Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ecs): allow adding security group(s) after construction via connections.addSecurityGroup() #31447

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

feat(ecs): allow adding security group(s) after construction via connections.addSecurityGroup() #31447

wants to merge 6 commits into from

Conversation

hamilton-earthscope
Copy link

Allow easily adding Security Groups to ECS Services after the L2 Service has already been instantiated by using the service's .connections.addSecurityGroup().

Issue # (if applicable)

Closes #17269.

Related to #16117

Reason for this change

Currently, the only way to add additional security groups to the ECS Service outside of the constructor is to use escape hatches.

   const cfnService = service.node.defaultChild as CfnService;
    cfnService.addPropertyOverride(
      "NetworkConfiguration.AwsvpcConfiguration.SecurityGroups",
      [
        ...service.connections.securityGroups.map((sg) => sg.securityGroupId),
        someOtherSecurityGroupThatWasCreatedLater.securityGroupId,
      ],
    );

Description of changes

Use Lazy.list to set the service's security groups to its connections objects' security groups at synth-time.

This allows users to call service.connections.addSecurityGroup(someOtherSecurityGroupThatWasCreatedLater) at any point in their app and have someOtherSecurityGroupThatWasCreatedLater end up in the service's security groups at synth-time.

Description of how you validated changes

I added one test to fargate-service.test.ts

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added bug This issue is a bug. p2 labels Sep 13, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team September 13, 2024 23:12
@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Sep 13, 2024
aws-cdk-automation
aws-cdk-automation previously requested changes Sep 13, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@aws-cdk-automation aws-cdk-automation dismissed their stale review September 14, 2024 01:16

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 64377d7
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@hamilton-earthscope hamilton-earthscope marked this pull request as ready for review September 14, 2024 02:01
@github-actions github-actions bot mentioned this pull request Sep 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK bug This issue is a bug. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(aws-ecs): Improve confusing Connections documentation/implementation
2 participants
@hamilton-earthscope @aws-cdk-automation