route53: Imported public hosted zone cannot be used to create VpcEndpointServiceDomainName

[kwagodev]

Describe the bug

We're trying to enable private DNS for our VPC endpoint service using an imported public hosted zone.

Using PublicHostedZone.fromPublicHostedZoneId() to import the public hosted zone and passing it as a parameter for VpcEndpointServiceDomainName fails with the error:

Cannot reference `zoneName` when using `PublicHostedZone.fromPublicHostedZoneId()`.
A construct consuming this hosted zone may be trying to reference its `zoneName`.
If this is the case, use `fromPublicHostedZoneAttributes()` instead

But PublicHostedZone.fromPublicHostedZoneAttributes() returns IHostedZone, and using the imported public hosted zone as a parameter for VpcEndpointServiceDomainName results in a compilation error in Kotlin/Java:

Type mismatch.
Required: IPublicHostedZone
Found: IHostedZone

Expected Behavior

Expected PublicHostedZone.fromPublicHostedZoneAttributes() to return IPublicHostedZone.

This should also enable VpcEndpointServiceDomainName to be created with an imported public hosted zone.

Current Behavior

Using an imported public hosted zone from PublicHostedZone.fromPublicHostedZoneAttributes() to create a VpcEndpointServiceDomainName construct results to a compilation error in Kotlin/Java:

Type mismatch.
Required: IPublicHostedZone
Found: IHostedZone

Reproduction Steps

This test code fails to compile in Kotlin:

@Test
fun `imported hosted zone should enable private dns`() {
    val stack = Stack.Builder.create().build()
    val nlb = IVpcEndpointServiceLoadBalancer {
        "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/Test/9bn6qkf4e9jrw77a"
    }
    val vpces = VpcEndpointService.Builder
        .create(stack, "VPCES")
        .vpcEndpointServiceLoadBalancers(listOf(nlb))
        .build()
    val zone = PublicHostedZone.Builder
        .create(stack, "PHZ")
        .zoneName("aws-cdk.dev")
        .build()
    val importedZone = PublicHostedZone.fromPublicHostedZoneAttributes(
        stack,
        "ImportedPHZ",
        PublicHostedZoneAttributes.builder()
            .hostedZoneId(zone.hostedZoneId)
            .zoneName(zone.zoneName)
            .build()
    )
    VpcEndpointServiceDomainName(
        stack,
        "EndpointDomain",
        VpcEndpointServiceDomainNameProps.builder()
            .domainName("import-hostedzone.aws-cdk.dev")
            .endpointService(vpces)
            .publicHostedZone(importedZone) // Type mismatch. Required: IPublicHostedZone! Found: IHostedZone
            .build()
    )
}

Possible Solution

• Change the return type of PublicHostedZone.fromPublicHostedZoneAttributes() method from IHostedZone to IPublicHostedZone. The change should just be a patch/chore, since IPublicHostedZone extends IHostedZone.
• This also aligns with the design guidelines for from-attributes.
• Currently, substituting IHostedZone for IPublicHosted works for Typescript since type compatibility is based on structural subtyping. But in nominally-typed languages like Java, this will fail.

I may be able to contribute a PR to fix this 🙂

Additional Information/Context

No response

CDK CLI Version

2.27.0

Framework Version

No response

Node.js Version

16.14.2

OS

macOS

Language

Java

Language Version

Java 11

Other information

Changes from pull-request #19771

[kwagodev]

As a work-around, we're creating an anonymous class that extends IPublicHostedZone and delegate the methods to the imported public hosted zone with type IHostedZone.

val importedPhz: IHostedZone = PublicHostedZone.fromPublicHostedZoneAttributes(
    stack,
    "ImportedPHZ",
    PublicHostedZoneAttributes.builder()
        .hostedZoneId(zone.hostedZoneId)
        .zoneName(zone.zoneName)
        .build()
)

val phz: IPublicHostedZone = object : IPublicHostedZone {
    override fun getNode(): Node = importedPhz.node
    override fun getEnv(): ResourceEnvironment = importedPhz.env
    override fun getStack(): Stack = importedPhz.stack
    override fun applyRemovalPolicy(policy: RemovalPolicy) = importedPhz.applyRemovalPolicy(policy)
    override fun getHostedZoneArn(): String = importedPhz.hostedZoneArn
    override fun getHostedZoneId(): String = importedPhz.hostedZoneId
    override fun getZoneName(): String = importedPhz.zoneName
}

This works for now since IPublicHostedZone doesn't add any new properties/methods based from this code

[peterwoodworth]

Thanks for reporting this @aamielsan, I've created a PR for this #21007