From 8ad932be6e13e8308344df1eba047beb1a841ea0 Mon Sep 17 00:00:00 2001 From: pattasai Date: Mon, 27 Feb 2023 09:01:39 -0500 Subject: [PATCH 01/11] adding EC2 instance --- .../lib/load-balancer.ts | 20 ++++- .../test/loadbalancer.test.ts | 76 ++++++++++++++++++- 2 files changed, 93 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index e64d631ddf242..2f2cadeb02bae 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -1,5 +1,5 @@ import { - Connections, IConnectable, ISecurityGroup, IVpc, Peer, Port, + Connections, IConnectable, Instance, ISecurityGroup, IVpc, Peer, Port, SecurityGroup, SelectedSubnets, SubnetSelection, SubnetType, } from '@aws-cdk/aws-ec2'; import { Duration, Lazy, Resource } from '@aws-cdk/core'; @@ -400,6 +400,24 @@ export class LoadBalancer extends Resource implements IConnectable { } } +/** + * An EC2 instance that is the target for load balancing + * + * If you register a target of this type, you are responsible for making + * sure the load balancer's security group can connect to the instance. + */ +export class InstanceTarget implements ILoadBalancerTarget { + /** + * Create a new Instance target. + * + * @param instance Instance to register to. + * @param connections The network connections associated with this resource. + */ + constructor(public readonly instance: Instance, public readonly connections: Connections) { + } + public attachToClassicLB(_loadBalancer: LoadBalancer): void { + } +} /** * Reference to a listener's port just created. * diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 14003c49cf36e..eee7a72eafe20 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -1,8 +1,8 @@ import { Template } from '@aws-cdk/assertions'; -import { Connections, Peer, SubnetType, Vpc } from '@aws-cdk/aws-ec2'; +import { AmazonLinuxGeneration, Connections, Instance, InstanceClass, InstanceSize, InstanceType, MachineImage, Peer, Port, SecurityGroup, SubnetType, Vpc } from '@aws-cdk/aws-ec2'; import { testDeprecated } from '@aws-cdk/cdk-build-tools'; import { Duration, Stack } from '@aws-cdk/core'; -import { ILoadBalancerTarget, LoadBalancer, LoadBalancingProtocol } from '../lib'; +import { ILoadBalancerTarget, InstanceTarget, LoadBalancer, LoadBalancingProtocol } from '../lib'; describe('tests', () => { test('test specifying nonstandard port works', () => { @@ -89,6 +89,78 @@ describe('tests', () => { }); }); + test('add an Instance as load balancing target', () => { + // GIVEN + const stack = new Stack(); + const vpc = new Vpc(stack, 'VCP'); + const securityGroup = new SecurityGroup(stack, 'simple-instance-1-sg', + { + vpc, + allowAllOutbound: true, // will let your instance send outboud traffic + securityGroupName: 'simple-instance-1-sg', + }, + ); + + // lets use the security group to allow inbound traffic on specific ports + securityGroup.addIngressRule( + Peer.anyIpv4(), + Port.tcp(22), + 'Allows SSH access from Internet', + ); + + securityGroup.addIngressRule( + Peer.anyIpv4(), + Port.tcp(80), + 'Allows HTTP access from Internet', + ); + + securityGroup.addIngressRule( + Peer.anyIpv4(), + Port.tcp(443), + 'Allows HTTPS access from Internet', + ); + const instance = new Instance(stack, 'targetInstance', { + vpc: vpc, + instanceType: InstanceType.of( // t2.micro has free tier usage in aws + InstanceClass.T2, + InstanceSize.MICRO, + ), + machineImage: MachineImage.latestAmazonLinux({ + generation: AmazonLinuxGeneration.AMAZON_LINUX_2, + }), + securityGroup, + }); + const connections = new Connections({ + peer: Peer.ipv4('666.666.666.666/666'), + }); + const elb = new LoadBalancer(stack, 'LB', { + vpc, + healthCheck: { + interval: Duration.minutes(1), + path: '/ping', + protocol: LoadBalancingProtocol.HTTPS, + port: 443, + }, + }); + + // WHEN + elb.addListener({ externalPort: 80, internalPort: 8080 }); + elb.addTarget(new InstanceTarget(instance, connections)); + + // THEN: at the very least it added a security group rule for the backend + Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', { + SecurityGroupEgress: [ + { + Description: 'Port 8080 LB to fleet', + CidrIp: '666.666.666.666/666', + FromPort: 8080, + IpProtocol: 'tcp', + ToPort: 8080, + }, + ], + }); + }); + test('enable cross zone load balancing', () => { // GIVEN const stack = new Stack(); From e997096b9f522a77f91f08bb7095b2664b9718c7 Mon Sep 17 00:00:00 2001 From: pattasai Date: Thu, 2 Mar 2023 15:02:44 -0500 Subject: [PATCH 02/11] addingec2Instance&IntegTest --- .../lib/load-balancer.ts | 32 +- .../aws-cdk-elb-integ.assets.json | 6 +- .../aws-cdk-elb-integ.template.json | 166 +++++++++- .../test/integ.elb.js.snapshot/cdk.out | 2 +- .../test/integ.elb.js.snapshot/integ.json | 2 +- .../test/integ.elb.js.snapshot/manifest.json | 58 +++- .../test/integ.elb.js.snapshot/tree.json | 311 ++++++++++++++++-- .../test/integ.elb.ts | 16 +- .../test/loadbalancer.test.ts | 54 +-- 9 files changed, 548 insertions(+), 99 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 2f2cadeb02bae..baf4b58aea683 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -141,10 +141,20 @@ export interface HealthCheck { readonly timeout?: Duration; } +/** + * An object that has instance object. + */ +interface IInstance { + /** + * Ec2 instance + */ + readonly ec2Instance?: Instance +} + /** * Interface that is going to be implemented by constructs that you can load balance to */ -export interface ILoadBalancerTarget extends IConnectable { +export interface ILoadBalancerTarget extends IConnectable, IInstance { /** * Attach load-balanced target to a classic ELB * @param loadBalancer [disable-awslint:ref-via-interface] The load balancer to attach the target to @@ -251,13 +261,13 @@ export class LoadBalancer extends Resource implements IConnectable { private readonly instancePorts: number[] = []; private readonly targets: ILoadBalancerTarget[] = []; + private readonly instanceIds: string[] = []; constructor(scope: Construct, id: string, props: LoadBalancerProps) { super(scope, id); this.securityGroup = new SecurityGroup(this, 'SecurityGroup', { vpc: props.vpc, allowAllOutbound: false }); this.connections = new Connections({ securityGroups: [this.securityGroup] }); - // Depending on whether the ELB has public or internal IPs, pick the right backend subnets const selectedSubnets: SelectedSubnets = loadBalancerSubnets(props); @@ -265,6 +275,7 @@ export class LoadBalancer extends Resource implements IConnectable { securityGroups: [this.securityGroup.securityGroupId], subnets: selectedSubnets.subnetIds, listeners: Lazy.any({ produce: () => this.listeners }), + instances: this.instanceIds, scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), crossZone: props.crossZone ?? true, @@ -323,7 +334,10 @@ export class LoadBalancer extends Resource implements IConnectable { public addTarget(target: ILoadBalancerTarget) { target.attachToClassicLB(this); - + if (target.ec2Instance) { + this.instanceIds.push(target.ec2Instance.instanceId); + target.ec2Instance.addSecurityGroup(this.securityGroup); + } this.newTarget(target); } @@ -403,21 +417,25 @@ export class LoadBalancer extends Resource implements IConnectable { /** * An EC2 instance that is the target for load balancing * - * If you register a target of this type, you are responsible for making - * sure the load balancer's security group can connect to the instance. */ export class InstanceTarget implements ILoadBalancerTarget { + readonly connections: Connections; + readonly ec2Instance?: Instance /** * Create a new Instance target. * * @param instance Instance to register to. - * @param connections The network connections associated with this resource. + * @param port Override the default port for the target. */ - constructor(public readonly instance: Instance, public readonly connections: Connections) { + constructor(public readonly instance: Instance, public readonly port: number) { + this.connections = instance.connections; + this.ec2Instance = instance; } public attachToClassicLB(_loadBalancer: LoadBalancer): void { + _loadBalancer.addListener({ externalPort: this.port }); } } + /** * Reference to a listener's port just created. * diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json index 20e7d0accaaa1..aa729d8e25fc3 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json @@ -1,7 +1,7 @@ { - "version": "20.0.0", + "version": "29.0.0", "files": { - "2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c": { + "d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654": { "source": { "path": "aws-cdk-elb-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c.json", + "objectKey": "d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json index 1303e435bc99a..5ccd278b3bf52 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json @@ -214,19 +214,135 @@ } } }, - "LBSecurityGroup8A41EA2B": { + "targetInstanceInstanceSecurityGroupF268BD07": { "Type": "AWS::EC2::SecurityGroup", "Properties": { - "GroupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", + "GroupDescription": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", "SecurityGroupEgress": [ { - "CidrIp": "255.255.255.255/32", - "Description": "Disallow all traffic", - "FromPort": 252, - "IpProtocol": "icmp", - "ToPort": 86 + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" } ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-integ/targetInstance" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "targetInstanceInstanceSecurityGroupfromawscdkelbintegLBSecurityGroup6DB419F580C5BD1022": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Port 80 LB to fleet", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "ToPort": 80 + } + }, + "targetInstanceInstanceRole3F8EC526": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-integ/targetInstance" + } + ] + } + }, + "targetInstanceInstanceProfile0A012423": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "targetInstanceInstanceRole3F8EC526" + } + ] + } + }, + "targetInstance603C5817": { + "Type": "AWS::EC2::Instance", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "IamInstanceProfile": { + "Ref": "targetInstanceInstanceProfile0A012423" + }, + "ImageId": { + "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "InstanceType": "t2.micro", + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + } + ], + "SubnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-integ/targetInstance" + } + ], + "UserData": { + "Fn::Base64": "#!/bin/bash" + } + }, + "DependsOn": [ + "targetInstanceInstanceRole3F8EC526" + ] + }, + "LBSecurityGroup8A41EA2B": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", @@ -241,10 +357,37 @@ } } }, + "LBSecurityGrouptoawscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B8001FF8703": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Port 80 LB to fleet", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "FromPort": 80, + "ToPort": 80 + } + }, "LB8A12904C": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": { "Listeners": [ + { + "InstancePort": "80", + "InstanceProtocol": "http", + "LoadBalancerPort": "80", + "Protocol": "http" + }, { "InstancePort": "80", "InstanceProtocol": "http", @@ -260,6 +403,11 @@ "Timeout": "5", "UnhealthyThreshold": "5" }, + "Instances": [ + { + "Ref": "targetInstance603C5817" + } + ], "Scheme": "internet-facing", "SecurityGroups": [ { @@ -282,6 +430,10 @@ } }, "Parameters": { + "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" + }, "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out index 588d7b269d34f..d8b441d447f8a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"20.0.0"} \ No newline at end of file +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json index cce5e7c70bbf9..76b93ef3c1827 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "20.0.0", + "version": "29.0.0", "testCases": { "integ.elb": { "stacks": [ diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json index 7f3349f808fc4..431ad02c21b6a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "20.0.0", + "version": "29.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "aws-cdk-elb-integ.assets": { "type": "cdk:asset-manifest", "properties": { @@ -23,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -117,12 +111,54 @@ "data": "VPCVPCGW99B986DC" } ], + "/aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceSecurityGroupF268BD07" + } + ], + "/aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/from awscdkelbintegLBSecurityGroup6DB419F5:80": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceSecurityGroupfromawscdkelbintegLBSecurityGroup6DB419F580C5BD1022" + } + ], + "/aws-cdk-elb-integ/targetInstance/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceRole3F8EC526" + } + ], + "/aws-cdk-elb-integ/targetInstance/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceProfile0A012423" + } + ], + "/aws-cdk-elb-integ/targetInstance/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstance603C5817" + } + ], + "/aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + } + ], "/aws-cdk-elb-integ/LB/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", "data": "LBSecurityGroup8A41EA2B" } ], + "/aws-cdk-elb-integ/LB/SecurityGroup/to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80": [ + { + "type": "aws:cdk:logicalId", + "data": "LBSecurityGrouptoawscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B8001FF8703" + } + ], "/aws-cdk-elb-integ/LB/Resource": [ { "type": "aws:cdk:logicalId", @@ -143,6 +179,12 @@ ] }, "displayName": "aws-cdk-elb-integ" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json index 02a559a0a3555..7b6c0ea68c9d8 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" - } - }, "aws-cdk-elb-integ": { "id": "aws-cdk-elb-integ", "path": "aws-cdk-elb-integ", @@ -91,8 +83,8 @@ "id": "Acl", "path": "aws-cdk-elb-integ/VPC/PublicSubnet1/Acl", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" } }, "RouteTable": { @@ -258,8 +250,8 @@ "id": "Acl", "path": "aws-cdk-elb-integ/VPC/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" } }, "RouteTable": { @@ -373,6 +365,222 @@ "version": "0.0.0" } }, + "targetInstance": { + "id": "targetInstance", + "path": "aws-cdk-elb-integ/targetInstance", + "children": { + "InstanceSecurityGroup": { + "id": "InstanceSecurityGroup", + "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-integ/targetInstance" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from awscdkelbintegLBSecurityGroup6DB419F5:80": { + "id": "from awscdkelbintegLBSecurityGroup6DB419F5:80", + "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/from awscdkelbintegLBSecurityGroup6DB419F5:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Port 80 LB to fleet", + "fromPort": 80, + "groupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-cdk-elb-integ/targetInstance/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "aws-cdk-elb-integ/targetInstance/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-integ/targetInstance/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-integ/targetInstance" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-cdk-elb-integ/targetInstance/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "targetInstanceInstanceRole3F8EC526" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-integ/targetInstance/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Instance", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "iamInstanceProfile": { + "Ref": "targetInstanceInstanceProfile0A012423" + }, + "imageId": { + "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "instanceType": "t2.micro", + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + } + ], + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-integ/targetInstance" + } + ], + "userData": { + "Fn::Base64": "#!/bin/bash" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInstance", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Instance", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { + "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118": { + "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "LB": { "id": "LB", "path": "aws-cdk-elb-integ/LB", @@ -388,15 +596,6 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", "aws:cdk:cloudformation:props": { "groupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "255.255.255.255/32", - "description": "Disallow all traffic", - "ipProtocol": "icmp", - "fromPort": 252, - "toPort": 86 - } - ], "securityGroupIngress": [ { "cidrIp": "0.0.0.0/0", @@ -415,6 +614,35 @@ "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", "version": "0.0.0" } + }, + "to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80": { + "id": "to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80", + "path": "aws-cdk-elb-integ/LB/SecurityGroup/to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Port 80 LB to fleet", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "fromPort": 80, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } } }, "constructInfo": { @@ -429,6 +657,12 @@ "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancing::LoadBalancer", "aws:cdk:cloudformation:props": { "listeners": [ + { + "loadBalancerPort": "80", + "protocol": "http", + "instancePort": "80", + "instanceProtocol": "http" + }, { "loadBalancerPort": "80", "protocol": "http", @@ -444,6 +678,11 @@ "timeout": "5", "unhealthyThreshold": "5" }, + "instances": [ + { + "Ref": "targetInstance603C5817" + } + ], "scheme": "internet-facing", "securityGroups": [ { @@ -470,17 +709,41 @@ "fqn": "@aws-cdk/aws-elasticloadbalancing.LoadBalancer", "version": "0.0.0" } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-elb-integ/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-elb-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } } }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.1.256" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts index a0baab04e5883..bbf1d9f81df6d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts @@ -2,6 +2,7 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as cdk from '@aws-cdk/core'; import * as elb from '../lib'; +import { InstanceTarget } from '../lib'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-elb-integ'); @@ -10,7 +11,18 @@ const vpc = new ec2.Vpc(stack, 'VPC', { maxAzs: 1, }); -new elb.LoadBalancer(stack, 'LB', { +const instance = new ec2.Instance(stack, 'targetInstance', { + vpc: vpc, + instanceType: ec2.InstanceType.of( // t2.micro has free tier usage in aws + ec2.InstanceClass.T2, + ec2.InstanceSize.MICRO, + ), + machineImage: ec2.MachineImage.latestAmazonLinux({ + generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, + }), +}); + +const elbalancer = new elb.LoadBalancer(stack, 'LB', { vpc, internetFacing: true, listeners: [{ @@ -22,4 +34,6 @@ new elb.LoadBalancer(stack, 'LB', { }, }); +elbalancer.addTarget(new InstanceTarget(instance, 80)); + app.synth(); diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index eee7a72eafe20..369c1d42faa99 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -1,5 +1,5 @@ import { Template } from '@aws-cdk/assertions'; -import { AmazonLinuxGeneration, Connections, Instance, InstanceClass, InstanceSize, InstanceType, MachineImage, Peer, Port, SecurityGroup, SubnetType, Vpc } from '@aws-cdk/aws-ec2'; +import { AmazonLinuxGeneration, Connections, Instance, InstanceClass, InstanceSize, InstanceType, MachineImage, Peer, SubnetType, Vpc } from '@aws-cdk/aws-ec2'; import { testDeprecated } from '@aws-cdk/cdk-build-tools'; import { Duration, Stack } from '@aws-cdk/core'; import { ILoadBalancerTarget, InstanceTarget, LoadBalancer, LoadBalancingProtocol } from '../lib'; @@ -89,36 +89,10 @@ describe('tests', () => { }); }); - test('add an Instance as load balancing target', () => { + test('add an Instance as a load balancing target', () => { // GIVEN const stack = new Stack(); const vpc = new Vpc(stack, 'VCP'); - const securityGroup = new SecurityGroup(stack, 'simple-instance-1-sg', - { - vpc, - allowAllOutbound: true, // will let your instance send outboud traffic - securityGroupName: 'simple-instance-1-sg', - }, - ); - - // lets use the security group to allow inbound traffic on specific ports - securityGroup.addIngressRule( - Peer.anyIpv4(), - Port.tcp(22), - 'Allows SSH access from Internet', - ); - - securityGroup.addIngressRule( - Peer.anyIpv4(), - Port.tcp(80), - 'Allows HTTP access from Internet', - ); - - securityGroup.addIngressRule( - Peer.anyIpv4(), - Port.tcp(443), - 'Allows HTTPS access from Internet', - ); const instance = new Instance(stack, 'targetInstance', { vpc: vpc, instanceType: InstanceType.of( // t2.micro has free tier usage in aws @@ -128,34 +102,20 @@ describe('tests', () => { machineImage: MachineImage.latestAmazonLinux({ generation: AmazonLinuxGeneration.AMAZON_LINUX_2, }), - securityGroup, - }); - const connections = new Connections({ - peer: Peer.ipv4('666.666.666.666/666'), }); const elb = new LoadBalancer(stack, 'LB', { vpc, - healthCheck: { - interval: Duration.minutes(1), - path: '/ping', - protocol: LoadBalancingProtocol.HTTPS, - port: 443, - }, }); // WHEN - elb.addListener({ externalPort: 80, internalPort: 8080 }); - elb.addTarget(new InstanceTarget(instance, connections)); + elb.addTarget(new InstanceTarget(instance, 80)); // THEN: at the very least it added a security group rule for the backend - Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', { - SecurityGroupEgress: [ + Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancing::LoadBalancer', { + CrossZone: true, + Instances: [ { - Description: 'Port 8080 LB to fleet', - CidrIp: '666.666.666.666/666', - FromPort: 8080, - IpProtocol: 'tcp', - ToPort: 8080, + Ref: 'targetInstance603C5817', }, ], }); From 39d0baaaa117699c52fc5906ae2873693e679d69 Mon Sep 17 00:00:00 2001 From: pattasai Date: Mon, 6 Mar 2023 13:40:15 -0500 Subject: [PATCH 03/11] newIntegTest --- .../aws-elasticloadbalancing/README.md | 17 + .../lib/load-balancer.ts | 32 +- .../aws-elasticloadbalancing/package.json | 1 + .../aws-cdk-elb-integ.assets.json | 4 +- .../aws-cdk-elb-integ.template.json | 167 +--- .../test/integ.elb.js.snapshot/manifest.json | 44 +- .../test/integ.elb.js.snapshot/tree.json | 268 +----- .../test/integ.elb.ts | 16 +- ...efaultTestDeployAssertAF607556.assets.json | 19 + ...aultTestDeployAssertAF607556.template.json | 36 + ...-cdk-elb-instance-target-integ.assets.json | 19 + ...dk-elb-instance-target-integ.template.json | 447 ++++++++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 237 ++++++ .../tree.json | 784 ++++++++++++++++++ .../test/integ.instanceTarget.elb.ts | 39 + 17 files changed, 1647 insertions(+), 496 deletions(-) create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.assets.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.template.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/README.md b/packages/@aws-cdk/aws-elasticloadbalancing/README.md index 45ec1828bb466..7bdab9d80c309 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancing/README.md @@ -48,3 +48,20 @@ lb.addListener({ allowConnectionsFrom: [mySecurityGroup], }); ``` + +### Adding Ec2 Instance as a target for the load balancer + +EC2 instaces can be added as the target for the load balancer via `addTarget()` method using `InstanceTarget` class by providing ec2 `instance` as a target and `port` for the `instance` to forward to. + +```ts +const lb = new elb.LoadBalancer(this, 'LB', { + vpc, +}); +// instance to add as the target for load balancer. +const instance = new Instance(stack, 'targetInstance', { + vpc: vpc, + instanceType: InstanceType.of(InstanceClass.BURSTABLE2, InstanceSize.MICRO), + machineImage: new AmazonLinuxImage(), +}); +lb.addTarget(elb.InstanceTarget(instance, 80)) +``` diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index baf4b58aea683..df4b11fb6eaab 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -141,20 +141,10 @@ export interface HealthCheck { readonly timeout?: Duration; } -/** - * An object that has instance object. - */ -interface IInstance { - /** - * Ec2 instance - */ - readonly ec2Instance?: Instance -} - /** * Interface that is going to be implemented by constructs that you can load balance to */ -export interface ILoadBalancerTarget extends IConnectable, IInstance { +export interface ILoadBalancerTarget extends IConnectable { /** * Attach load-balanced target to a classic ELB * @param loadBalancer [disable-awslint:ref-via-interface] The load balancer to attach the target to @@ -275,7 +265,7 @@ export class LoadBalancer extends Resource implements IConnectable { securityGroups: [this.securityGroup.securityGroupId], subnets: selectedSubnets.subnetIds, listeners: Lazy.any({ produce: () => this.listeners }), - instances: this.instanceIds, + instances: Lazy.list({ produce: () => this.instanceIds }), scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), crossZone: props.crossZone ?? true, @@ -334,10 +324,7 @@ export class LoadBalancer extends Resource implements IConnectable { public addTarget(target: ILoadBalancerTarget) { target.attachToClassicLB(this); - if (target.ec2Instance) { - this.instanceIds.push(target.ec2Instance.instanceId); - target.ec2Instance.addSecurityGroup(this.securityGroup); - } + this.newTarget(target); } @@ -412,6 +399,12 @@ export class LoadBalancer extends Resource implements IConnectable { Port.tcp(instancePort), `Port ${instancePort} LB to fleet`); } + + /** + * @internal + * @param instanceId + */ + public _addInstanceId(instanceId: string) { this.instanceIds.push(instanceId); } } /** @@ -420,7 +413,6 @@ export class LoadBalancer extends Resource implements IConnectable { */ export class InstanceTarget implements ILoadBalancerTarget { readonly connections: Connections; - readonly ec2Instance?: Instance /** * Create a new Instance target. * @@ -429,10 +421,10 @@ export class InstanceTarget implements ILoadBalancerTarget { */ constructor(public readonly instance: Instance, public readonly port: number) { this.connections = instance.connections; - this.ec2Instance = instance; } - public attachToClassicLB(_loadBalancer: LoadBalancer): void { - _loadBalancer.addListener({ externalPort: this.port }); + public attachToClassicLB(loadBalancer: LoadBalancer): void { + loadBalancer._addInstanceId(this.instance.instanceId); + this.connections.allowFrom(loadBalancer.connections, Port.tcp(this.port)); } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/package.json b/packages/@aws-cdk/aws-elasticloadbalancing/package.json index a8fcc72027323..f3b4e13aacb23 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/package.json @@ -83,6 +83,7 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2" diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json index aa729d8e25fc3..442b79ca954d3 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json @@ -1,7 +1,7 @@ { "version": "29.0.0", "files": { - "d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654": { + "4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132": { "source": { "path": "aws-cdk-elb-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654.json", + "objectKey": "4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json index 5ccd278b3bf52..2ae576db86582 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json @@ -214,135 +214,19 @@ } } }, - "targetInstanceInstanceSecurityGroupF268BD07": { + "LBSecurityGroup8A41EA2B": { "Type": "AWS::EC2::SecurityGroup", "Properties": { - "GroupDescription": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", + "GroupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", "SecurityGroupEgress": [ { - "CidrIp": "0.0.0.0/0", - "Description": "Allow all outbound traffic by default", - "IpProtocol": "-1" + "CidrIp": "255.255.255.255/32", + "Description": "Disallow all traffic", + "FromPort": 252, + "IpProtocol": "icmp", + "ToPort": 86 } ], - "Tags": [ - { - "Key": "Name", - "Value": "aws-cdk-elb-integ/targetInstance" - } - ], - "VpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "targetInstanceInstanceSecurityGroupfromawscdkelbintegLBSecurityGroup6DB419F580C5BD1022": { - "Type": "AWS::EC2::SecurityGroupIngress", - "Properties": { - "IpProtocol": "tcp", - "Description": "Port 80 LB to fleet", - "FromPort": 80, - "GroupId": { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - "SourceSecurityGroupId": { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - }, - "ToPort": 80 - } - }, - "targetInstanceInstanceRole3F8EC526": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "Tags": [ - { - "Key": "Name", - "Value": "aws-cdk-elb-integ/targetInstance" - } - ] - } - }, - "targetInstanceInstanceProfile0A012423": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "targetInstanceInstanceRole3F8EC526" - } - ] - } - }, - "targetInstance603C5817": { - "Type": "AWS::EC2::Instance", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "IamInstanceProfile": { - "Ref": "targetInstanceInstanceProfile0A012423" - }, - "ImageId": { - "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" - }, - "InstanceType": "t2.micro", - "SecurityGroupIds": [ - { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - } - ], - "SubnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - "Tags": [ - { - "Key": "Name", - "Value": "aws-cdk-elb-integ/targetInstance" - } - ], - "UserData": { - "Fn::Base64": "#!/bin/bash" - } - }, - "DependsOn": [ - "targetInstanceInstanceRole3F8EC526" - ] - }, - "LBSecurityGroup8A41EA2B": { - "Type": "AWS::EC2::SecurityGroup", - "Properties": { - "GroupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", @@ -357,37 +241,10 @@ } } }, - "LBSecurityGrouptoawscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B8001FF8703": { - "Type": "AWS::EC2::SecurityGroupEgress", - "Properties": { - "GroupId": { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - }, - "IpProtocol": "tcp", - "Description": "Port 80 LB to fleet", - "DestinationSecurityGroupId": { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - "FromPort": 80, - "ToPort": 80 - } - }, "LB8A12904C": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": { "Listeners": [ - { - "InstancePort": "80", - "InstanceProtocol": "http", - "LoadBalancerPort": "80", - "Protocol": "http" - }, { "InstancePort": "80", "InstanceProtocol": "http", @@ -403,11 +260,7 @@ "Timeout": "5", "UnhealthyThreshold": "5" }, - "Instances": [ - { - "Ref": "targetInstance603C5817" - } - ], + "Instances": [], "Scheme": "internet-facing", "SecurityGroups": [ { @@ -430,10 +283,6 @@ } }, "Parameters": { - "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" - }, "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json index 431ad02c21b6a..004b06c52c37e 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d1182e2f02480d3c9c4b0229761c70b8b371f28368f40dd78d76539cd3701654.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -111,54 +111,12 @@ "data": "VPCVPCGW99B986DC" } ], - "/aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "targetInstanceInstanceSecurityGroupF268BD07" - } - ], - "/aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/from awscdkelbintegLBSecurityGroup6DB419F5:80": [ - { - "type": "aws:cdk:logicalId", - "data": "targetInstanceInstanceSecurityGroupfromawscdkelbintegLBSecurityGroup6DB419F580C5BD1022" - } - ], - "/aws-cdk-elb-integ/targetInstance/InstanceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "targetInstanceInstanceRole3F8EC526" - } - ], - "/aws-cdk-elb-integ/targetInstance/InstanceProfile": [ - { - "type": "aws:cdk:logicalId", - "data": "targetInstanceInstanceProfile0A012423" - } - ], - "/aws-cdk-elb-integ/targetInstance/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "targetInstance603C5817" - } - ], - "/aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ - { - "type": "aws:cdk:logicalId", - "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" - } - ], "/aws-cdk-elb-integ/LB/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", "data": "LBSecurityGroup8A41EA2B" } ], - "/aws-cdk-elb-integ/LB/SecurityGroup/to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80": [ - { - "type": "aws:cdk:logicalId", - "data": "LBSecurityGrouptoawscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B8001FF8703" - } - ], "/aws-cdk-elb-integ/LB/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json index 7b6c0ea68c9d8..dfe1d0121502f 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json @@ -365,222 +365,6 @@ "version": "0.0.0" } }, - "targetInstance": { - "id": "targetInstance", - "path": "aws-cdk-elb-integ/targetInstance", - "children": { - "InstanceSecurityGroup": { - "id": "InstanceSecurityGroup", - "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "tags": [ - { - "key": "Name", - "value": "aws-cdk-elb-integ/targetInstance" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", - "version": "0.0.0" - } - }, - "from awscdkelbintegLBSecurityGroup6DB419F5:80": { - "id": "from awscdkelbintegLBSecurityGroup6DB419F5:80", - "path": "aws-cdk-elb-integ/targetInstance/InstanceSecurityGroup/from awscdkelbintegLBSecurityGroup6DB419F5:80", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "ipProtocol": "tcp", - "description": "Port 80 LB to fleet", - "fromPort": 80, - "groupId": { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - "sourceSecurityGroupId": { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - }, - "toPort": 80 - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "InstanceRole": { - "id": "InstanceRole", - "path": "aws-cdk-elb-integ/targetInstance/InstanceRole", - "children": { - "ImportInstanceRole": { - "id": "ImportInstanceRole", - "path": "aws-cdk-elb-integ/targetInstance/InstanceRole/ImportInstanceRole", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-elb-integ/targetInstance/InstanceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-elb-integ/targetInstance" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", - "version": "0.0.0" - } - }, - "InstanceProfile": { - "id": "InstanceProfile", - "path": "aws-cdk-elb-integ/targetInstance/InstanceProfile", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", - "aws:cdk:cloudformation:props": { - "roles": [ - { - "Ref": "targetInstanceInstanceRole3F8EC526" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-elb-integ/targetInstance/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Instance", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "iamInstanceProfile": { - "Ref": "targetInstanceInstanceProfile0A012423" - }, - "imageId": { - "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" - }, - "instanceType": "t2.micro", - "securityGroupIds": [ - { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - } - ], - "subnetId": { - "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" - }, - "tags": [ - { - "key": "Name", - "value": "aws-cdk-elb-integ/targetInstance" - } - ], - "userData": { - "Fn::Base64": "#!/bin/bash" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInstance", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Instance", - "version": "0.0.0" - } - }, - "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { - "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", - "path": "aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", - "version": "0.0.0" - } - }, - "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118": { - "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", - "path": "aws-cdk-elb-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, "LB": { "id": "LB", "path": "aws-cdk-elb-integ/LB", @@ -596,6 +380,15 @@ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", "aws:cdk:cloudformation:props": { "groupDescription": "aws-cdk-elb-integ/LB/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "255.255.255.255/32", + "description": "Disallow all traffic", + "ipProtocol": "icmp", + "fromPort": 252, + "toPort": 86 + } + ], "securityGroupIngress": [ { "cidrIp": "0.0.0.0/0", @@ -614,35 +407,6 @@ "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", "version": "0.0.0" } - }, - "to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80": { - "id": "to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80", - "path": "aws-cdk-elb-integ/LB/SecurityGroup/to awscdkelbintegtargetInstanceInstanceSecurityGroup5ADFB89B:80", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", - "aws:cdk:cloudformation:props": { - "groupId": { - "Fn::GetAtt": [ - "LBSecurityGroup8A41EA2B", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "description": "Port 80 LB to fleet", - "destinationSecurityGroupId": { - "Fn::GetAtt": [ - "targetInstanceInstanceSecurityGroupF268BD07", - "GroupId" - ] - }, - "fromPort": 80, - "toPort": 80 - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", - "version": "0.0.0" - } } }, "constructInfo": { @@ -657,12 +421,6 @@ "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancing::LoadBalancer", "aws:cdk:cloudformation:props": { "listeners": [ - { - "loadBalancerPort": "80", - "protocol": "http", - "instancePort": "80", - "instanceProtocol": "http" - }, { "loadBalancerPort": "80", "protocol": "http", @@ -678,11 +436,7 @@ "timeout": "5", "unhealthyThreshold": "5" }, - "instances": [ - { - "Ref": "targetInstance603C5817" - } - ], + "instances": [], "scheme": "internet-facing", "securityGroups": [ { @@ -737,7 +491,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.256" + "version": "10.1.237" } } }, diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts index bbf1d9f81df6d..a0baab04e5883 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.ts @@ -2,7 +2,6 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as cdk from '@aws-cdk/core'; import * as elb from '../lib'; -import { InstanceTarget } from '../lib'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-elb-integ'); @@ -11,18 +10,7 @@ const vpc = new ec2.Vpc(stack, 'VPC', { maxAzs: 1, }); -const instance = new ec2.Instance(stack, 'targetInstance', { - vpc: vpc, - instanceType: ec2.InstanceType.of( // t2.micro has free tier usage in aws - ec2.InstanceClass.T2, - ec2.InstanceSize.MICRO, - ), - machineImage: ec2.MachineImage.latestAmazonLinux({ - generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, - }), -}); - -const elbalancer = new elb.LoadBalancer(stack, 'LB', { +new elb.LoadBalancer(stack, 'LB', { vpc, internetFacing: true, listeners: [{ @@ -34,6 +22,4 @@ const elbalancer = new elb.LoadBalancer(stack, 'LB', { }, }); -elbalancer.addTarget(new InstanceTarget(instance, 80)); - app.synth(); diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.assets.json new file mode 100644 index 0000000000000..3493f6a48b43c --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "InstanceTargetTestDefaultTestDeployAssertAF607556.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/InstanceTargetTestDefaultTestDeployAssertAF607556.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json new file mode 100644 index 0000000000000..0e096f069b2fd --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6": { + "source": { + "path": "aws-cdk-elb-instance-target-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json new file mode 100644 index 0000000000000..8a8b88c0f2d82 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json @@ -0,0 +1,447 @@ +{ + "Resources": { + "VPCB9E5F0B4": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC" + } + ] + } + }, + "VPCPublicSubnet1SubnetB4246D30": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/17", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1RouteTableFEE4B781": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1RouteTableAssociation0B0896DC": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "VPCPublicSubnet1DefaultRoute91CEF279": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + } + }, + "DependsOn": [ + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet1EIP6AD938E8": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1NATGatewayE0556630": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VPCPublicSubnet1DefaultRoute91CEF279", + "VPCPublicSubnet1RouteTableAssociation0B0896DC" + ] + }, + "VPCPrivateSubnet1Subnet8BCA10E0": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/17", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1" + } + ] + } + }, + "VPCPrivateSubnet1RouteTableBE8A6027": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1" + } + ] + } + }, + "VPCPrivateSubnet1RouteTableAssociation347902D1": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "SubnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "VPCPrivateSubnet1DefaultRouteAE1D6490": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "VPCIGWB7E252D3": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/VPC" + } + ] + } + }, + "VPCVPCGW99B986DC": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + }, + "InternetGatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "targetInstanceInstanceSecurityGroupF268BD07": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "ToPort": 80 + } + }, + "targetInstanceInstanceRole3F8EC526": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ] + } + }, + "targetInstanceInstanceProfile0A012423": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "targetInstanceInstanceRole3F8EC526" + } + ] + } + }, + "targetInstance603C5817": { + "Type": "AWS::EC2::Instance", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "IamInstanceProfile": { + "Ref": "targetInstanceInstanceProfile0A012423" + }, + "ImageId": { + "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "InstanceType": "t2.micro", + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + } + ], + "SubnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ], + "UserData": { + "Fn::Base64": "#!/bin/bash" + } + }, + "DependsOn": [ + "targetInstanceInstanceRole3F8EC526" + ] + }, + "LBSecurityGroup8A41EA2B": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Default rule allow on 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "FromPort": 80, + "ToPort": 80 + } + }, + "LB8A12904C": { + "Type": "AWS::ElasticLoadBalancing::LoadBalancer", + "Properties": { + "Listeners": [ + { + "InstancePort": "80", + "InstanceProtocol": "http", + "LoadBalancerPort": "80", + "Protocol": "http" + } + ], + "CrossZone": true, + "Instances": [ + { + "Ref": "targetInstance603C5817" + } + ], + "Scheme": "internal", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ] + } + } + }, + "Parameters": { + "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" + }, + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/cdk.out b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/integ.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/integ.json new file mode 100644 index 0000000000000..23c31182b8fce --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "29.0.0", + "testCases": { + "InstanceTargetTest/DefaultTest": { + "stacks": [ + "aws-cdk-elb-instance-target-integ" + ], + "assertionStack": "InstanceTargetTest/DefaultTest/DeployAssert", + "assertionStackName": "InstanceTargetTestDefaultTestDeployAssertAF607556" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json new file mode 100644 index 0000000000000..55ac86ce33a37 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json @@ -0,0 +1,237 @@ +{ + "version": "29.0.0", + "artifacts": { + "aws-cdk-elb-instance-target-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-elb-instance-target-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-elb-instance-target-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-elb-instance-target-integ.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-elb-instance-target-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-elb-instance-target-integ.assets" + ], + "metadata": { + "/aws-cdk-elb-instance-target-integ/VPC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCB9E5F0B4" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1SubnetB4246D30" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableFEE4B781" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute91CEF279" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1EIP6AD938E8" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1NATGatewayE0556630" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableBE8A6027" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIGWB7E252D3" + } + ], + "/aws-cdk-elb-instance-target-integ/VPC/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCVPCGW99B986DC" + } + ], + "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceSecurityGroupF268BD07" + } + ], + "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C" + } + ], + "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceRole3F8EC526" + } + ], + "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceProfile0A012423" + } + ], + "/aws-cdk-elb-instance-target-integ/targetInstance/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstance603C5817" + } + ], + "/aws-cdk-elb-instance-target-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + } + ], + "/aws-cdk-elb-instance-target-integ/LB/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LBSecurityGroup8A41EA2B" + } + ], + "/aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80": [ + { + "type": "aws:cdk:logicalId", + "data": "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8" + } + ], + "/aws-cdk-elb-instance-target-integ/LB/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LB8A12904C" + } + ], + "/aws-cdk-elb-instance-target-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-elb-instance-target-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-elb-instance-target-integ" + }, + "InstanceTargetTestDefaultTestDeployAssertAF607556.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "InstanceTargetTestDefaultTestDeployAssertAF607556.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "InstanceTargetTestDefaultTestDeployAssertAF607556": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "InstanceTargetTestDefaultTestDeployAssertAF607556.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "InstanceTargetTestDefaultTestDeployAssertAF607556.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InstanceTargetTestDefaultTestDeployAssertAF607556.assets" + ], + "metadata": { + "/InstanceTargetTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/InstanceTargetTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "InstanceTargetTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json new file mode 100644 index 0000000000000..44d9bc850a7e3 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json @@ -0,0 +1,784 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-elb-instance-target-integ": { + "id": "aws-cdk-elb-instance-target-integ", + "path": "aws-cdk-elb-instance-target-integ", + "children": { + "VPC": { + "id": "VPC", + "path": "aws-cdk-elb-instance-target-integ/VPC", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/VPC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/17", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/17", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-elb-instance-target-integ/VPC/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-elb-instance-target-integ/VPC/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-elb-instance-target-integ/VPC/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + }, + "internetGatewayId": { + "Ref": "VPCIGWB7E252D3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "targetInstance": { + "id": "targetInstance", + "path": "aws-cdk-elb-instance-target-integ/targetInstance", + "children": { + "InstanceSecurityGroup": { + "id": "InstanceSecurityGroup", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80": { + "id": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", + "fromPort": 80, + "groupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "targetInstanceInstanceRole3F8EC526" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Instance", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "iamInstanceProfile": { + "Ref": "targetInstanceInstanceProfile0A012423" + }, + "imageId": { + "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "instanceType": "t2.micro", + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + } + ], + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-elb-instance-target-integ/targetInstance" + } + ], + "userData": { + "Fn::Base64": "#!/bin/bash" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInstance", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Instance", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { + "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "aws-cdk-elb-instance-target-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118": { + "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "aws-cdk-elb-instance-target-integ/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "LB": { + "id": "LB", + "path": "aws-cdk-elb-instance-target-integ/LB", + "children": { + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 80, + "toPort": 80, + "description": "Default rule allow on 80" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80": { + "id": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "path": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "targetInstanceInstanceSecurityGroupF268BD07", + "GroupId" + ] + }, + "fromPort": 80, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-elb-instance-target-integ/LB/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancing::LoadBalancer", + "aws:cdk:cloudformation:props": { + "listeners": [ + { + "loadBalancerPort": "80", + "protocol": "http", + "instancePort": "80", + "instanceProtocol": "http" + } + ], + "crossZone": true, + "instances": [ + { + "Ref": "targetInstance603C5817" + } + ], + "scheme": "internal", + "securityGroups": [ + { + "Fn::GetAtt": [ + "LBSecurityGroup8A41EA2B", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancing.CfnLoadBalancer", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancing.LoadBalancer", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-elb-instance-target-integ/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-elb-instance-target-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "InstanceTargetTest": { + "id": "InstanceTargetTest", + "path": "InstanceTargetTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "InstanceTargetTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "InstanceTargetTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.237" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "InstanceTargetTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "InstanceTargetTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "InstanceTargetTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.237" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts new file mode 100644 index 0000000000000..ae3b18d05d429 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts @@ -0,0 +1,39 @@ +#!/usr/bin/env node +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as elb from '../lib'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-cdk-elb-instance-target-integ'); + +const vpc = new ec2.Vpc(stack, 'VPC', { + maxAzs: 1, +}); + +const instance = new ec2.Instance(stack, 'targetInstance', { + vpc: vpc, + instanceType: ec2.InstanceType.of( // t2.micro has free tier usage in aws + ec2.InstanceClass.T2, + ec2.InstanceSize.MICRO, + ), + machineImage: ec2.MachineImage.latestAmazonLinux({ + generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, + }), +}); + +const elbalancer = new elb.LoadBalancer(stack, 'LB', { + vpc, + listeners: [{ + externalPort: 80, + allowConnectionsFrom: [ec2.Peer.anyIpv4()], + }], +}); + +elbalancer.addTarget(new elb.InstanceTarget(instance, 80)); + +new integ.IntegTest(app, 'InstanceTargetTest', { + testCases: [stack], +}); + +app.synth(); From c91d318e0ad857fd2012567bf3844a9eeeb8e1bc Mon Sep 17 00:00:00 2001 From: pattasai Date: Mon, 6 Mar 2023 17:10:51 -0500 Subject: [PATCH 04/11] fixintegtest --- .../lib/load-balancer.ts | 3 +- .../aws-cdk-elb-integ.assets.json | 6 +-- .../aws-cdk-elb-integ.template.json | 1 - .../test/integ.elb.js.snapshot/cdk.out | 2 +- .../test/integ.elb.js.snapshot/integ.json | 2 +- .../test/integ.elb.js.snapshot/manifest.json | 16 +++---- .../test/integ.elb.js.snapshot/tree.json | 47 ++++++------------- 7 files changed, 30 insertions(+), 47 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index df4b11fb6eaab..194227484f037 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -265,7 +265,7 @@ export class LoadBalancer extends Resource implements IConnectable { securityGroups: [this.securityGroup.securityGroupId], subnets: selectedSubnets.subnetIds, listeners: Lazy.any({ produce: () => this.listeners }), - instances: Lazy.list({ produce: () => this.instanceIds }), + instances: Lazy.list({ produce: () => this.instanceIds.length == 0 ? undefined : this.instanceIds }), scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), crossZone: props.crossZone ?? true, @@ -401,6 +401,7 @@ export class LoadBalancer extends Resource implements IConnectable { } /** + * add instance to the load balancer. * @internal * @param instanceId */ diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json index 442b79ca954d3..20e7d0accaaa1 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.assets.json @@ -1,7 +1,7 @@ { - "version": "29.0.0", + "version": "20.0.0", "files": { - "4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132": { + "2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c": { "source": { "path": "aws-cdk-elb-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132.json", + "objectKey": "2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json index 2ae576db86582..1303e435bc99a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/aws-cdk-elb-integ.template.json @@ -260,7 +260,6 @@ "Timeout": "5", "UnhealthyThreshold": "5" }, - "Instances": [], "Scheme": "internet-facing", "SecurityGroups": [ { diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out index d8b441d447f8a..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"29.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json index 76b93ef3c1827..cce5e7c70bbf9 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "20.0.0", "testCases": { "integ.elb": { "stacks": [ diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json index 004b06c52c37e..7f3349f808fc4 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/manifest.json @@ -1,6 +1,12 @@ { - "version": "29.0.0", + "version": "20.0.0", "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, "aws-cdk-elb-integ.assets": { "type": "cdk:asset-manifest", "properties": { @@ -17,7 +23,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4c836d484e8ef2a55154de921bcc2a2f22b3935562ad64a0dabf24b88b4e9132.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2ae8c93277b436927a734841d17a6b4599f904c7ea22cec117ce29fb6441ae4c.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -137,12 +143,6 @@ ] }, "displayName": "aws-cdk-elb-integ" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json index dfe1d0121502f..02a559a0a3555 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.elb.js.snapshot/tree.json @@ -4,6 +4,14 @@ "id": "App", "path": "", "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.85" + } + }, "aws-cdk-elb-integ": { "id": "aws-cdk-elb-integ", "path": "aws-cdk-elb-integ", @@ -83,8 +91,8 @@ "id": "Acl", "path": "aws-cdk-elb-integ/VPC/PublicSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.85" } }, "RouteTable": { @@ -250,8 +258,8 @@ "id": "Acl", "path": "aws-cdk-elb-integ/VPC/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.85" } }, "RouteTable": { @@ -436,7 +444,6 @@ "timeout": "5", "unhealthyThreshold": "5" }, - "instances": [], "scheme": "internet-facing", "securityGroups": [ { @@ -463,41 +470,17 @@ "fqn": "@aws-cdk/aws-elasticloadbalancing.LoadBalancer", "version": "0.0.0" } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "aws-cdk-elb-integ/BootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "aws-cdk-elb-integ/CheckBootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", - "version": "0.0.0" - } } }, - "constructInfo": { - "fqn": "@aws-cdk/core.Stack", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.237" + "version": "10.1.85" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.85" } } } \ No newline at end of file From 0b4f81094b3838e8487f211178ca7e9a1cd65269 Mon Sep 17 00:00:00 2001 From: pattasai Date: Thu, 9 Mar 2023 16:28:37 -0500 Subject: [PATCH 05/11] LbandIstance-Connection --- .../lib/load-balancer.ts | 29 +++++++++++++------ 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 194227484f037..10014c5583688 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -1,5 +1,5 @@ import { - Connections, IConnectable, Instance, ISecurityGroup, IVpc, Peer, Port, + Connections, IConnectable, IInstance, Instance, ISecurityGroup, IVpc, Peer, Port, SecurityGroup, SelectedSubnets, SubnetSelection, SubnetType, } from '@aws-cdk/aws-ec2'; import { Duration, Lazy, Resource } from '@aws-cdk/core'; @@ -248,6 +248,7 @@ export class LoadBalancer extends Resource implements IConnectable { private readonly elb: CfnLoadBalancer; private readonly securityGroup: SecurityGroup; private readonly listeners: CfnLoadBalancer.ListenersProperty[] = []; + private readonly instances: IInstance[] = []; private readonly instancePorts: number[] = []; private readonly targets: ILoadBalancerTarget[] = []; @@ -265,7 +266,7 @@ export class LoadBalancer extends Resource implements IConnectable { securityGroups: [this.securityGroup.securityGroupId], subnets: selectedSubnets.subnetIds, listeners: Lazy.any({ produce: () => this.listeners }), - instances: Lazy.list({ produce: () => this.instanceIds.length == 0 ? undefined : this.instanceIds }), + instances: Lazy.list({ produce: () => this.instanceIds.length === 0 ? undefined : this.instanceIds }), scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), crossZone: props.crossZone ?? true, @@ -319,6 +320,8 @@ export class LoadBalancer extends Resource implements IConnectable { // Keep track using array so user can get to them even if they were all supplied in the constructor this.listenerPorts.push(port); + // Allow connection to all instances to new listener. + this.instances.forEach(i => i.connections.allowFrom(this.connections, Port.tcp(Number(instancePort)))); return port; } @@ -401,11 +404,21 @@ export class LoadBalancer extends Resource implements IConnectable { } /** - * add instance to the load balancer. + * Allow connection to all listeners to new instance port. + */ + private allowInstanceConnection(instance: IConnectable) { + this.listeners.forEach(l => instance.connections.allowFrom(this.connections, Port.tcp(Number(l.instancePort)))); + } + + /** + * Add instance to the load balancer. * @internal - * @param instanceId */ - public _addInstanceId(instanceId: string) { this.instanceIds.push(instanceId); } + public _addInstance(instance: IInstance) { + this.instances.push(instance); + this.instanceIds.push(instance.instanceId); + this.allowInstanceConnection(instance); + } } /** @@ -418,14 +431,12 @@ export class InstanceTarget implements ILoadBalancerTarget { * Create a new Instance target. * * @param instance Instance to register to. - * @param port Override the default port for the target. */ - constructor(public readonly instance: Instance, public readonly port: number) { + constructor(public readonly instance: Instance) { this.connections = instance.connections; } public attachToClassicLB(loadBalancer: LoadBalancer): void { - loadBalancer._addInstanceId(this.instance.instanceId); - this.connections.allowFrom(loadBalancer.connections, Port.tcp(this.port)); + loadBalancer._addInstance(this.instance); } } From 371bd14f54e9412ff7026f7110b6fad72ba758be Mon Sep 17 00:00:00 2001 From: pattasai Date: Fri, 10 Mar 2023 08:19:52 -0500 Subject: [PATCH 06/11] fix-Integ.instance --- .../aws-elasticloadbalancing/README.md | 4 +-- .../lib/load-balancer.ts | 2 +- ...-cdk-elb-instance-target-integ.assets.json | 4 +-- ...dk-elb-instance-target-integ.template.json | 18 ++++++------ .../manifest.json | 28 +++++++++++++++---- .../tree.json | 26 ++++++++--------- .../test/integ.instanceTarget.elb.ts | 7 ++--- .../test/loadbalancer.test.ts | 16 +++++++++-- 8 files changed, 66 insertions(+), 39 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/README.md b/packages/@aws-cdk/aws-elasticloadbalancing/README.md index 7bdab9d80c309..534c30e8bd0ab 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancing/README.md @@ -51,7 +51,7 @@ lb.addListener({ ### Adding Ec2 Instance as a target for the load balancer -EC2 instaces can be added as the target for the load balancer via `addTarget()` method using `InstanceTarget` class by providing ec2 `instance` as a target and `port` for the `instance` to forward to. +EC2 instaces can be added as the target for the load balancer via `addTarget()` method using `InstanceTarget` class by providing ec2 `instance` as a target. ```ts const lb = new elb.LoadBalancer(this, 'LB', { @@ -63,5 +63,5 @@ const instance = new Instance(stack, 'targetInstance', { instanceType: InstanceType.of(InstanceClass.BURSTABLE2, InstanceSize.MICRO), machineImage: new AmazonLinuxImage(), }); -lb.addTarget(elb.InstanceTarget(instance, 80)) +lb.addTarget(elb.InstanceTarget(instance)) ``` diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 10014c5583688..c30fb82ebfa3b 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -266,7 +266,7 @@ export class LoadBalancer extends Resource implements IConnectable { securityGroups: [this.securityGroup.securityGroupId], subnets: selectedSubnets.subnetIds, listeners: Lazy.any({ produce: () => this.listeners }), - instances: Lazy.list({ produce: () => this.instanceIds.length === 0 ? undefined : this.instanceIds }), + instances: Lazy.list({ produce: () => this.instanceIds }, { omitEmpty: true }), scheme: props.internetFacing ? 'internet-facing' : 'internal', healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck), crossZone: props.crossZone ?? true, diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json index 0e096f069b2fd..1d178796401c7 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.assets.json @@ -1,7 +1,7 @@ { "version": "29.0.0", "files": { - "268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6": { + "11ca0111a871a53be970c5db0c5a24d4146213fd59f6d172b6fc1bc3de206cf9": { "source": { "path": "aws-cdk-elb-instance-target-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6.json", + "objectKey": "11ca0111a871a53be970c5db0c5a24d4146213fd59f6d172b6fc1bc3de206cf9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json index 8a8b88c0f2d82..07931ccc284e9 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/aws-cdk-elb-instance-target-integ.template.json @@ -236,12 +236,12 @@ } } }, - "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C": { + "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC8080DF6C0658": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { "IpProtocol": "tcp", - "Description": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", - "FromPort": 80, + "Description": "Port 8080 LB to fleet", + "FromPort": 8080, "GroupId": { "Fn::GetAtt": [ "targetInstanceInstanceSecurityGroupF268BD07", @@ -254,7 +254,7 @@ "GroupId" ] }, - "ToPort": 80 + "ToPort": 8080 } }, "targetInstanceInstanceRole3F8EC526": { @@ -351,7 +351,7 @@ } } }, - "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8": { + "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E8080E1991644": { "Type": "AWS::EC2::SecurityGroupEgress", "Properties": { "GroupId": { @@ -361,15 +361,15 @@ ] }, "IpProtocol": "tcp", - "Description": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "Description": "Port 8080 LB to fleet", "DestinationSecurityGroupId": { "Fn::GetAtt": [ "targetInstanceInstanceSecurityGroupF268BD07", "GroupId" ] }, - "FromPort": 80, - "ToPort": 80 + "FromPort": 8080, + "ToPort": 8080 } }, "LB8A12904C": { @@ -377,7 +377,7 @@ "Properties": { "Listeners": [ { - "InstancePort": "80", + "InstancePort": "8080", "InstanceProtocol": "http", "LoadBalancerPort": "80", "Protocol": "http" diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json index 55ac86ce33a37..f0e7e3434a175 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/268bbb83a5a23302bc5ae40fd1a808bf52af3e3becfea843ad30307f01086ee6.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/11ca0111a871a53be970c5db0c5a24d4146213fd59f6d172b6fc1bc3de206cf9.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -117,10 +117,10 @@ "data": "targetInstanceInstanceSecurityGroupF268BD07" } ], - "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80": [ + "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:8080": [ { "type": "aws:cdk:logicalId", - "data": "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C" + "data": "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC8080DF6C0658" } ], "/aws-cdk-elb-instance-target-integ/targetInstance/InstanceRole/Resource": [ @@ -153,10 +153,10 @@ "data": "LBSecurityGroup8A41EA2B" } ], - "/aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80": [ + "/aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:8080": [ { "type": "aws:cdk:logicalId", - "data": "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8" + "data": "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E8080E1991644" } ], "/aws-cdk-elb-instance-target-integ/LB/Resource": [ @@ -176,6 +176,24 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C": [ + { + "type": "aws:cdk:logicalId", + "data": "targetInstanceInstanceSecurityGroupfromawscdkelbinstancetargetintegLBSecurityGroup395870CC80E053AA6C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8": [ + { + "type": "aws:cdk:logicalId", + "data": "LBSecurityGrouptoawscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E80A95A3BE8", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "aws-cdk-elb-instance-target-integ" diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json index 44d9bc850a7e3..6d4e4af19f1eb 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.js.snapshot/tree.json @@ -403,15 +403,15 @@ "version": "0.0.0" } }, - "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80": { - "id": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", - "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", + "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:8080": { + "id": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:8080", + "path": "aws-cdk-elb-instance-target-integ/targetInstance/InstanceSecurityGroup/from awscdkelbinstancetargetintegLBSecurityGroup395870CC:8080", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", "aws:cdk:cloudformation:props": { "ipProtocol": "tcp", - "description": "from awscdkelbinstancetargetintegLBSecurityGroup395870CC:80", - "fromPort": 80, + "description": "Port 8080 LB to fleet", + "fromPort": 8080, "groupId": { "Fn::GetAtt": [ "targetInstanceInstanceSecurityGroupF268BD07", @@ -424,7 +424,7 @@ "GroupId" ] }, - "toPort": 80 + "toPort": 8080 } }, "constructInfo": { @@ -609,9 +609,9 @@ "version": "0.0.0" } }, - "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80": { - "id": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", - "path": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:8080": { + "id": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:8080", + "path": "aws-cdk-elb-instance-target-integ/LB/SecurityGroup/to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:8080", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", "aws:cdk:cloudformation:props": { @@ -622,15 +622,15 @@ ] }, "ipProtocol": "tcp", - "description": "to awscdkelbinstancetargetintegtargetInstanceInstanceSecurityGroup4B82664E:80", + "description": "Port 8080 LB to fleet", "destinationSecurityGroupId": { "Fn::GetAtt": [ "targetInstanceInstanceSecurityGroupF268BD07", "GroupId" ] }, - "fromPort": 80, - "toPort": 80 + "fromPort": 8080, + "toPort": 8080 } }, "constructInfo": { @@ -654,7 +654,7 @@ { "loadBalancerPort": "80", "protocol": "http", - "instancePort": "80", + "instancePort": "8080", "instanceProtocol": "http" } ], diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts index ae3b18d05d429..57ab3f1371ff0 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/integ.instanceTarget.elb.ts @@ -24,13 +24,10 @@ const instance = new ec2.Instance(stack, 'targetInstance', { const elbalancer = new elb.LoadBalancer(stack, 'LB', { vpc, - listeners: [{ - externalPort: 80, - allowConnectionsFrom: [ec2.Peer.anyIpv4()], - }], }); -elbalancer.addTarget(new elb.InstanceTarget(instance, 80)); +elbalancer.addTarget(new elb.InstanceTarget(instance)); +elbalancer.addListener({ externalPort: 80, internalPort: 8080 }); new integ.IntegTest(app, 'InstanceTargetTest', { testCases: [stack], diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 369c1d42faa99..7a30748b958d8 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -108,9 +108,10 @@ describe('tests', () => { }); // WHEN - elb.addTarget(new InstanceTarget(instance, 80)); + elb.addListener({ externalPort: 80, internalPort: 8080 }); + elb.addTarget(new InstanceTarget(instance)); - // THEN: at the very least it added a security group rule for the backend + // THEN Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancing::LoadBalancer', { CrossZone: true, Instances: [ @@ -119,6 +120,17 @@ describe('tests', () => { }, ], }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', { + SecurityGroupIngress: [ + { + CidrIp: '0.0.0.0/0', + FromPort: 80, + IpProtocol: 'tcp', + ToPort: 80, + }, + ], + }); }); test('enable cross zone load balancing', () => { From e9f3c02654c81effa9668154daf6305d2eab3bad Mon Sep 17 00:00:00 2001 From: pattasai Date: Fri, 10 Mar 2023 14:24:06 -0500 Subject: [PATCH 07/11] fixChanges --- .../aws-elasticloadbalancing/README.md | 4 +-- .../lib/load-balancer.ts | 20 +++----------- .../test/loadbalancer.test.ts | 26 ++++++++++++------- 3 files changed, 23 insertions(+), 27 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/README.md b/packages/@aws-cdk/aws-elasticloadbalancing/README.md index 534c30e8bd0ab..676646f8efa6c 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancing/README.md @@ -51,7 +51,7 @@ lb.addListener({ ### Adding Ec2 Instance as a target for the load balancer -EC2 instaces can be added as the target for the load balancer via `addTarget()` method using `InstanceTarget` class by providing ec2 `instance` as a target. +You can add an EC2 instance to the load balancer by calling using `new InstanceTarget` as the argument to `addTarget()`: ```ts const lb = new elb.LoadBalancer(this, 'LB', { @@ -63,5 +63,5 @@ const instance = new Instance(stack, 'targetInstance', { instanceType: InstanceType.of(InstanceClass.BURSTABLE2, InstanceSize.MICRO), machineImage: new AmazonLinuxImage(), }); -lb.addTarget(elb.InstanceTarget(instance)) +lb.addTarget(elb.InstanceTarget(instance)); ``` diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index c30fb82ebfa3b..30058acb725d7 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -1,5 +1,5 @@ import { - Connections, IConnectable, IInstance, Instance, ISecurityGroup, IVpc, Peer, Port, + Connections, IConnectable, Instance, ISecurityGroup, IVpc, Peer, Port, SecurityGroup, SelectedSubnets, SubnetSelection, SubnetType, } from '@aws-cdk/aws-ec2'; import { Duration, Lazy, Resource } from '@aws-cdk/core'; @@ -248,7 +248,6 @@ export class LoadBalancer extends Resource implements IConnectable { private readonly elb: CfnLoadBalancer; private readonly securityGroup: SecurityGroup; private readonly listeners: CfnLoadBalancer.ListenersProperty[] = []; - private readonly instances: IInstance[] = []; private readonly instancePorts: number[] = []; private readonly targets: ILoadBalancerTarget[] = []; @@ -320,8 +319,6 @@ export class LoadBalancer extends Resource implements IConnectable { // Keep track using array so user can get to them even if they were all supplied in the constructor this.listenerPorts.push(port); - // Allow connection to all instances to new listener. - this.instances.forEach(i => i.connections.allowFrom(this.connections, Port.tcp(Number(instancePort)))); return port; } @@ -403,21 +400,12 @@ export class LoadBalancer extends Resource implements IConnectable { `Port ${instancePort} LB to fleet`); } - /** - * Allow connection to all listeners to new instance port. - */ - private allowInstanceConnection(instance: IConnectable) { - this.listeners.forEach(l => instance.connections.allowFrom(this.connections, Port.tcp(Number(l.instancePort)))); - } - /** * Add instance to the load balancer. * @internal */ - public _addInstance(instance: IInstance) { - this.instances.push(instance); - this.instanceIds.push(instance.instanceId); - this.allowInstanceConnection(instance); + public _addInstanceId(instanceId: string) { + this.instanceIds.push(instanceId); } } @@ -436,7 +424,7 @@ export class InstanceTarget implements ILoadBalancerTarget { this.connections = instance.connections; } public attachToClassicLB(loadBalancer: LoadBalancer): void { - loadBalancer._addInstance(this.instance); + loadBalancer._addInstanceId(this.instance.instanceId); } } diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 7a30748b958d8..5252c71d50f4a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -121,15 +121,23 @@ describe('tests', () => { ], }); - Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', { - SecurityGroupIngress: [ - { - CidrIp: '0.0.0.0/0', - FromPort: 80, - IpProtocol: 'tcp', - ToPort: 80, - }, - ], + Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroupEgress', { + Description: 'Port 8080 LB to fleet', + FromPort: 8080, + IpProtocol: 'tcp', + ToPort: 8080, + GroupId: { + 'Fn::GetAtt': [ + 'LBSecurityGroup8A41EA2B', + 'GroupId', + ], + }, + DestinationSecurityGroupId: { + 'Fn::GetAtt': [ + 'targetInstanceInstanceSecurityGroupF268BD07', + 'GroupId', + ], + }, }); }); From 9a06351b3db09daf3f6b2c4a6bf464591e859d61 Mon Sep 17 00:00:00 2001 From: pattasai Date: Mon, 13 Mar 2023 12:45:02 -0400 Subject: [PATCH 08/11] addTarget_addListenertest --- .../test/loadbalancer.test.ts | 52 +++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 5252c71d50f4a..8eabd5ffb1407 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -141,6 +141,58 @@ describe('tests', () => { }); }); + test('order test for addTarget and addListener', () => { + // GIVEN + const stack = new Stack(); + const vpc = new Vpc(stack, 'VCP'); + const instance = new Instance(stack, 'targetInstance', { + vpc: vpc, + instanceType: InstanceType.of( // t2.micro has free tier usage in aws + InstanceClass.T2, + InstanceSize.MICRO, + ), + machineImage: MachineImage.latestAmazonLinux({ + generation: AmazonLinuxGeneration.AMAZON_LINUX_2, + }), + }); + const elb = new LoadBalancer(stack, 'LB', { + vpc, + }); + + // WHEN + elb.addTarget(new InstanceTarget(instance)); + elb.addListener({ externalPort: 80, internalPort: 8080 }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancing::LoadBalancer', { + CrossZone: true, + Instances: [ + { + Ref: 'targetInstance603C5817', + }, + ], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroupEgress', { + Description: 'Port 8080 LB to fleet', + FromPort: 8080, + IpProtocol: 'tcp', + ToPort: 8080, + GroupId: { + 'Fn::GetAtt': [ + 'LBSecurityGroup8A41EA2B', + 'GroupId', + ], + }, + DestinationSecurityGroupId: { + 'Fn::GetAtt': [ + 'targetInstanceInstanceSecurityGroupF268BD07', + 'GroupId', + ], + }, + }); + }); + test('enable cross zone load balancing', () => { // GIVEN const stack = new Stack(); From 933f6f6adac0ddd53c2eca602fde9324f2030241 Mon Sep 17 00:00:00 2001 From: Rico Hermans Date: Tue, 14 Mar 2023 10:54:50 +0100 Subject: [PATCH 09/11] Update packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts Co-authored-by: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> --- packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 30058acb725d7..9910dc017808f 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -411,7 +411,6 @@ export class LoadBalancer extends Resource implements IConnectable { /** * An EC2 instance that is the target for load balancing - * */ export class InstanceTarget implements ILoadBalancerTarget { readonly connections: Connections; From 38dc1f9a36c06731ac65daf901ab2d0a7d95a7f3 Mon Sep 17 00:00:00 2001 From: Rico Hermans Date: Tue, 14 Mar 2023 10:54:59 +0100 Subject: [PATCH 10/11] Update packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts Co-authored-by: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> --- packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 9910dc017808f..ef9ee231ab2d0 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -422,6 +422,7 @@ export class InstanceTarget implements ILoadBalancerTarget { constructor(public readonly instance: Instance) { this.connections = instance.connections; } + public attachToClassicLB(loadBalancer: LoadBalancer): void { loadBalancer._addInstanceId(this.instance.instanceId); } From 4015b790795e5f89862cc12c25d8deabf6d80a1c Mon Sep 17 00:00:00 2001 From: pattasai Date: Thu, 16 Mar 2023 12:11:39 -0400 Subject: [PATCH 11/11] fix: extra spaces removed --- packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index ef9ee231ab2d0..4fec4bad91fa3 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -422,7 +422,7 @@ export class InstanceTarget implements ILoadBalancerTarget { constructor(public readonly instance: Instance) { this.connections = instance.connections; } - + public attachToClassicLB(loadBalancer: LoadBalancer): void { loadBalancer._addInstanceId(this.instance.instanceId); }