(aws-ec2): securityGroupName returns id of sg and not name #13774
Description
The securityGroupName property is documented as
An attribute that represents the security group name.
Unfortunately, it can return the ID of the security group, and not the name, (depending on how the security group is created?)
Reproduction Steps
const vpc = ec2.Vpc.fromLookup(this, 'VPC', {
tags: { 'aws:cloudformation:stack-name': 'BaseStack' },
});
const sg = new ec2.SecurityGroup(this, 'sg', {
vpc,
securityGroupName: "my-security-group",
});
// SNIP //
// Try to reference the securityGroupName later, eg. in a Fargate container's environment variables
const container = fargateTaskDefinition.addContainer("my-container", {
// SNIP //
environment: {
"AWS_SECURITY_GROUP": sg.securityGroupName,
},
});What did you expect to happen?
I expected the AWS_SECURITY_GROUP environment variable passed to my fargate task's container to contain the value my-security-group.
What actually happened?
It contained the security group id, (starting sg-).
Environment
- CDK CLI Version : 1.94.1
- Framework Version: ?
- Node.js Version: v14.15.5
- OS : CentOS 7
- Language (Version): TypeScript
Other
Looking at the relevant part of cloudformation generated,
{
"Name": "AWS_SECURITY_GROUP",
"Value": {
"Ref": "sgDE989EBE"
}
}and the implementation.
I think the issue is perhaps a cloud formation limitation and related to me creating the security group with the vpc attribute.
Ref:
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource ID. For security groups that were created without specifying a VPC (EC2-Classic or a default VPC), Ref returns the resource name.
P.S. I'm new to both CDK and typescript/javascript, so apologies if I've messed something up.
This is 🐛 Bug Report