ELB failure - Multiple subnets in one AZ

Question

We are trying to create a Network Load Balancer through cloudformation in the private su.net and we have 6 private su.nets - 2 in each availability zone.

Currently we pass in the Su.netIDs manually by picking one su.net in each AZ as below.

LoadBalancer:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties:
          Type: network
          Scheme: internal
          Subnets: !Ref SubnetID
          Tags:
            - Key: Name
              Value: !Ref EnvName

where Su.netID is a parameter that accepts a list of strings.

Is there a way to get this su.net information automatically in cloudformation (pick private su.net ids one for each availability zone) through infrastructure as code

PS: Passing all the 6 su.nets as a list fails the load balancer creation because LB somehow picks 2 su.nets in the same AZ and that is not allowed.

I am looking for a fully automated solution or any best practice to do this?

Answer 1

If you know which su.nets in the list are private you can manually hand pick them. For example:

Subnets:
  - !Select [0, !Ref SubnetID]
  - !Select [1, !Ref SubnetID]

For fully autonomous solution when you don't know which su.nets are private, which not, you would have to develop a custom resource lambda function which would return the list of su.nets of interest into your CFN stack.