Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

(aws-ec2): ApplicationLoadBalancer - Expose created Listeners as collection

See original GitHub issue

Listeners that are created via calls to addListener() should be exposed as a collection property of ApplicationLoadBalancer.

Use Case

When the ALB is created through mechanisms outside of my direct control, such as ApplicationLoadBalancedFargateService, I am unable to alter listener properties such as the sslPolicy (see https://github.com/aws/aws-cdk/issues/8816).

Proposed Solution

There is a general OO design principal that goes something like “that which creates contains”. (At least according to Craig Larman there is). This principal seems to be followed generally throughout the CDK but seems to have been missed in this instance.

Add a public Listeners property which includes listeners that were added via addListeners.

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:9
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

7reactions
rcollettecommented, Dec 3, 2020

I have to remember with Typescript that the goto method of overriding behavior is not necessarily Monkey Patching. Inheritance works.

I would still classify this as a workaround.

/**
 * An ApplicationLoadBalancer whose listener ssPolicy is set to SslPolicy.FORWARD_SECRECY_TLS12
 *
 * <p>The default ApplicationLoadBalancer sslPolicy is set to include TLS 1.1 and static ciphers.</p>
 * <p>ApplicationLoadBalancer's constructor properties do not include an option for specifying the default sslPolicy
 * used when the addListener method is called by other constructs such as ApplicationLoadBalancedFargateService and
 * it also does not expose the listeners collection as a property so that the sslPolicy can be modified after the
 * fact.</p>
 * <p>We use this class to provide a means of consistently set the TLS version to corporate standards when using an ALB.</p>
 */
export class ApplicationLoadBalancerStandardized extends ApplicationLoadBalancer {

    public addListener(id: string, props: BaseApplicationListenerProps): ApplicationListener {
        // HACK: cast to any so we can override a "readonly" property.
        (props.sslPolicy as any) = SslPolicy.FORWARD_SECRECY_TLS12;
        return super.addListener(id, props);
    }
}

In use

// We create the ALB explicitly rather than letting ApplicationLoadBalancedFargateService (ALBFS)
// create it so that we can set the sslPolicy, which is not possible when the ALB is created with ALBFS.
// To match the ALB id that would be generated by ALBFS if it were to create the ALB, we must prefix
// the ALB id with the same id as the ALBFS.
const loadBalancer = new ApplicationLoadBalancerStandardized(this, `${this._props.serviceName}LB`, {
  vpc: cluster.vpc,
  internetFacing: this._props.publicLoadBalancer !== undefined ? this._props.publicLoadBalancer : true
});
const fargateService = new ApplicationLoadBalancedFargateService(this, this._props.serviceName, {
  cluster,
  loadBalancer,
  ...
  ...
3reactions
MisterGlasscommented, Mar 18, 2021

I have this exact use case as well. Is there any timeline on a fix? I may have to rewrite my whole stack to allow setting this.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Getting started with Application Load Balancers
This tutorial provides a hands-on introduction to Application Load Balancers through the AWS Management Console, a web-based interface. To create your first ...
Read more >
How to Create an AWS Application Load Balancer for Your ...
Choose Application Load Balancer by clicking the Create button. In Step 1, you give the load balancer the name MyFirstLoadBalancer. Set the listener...
Read more >
How to route traffic to your Docker container in AWS ECS ...
Introducing the Application Load Balancer · Load Balancer Listener: checks for connections from clients. Uses configurable rules to determine how ...
Read more >
How to create Application Load Balancer using Terraform ...
In this video, we will create an application load balancer in AWS using Terraform. ‍♂️ - To support my channel, I offer...
Read more >
Set up a load balancer, target groups, and listeners for ...
Verify your default VPC, public subnets, and security group · Create an Amazon EC2 Application Load Balancer, two target groups, and listeners (console)....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

(aws-rds): grantConnect for IAM authentication provides invalid permissions (surface DbiResourceId)

Next page

(aws-eks): managed nodegroup for spot instances