parent cbf5dc1228
commit f568b6511a
3 changed files with 84 additions and 24 deletions
--- a/pkg/cloudprovider/providers/aws/aws_test.go
+++ b/pkg/cloudprovider/providers/aws/aws_test.go
@@ -769,6 +769,15 @@ func constructSubnet(id string, az string) *ec2.Subnet {
 }

 func constructRouteTables(routeTablesIn map[string]bool) (routeTablesOut []*ec2.RouteTable) {
+	routeTablesOut = append(routeTablesOut,
+		&ec2.RouteTable{
+			Associations: []*ec2.RouteTableAssociation{{Main: aws.Bool(true)}},
+			Routes: []*ec2.Route{{
+				DestinationCidrBlock: aws.String("0.0.0.0/0"),
+				GatewayId:            aws.String("igw-main"),
+			}},
+		})
+
 	for subnetID := range routeTablesIn {
 		routeTablesOut = append(
 			routeTablesOut,
@@ -850,6 +859,32 @@ func TestSubnetIDsinVPC(t *testing.T) {
 		}
 	}

+	// test implicit routing table - when subnets are not explicitly linked to a table they should use main
+	awsServices.ec2.RouteTables = constructRouteTables(map[string]bool{})
+
+	result, err = c.listPublicSubnetIDsinVPC(vpcID)
+	if err != nil {
+		t.Errorf("Error listing subnets: %v", err)
+		return
+	}
+
+	if len(result) != 3 {
+		t.Errorf("Expected 3 subnets but got %d", len(result))
+		return
+	}
+
+	result_set = make(map[string]bool)
+	for _, v := range result {
+		result_set[v] = true
+	}
+
+	for i := range subnets {
+		if !result_set[subnets[i]["id"]] {
+			t.Errorf("Expected subnet%d '%s' in result: %v", i, subnets[i]["id"], result)
+			return
+		}
+	}
+
 	// test with 4 subnets from 3 different AZs
 	// add duplicate az subnet
 	subnets[3] = make(map[string]string)