-
Notifications
You must be signed in to change notification settings - Fork 4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(ecs): VPC link for API Gatweay and ECS services (#1541)
Overview ======== The primary purpose of this work is to fill in the gaps in implementation for deploying a VPC link between API Gateway, and an ECS service. My goal was to allow setting up a {proxy+} API which would forward to a Fargate service in a private VPC. This has been tagged as 'ecs', but also involves changes to api gateway. Since VPC links require an NLB, the LoadBalanced{Fargate|Ecs}Service classes have been modified to support selecting either an ALB or an NLB. Changes ======= On the APIGW side, `IntegrationOptions` now accepts an optional connetion type enum, as well as a VpcLink. `VpcLink` itself is a new construct which accepts an array of Network Load Balancers. I also added the missing `requestParameters` prop for `Method`, to allow properly setting up a proxy path variable. For ECS, in my use case I wanted to use the LoadBalanced*Service constructs, however they only supported ALB. I have pulled all of the ELBv2 related setup into the new `LoadBalancedService` base class, and also created a base props interface `LoadBalancedServiceProps`. This deals with the common setup between the Fargate and ECS services, and allows the selection of ALB or NLB. As a side-effect of this refactoring, you can also now pass a Certificate to `LoadBalancedEcsService`. There is a new `Method` test for the VPC link props, as well as new tests for both `VpcLink` and `LoadBalancedFargateService`.
- Loading branch information
Showing
12 changed files
with
369 additions
and
146 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
import elbv2 = require('@aws-cdk/aws-elasticloadbalancingv2'); | ||
import cdk = require('@aws-cdk/cdk'); | ||
import { CfnVpcLink } from './apigateway.generated'; | ||
|
||
/** | ||
* Properties for a VpcLink | ||
*/ | ||
export interface VpcLinkProps { | ||
/** | ||
* The name used to label and identify the VPC link. | ||
* @default automatically generated name | ||
*/ | ||
name?: string; | ||
|
||
/** | ||
* The description of the VPC link. | ||
* @default no description | ||
*/ | ||
description?: string; | ||
|
||
/** | ||
* The network load balancers of the VPC targeted by the VPC link. | ||
* The network load balancers must be owned by the same AWS account of the API owner. | ||
*/ | ||
targets: elbv2.INetworkLoadBalancer[]; | ||
} | ||
|
||
/** | ||
* Define a new VPC Link | ||
* Specifies an API Gateway VPC link for a RestApi to access resources in an Amazon Virtual Private Cloud (VPC). | ||
*/ | ||
export class VpcLink extends cdk.Construct { | ||
/** | ||
* Physical ID of the VpcLink resource | ||
*/ | ||
public readonly vpcLinkId: string; | ||
|
||
constructor(scope: cdk.Construct, id: string, props: VpcLinkProps) { | ||
super(scope, id); | ||
|
||
const cfnResource = new CfnVpcLink(this, 'Resource', { | ||
name: props.name || this.node.uniqueId, | ||
description: props.description, | ||
targetArns: props.targets.map(nlb => nlb.loadBalancerArn) | ||
}); | ||
|
||
this.vpcLinkId = cfnResource.vpcLinkId; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
import { expect, haveResourceLike } from '@aws-cdk/assert'; | ||
import ec2 = require('@aws-cdk/aws-ec2'); | ||
import elbv2 = require('@aws-cdk/aws-elasticloadbalancingv2'); | ||
import cdk = require('@aws-cdk/cdk'); | ||
import { Test } from 'nodeunit'; | ||
import apigateway = require('../lib'); | ||
|
||
export = { | ||
'default setup'(test: Test) { | ||
// GIVEN | ||
const stack = new cdk.Stack(); | ||
const vpc = new ec2.VpcNetwork(stack, 'VPC'); | ||
const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { | ||
vpc | ||
}); | ||
|
||
// WHEN | ||
new apigateway.VpcLink(stack, 'VpcLink', { | ||
name: 'MyLink', | ||
targets: [nlb] | ||
}); | ||
|
||
// THEN | ||
expect(stack).to(haveResourceLike('AWS::ApiGateway::VpcLink', { | ||
Name: "MyLink", | ||
TargetArns: [ { Ref: "NLB55158F82" } ] | ||
})); | ||
|
||
test.done(); | ||
}, | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.