问题描述
出于内部原因,我们被锁定在CDK 1.32中,该CDK具有许多缺少的功能,例如向应用程序负载平衡器添加安全组
这就是我要完成的事情
const sg_port_80 = ec2.SecurityGroup.fromSecurityGroupId(this,'SG',props.sg_port_80,{
mutable: false
})
this.fargateService = new ecs_patterns.ApplicationLoadBalancedFargateService(this,'MyFargateService',{
cluster: props.ecsCluster,cpu: 256,desiredCount: 1,taskImageOptions: {image: ecs.ContainerImage.fromregistry('amazon/amazon-ecs-sample')},memoryLimitMiB: 512,publicLoadBalancer: true,securityGroups: [sg_port_80]
})
此问题是CDK 1.32无法使用。我想做的是将一个现有的安全组添加到应用程序负载平衡Fargate服务。有谁熟悉我将如何在CDK 1.32中实现这一目标?
解决方法
要将安全组添加到负载均衡器,您可以在负载均衡器构造上调用 .addSecurityGroup()。
...
const service = new ApplicationLoadBalancedFargateService(
this,'yourService123',{
cluster: this.cluster,taskDefinition,listenerPort: 1234,//your port
publicLoadBalancer: false,securityGroups: [yourSecurityGroup],}
);
service.targetGroup.configureHealthCheck({
port: healthCheckPort.toString(),healthyThresholdCount: 2,unhealthyThresholdCount: 4,});
// FOLLOWING LINE ADDS A SECURTY GROUP TO ALB
service.loadBalancer.addSecurityGroup(yourSecurityGroup);
...