No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

It’s a gap in the computation. You’ll have to define your own cidrs 

is there some way to do that using awsx? Or I'd have to use the raw aws interfaces?

I’m not on my laptop, but there’s an option to define subnets and their mask

The details for specifying subnets with AWSX VPC can be found here: <https://www.pulumi.com/registry/packages/awsx/api-docs/ec2/vpc/#subnetspec>

OK, if I’m following your desired subnet design correctly, you’d end up with four /18 prefixes:
```10.0.0.0/18
10.0.64.0/18
10.0.128.0/18
10.0.192.0/18```
And then you’d like to take one of these four prefixes (I’ll use the last one) and subdivide it into eight smaller subnets:
```10.0.192.0/21
10.0.200.0/21
10.0.208.0/21
… (omitting for brevity)
10.0.248.0/21```
Is that right?

<@U04RF0GFU0G> I’ve been having some conversations with our engineering team, and—assuming I am understanding what you’re trying to do—we are reasonably certain that AWSX can’t be configured to do what you’re trying to do. You _can_, however, use the AWS provider and construct the VPC, subnets, routes, route tables, Internet and NAT gateways, etc., according to the plan you’re describing. Let me know if you want some help building this out.

The snippet above is exactly right. Thanks a bunch for following up. I think I can live with the limitations of the current implementation for now, though it would be nice to get some more control over this from awsx. I did start down the road of setting it all up on my own and it's quite onerous - awsx takes care of a lot of boilerplate for you.

like maybe just a wrapper around Subnet, which lets you set the CIDR but takes care of creating a ngw if requested, creates the route table, and sets up the routes to the ngw/igw would be nice

<@U04RF0GFU0G> That’s a neat idea! Maybe I’ll play around with something like that, if I can find some extra time. :smile:

One of our engineers does have an in-flight PR that allows some additional flexibility around subnets and CIDRs with the AWSX VPC. Their implementation would come in the form of “reservations, ” each of which defines the CIDR for a particular subnet. The subnet creation engine would then consume these reservations when it creates the subnets, or calculate the CIDR if no reservation is present. I _think_ that would enable you to do what you’re seeking, although it would require you to define all the subnet CIDRs as reservations (so a bit of a trade-off).