diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets.json new file mode 100644 index 0000000000000..6a74b3e275099 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1 Template", + "source": { + "path": "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d8d86b35": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.assets.json new file mode 100644 index 0000000000000..fd6cb26f6895a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "4acee6fbd77c9230804c69f35cebd32c7a1e8fffb3020981fb47edde4d5ec8a7": { + "displayName": "aws-ecs-integ-alb-fargate-public-private-switch Template", + "source": { + "path": "aws-ecs-integ-alb-fargate-public-private-switch.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d1a695e3": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "4acee6fbd77c9230804c69f35cebd32c7a1e8fffb3020981fb47edde4d5ec8a7.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.template.json new file mode 100644 index 0000000000000..27eb84e236301 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.template.json @@ -0,0 +1,1120 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fargate-public-private-switch/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "FargateCluster7CCD5F93": { + "Type": "AWS::ECS::Cluster" + }, + "PrivateALBFargateServiceLB3F43693F": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internal", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "PrivateALBFargateServiceLBSecurityGroupE686114D", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "Type": "application" + } + }, + "PrivateALBFargateServiceLBSecurityGroupE686114D": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBDD88D81A", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "PrivateALBFargateServiceLBSecurityGrouptoawsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8805A1548BC": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceSecurityGroup4470C11F", + "GroupId" + ] + }, + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceLBSecurityGroupE686114D", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "ToPort": 80 + } + }, + "PrivateALBFargateServiceLBPublicListener0B0F0B97": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "PrivateALBFargateServiceLB3F43693F" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "PrivateALBFargateServiceTaskDefTaskRole00F16D72": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PrivateALBFargateServiceTaskDef3EEE16CB": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449" + }, + "awslogs-stream-prefix": "PrivateALBFargateService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "512", + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceTaskDefExecutionRole946533BE", + "Arn" + ] + }, + "Family": "awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceTaskDefAD1960DA", + "Memory": "1024", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceTaskDefTaskRole00F16D72", + "Arn" + ] + } + } + }, + "PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "PrivateALBFargateServiceTaskDefExecutionRole946533BE": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PrivateALBFargateServiceTaskDefExecutionRoleDefaultPolicy97ADB212": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PrivateALBFargateServiceTaskDefExecutionRoleDefaultPolicy97ADB212", + "Roles": [ + { + "Ref": "PrivateALBFargateServiceTaskDefExecutionRole946533BE" + } + ] + } + }, + "PrivateALBFargateServiceF2248791": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "FargateCluster7CCD5F93" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "PrivateALBFargateServiceSecurityGroup4470C11F", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "PrivateALBFargateServiceTaskDef3EEE16CB" + } + }, + "DependsOn": [ + "PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B", + "PrivateALBFargateServiceLBPublicListener0B0F0B97", + "PrivateALBFargateServiceTaskDefTaskRole00F16D72" + ] + }, + "PrivateALBFargateServiceSecurityGroup4470C11F": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "PrivateALBFargateServiceTaskDefTaskRole00F16D72" + ] + }, + "PrivateALBFargateServiceSecurityGroupfromawsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF9280EC02C625": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "Description": "Load balancer to target", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceSecurityGroup4470C11F", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceLBSecurityGroupE686114D", + "GroupId" + ] + }, + "ToPort": 80 + }, + "DependsOn": [ + "PrivateALBFargateServiceTaskDefTaskRole00F16D72" + ] + }, + "PublicALBFargateServiceLBBDD839E7": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "PublicALBFargateServiceLBSecurityGroup70C230FD", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677", + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "PublicALBFargateServiceLBSecurityGroup70C230FD": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBFEFC4551", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "PublicALBFargateServiceLBSecurityGrouptoawsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE28063070DB7": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "PublicALBFargateServiceSecurityGroup68BF5FCB", + "GroupId" + ] + }, + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "PublicALBFargateServiceLBSecurityGroup70C230FD", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "ToPort": 80 + } + }, + "PublicALBFargateServiceLBPublicListenerB37A9E4A": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "PublicALBFargateServiceLBPublicListenerECSGroupD991EA00" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "PublicALBFargateServiceLBBDD839E7" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "PublicALBFargateServiceLBPublicListenerECSGroupD991EA00": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "PublicALBFargateServiceTaskDefTaskRole372A6750": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PublicALBFargateServiceTaskDef11A29312": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "PublicALBFargateServiceTaskDefwebLogGroupA74781A6" + }, + "awslogs-stream-prefix": "PublicALBFargateService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "512", + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "PublicALBFargateServiceTaskDefExecutionRole1140586F", + "Arn" + ] + }, + "Family": "awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceTaskDef16D2905F", + "Memory": "1024", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "PublicALBFargateServiceTaskDefTaskRole372A6750", + "Arn" + ] + } + } + }, + "PublicALBFargateServiceTaskDefwebLogGroupA74781A6": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "PublicALBFargateServiceTaskDefExecutionRole1140586F": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PublicALBFargateServiceTaskDefExecutionRoleDefaultPolicy3CC501BF": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "PublicALBFargateServiceTaskDefwebLogGroupA74781A6", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PublicALBFargateServiceTaskDefExecutionRoleDefaultPolicy3CC501BF", + "Roles": [ + { + "Ref": "PublicALBFargateServiceTaskDefExecutionRole1140586F" + } + ] + } + }, + "PublicALBFargateServiceCF0E8817": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "FargateCluster7CCD5F93" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "PublicALBFargateServiceLBPublicListenerECSGroupD991EA00" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "PublicALBFargateServiceSecurityGroup68BF5FCB", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "PublicALBFargateServiceTaskDef11A29312" + } + }, + "DependsOn": [ + "PublicALBFargateServiceLBPublicListenerECSGroupD991EA00", + "PublicALBFargateServiceLBPublicListenerB37A9E4A", + "PublicALBFargateServiceTaskDefTaskRole372A6750" + ] + }, + "PublicALBFargateServiceSecurityGroup68BF5FCB": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "PublicALBFargateServiceTaskDefTaskRole372A6750" + ] + }, + "PublicALBFargateServiceSecurityGroupfromawsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB09289428049553A59": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "Description": "Load balancer to target", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "PublicALBFargateServiceSecurityGroup68BF5FCB", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "PublicALBFargateServiceLBSecurityGroup70C230FD", + "GroupId" + ] + }, + "ToPort": 80 + }, + "DependsOn": [ + "PublicALBFargateServiceTaskDefTaskRole372A6750" + ] + } + }, + "Outputs": { + "PrivateALBFargateServiceLoadBalancerDNSF1F04A03": { + "Value": { + "Fn::GetAtt": [ + "PrivateALBFargateServiceLB3F43693F", + "DNSName" + ] + } + }, + "PrivateALBFargateServiceServiceURL977B4D9D": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "PrivateALBFargateServiceLB3F43693F", + "DNSName" + ] + } + ] + ] + } + }, + "PublicALBFargateServiceLoadBalancerDNSBE85AD64": { + "Value": { + "Fn::GetAtt": [ + "PublicALBFargateServiceLBBDD839E7", + "DNSName" + ] + } + }, + "PublicALBFargateServiceServiceURL367DF774": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "PublicALBFargateServiceLBBDD839E7", + "DNSName" + ] + } + ] + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/cdk.out new file mode 100644 index 0000000000000..523a9aac37cbf --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/integ.json new file mode 100644 index 0000000000000..1324f11107042 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "48.0.0", + "testCases": { + "ALBFargatePublicPrivateSwitchTest/DefaultTest": { + "stacks": [ + "aws-ecs-integ-alb-fargate-public-private-switch" + ], + "assertionStack": "ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert", + "assertionStackName": "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1" + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/manifest.json new file mode 100644 index 0000000000000..b0b18b278d452 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/manifest.json @@ -0,0 +1,1479 @@ +{ + "version": "48.0.0", + "artifacts": { + "aws-ecs-integ-alb-fargate-public-private-switch.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-ecs-integ-alb-fargate-public-private-switch.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-ecs-integ-alb-fargate-public-private-switch": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ-alb-fargate-public-private-switch.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4acee6fbd77c9230804c69f35cebd32c7a1e8fffb3020981fb47edde4d5ec8a7.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-ecs-integ-alb-fargate-public-private-switch.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-ecs-integ-alb-fargate-public-private-switch.assets" + ], + "metadata": { + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "maxAzs": "*", + "restrictDefaultSecurityGroup": false + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/FargateCluster": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/FargateCluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateCluster7CCD5F93" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLB3F43693F" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*", + "description": "*", + "allowAllOutbound": false + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + { + "canInlineRule": true, + "connections": "*", + "uniqueId": "*" + }, + {}, + "*", + false + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLBSecurityGroupE686114D" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup/to awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8:80": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLBSecurityGrouptoawsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8805A1548BC" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLBPublicListener0B0F0B97" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener/ECSPrivateGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LoadBalancerDNS": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceLoadBalancerDNSF1F04A03" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/ServiceURL": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceServiceURL977B4D9D" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole/ImportTaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceTaskDefTaskRole00F16D72" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceTaskDef3EEE16CB" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/web/LogGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "retention": "*" + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "roleName": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/ImportExecutionRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceTaskDefExecutionRole946533BE" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceTaskDefExecutionRoleDefaultPolicy97ADB212" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service": [ + { + "type": "aws:cdk:warning", + "data": "minHealthyPercent has not been configured so the default value of 50% is used. The number of running tasks will decrease below the desired count during deployments etc. See https://github.com/aws/aws-cdk/issues/31705 [ack: @aws-cdk/aws-ecs:minHealthyPercent]" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceF2248791" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceSecurityGroup4470C11F" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup/from awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF92:80": [ + { + "type": "aws:cdk:logicalId", + "data": "PrivateALBFargateServiceSecurityGroupfromawsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF9280EC02C625" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLBBDD839E7" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*", + "description": "*", + "allowAllOutbound": false + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + { + "canInlineRule": true, + "connections": "*", + "uniqueId": "*" + }, + {}, + "*", + false + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLBSecurityGroup70C230FD" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup/to awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE2:80": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLBSecurityGrouptoawsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE28063070DB7" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLBPublicListenerB37A9E4A" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener/ECSGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLBPublicListenerECSGroupD991EA00" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LoadBalancerDNS": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceLoadBalancerDNSBE85AD64" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/ServiceURL": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceServiceURL367DF774" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole/ImportTaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceTaskDefTaskRole372A6750" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceTaskDef11A29312" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/web/LogGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "retention": "*" + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceTaskDefwebLogGroupA74781A6" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "roleName": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/ImportExecutionRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceTaskDefExecutionRole1140586F" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceTaskDefExecutionRoleDefaultPolicy3CC501BF" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service": [ + { + "type": "aws:cdk:warning", + "data": "minHealthyPercent has not been configured so the default value of 50% is used. The number of running tasks will decrease below the desired count during deployments etc. See https://github.com/aws/aws-cdk/issues/31705 [ack: @aws-cdk/aws-ecs:minHealthyPercent]" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceCF0E8817" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceSecurityGroup68BF5FCB" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup/from awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB0928942:80": [ + { + "type": "aws:cdk:logicalId", + "data": "PublicALBFargateServiceSecurityGroupfromawsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB09289428049553A59" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-ecs-integ-alb-fargate-public-private-switch/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-ecs-integ-alb-fargate-public-private-switch" + }, + "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets" + ], + "metadata": { + "/ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/tree.json new file mode 100644 index 0000000000000..be50591d514c8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/tree.json @@ -0,0 +1 @@ +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"aws-ecs-integ-alb-fargate-public-private-switch":{"id":"aws-ecs-integ-alb-fargate-public-private-switch","path":"aws-ecs-integ-alb-fargate-public-private-switch","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Vpc":{"id":"Vpc","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"}}}},"EIP":{"id":"EIP","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet1EIPD7E02669","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"}}}},"EIP":{"id":"EIP","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet2EIP3C605A87","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"},"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"},"subnetId":{"Ref":"VpcPrivateSubnet1Subnet536B997A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"},"subnetId":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet2NATGateway9182C01D"},"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"}}}}}},"IGW":{"id":"IGW","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc"}]}}},"VPCGW":{"id":"VPCGW","path":"aws-ecs-integ-alb-fargate-public-private-switch/Vpc/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VpcIGWD7BA715C"},"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"FargateCluster":{"id":"FargateCluster","path":"aws-ecs-integ-alb-fargate-public-private-switch/FargateCluster","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.Cluster","version":"0.0.0","metadata":[{"vpc":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/FargateCluster/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Cluster","aws:cdk:cloudformation:props":{}}}}},"PrivateALBFargateService":{"id":"PrivateALBFargateService","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedFargateService","version":"0.0.0"},"children":{"LB":{"id":"LB","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationLoadBalancer","version":"0.0.0","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::LoadBalancer","aws:cdk:cloudformation:props":{"loadBalancerAttributes":[{"key":"deletion_protection.enabled","value":"false"}],"scheme":"internal","securityGroups":[{"Fn::GetAtt":["PrivateALBFargateServiceLBSecurityGroupE686114D","GroupId"]}],"subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"type":"application"}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":false},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Automatically created Security Group for ELB awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBDD88D81A","securityGroupIngress":[{"cidrIp":"0.0.0.0/0","ipProtocol":"tcp","fromPort":80,"toPort":80,"description":"Allow from anyone on port 80"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"to awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8:80":{"id":"to awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8:80","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/SecurityGroup/to awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceSecurityGroup34DD7BA8:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupEgress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupEgress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","destinationSecurityGroupId":{"Fn::GetAtt":["PrivateALBFargateServiceSecurityGroup4470C11F","GroupId"]},"fromPort":80,"groupId":{"Fn::GetAtt":["PrivateALBFargateServiceLBSecurityGroupE686114D","GroupId"]},"ipProtocol":"tcp","toPort":80}}}}},"PublicListener":{"id":"PublicListener","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener","version":"0.0.0","metadata":["*","*","*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnListener","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::Listener","aws:cdk:cloudformation:props":{"defaultActions":[{"type":"forward","targetGroupArn":{"Ref":"PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B"}}],"loadBalancerArn":{"Ref":"PrivateALBFargateServiceLB3F43693F"},"port":80,"protocol":"HTTP"}}},"ECSPrivateGroup":{"id":"ECSPrivateGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener/ECSPrivateGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LB/PublicListener/ECSPrivateGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnTargetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::TargetGroup","aws:cdk:cloudformation:props":{"port":80,"protocol":"HTTP","targetGroupAttributes":[{"key":"stickiness.enabled","value":"false"}],"targetType":"ip","vpcId":{"Ref":"Vpc8378EB38"}}}}}}}}}},"LoadBalancerDNS":{"id":"LoadBalancerDNS","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/LoadBalancerDNS","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"ServiceURL":{"id":"ServiceURL","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/ServiceURL","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"TaskDef":{"id":"TaskDef","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateTaskDefinition","version":"0.0.0","metadata":["*","*","*","*","*"]},"children":{"TaskRole":{"id":"TaskRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}}]},"children":{"ImportTaskRole":{"id":"ImportTaskRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole/ImportTaskRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/TaskRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}}}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnTaskDefinition","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::TaskDefinition","aws:cdk:cloudformation:props":{"containerDefinitions":[{"essential":true,"image":"amazon/amazon-ecs-sample","name":"web","portMappings":[{"containerPort":80,"protocol":"tcp"}],"logConfiguration":{"logDriver":"awslogs","options":{"awslogs-group":{"Ref":"PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449"},"awslogs-stream-prefix":"PrivateALBFargateService","awslogs-region":{"Ref":"AWS::Region"}}}}],"cpu":"512","executionRoleArn":{"Fn::GetAtt":["PrivateALBFargateServiceTaskDefExecutionRole946533BE","Arn"]},"family":"awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceTaskDefAD1960DA","memory":"1024","networkMode":"awsvpc","requiresCompatibilities":["FARGATE"],"taskRoleArn":{"Fn::GetAtt":["PrivateALBFargateServiceTaskDefTaskRole00F16D72","Arn"]}}}},"web":{"id":"web","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/web","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.ContainerDefinition","version":"0.0.0"},"children":{"LogGroup":{"id":"LogGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/web/LogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"retention":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/web/LogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{}}}}}}},"ExecutionRole":{"id":"ExecutionRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"roleName":"*"},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportExecutionRole":{"id":"ImportExecutionRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/ImportExecutionRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/TaskDef/ExecutionRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":{"Fn::GetAtt":["PrivateALBFargateServiceTaskDefwebLogGroupB4E3C449","Arn"]}}],"Version":"2012-10-17"},"policyName":"PrivateALBFargateServiceTaskDefExecutionRoleDefaultPolicy97ADB212","roles":[{"Ref":"PrivateALBFargateServiceTaskDefExecutionRole946533BE"}]}}}}}}}}},"Service":{"id":"Service","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateService","version":"0.0.0","metadata":["*"]},"children":{"Service":{"id":"Service","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnService","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Service","aws:cdk:cloudformation:props":{"cluster":{"Ref":"FargateCluster7CCD5F93"},"deploymentConfiguration":{"maximumPercent":200,"minimumHealthyPercent":50},"enableEcsManagedTags":false,"healthCheckGracePeriodSeconds":60,"launchType":"FARGATE","loadBalancers":[{"targetGroupArn":{"Ref":"PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B"},"containerName":"web","containerPort":80}],"networkConfiguration":{"awsvpcConfiguration":{"assignPublicIp":"DISABLED","subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroups":[{"Fn::GetAtt":["PrivateALBFargateServiceSecurityGroup4470C11F","GroupId"]}]}},"taskDefinition":{"Ref":"PrivateALBFargateServiceTaskDef3EEE16CB"}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"from awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF92:80":{"id":"from awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF92:80","path":"aws-ecs-integ-alb-fargate-public-private-switch/PrivateALBFargateService/Service/SecurityGroup/from awsecsintegalbfargatepublicprivateswitchPrivateALBFargateServiceLBSecurityGroup7FC4BF92:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","fromPort":80,"groupId":{"Fn::GetAtt":["PrivateALBFargateServiceSecurityGroup4470C11F","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["PrivateALBFargateServiceLBSecurityGroupE686114D","GroupId"]},"toPort":80}}}}}}}}},"PublicALBFargateService":{"id":"PublicALBFargateService","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedFargateService","version":"0.0.0"},"children":{"LB":{"id":"LB","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationLoadBalancer","version":"0.0.0","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::LoadBalancer","aws:cdk:cloudformation:props":{"loadBalancerAttributes":[{"key":"deletion_protection.enabled","value":"false"}],"scheme":"internet-facing","securityGroups":[{"Fn::GetAtt":["PublicALBFargateServiceLBSecurityGroup70C230FD","GroupId"]}],"subnets":[{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},{"Ref":"VpcPublicSubnet2Subnet691E08A3"}],"type":"application"}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":false},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Automatically created Security Group for ELB awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBFEFC4551","securityGroupIngress":[{"cidrIp":"0.0.0.0/0","ipProtocol":"tcp","fromPort":80,"toPort":80,"description":"Allow from anyone on port 80"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"to awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE2:80":{"id":"to awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE2:80","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/SecurityGroup/to awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceSecurityGroup9D254AE2:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupEgress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupEgress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","destinationSecurityGroupId":{"Fn::GetAtt":["PublicALBFargateServiceSecurityGroup68BF5FCB","GroupId"]},"fromPort":80,"groupId":{"Fn::GetAtt":["PublicALBFargateServiceLBSecurityGroup70C230FD","GroupId"]},"ipProtocol":"tcp","toPort":80}}}}},"PublicListener":{"id":"PublicListener","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener","version":"0.0.0","metadata":["*","*","*","*"]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnListener","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::Listener","aws:cdk:cloudformation:props":{"defaultActions":[{"type":"forward","targetGroupArn":{"Ref":"PublicALBFargateServiceLBPublicListenerECSGroupD991EA00"}}],"loadBalancerArn":{"Ref":"PublicALBFargateServiceLBBDD839E7"},"port":80,"protocol":"HTTP"}}},"ECSGroup":{"id":"ECSGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener/ECSGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LB/PublicListener/ECSGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnTargetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::TargetGroup","aws:cdk:cloudformation:props":{"port":80,"protocol":"HTTP","targetGroupAttributes":[{"key":"stickiness.enabled","value":"false"}],"targetType":"ip","vpcId":{"Ref":"Vpc8378EB38"}}}}}}}}}},"LoadBalancerDNS":{"id":"LoadBalancerDNS","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/LoadBalancerDNS","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"ServiceURL":{"id":"ServiceURL","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/ServiceURL","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"TaskDef":{"id":"TaskDef","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateTaskDefinition","version":"0.0.0","metadata":["*","*","*","*","*"]},"children":{"TaskRole":{"id":"TaskRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}}]},"children":{"ImportTaskRole":{"id":"ImportTaskRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole/ImportTaskRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/TaskRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}}}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnTaskDefinition","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::TaskDefinition","aws:cdk:cloudformation:props":{"containerDefinitions":[{"essential":true,"image":"amazon/amazon-ecs-sample","name":"web","portMappings":[{"containerPort":80,"protocol":"tcp"}],"logConfiguration":{"logDriver":"awslogs","options":{"awslogs-group":{"Ref":"PublicALBFargateServiceTaskDefwebLogGroupA74781A6"},"awslogs-stream-prefix":"PublicALBFargateService","awslogs-region":{"Ref":"AWS::Region"}}}}],"cpu":"512","executionRoleArn":{"Fn::GetAtt":["PublicALBFargateServiceTaskDefExecutionRole1140586F","Arn"]},"family":"awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceTaskDef16D2905F","memory":"1024","networkMode":"awsvpc","requiresCompatibilities":["FARGATE"],"taskRoleArn":{"Fn::GetAtt":["PublicALBFargateServiceTaskDefTaskRole372A6750","Arn"]}}}},"web":{"id":"web","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/web","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.ContainerDefinition","version":"0.0.0"},"children":{"LogGroup":{"id":"LogGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/web/LogGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.LogGroup","version":"0.0.0","metadata":[{"retention":"*"}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/web/LogGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_logs.CfnLogGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::Logs::LogGroup","aws:cdk:cloudformation:props":{}}}}}}},"ExecutionRole":{"id":"ExecutionRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"roleName":"*"},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportExecutionRole":{"id":"ImportExecutionRole","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/ImportExecutionRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/TaskDef/ExecutionRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":["logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":{"Fn::GetAtt":["PublicALBFargateServiceTaskDefwebLogGroupA74781A6","Arn"]}}],"Version":"2012-10-17"},"policyName":"PublicALBFargateServiceTaskDefExecutionRoleDefaultPolicy3CC501BF","roles":[{"Ref":"PublicALBFargateServiceTaskDefExecutionRole1140586F"}]}}}}}}}}},"Service":{"id":"Service","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateService","version":"0.0.0","metadata":["*"]},"children":{"Service":{"id":"Service","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnService","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Service","aws:cdk:cloudformation:props":{"cluster":{"Ref":"FargateCluster7CCD5F93"},"deploymentConfiguration":{"maximumPercent":200,"minimumHealthyPercent":50},"enableEcsManagedTags":false,"healthCheckGracePeriodSeconds":60,"launchType":"FARGATE","loadBalancers":[{"targetGroupArn":{"Ref":"PublicALBFargateServiceLBPublicListenerECSGroupD991EA00"},"containerName":"web","containerPort":80}],"networkConfiguration":{"awsvpcConfiguration":{"assignPublicIp":"DISABLED","subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroups":[{"Fn::GetAtt":["PublicALBFargateServiceSecurityGroup68BF5FCB","GroupId"]}]}},"taskDefinition":{"Ref":"PublicALBFargateServiceTaskDef11A29312"}}}},"SecurityGroup":{"id":"SecurityGroup","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"from awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB0928942:80":{"id":"from awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB0928942:80","path":"aws-ecs-integ-alb-fargate-public-private-switch/PublicALBFargateService/Service/SecurityGroup/from awsecsintegalbfargatepublicprivateswitchPublicALBFargateServiceLBSecurityGroupB0928942:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","fromPort":80,"groupId":{"Fn::GetAtt":["PublicALBFargateServiceSecurityGroup68BF5FCB","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["PublicALBFargateServiceLBSecurityGroup70C230FD","GroupId"]},"toPort":80}}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"aws-ecs-integ-alb-fargate-public-private-switch/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"aws-ecs-integ-alb-fargate-public-private-switch/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"ALBFargatePublicPrivateSwitchTest":{"id":"ALBFargatePublicPrivateSwitchTest","path":"ALBFargatePublicPrivateSwitchTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"ALBFargatePublicPrivateSwitchTest/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"ALBFargatePublicPrivateSwitchTest/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"ALBFargatePublicPrivateSwitchTest/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.ts new file mode 100644 index 0000000000000..690fa703ccfdf --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.ts @@ -0,0 +1,45 @@ +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as ecs from 'aws-cdk-lib/aws-ecs'; +import * as cdk from 'aws-cdk-lib'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-ecs-integ-alb-fargate-public-private-switch'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false }); +const cluster = new ecs.Cluster(stack, 'FargateCluster', { vpc }); + +// Test private load balancer (the problematic case from the issue) +new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PrivateALBFargateService', { + cluster, + memoryLimitMiB: 1024, + cpu: 512, + publicLoadBalancer: false, // This should create ECSPrivate target group + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, +}); + +// Test public load balancer for comparison +new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PublicALBFargateService', { + cluster, + memoryLimitMiB: 1024, + cpu: 512, + publicLoadBalancer: true, // This should create ECS target group + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, +}); + +new integ.IntegTest(app, 'ALBFargatePublicPrivateSwitchTest', { + testCases: [stack], + allowDestroy: [ + 'PrivateALBFargateServiceLB3F43693F', + 'PrivateALBFargateServiceLBPublicListenerECSPrivateGroup81AA5B8B', + 'PublicALBFargateServiceLBBDD839E7', + 'PublicALBFargateServiceLBPublicListenerECSGroupD991EA00', + ], +}); + +app.synth(); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.assets.json index 8197fedd0cea0..e740498746e28 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.assets.json @@ -1,15 +1,16 @@ { - "version": "35.0.0", + "version": "48.0.0", "files": { - "2933ab3ebf293412b6a04dfc9e64d60d83cef927017ff8c4b9ebcd43e5f013b1": { + "a9e5c98b6640f8f86487b9abf375441221e1b5ae855e39b82aad744106b9d117": { + "displayName": "TestStack Template", "source": { "path": "TestStack.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-5831914a": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "2933ab3ebf293412b6a04dfc9e64d60d83cef927017ff8c4b9ebcd43e5f013b1.json", + "objectKey": "a9e5c98b6640f8f86487b9abf375441221e1b5ae855e39b82aad744106b9d117.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.template.json index f4d4530bfc1ba..d13f72d042389 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/TestStack.template.json @@ -477,7 +477,7 @@ "DefaultActions": [ { "TargetGroupArn": { - "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" + "Ref": "ServiceLBPublicListenerECSPrivateGroup93D5832E" }, "Type": "forward" } @@ -489,7 +489,7 @@ "Protocol": "HTTP" } }, - "ServiceLBPublicListenerECSGroup0CC8688C": { + "ServiceLBPublicListenerECSPrivateGroup93D5832E": { "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties": { "Port": 80, @@ -524,7 +524,7 @@ "ContainerName": "nginx", "ContainerPort": 80, "TargetGroupArn": { - "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" + "Ref": "ServiceLBPublicListenerECSPrivateGroup93D5832E" } } ], @@ -554,7 +554,7 @@ } }, "DependsOn": [ - "ServiceLBPublicListenerECSGroup0CC8688C", + "ServiceLBPublicListenerECSPrivateGroup93D5832E", "ServiceLBPublicListener46709EAA", "TaskTaskRoleE98524A1" ] @@ -674,7 +674,7 @@ } }, "DependsOn": [ - "ServiceLBPublicListenerECSGroup0CC8688C", + "ServiceLBPublicListenerECSPrivateGroup93D5832E", "ServiceLBPublicListener46709EAA" ] } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/cdk.out index c5cb2e5de6344..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"35.0.0"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/integ.json index a61eccb0deeb3..7da3fd1a1c364 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "35.0.0", + "version": "48.0.0", "testCases": { "integ.alb-target": { "stacks": [ @@ -10,5 +10,6 @@ } }, "synthContext": {}, - "enableLookups": false + "enableLookups": false, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/manifest.json index 131ae5c7fd436..89f8907623186 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "35.0.0", + "version": "48.0.0", "artifacts": { "TestStack.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2933ab3ebf293412b6a04dfc9e64d60d83cef927017ff8c4b9ebcd43e5f013b1.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a9e5c98b6640f8f86487b9abf375441221e1b5ae855e39b82aad744106b9d117.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,12 +34,58 @@ "TestStack.assets" ], "metadata": { + "/TestStack/Vpc": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "maxAzs": "*", + "natGateways": "*", + "restrictDefaultSecurityGroup": false + } + } + ], "/TestStack/Vpc/Resource": [ { "type": "aws:cdk:logicalId", "data": "Vpc8378EB38" } ], + "/TestStack/Vpc/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], "/TestStack/Vpc/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -76,6 +122,34 @@ "data": "VpcPublicSubnet1NATGateway4D7517AA" } ], + "/TestStack/Vpc/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/TestStack/Vpc/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -100,6 +174,34 @@ "data": "VpcPublicSubnet2DefaultRoute97F91067" } ], + "/TestStack/Vpc/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/TestStack/Vpc/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", @@ -124,6 +226,34 @@ "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" } ], + "/TestStack/Vpc/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], "/TestStack/Vpc/PrivateSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", @@ -160,6 +290,41 @@ "data": "VpcVPCGWBF912B6E" } ], + "/TestStack/Task": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/TestStack/Task/TaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + } + } + ], + "/TestStack/Task/TaskRole/ImportTaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/TestStack/Task/TaskRole/Resource": [ { "type": "aws:cdk:logicalId", @@ -172,12 +337,58 @@ "data": "Task79114B6B" } ], + "/TestStack/Service/LB": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/TestStack/Service/LB/Resource": [ { "type": "aws:cdk:logicalId", "data": "ServiceLBE9A1ADBC" } ], + "/TestStack/Service/LB/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*", + "description": "*", + "allowAllOutbound": false + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + { + "canInlineRule": true, + "connections": "*", + "uniqueId": "*" + }, + {}, + "*", + false + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEgressRule": [ + "*", + {}, + "*", + true + ] + } + } + ], "/TestStack/Service/LB/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -190,16 +401,34 @@ "data": "ServiceLBSecurityGrouptoTestStackServiceSecurityGroup59159BDD804A6BA8AC" } ], + "/TestStack/Service/LB/PublicListener": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/TestStack/Service/LB/PublicListener/Resource": [ { "type": "aws:cdk:logicalId", "data": "ServiceLBPublicListener46709EAA" } ], - "/TestStack/Service/LB/PublicListener/ECSGroup/Resource": [ + "/TestStack/Service/LB/PublicListener/ECSPrivateGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ServiceLBPublicListenerECSGroup0CC8688C" + "data": "ServiceLBPublicListenerECSPrivateGroup93D5832E" } ], "/TestStack/Service/LoadBalancerDNS": [ @@ -214,12 +443,41 @@ "data": "ServiceServiceURL250C0FB6" } ], + "/TestStack/Service/Service": [ + { + "type": "aws:cdk:warning", + "data": "minHealthyPercent has not been configured so the default value of 50% is used. The number of running tasks will decrease below the desired count during deployments etc. See https://github.com/aws/aws-cdk/issues/31705 [ack: @aws-cdk/aws-ecs:minHealthyPercent]" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], "/TestStack/Service/Service/Service": [ { "type": "aws:cdk:logicalId", "data": "Service9571FDD8" } ], + "/TestStack/Service/Service/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addIngressRule": [ + "*", + {}, + "*", + false + ] + } + } + ], "/TestStack/Service/Service/SecurityGroup/Resource": [ { "type": "aws:cdk:logicalId", @@ -232,18 +490,50 @@ "data": "ServiceSecurityGroupfromTestStackServiceLBSecurityGroup76260E3B8004FB511A" } ], + "/TestStack/EcsDefaultClusterMnL3mNNYNVpc": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + } + ], "/TestStack/EcsDefaultClusterMnL3mNNYNVpc/Resource": [ { "type": "aws:cdk:logicalId", "data": "EcsDefaultClusterMnL3mNNYNVpc18E0451A" } ], + "/TestStack/Nlb": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/TestStack/Nlb/Resource": [ { "type": "aws:cdk:logicalId", "data": "NlbBCDB97FE" } ], + "/TestStack/Nlb/listener": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], "/TestStack/Nlb/listener/Resource": [ { "type": "aws:cdk:logicalId", @@ -282,6 +572,485 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } } - } + }, + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/tree.json index e13ba77e04041..687d883ce61e4 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2-targets/test/integ.alb-target.js.snapshot/tree.json @@ -1,1227 +1 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "TestStack": { - "id": "TestStack", - "path": "TestStack", - "children": { - "Vpc": { - "id": "Vpc", - "path": "TestStack/Vpc", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Vpc/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "TestStack/Vpc/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "TestStack/Vpc/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Acl": { - "id": "Acl", - "path": "TestStack/Vpc/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "TestStack/Vpc/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "TestStack/Vpc/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - }, - "subnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "TestStack/Vpc/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "routeTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "EIP": { - "id": "EIP", - "path": "TestStack/Vpc/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "TestStack/Vpc/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VpcPublicSubnet1EIPD7E02669", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - }, - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "TestStack/Vpc/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "TestStack/Vpc/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Acl": { - "id": "Acl", - "path": "TestStack/Vpc/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "TestStack/Vpc/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "TestStack/Vpc/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - }, - "subnetId": { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "TestStack/Vpc/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "routeTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "TestStack/Vpc/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "TestStack/Vpc/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "TestStack/Vpc/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Acl": { - "id": "Acl", - "path": "TestStack/Vpc/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "TestStack/Vpc/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "TestStack/Vpc/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - }, - "subnetId": { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "TestStack/Vpc/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VpcPublicSubnet1NATGateway4D7517AA" - }, - "routeTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "TestStack/Vpc/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "TestStack/Vpc/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "TestStack/Vpc/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Acl": { - "id": "Acl", - "path": "TestStack/Vpc/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "TestStack/Vpc/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "TestStack/Vpc/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - }, - "subnetId": { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "TestStack/Vpc/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VpcPublicSubnet1NATGateway4D7517AA" - }, - "routeTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "IGW": { - "id": "IGW", - "path": "TestStack/Vpc/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "TestStack/Vpc" - } - ] - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "TestStack/Vpc/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Task": { - "id": "Task", - "path": "TestStack/Task", - "children": { - "TaskRole": { - "id": "TaskRole", - "path": "TestStack/Task/TaskRole", - "children": { - "ImportTaskRole": { - "id": "ImportTaskRole", - "path": "TestStack/Task/TaskRole/ImportTaskRole", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Resource": { - "id": "Resource", - "path": "TestStack/Task/TaskRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ecs-tasks.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Resource": { - "id": "Resource", - "path": "TestStack/Task/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", - "aws:cdk:cloudformation:props": { - "containerDefinitions": [ - { - "essential": true, - "image": "public.ecr.aws/nginx/nginx:latest", - "name": "nginx", - "portMappings": [ - { - "containerPort": 80, - "protocol": "tcp" - } - ] - } - ], - "cpu": "256", - "family": "TestStackTask24CEEDF4", - "memory": "512", - "networkMode": "awsvpc", - "requiresCompatibilities": [ - "FARGATE" - ], - "taskRoleArn": { - "Fn::GetAtt": [ - "TaskTaskRoleE98524A1", - "Arn" - ] - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "nginx": { - "id": "nginx", - "path": "TestStack/Task/nginx", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Service": { - "id": "Service", - "path": "TestStack/Service", - "children": { - "LB": { - "id": "LB", - "path": "TestStack/Service/LB", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Service/LB/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", - "aws:cdk:cloudformation:props": { - "loadBalancerAttributes": [ - { - "key": "deletion_protection.enabled", - "value": "false" - } - ], - "scheme": "internal", - "securityGroups": [ - { - "Fn::GetAtt": [ - "ServiceLBSecurityGroupF7435A5C", - "GroupId" - ] - } - ], - "subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - }, - { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - ], - "type": "application" - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "TestStack/Service/LB/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Service/LB/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "Automatically created Security Group for ELB TestStackServiceLBD3BB32E9", - "securityGroupIngress": [ - { - "cidrIp": "0.0.0.0/0", - "ipProtocol": "tcp", - "fromPort": 80, - "toPort": 80, - "description": "Allow from anyone on port 80" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "to TestStackServiceSecurityGroup59159BDD:80": { - "id": "to TestStackServiceSecurityGroup59159BDD:80", - "path": "TestStack/Service/LB/SecurityGroup/to TestStackServiceSecurityGroup59159BDD:80", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", - "aws:cdk:cloudformation:props": { - "description": "Load balancer to target", - "destinationSecurityGroupId": { - "Fn::GetAtt": [ - "ServiceSecurityGroupEEA09B68", - "GroupId" - ] - }, - "fromPort": 80, - "groupId": { - "Fn::GetAtt": [ - "ServiceLBSecurityGroupF7435A5C", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "toPort": 80 - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "PublicListener": { - "id": "PublicListener", - "path": "TestStack/Service/LB/PublicListener", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Service/LB/PublicListener/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", - "aws:cdk:cloudformation:props": { - "defaultActions": [ - { - "type": "forward", - "targetGroupArn": { - "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" - } - } - ], - "loadBalancerArn": { - "Ref": "ServiceLBE9A1ADBC" - }, - "port": 80, - "protocol": "HTTP" - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "ECSGroup": { - "id": "ECSGroup", - "path": "TestStack/Service/LB/PublicListener/ECSGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Service/LB/PublicListener/ECSGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", - "aws:cdk:cloudformation:props": { - "port": 80, - "protocol": "HTTP", - "targetGroupAttributes": [ - { - "key": "stickiness.enabled", - "value": "false" - } - ], - "targetType": "ip", - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "LoadBalancerDNS": { - "id": "LoadBalancerDNS", - "path": "TestStack/Service/LoadBalancerDNS", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "ServiceURL": { - "id": "ServiceURL", - "path": "TestStack/Service/ServiceURL", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Service": { - "id": "Service", - "path": "TestStack/Service/Service", - "children": { - "Service": { - "id": "Service", - "path": "TestStack/Service/Service/Service", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::Service", - "aws:cdk:cloudformation:props": { - "cluster": { - "Ref": "EcsDefaultClusterMnL3mNNYNVpc18E0451A" - }, - "deploymentConfiguration": { - "maximumPercent": 200, - "minimumHealthyPercent": 50 - }, - "enableEcsManagedTags": false, - "healthCheckGracePeriodSeconds": 60, - "launchType": "FARGATE", - "loadBalancers": [ - { - "targetGroupArn": { - "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" - }, - "containerName": "nginx", - "containerPort": 80 - } - ], - "networkConfiguration": { - "awsvpcConfiguration": { - "assignPublicIp": "DISABLED", - "subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - }, - { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - ], - "securityGroups": [ - { - "Fn::GetAtt": [ - "ServiceSecurityGroupEEA09B68", - "GroupId" - ] - } - ] - } - }, - "taskDefinition": { - "Ref": "Task79114B6B" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "SecurityGroup": { - "id": "SecurityGroup", - "path": "TestStack/Service/Service/SecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Service/Service/SecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "TestStack/Service/Service/SecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "from TestStackServiceLBSecurityGroup76260E3B:80": { - "id": "from TestStackServiceLBSecurityGroup76260E3B:80", - "path": "TestStack/Service/Service/SecurityGroup/from TestStackServiceLBSecurityGroup76260E3B:80", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", - "aws:cdk:cloudformation:props": { - "description": "Load balancer to target", - "fromPort": 80, - "groupId": { - "Fn::GetAtt": [ - "ServiceSecurityGroupEEA09B68", - "GroupId" - ] - }, - "ipProtocol": "tcp", - "sourceSecurityGroupId": { - "Fn::GetAtt": [ - "ServiceLBSecurityGroupF7435A5C", - "GroupId" - ] - }, - "toPort": 80 - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "EcsDefaultClusterMnL3mNNYNVpc": { - "id": "EcsDefaultClusterMnL3mNNYNVpc", - "path": "TestStack/EcsDefaultClusterMnL3mNNYNVpc", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/EcsDefaultClusterMnL3mNNYNVpc/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Nlb": { - "id": "Nlb", - "path": "TestStack/Nlb", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Nlb/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", - "aws:cdk:cloudformation:props": { - "loadBalancerAttributes": [ - { - "key": "deletion_protection.enabled", - "value": "false" - }, - { - "key": "load_balancing.cross_zone.enabled", - "value": "true" - } - ], - "scheme": "internet-facing", - "subnets": [ - { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - }, - { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - } - ], - "type": "network" - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "listener": { - "id": "listener", - "path": "TestStack/Nlb/listener", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Nlb/listener/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", - "aws:cdk:cloudformation:props": { - "defaultActions": [ - { - "type": "forward", - "targetGroupArn": { - "Ref": "NlblistenerTargetsGroupDD2A3CB0" - } - } - ], - "loadBalancerArn": { - "Ref": "NlbBCDB97FE" - }, - "port": 80, - "protocol": "TCP" - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "TargetsGroup": { - "id": "TargetsGroup", - "path": "TestStack/Nlb/listener/TargetsGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Nlb/listener/TargetsGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", - "aws:cdk:cloudformation:props": { - "healthCheckProtocol": "HTTP", - "port": 80, - "protocol": "TCP", - "targets": [ - { - "id": { - "Ref": "ServiceLBE9A1ADBC" - }, - "port": 80 - } - ], - "targetType": "alb", - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "NlbEndpoint": { - "id": "NlbEndpoint", - "path": "TestStack/NlbEndpoint", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "TestStack/BootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "TestStack/CheckBootstrapVersion", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.3.0" - } - } -} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"TestStack":{"id":"TestStack","path":"TestStack","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Vpc":{"id":"Vpc","path":"TestStack/Vpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","natGateways":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"TestStack/Vpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"TestStack/Vpc"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"TestStack/Vpc/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"TestStack/Vpc/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"TestStack/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"TestStack/Vpc/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"TestStack/Vpc/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"TestStack/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"TestStack/Vpc/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"TestStack/Vpc/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"}}}},"EIP":{"id":"EIP","path":"TestStack/Vpc/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"TestStack/Vpc/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"TestStack/Vpc/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet1EIPD7E02669","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},"tags":[{"key":"Name","value":"TestStack/Vpc/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"TestStack/Vpc/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"TestStack/Vpc/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"TestStack/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"TestStack/Vpc/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"TestStack/Vpc/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"TestStack/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"TestStack/Vpc/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"TestStack/Vpc/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"}}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"TestStack/Vpc/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"TestStack/Vpc/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"TestStack/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"TestStack/Vpc/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"TestStack/Vpc/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"TestStack/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"TestStack/Vpc/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"},"subnetId":{"Ref":"VpcPrivateSubnet1Subnet536B997A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"TestStack/Vpc/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"TestStack/Vpc/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"TestStack/Vpc/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"TestStack/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"TestStack/Vpc/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"TestStack/Vpc/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"TestStack/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"TestStack/Vpc/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"},"subnetId":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"TestStack/Vpc/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"}}}}}},"IGW":{"id":"IGW","path":"TestStack/Vpc/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"TestStack/Vpc"}]}}},"VPCGW":{"id":"VPCGW","path":"TestStack/Vpc/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VpcIGWD7BA715C"},"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"Task":{"id":"Task","path":"TestStack/Task","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateTaskDefinition","version":"0.0.0","metadata":["*","*","*","*"]},"children":{"TaskRole":{"id":"TaskRole","path":"TestStack/Task/TaskRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}}]},"children":{"ImportTaskRole":{"id":"ImportTaskRole","path":"TestStack/Task/TaskRole/ImportTaskRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"TestStack/Task/TaskRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}}}},"Resource":{"id":"Resource","path":"TestStack/Task/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnTaskDefinition","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::TaskDefinition","aws:cdk:cloudformation:props":{"containerDefinitions":[{"essential":true,"image":"public.ecr.aws/nginx/nginx:latest","name":"nginx","portMappings":[{"containerPort":80,"protocol":"tcp"}]}],"cpu":"256","family":"TestStackTask24CEEDF4","memory":"512","networkMode":"awsvpc","requiresCompatibilities":["FARGATE"],"taskRoleArn":{"Fn::GetAtt":["TaskTaskRoleE98524A1","Arn"]}}}},"nginx":{"id":"nginx","path":"TestStack/Task/nginx","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.ContainerDefinition","version":"0.0.0"}}}},"Service":{"id":"Service","path":"TestStack/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedFargateService","version":"0.0.0"},"children":{"LB":{"id":"LB","path":"TestStack/Service/LB","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationLoadBalancer","version":"0.0.0","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"TestStack/Service/LB/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::LoadBalancer","aws:cdk:cloudformation:props":{"loadBalancerAttributes":[{"key":"deletion_protection.enabled","value":"false"}],"scheme":"internal","securityGroups":[{"Fn::GetAtt":["ServiceLBSecurityGroupF7435A5C","GroupId"]}],"subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"type":"application"}}},"SecurityGroup":{"id":"SecurityGroup","path":"TestStack/Service/LB/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":false},{"addIngressRule":[{"canInlineRule":true,"connections":"*","uniqueId":"*"},{},"*",false]},{"addEgressRule":["*",{},"*",true]}]},"children":{"Resource":{"id":"Resource","path":"TestStack/Service/LB/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Automatically created Security Group for ELB TestStackServiceLBD3BB32E9","securityGroupIngress":[{"cidrIp":"0.0.0.0/0","ipProtocol":"tcp","fromPort":80,"toPort":80,"description":"Allow from anyone on port 80"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"to TestStackServiceSecurityGroup59159BDD:80":{"id":"to TestStackServiceSecurityGroup59159BDD:80","path":"TestStack/Service/LB/SecurityGroup/to TestStackServiceSecurityGroup59159BDD:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupEgress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupEgress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","destinationSecurityGroupId":{"Fn::GetAtt":["ServiceSecurityGroupEEA09B68","GroupId"]},"fromPort":80,"groupId":{"Fn::GetAtt":["ServiceLBSecurityGroupF7435A5C","GroupId"]},"ipProtocol":"tcp","toPort":80}}}}},"PublicListener":{"id":"PublicListener","path":"TestStack/Service/LB/PublicListener","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener","version":"0.0.0","metadata":["*","*","*","*"]},"children":{"Resource":{"id":"Resource","path":"TestStack/Service/LB/PublicListener/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnListener","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::Listener","aws:cdk:cloudformation:props":{"defaultActions":[{"type":"forward","targetGroupArn":{"Ref":"ServiceLBPublicListenerECSPrivateGroup93D5832E"}}],"loadBalancerArn":{"Ref":"ServiceLBE9A1ADBC"},"port":80,"protocol":"HTTP"}}},"ECSPrivateGroup":{"id":"ECSPrivateGroup","path":"TestStack/Service/LB/PublicListener/ECSPrivateGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"TestStack/Service/LB/PublicListener/ECSPrivateGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnTargetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::TargetGroup","aws:cdk:cloudformation:props":{"port":80,"protocol":"HTTP","targetGroupAttributes":[{"key":"stickiness.enabled","value":"false"}],"targetType":"ip","vpcId":{"Ref":"Vpc8378EB38"}}}}}}}}}},"LoadBalancerDNS":{"id":"LoadBalancerDNS","path":"TestStack/Service/LoadBalancerDNS","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"ServiceURL":{"id":"ServiceURL","path":"TestStack/Service/ServiceURL","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"Service":{"id":"Service","path":"TestStack/Service/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateService","version":"0.0.0","metadata":["*"]},"children":{"Service":{"id":"Service","path":"TestStack/Service/Service/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnService","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Service","aws:cdk:cloudformation:props":{"cluster":{"Ref":"EcsDefaultClusterMnL3mNNYNVpc18E0451A"},"deploymentConfiguration":{"maximumPercent":200,"minimumHealthyPercent":50},"enableEcsManagedTags":false,"healthCheckGracePeriodSeconds":60,"launchType":"FARGATE","loadBalancers":[{"targetGroupArn":{"Ref":"ServiceLBPublicListenerECSPrivateGroup93D5832E"},"containerName":"nginx","containerPort":80}],"networkConfiguration":{"awsvpcConfiguration":{"assignPublicIp":"DISABLED","subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroups":[{"Fn::GetAtt":["ServiceSecurityGroupEEA09B68","GroupId"]}]}},"taskDefinition":{"Ref":"Task79114B6B"}}}},"SecurityGroup":{"id":"SecurityGroup","path":"TestStack/Service/Service/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"},{"addIngressRule":["*",{},"*",false]}]},"children":{"Resource":{"id":"Resource","path":"TestStack/Service/Service/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"TestStack/Service/Service/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"from TestStackServiceLBSecurityGroup76260E3B:80":{"id":"from TestStackServiceLBSecurityGroup76260E3B:80","path":"TestStack/Service/Service/SecurityGroup/from TestStackServiceLBSecurityGroup76260E3B:80","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroupIngress","aws:cdk:cloudformation:props":{"description":"Load balancer to target","fromPort":80,"groupId":{"Fn::GetAtt":["ServiceSecurityGroupEEA09B68","GroupId"]},"ipProtocol":"tcp","sourceSecurityGroupId":{"Fn::GetAtt":["ServiceLBSecurityGroupF7435A5C","GroupId"]},"toPort":80}}}}}}}}},"EcsDefaultClusterMnL3mNNYNVpc":{"id":"EcsDefaultClusterMnL3mNNYNVpc","path":"TestStack/EcsDefaultClusterMnL3mNNYNVpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.Cluster","version":"0.0.0","metadata":[{"vpc":"*"}]},"children":{"Resource":{"id":"Resource","path":"TestStack/EcsDefaultClusterMnL3mNNYNVpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Cluster","aws:cdk:cloudformation:props":{}}}}},"Nlb":{"id":"Nlb","path":"TestStack/Nlb","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.NetworkLoadBalancer","version":"0.0.0","metadata":["*","*"]},"children":{"Resource":{"id":"Resource","path":"TestStack/Nlb/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::LoadBalancer","aws:cdk:cloudformation:props":{"loadBalancerAttributes":[{"key":"deletion_protection.enabled","value":"false"},{"key":"load_balancing.cross_zone.enabled","value":"true"}],"scheme":"internet-facing","subnets":[{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},{"Ref":"VpcPublicSubnet2Subnet691E08A3"}],"type":"network"}}},"listener":{"id":"listener","path":"TestStack/Nlb/listener","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.NetworkListener","version":"0.0.0","metadata":["*","*","*"]},"children":{"Resource":{"id":"Resource","path":"TestStack/Nlb/listener/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnListener","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::Listener","aws:cdk:cloudformation:props":{"defaultActions":[{"type":"forward","targetGroupArn":{"Ref":"NlblistenerTargetsGroupDD2A3CB0"}}],"loadBalancerArn":{"Ref":"NlbBCDB97FE"},"port":80,"protocol":"TCP"}}},"TargetsGroup":{"id":"TargetsGroup","path":"TestStack/Nlb/listener/TargetsGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.NetworkTargetGroup","version":"0.0.0"},"children":{"Resource":{"id":"Resource","path":"TestStack/Nlb/listener/TargetsGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_elasticloadbalancingv2.CfnTargetGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ElasticLoadBalancingV2::TargetGroup","aws:cdk:cloudformation:props":{"healthCheckProtocol":"HTTP","port":80,"protocol":"TCP","targets":[{"id":{"Ref":"ServiceLBE9A1ADBC"},"port":80}],"targetType":"alb","vpcId":{"Ref":"Vpc8378EB38"}}}}}}}}}},"NlbEndpoint":{"id":"NlbEndpoint","path":"TestStack/NlbEndpoint","constructInfo":{"fqn":"aws-cdk-lib.CfnOutput","version":"0.0.0"}},"BootstrapVersion":{"id":"BootstrapVersion","path":"TestStack/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"TestStack/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts b/packages/aws-cdk-lib/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts index 303290ebf74d9..4f01c9ee0efff 100644 --- a/packages/aws-cdk-lib/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts +++ b/packages/aws-cdk-lib/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts @@ -15,7 +15,7 @@ import { IRole } from '../../../aws-iam'; import { ARecord, IHostedZone, RecordTarget, CnameRecord } from '../../../aws-route53'; import { LoadBalancerTarget } from '../../../aws-route53-targets'; import { CfnOutput, Duration, FeatureFlags, Stack, Token, ValidationError } from '../../../core'; -import { ECS_PATTERNS_SEC_GROUPS_DISABLES_IMPLICIT_OPEN_LISTENER } from '../../../cx-api'; +import { ECS_PATTERNS_SEC_GROUPS_DISABLES_IMPLICIT_OPEN_LISTENER, ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID } from '../../../cx-api'; /** * Describes the type of DNS record the service should create @@ -519,7 +519,18 @@ export abstract class ApplicationLoadBalancedServiceBase extends Construct { open: props.openListener ?? defaultOpenListener, sslPolicy: props.sslPolicy, }); - this.targetGroup = this.listener.addTargets('ECS', targetProps); + + // Generate unique target group ID to prevent conflicts during load balancer replacement + let targetGroupId: string; + if (FeatureFlags.of(this).isEnabled(ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID)) { + // Include both internetFacing and loadBalancerName in target group ID + targetGroupId = `ECS${props.loadBalancerName ?? ''}${internetFacing ? '' : 'Private'}`; + } else { + // Legacy behavior: only include internetFacing + targetGroupId = internetFacing ? 'ECS' : 'ECSPrivate'; + } + + this.targetGroup = this.listener.addTargets(targetGroupId, targetProps); if (protocol === ApplicationProtocol.HTTPS) { if (props.certificate !== undefined) { diff --git a/packages/aws-cdk-lib/aws-ecs-patterns/test/fargate/load-balanced-fargate-service.test.ts b/packages/aws-cdk-lib/aws-ecs-patterns/test/fargate/load-balanced-fargate-service.test.ts index ada4ca30553ec..44b00c4826290 100644 --- a/packages/aws-cdk-lib/aws-ecs-patterns/test/fargate/load-balanced-fargate-service.test.ts +++ b/packages/aws-cdk-lib/aws-ecs-patterns/test/fargate/load-balanced-fargate-service.test.ts @@ -10,6 +10,7 @@ import * as iam from '../../../aws-iam'; import * as route53 from '../../../aws-route53'; import * as cloudmap from '../../../aws-servicediscovery'; import * as cdk from '../../../core'; +import * as cxapi from '../../../cx-api'; import * as ecsPatterns from '../../lib'; describe('ApplicationLoadBalancedFargateService', () => { @@ -2448,4 +2449,156 @@ describe('NetworkLoadBalancedFargateService', () => { }, }); }); + + test('target group has different logical ID for public vs private load balancer', () => { + // GIVEN + const stack1 = new cdk.Stack(); + const stack2 = new cdk.Stack(); + + // WHEN - Create public load balancer service + new ecsPatterns.ApplicationLoadBalancedFargateService(stack1, 'Service', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: true, + }); + + // WHEN - Create private load balancer service + new ecsPatterns.ApplicationLoadBalancedFargateService(stack2, 'Service', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: false, + }); + + // THEN - Target groups should have different logical IDs + const template1 = Template.fromStack(stack1); + const template2 = Template.fromStack(stack2); + + // Public load balancer should create target group with 'ECS' suffix + template1.hasResourceProperties('AWS::ElasticLoadBalancingV2::TargetGroup', { + Port: 80, + Protocol: 'HTTP', + TargetType: 'ip', + }); + + // Private load balancer should create target group with 'ECSPrivate' suffix + template2.hasResourceProperties('AWS::ElasticLoadBalancingV2::TargetGroup', { + Port: 80, + Protocol: 'HTTP', + TargetType: 'ip', + }); + + // Verify the logical IDs are different by checking the generated CloudFormation + const resources1 = template1.toJSON().Resources; + const resources2 = template2.toJSON().Resources; + + const targetGroup1Keys = Object.keys(resources1).filter(key => + resources1[key].Type === 'AWS::ElasticLoadBalancingV2::TargetGroup', + ); + const targetGroup2Keys = Object.keys(resources2).filter(key => + resources2[key].Type === 'AWS::ElasticLoadBalancingV2::TargetGroup', + ); + + // Should have exactly one target group each + expect(targetGroup1Keys).toHaveLength(1); + expect(targetGroup2Keys).toHaveLength(1); + + // The logical IDs should be different + expect(targetGroup1Keys[0]).not.toEqual(targetGroup2Keys[0]); + + // Public should contain 'ECS' but not 'ECSPrivate' + expect(targetGroup1Keys[0]).toContain('ECS'); + expect(targetGroup1Keys[0]).not.toContain('ECSPrivate'); + + // Private should contain 'ECSPrivate' + expect(targetGroup2Keys[0]).toContain('ECSPrivate'); + }); + + describe('ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID feature flag', () => { + test('with feature flag enabled - generates unique target group IDs', () => { + // GIVEN + const featureFlag = { [cxapi.ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID]: true }; + const app = new cdk.App({ + context: featureFlag, + }); + const stack = new cdk.Stack(app, 'TestStack'); + + // WHEN + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PublicService', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: true, + }); + + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'PrivateService', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: false, + }); + + // THEN + const template = Template.fromStack(stack); + const resources = template.toJSON().Resources; + const targetGroupKeys = Object.keys(resources).filter(key => + resources[key].Type === 'AWS::ElasticLoadBalancingV2::TargetGroup', + ); + + // Should have two different target groups + expect(targetGroupKeys).toHaveLength(2); + expect(targetGroupKeys[0]).not.toEqual(targetGroupKeys[1]); + }); + + test('with feature flag disabled - uses legacy target group naming', () => { + // GIVEN + const featureFlag = { [cxapi.ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID]: false }; + const app = new cdk.App({ + context: featureFlag, + }); + const stack = new cdk.Stack(app, 'TestStack'); + + // WHEN + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: true, + }); + + // THEN + const template = Template.fromStack(stack); + const resources = template.toJSON().Resources; + const targetGroupKeys = Object.keys(resources).filter(key => + resources[key].Type === 'AWS::ElasticLoadBalancingV2::TargetGroup', + ); + + // Should use legacy naming (contains 'ECS' but not unique identifier) + expect(targetGroupKeys).toHaveLength(1); + expect(targetGroupKeys[0]).toContain('ECS'); + }); + + test('without feature flag - uses default behavior', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'TestStack'); + + // WHEN + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', { + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + publicLoadBalancer: true, + }); + + // THEN + const template = Template.fromStack(stack); + template.hasResourceProperties('AWS::ElasticLoadBalancingV2::TargetGroup', { + Port: 80, + Protocol: 'HTTP', + TargetType: 'ip', + }); + }); + }); }); diff --git a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md index 3e4c0b8b4041c..df8319a28f98a 100644 --- a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md +++ b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md @@ -107,6 +107,7 @@ Flags come in three types: | [@aws-cdk/core:explicitStackTags](#aws-cdkcoreexplicitstacktags) | When enabled, stack tags need to be assigned explicitly on a Stack. | 2.205.0 | new default | | [@aws-cdk/aws-signer:signingProfileNamePassedToCfn](#aws-cdkaws-signersigningprofilenamepassedtocfn) | Pass signingProfileName to CfnSigningProfile | 2.212.0 | fix | | [@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener](#aws-cdkaws-ecs-patternssecgroupsdisablesimplicitopenlistener) | Disable implicit openListener when custom security groups are provided | 2.214.0 | new default | +| [@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId](#aws-cdkaws-ecs-patternsuniquetargetgroupid) | When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement | V2NEXT | fix | @@ -197,7 +198,8 @@ The following json shows the current recommended set of flags, as `cdk init` wou "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": true, "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": true, "@aws-cdk/aws-s3:publicAccessBlockedByDefault": true, - "@aws-cdk/aws-lambda:useCdkManagedLogGroup": true + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": true, + "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": true } } ``` @@ -2277,4 +2279,26 @@ override this behavior. **Compatibility with old behavior:** You can pass `openListener: true` explicitly to maintain the old behavior. +### @aws-cdk/aws-ecs-patterns:uniqueTargetGroupId + +*When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement* + +Flag type: Backwards incompatible bugfix + +When this feature flag is enabled, ECS patterns will generate unique target group IDs that include +both the load balancer type (public/private) and load balancer name. This prevents CloudFormation +conflicts when switching between public and private load balancers or when changing load balancer names. + +Without this flag, target groups use generic IDs like 'ECS' which can cause conflicts when the +underlying load balancer is replaced due to changes in internetFacing or loadBalancerName properties. + +This is a breaking change as it will cause target group replacement when the flag is enabled. + + +| Since | Unset behaves like | Recommended value | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2NEXT | `false` | `true` | + + diff --git a/packages/aws-cdk-lib/cx-api/README.md b/packages/aws-cdk-lib/cx-api/README.md index f13c77500de5b..980a3eb73a3c1 100644 --- a/packages/aws-cdk-lib/cx-api/README.md +++ b/packages/aws-cdk-lib/cx-api/README.md @@ -783,4 +783,20 @@ _cdk.json_ "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": true } } +``` + +* `@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId` + +When enabled, ECS patterns will generate unique target group IDs that include the load balancer name and type (public/private). This prevents CloudFormation conflicts when switching between public and private load balancers. + +Without this flag, switching an ApplicationLoadBalancedFargateService from public to private (or vice versa) fails with "target group cannot be associated with more than one load balancer" error. + +_cdk.json_ + +```json +{ + "context": { + "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": true + } +} ``` \ No newline at end of file diff --git a/packages/aws-cdk-lib/cx-api/lib/features.ts b/packages/aws-cdk-lib/cx-api/lib/features.ts index 20acb30b73c4f..950ab34874d9f 100644 --- a/packages/aws-cdk-lib/cx-api/lib/features.ts +++ b/packages/aws-cdk-lib/cx-api/lib/features.ts @@ -108,6 +108,7 @@ export const CODEPIPELINE_DEFAULT_PIPELINE_TYPE_TO_V2 = '@aws-cdk/aws-codepipeli export const KMS_REDUCE_CROSS_ACCOUNT_REGION_POLICY_SCOPE = '@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope'; export const PIPELINE_REDUCE_ASSET_ROLE_TRUST_SCOPE = '@aws-cdk/pipelines:reduceAssetRoleTrustScope'; export const EKS_NODEGROUP_NAME = '@aws-cdk/aws-eks:nodegroupNameAttribute'; +export const ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID = '@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId'; export const EBS_DEFAULT_GP3 = '@aws-cdk/aws-ec2:ebsDefaultGp3Volume'; export const ECS_REMOVE_DEFAULT_DEPLOYMENT_ALARM = '@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm'; export const LOG_API_RESPONSE_DATA_PROPERTY_TRUE_DEFAULT = '@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault'; @@ -1720,6 +1721,24 @@ export const FLAGS: Record = { recommendedValue: true, compatibilityWithOldBehaviorMd: 'Disable the feature flag to let lambda service create logGroup or specify logGroup or logRetention', }, + + ////////////////////////////////////////////////////////////////////// + [ECS_PATTERNS_UNIQUE_TARGET_GROUP_ID]: { + type: FlagType.BugFix, + summary: 'When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement', + detailsMd: ` + When this feature flag is enabled, ECS patterns will generate unique target group IDs that include + both the load balancer type (public/private) and load balancer name. This prevents CloudFormation + conflicts when switching between public and private load balancers or when changing load balancer names. + + Without this flag, target groups use generic IDs like 'ECS' which can cause conflicts when the + underlying load balancer is replaced due to changes in internetFacing or loadBalancerName properties. + + This is a breaking change as it will cause target group replacement when the flag is enabled. + `, + introducedIn: { v2: 'V2NEXT' }, + recommendedValue: true, + }, }; export const CURRENT_MV = 'v2'; diff --git a/packages/aws-cdk-lib/recommended-feature-flags.json b/packages/aws-cdk-lib/recommended-feature-flags.json index a98cbbd29cfc1..43935b3e06820 100644 --- a/packages/aws-cdk-lib/recommended-feature-flags.json +++ b/packages/aws-cdk-lib/recommended-feature-flags.json @@ -78,5 +78,6 @@ "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": true, "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": true, "@aws-cdk/aws-s3:publicAccessBlockedByDefault": true, - "@aws-cdk/aws-lambda:useCdkManagedLogGroup": true + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": true, + "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": true } \ No newline at end of file