From d4b5ccbc8bd5c701202efd552806463e45becc30 Mon Sep 17 00:00:00 2001 From: Raman Singh Date: Fri, 4 Jun 2021 11:46:30 +0530 Subject: [PATCH 1/4] feat(elb): set accessLoggingPolicy property with L2 LoadBalancer --- .../aws-elasticloadbalancing/lib/load-balancer.ts | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index d60d91e0a9a51..4df9289e800dd 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -71,6 +71,17 @@ export interface LoadBalancerProps { * @default - Public subnets if internetFacing, Private subnets otherwise */ readonly subnetSelection?: SubnetSelection; + + /** + * Enable Loadbalancer access logs + * Can be used to avoid manual work as aws console + * Required S3 bucket name , enabled flag + * Can add interval for pushing log + * Can set bucket prefix in order to provide folder name inside bucket + * @default - disabled + */ + readonly accessLogPolicy?: CfnLoadBalancer.AccessLoggingPolicyProperty; + } /** @@ -262,6 +273,10 @@ export class LoadBalancer extends Resource implements IConnectable { this.elb.node.addDependency(selectedSubnets.internetConnectivityEstablished); } + if (props?.accessLogPolicy?.enabled) { + this.elb.accessLoggingPolicy = Object.assign(props.accessLogPolicy, { enabled: true } ); + } + ifUndefined(props.listeners, []).forEach(b => this.addListener(b)); ifUndefined(props.targets, []).forEach(t => this.addTarget(t)); } From c2d8905f34d59cdf410ce2ade28e7b6be75e2d08 Mon Sep 17 00:00:00 2001 From: Raman Singh Date: Sat, 5 Jun 2021 14:05:32 +0530 Subject: [PATCH 2/4] feat(elb): set accessLoggingPolicy property with L2 LoadBalancer --- .../lib/load-balancer.ts | 6 +-- .../test/loadbalancer.test.ts | 46 +++++++++++++++++++ 2 files changed, 49 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts index 4df9289e800dd..e4029c9dc55c6 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/lib/load-balancer.ts @@ -80,7 +80,7 @@ export interface LoadBalancerProps { * Can set bucket prefix in order to provide folder name inside bucket * @default - disabled */ - readonly accessLogPolicy?: CfnLoadBalancer.AccessLoggingPolicyProperty; + readonly accessLoggingPolicy?: CfnLoadBalancer.AccessLoggingPolicyProperty; } @@ -273,8 +273,8 @@ export class LoadBalancer extends Resource implements IConnectable { this.elb.node.addDependency(selectedSubnets.internetConnectivityEstablished); } - if (props?.accessLogPolicy?.enabled) { - this.elb.accessLoggingPolicy = Object.assign(props.accessLogPolicy, { enabled: true } ); + if (props.accessLoggingPolicy !== undefined) { + this.elb.accessLoggingPolicy = props.accessLoggingPolicy; } ifUndefined(props.listeners, []).forEach(b => this.addListener(b)); diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 9cac87e057e87..0f335ecde308a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -249,6 +249,52 @@ describe('tests', () => { sslCertificateId: sslCertificateArn, })).toThrow(/"sslCertificateId" is deprecated, please use "sslCertificateArn" only./); }); + + test('enable load balancer access logs', () => { + // GIVEN + const stack = new Stack(); + const vpc = new Vpc(stack, 'VCP'); + + // WHEN + new LoadBalancer(stack, 'LB', { + vpc, + accessLoggingPolicy:{ + enabled:true, + s3BucketName:"fakeBucket" + }, + }); + + // THEN + expect(stack).toHaveResource('AWS::ElasticLoadBalancing::LoadBalancer', { + "AccessLoggingPolicy": { + "Enabled": true, + "S3BucketName": "fakeBucket" + }, + }); + }); + + test('disable load balancer access logs', () => { + // GIVEN + const stack = new Stack(); + const vpc = new Vpc(stack, 'VCP'); + + // WHEN + new LoadBalancer(stack, 'LB', { + vpc, + accessLoggingPolicy:{ + enabled:false, + s3BucketName:"fakeBucket" + }, + }); + + // THEN + expect(stack).toHaveResource('AWS::ElasticLoadBalancing::LoadBalancer', { + "AccessLoggingPolicy": { + "Enabled": false, + "S3BucketName": "fakeBucket" + }, + }); + }); }); class FakeTarget implements ILoadBalancerTarget { From e2e1d1186203fb02ee1ae37d528aff445d05d584 Mon Sep 17 00:00:00 2001 From: Raman Singh Date: Sat, 5 Jun 2021 14:28:40 +0530 Subject: [PATCH 3/4] feat(elb): set accessLoggingPolicy property with L2 LoadBalancer --- .../test/loadbalancer.test.ts | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 0f335ecde308a..bba947a5063cd 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -258,17 +258,17 @@ describe('tests', () => { // WHEN new LoadBalancer(stack, 'LB', { vpc, - accessLoggingPolicy:{ - enabled:true, - s3BucketName:"fakeBucket" + accessLoggingPolicy: { + enabled: true, + s3BucketName: 'fakeBucket', }, }); // THEN expect(stack).toHaveResource('AWS::ElasticLoadBalancing::LoadBalancer', { - "AccessLoggingPolicy": { - "Enabled": true, - "S3BucketName": "fakeBucket" + AccessLoggingPolicy: { + Enabled: true, + S3BucketName: 'fakeBucket', }, }); }); @@ -281,17 +281,17 @@ describe('tests', () => { // WHEN new LoadBalancer(stack, 'LB', { vpc, - accessLoggingPolicy:{ - enabled:false, - s3BucketName:"fakeBucket" + accessLoggingPolicy: { + enabled: false, + s3BucketName: 'fakeBucket', }, }); // THEN expect(stack).toHaveResource('AWS::ElasticLoadBalancing::LoadBalancer', { - "AccessLoggingPolicy": { - "Enabled": false, - "S3BucketName": "fakeBucket" + AccessLoggingPolicy: { + Enabled: false, + S3BucketName: 'fakeBucket', }, }); }); From a5ec342888261f2895924bac529e5f240359a1c0 Mon Sep 17 00:00:00 2001 From: Raman Singh Date: Sat, 5 Jun 2021 14:34:57 +0530 Subject: [PATCH 4/4] feat(elb): set accessLoggingPolicy property with L2 LoadBalancer --- .../@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index bba947a5063cd..aa6c1c8b88ad0 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -249,7 +249,7 @@ describe('tests', () => { sslCertificateId: sslCertificateArn, })).toThrow(/"sslCertificateId" is deprecated, please use "sslCertificateArn" only./); }); - + test('enable load balancer access logs', () => { // GIVEN const stack = new Stack();