Hello everyone, wondering if someone can point me in the right direction with

<http://awsx.lb|awsx.lb>

. I am trying to deploy an ECS/Fargate service with an AppLb accesible only in the private subnets. It works just fine with

external: true

but if I change it to

false

the provisioning fails with:

aws:lb:LoadBalancer (alb):
    error: 1 error occurred:
        * error creating application Load Balancer: ValidationError: At least two subnets in two different Availability Zones must be specified
        status code: 400, request id: 4a7dd444-54b3-4952-8aa2-e26200f5fdef

I have tried injecting the

subnet

to the LoadBalancer and the Listener explicitely with no success. Assumed

external

handled that just fine with the default vpc. Here is the code:

const cluster = new awsx.ecs.Cluster("cluster");
const alb = new awsx.lb.ApplicationLoadBalancer("alb", { external: false });
const web = alb.createListener("web", { port: 80 });
const img = awsx.ecs.Image.fromPath("node-web", "../app");
const appService = new awsx.ecs.FargateService("ecs-fargate", {
    cluster,
    taskDefinitionArgs: {
        container: {
          environment: [{"name": "foo", "value": "bar"}],
          image: img,
          cpu: 102 /*10% of 1024*/,
          memory: 50 /*MB*/,
          portMappings: [web],
        },
    },
    desiredCount: 1,
});

A typical best practice is to avoid default VPC if you are serious with AWS. Ideally, you should create your own VPC https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest

I did stumble on this just yesterday, there seems to be an issue also when you try to re-use an exhisting vpc