Add security group property to HealthMonitor

aws · May 3, 2021 · d29eb72 · d29eb72
1 parent a0d7b0a
commit d29eb72
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/packages/aws-rfdk/lib/core/lib/health-monitor.ts b/packages/aws-rfdk/lib/core/lib/health-monitor.ts
@@ -14,6 +14,7 @@ import {
 import {SnsAction} from '@aws-cdk/aws-cloudwatch-actions';
 import {
   IConnectable,
+  ISecurityGroup,
   IVpc,
   Port,
   SubnetSelection,
@@ -211,6 +212,13 @@ export interface HealthMonitorProps {
    * @default: The VPC default strategy
    */
   readonly vpcSubnets?: SubnetSelection;
+
+  /**
+   * Security group to associate with this load balancer.
+   *
+   * @default: A security group is created
+   */
+  readonly securityGroup?: ISecurityGroup;
 }
 
 /**

diff --git a/packages/aws-rfdk/lib/core/lib/load-balancer-manager.ts b/packages/aws-rfdk/lib/core/lib/load-balancer-manager.ts
@@ -200,6 +200,7 @@ export class LoadBalancerFactory {
       internetFacing: false,
       vpcSubnets: healthMonitorProps.vpcSubnets,
       deletionProtection: healthMonitorProps.deletionProtection ?? true,
+      securityGroup: healthMonitorProps.securityGroup,
     });
     // Enabling dropping of invalid HTTP header fields on the load balancer to prevent http smuggling attacks.
     loadBalancer.setAttribute('routing.http.drop_invalid_header_fields.enabled', 'true');