Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(elbv2): Implement IConnectable to NLB #28494

Merged
merged 28 commits into from
Jan 16, 2024
Merged

feat(elbv2): Implement IConnectable to NLB #28494

merged 28 commits into from
Jan 16, 2024

Conversation

WinterYukky
Copy link
Contributor

Summary

Implement an IConnectable interface to a NetworkLoadBalancer.

Why need this change?

AWS CDK has great features for abstraction. IConnectable interface is one of this. IConnectable simplifies the management of security groups. AWS CDK add support security group to NLB at #27978. However, Currently NLB not implement IConnectable, so customers can't use useful interface in AWS CDK.

Example use case

declare const lb: elbv2.NetworkLoadBalancer;
declare const asg: autoscaling.AutoScalingGroup;

asg.connections.allowFrom(lb, ec2.Port.tcp(8088)); // currently can not

Closes #26735

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2 labels Dec 26, 2023
@aws-cdk-automation aws-cdk-automation requested a review from a team December 26, 2023 16:01
@github-actions github-actions bot added the admired-contributor [Pilot] contributed between 13-24 PRs to the CDK label Dec 26, 2023
aws-cdk-automation
aws-cdk-automation previously requested changes Dec 26, 2023
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

WinterYukky
WinterYukky commented Dec 26, 2023
View reviewed changes
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated
Comment on lines 209 to 211
securityGroups: Lazy.list({
produce: () => this.connections.securityGroups.length >= 1 ? this.connections.securityGroups.map(sg => sg.securityGroupId) : undefined,
}),
Copy link
Contributor Author

@WinterYukky WinterYukky Dec 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If securityGroups becomes an empty array from undefined, an update will be applied and deployment will not be possible, so in the case of an empty array, it is undefined for backwards compatibility.
ref: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-security-groups.html#security-group-considerations

@aws-cdk-automation aws-cdk-automation dismissed their stale review December 27, 2023 15:43

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

WinterYukky
WinterYukky commented Dec 28, 2023
View reviewed changes
packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.ts
Comment on lines +15 to +26
const backend = new elbv2.ApplicationLoadBalancer(stack, 'Backend', {
vpc,
});
backend.addListener('Listener', {
protocol: elbv2.ApplicationProtocol.HTTP,
defaultAction: elbv2.ListenerAction.fixedResponse(200, {
contentType: 'application/json',
messageBody: JSON.stringify({
Message: 'I am ALB!',
}),
}),
});
Copy link
Contributor Author

@WinterYukky WinterYukky Dec 28, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I changed target to ALB from IP to test reachability client -> nlb -> backend. This test can check security group settings via http api call.

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Dec 29, 2023
@github-actions github-actions bot mentioned this pull request Jan 1, 2024
Closed
lpizzinidev
lpizzinidev suggested changes Jan 2, 2024
View reviewed changes
Copy link
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍
I left some suggestions for adjustments, feel free to comment on those.

packages/@aws-cdk/cli-lib-alpha/THIRD_PARTY_LICENSES Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts Show resolved Hide resolved
@aws-cdk-automation aws-cdk-automation removed pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. labels Jan 2, 2024
WinterYukky and others added 7 commits January 4, 2024 09:18
@WinterYukky
Copy link
Contributor Author

@lpizzinidev Thanks your reviewing!!
Your comments are great and I fixed the codes lined your comments. Could you re:review?
(feature flag about create default security group is out of this topic so I'll create another PR)

lpizzinidev
lpizzinidev suggested changes Jan 5, 2024
View reviewed changes
Copy link
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍
I left some comments for a final cleanup and adjustments.

packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated Show resolved Hide resolved
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts Outdated Show resolved Hide resolved
lpizzinidev
lpizzinidev approved these changes Jan 5, 2024
View reviewed changes
Copy link
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍

@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Jan 5, 2024
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 2a13aa1
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

paulhcsun
paulhcsun approved these changes Jan 16, 2024
View reviewed changes
Copy link
Contributor

@paulhcsun paulhcsun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution @WinterYukky! This will be a very useful addition for the community.

As always, thanks for reviewing @lpizzinidev!

paulhcsun
paulhcsun approved these changes Jan 16, 2024
View reviewed changes
Copy link
Contributor

@paulhcsun paulhcsun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution @WinterYukky! This will be a very useful addition for the community.

As always, thanks for reviewing @lpizzinidev!

@mergify Mergify
Copy link
Contributor

mergify bot commented Jan 16, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 1e69cc6 into aws:main Jan 16, 2024
11 checks passed
@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Jan 16, 2024
This was referenced Feb 10, 2024
Open
Open
Open
@adam-clauss adam-clauss mentioned this pull request Oct 3, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lpizzinidev lpizzinidev lpizzinidev approved these changes

@paulhcsun paulhcsun paulhcsun approved these changes

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

Assignees
No one assigned
Labels
admired-contributor [Pilot] contributed between 13-24 PRs to the CDK effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(aws-elasticloadbalancingv2): (network-load-balancer-supports-security-groups)
4 participants
@WinterYukky @aws-cdk-automation @lpizzinidev @paulhcsun