Skip to content

Commit

Permalink
feat(elbv2): Implement IConnectable to NLB (#28494)
Browse files Browse the repository at this point in the history 
# Summary
Implement an `IConnectable` interface to a NetworkLoadBalancer. 

# Why need this change?
AWS CDK has great features for abstraction. `IConnectable` interface is one of this. `IConnectable` simplifies the management of security groups. AWS CDK add support security group to NLB at #27978. However, Currently NLB not implement `IConnectable`, so customers can't use useful interface in AWS CDK.

# Example use case

```ts
declare const lb: elbv2.NetworkLoadBalancer;
declare const asg: autoscaling.AutoScalingGroup;

asg.connections.allowFrom(lb, ec2.Port.tcp(8088)); // currently can not
```

Closes #26735

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@WinterYukky
WinterYukky authored Jan 16, 2024
1 parent c0085d5 commit 1e69cc6
Show file tree
Hide file tree
Showing 25 changed files with 35,541 additions and 292 deletions.
6 changes: 3 additions & 3 deletions ...icloadbalancingv2/test/integ.nlb-lookup.js.snapshot/aws-cdk-elbv2-StackWithLb.assets.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

154 changes: 100 additions & 54 deletions ...loadbalancingv2/test/integ.nlb-lookup.js.snapshot/aws-cdk-elbv2-StackWithLb.template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,6 @@
"VPCPublicSubnet1SubnetB4246D30": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"AvailabilityZone": "test-region-1a",
"CidrBlock": "10.0.0.0/18",
"MapPublicIpOnLaunch": true,
Expand All @@ -37,21 +34,24 @@
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PublicSubnet1"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPublicSubnet1RouteTableFEE4B781": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PublicSubnet1"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPublicSubnet1RouteTableAssociation0B0896DC": {
Expand All @@ -68,12 +68,12 @@
"VPCPublicSubnet1DefaultRoute91CEF279": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VPCPublicSubnet1RouteTableFEE4B781"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VPCIGWB7E252D3"
},
"RouteTableId": {
"Ref": "VPCPublicSubnet1RouteTableFEE4B781"
}
},
"DependsOn": [
Expand All @@ -95,15 +95,15 @@
"VPCPublicSubnet1NATGatewayE0556630": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"SubnetId": {
"Ref": "VPCPublicSubnet1SubnetB4246D30"
},
"AllocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet1EIP6AD938E8",
"AllocationId"
]
},
"SubnetId": {
"Ref": "VPCPublicSubnet1SubnetB4246D30"
},
"Tags": [
{
"Key": "Name",
Expand All @@ -119,9 +119,6 @@
"VPCPublicSubnet2Subnet74179F39": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"AvailabilityZone": "test-region-1b",
"CidrBlock": "10.0.64.0/18",
"MapPublicIpOnLaunch": true,
Expand All @@ -138,21 +135,24 @@
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PublicSubnet2"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPublicSubnet2RouteTable6F1A15F1": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PublicSubnet2"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPublicSubnet2RouteTableAssociation5A808732": {
Expand All @@ -169,12 +169,12 @@
"VPCPublicSubnet2DefaultRouteB7481BBA": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VPCIGWB7E252D3"
},
"RouteTableId": {
"Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
}
},
"DependsOn": [
Expand All @@ -196,15 +196,15 @@
"VPCPublicSubnet2NATGateway3C070193": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"SubnetId": {
"Ref": "VPCPublicSubnet2Subnet74179F39"
},
"AllocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet2EIP4947BC00",
"AllocationId"
]
},
"SubnetId": {
"Ref": "VPCPublicSubnet2Subnet74179F39"
},
"Tags": [
{
"Key": "Name",
Expand All @@ -220,9 +220,6 @@
"VPCPrivateSubnet1Subnet8BCA10E0": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"AvailabilityZone": "test-region-1a",
"CidrBlock": "10.0.128.0/18",
"MapPublicIpOnLaunch": false,
Expand All @@ -239,21 +236,24 @@
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PrivateSubnet1"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPrivateSubnet1RouteTableBE8A6027": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PrivateSubnet1"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPrivateSubnet1RouteTableAssociation347902D1": {
Expand All @@ -270,21 +270,18 @@
"VPCPrivateSubnet1DefaultRouteAE1D6490": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VPCPublicSubnet1NATGatewayE0556630"
},
"RouteTableId": {
"Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
}
}
},
"VPCPrivateSubnet2SubnetCFCDAA7A": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"AvailabilityZone": "test-region-1b",
"CidrBlock": "10.0.192.0/18",
"MapPublicIpOnLaunch": false,
Expand All @@ -301,21 +298,24 @@
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PrivateSubnet2"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPrivateSubnet2RouteTable0A19E10E": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-elbv2-StackWithLb/VPC/PrivateSubnet2"
}
]
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"VPCPrivateSubnet2RouteTableAssociation0C73D413": {
Expand All @@ -332,12 +332,12 @@
"VPCPrivateSubnet2DefaultRouteF4F5CFD2": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VPCPublicSubnet2NATGateway3C070193"
},
"RouteTableId": {
"Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
}
}
},
Expand All @@ -355,11 +355,27 @@
"VPCVPCGW99B986DC": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "VPCB9E5F0B4"
},
"InternetGatewayId": {
"Ref": "VPCIGWB7E252D3"
},
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
"SGADB53937": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "aws-cdk-elbv2-StackWithLb/SG",
"SecurityGroupEgress": [
{
"CidrIp": "0.0.0.0/0",
"Description": "Allow all outbound traffic by default",
"IpProtocol": "-1"
}
],
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
}
},
Expand All @@ -374,6 +390,14 @@
],
"Name": "my-load-balancer",
"Scheme": "internet-facing",
"SecurityGroups": [
{
"Fn::GetAtt": [
"SGADB53937",
"GroupId"
]
}
],
"Subnets": [
{
"Ref": "VPCPublicSubnet1SubnetB4246D30"
Expand Down Expand Up @@ -414,12 +438,12 @@
"Properties": {
"Port": 443,
"Protocol": "TCP",
"TargetType": "ip",
"Targets": [
{
"Id": "10.0.1.1"
}
],
"TargetType": "ip",
"VpcId": {
"Ref": "VPCB9E5F0B4"
}
Expand All @@ -443,6 +467,28 @@
"Name": "TgArn"
}
},
"SgId": {
"Value": {
"Fn::GetAtt": [
"SGADB53937",
"GroupId"
]
},
"Export": {
"Name": "SgId"
}
},
"ExportsOutputFnGetAttSGADB53937GroupId97E49F2D": {
"Value": {
"Fn::GetAtt": [
"SGADB53937",
"GroupId"
]
},
"Export": {
"Name": "aws-cdk-elbv2-StackWithLb:ExportsOutputFnGetAttSGADB53937GroupId97E49F2D"
}
},
"ExportsOutputRefLB8A12904C1150D6A6": {
"Value": {
"Ref": "LB8A12904C"
Expand Down
6 changes: 3 additions & 3 deletions ...ancingv2/test/integ.nlb-lookup.js.snapshot/aws-cdk-elbv2-integ-StackUnderTest.assets.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 1e69cc6

Please sign in to comment.