From 9d8ef0012edf1e9789d5d1653d8715b293087a46 Mon Sep 17 00:00:00 2001 From: Tomoya Oda <38136327+tmyoda@users.noreply.github.com> Date: Mon, 26 Jun 2023 17:33:53 +0100 Subject: [PATCH] fix(elbv2): correct wrong timeout validation (#26031) Following the update of Network Load Balancer (NLB) in November 2022, the range for setting HealthCheckTimeoutSeconds for NLB is now between 2 and 120 seconds. However, the CDK has yet to be updated to reflect this change. https://aws.amazon.com/about-aws/whats-new/2022/11/elastic-load-balancing-capabilities-application-availability/ https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-health-checks.html This PR addresses this by modifying the validation, enabling us to set the HealthCheckTimeoutSeconds for the NLB. I have modified and added the following validation in this PR: - Ensure that the HealthCheckTimeoutSeconds is between 2 and 120. - Ensure that HealthCheckTimeoutSeconds is not greater than HealthCheckIntervalSeconds. Closes #26023. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-cdk-elbv2-integ.assets.json | 6 +- .../aws-cdk-elbv2-integ.template.json | 1 + .../test/integ.nlb.js.snapshot/cdk.out | 2 +- ...efaultTestDeployAssert6120E394.assets.json | 2 +- .../test/integ.nlb.js.snapshot/integ.json | 2 +- .../test/integ.nlb.js.snapshot/manifest.json | 4 +- .../test/integ.nlb.js.snapshot/tree.json | 99 ++++++++++--------- .../test/integ.nlb.ts | 1 + .../lib/nlb/network-target-group.ts | 23 ++--- .../lib/shared/base-target-group.ts | 7 +- .../test/nlb/listener.test.ts | 28 +++++- 11 files changed, 100 insertions(+), 75 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.assets.json index 4ffdf7b55ca42..c9eab63ffe3eb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.assets.json @@ -1,7 +1,7 @@ { - "version": "30.0.0", + "version": "32.0.0", "files": { - "c7b59451188880618122593d9b5f98c0e30ff60bb10bb205c4c1a053fcdc4e79": { + "f0098723de290154f3b872be9dd8aeaeab44a56c1ef1162fdfe3105a68a2158c": { "source": { "path": "aws-cdk-elbv2-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "c7b59451188880618122593d9b5f98c0e30ff60bb10bb205c4c1a053fcdc4e79.json", + "objectKey": "f0098723de290154f3b872be9dd8aeaeab44a56c1ef1162fdfe3105a68a2158c.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.template.json index 2df03d9c09389..4fac5a51edb97 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/aws-cdk-elbv2-integ.template.json @@ -441,6 +441,7 @@ "Properties": { "HealthCheckIntervalSeconds": 250, "HealthCheckProtocol": "TCP", + "HealthCheckTimeoutSeconds": 100, "Port": 443, "Protocol": "TCP", "Targets": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/cdk.out index ae4b03c54e770..f0b901e7c06e5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.0.0"} \ No newline at end of file +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/elbv2integDefaultTestDeployAssert6120E394.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/elbv2integDefaultTestDeployAssert6120E394.assets.json index 9a082228272cf..c96e1a4fc581b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/elbv2integDefaultTestDeployAssert6120E394.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/elbv2integDefaultTestDeployAssert6120E394.assets.json @@ -1,5 +1,5 @@ { - "version": "30.0.0", + "version": "32.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/integ.json index 21ebc6595531f..5b4c759da8333 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "30.0.0", + "version": "32.0.0", "testCases": { "elbv2-integ/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/manifest.json index d78508bf7c3ec..2560cf4270aff 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "30.0.0", + "version": "32.0.0", "artifacts": { "aws-cdk-elbv2-integ.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c7b59451188880618122593d9b5f98c0e30ff60bb10bb205c4c1a053fcdc4e79.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/f0098723de290154f3b872be9dd8aeaeab44a56c1ef1162fdfe3105a68a2158c.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/tree.json index 68ccca48ee73d..80ed234d9d922 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.js.snapshot/tree.json @@ -31,7 +31,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", "version": "0.0.0" } }, @@ -75,7 +75,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -83,7 +83,7 @@ "id": "Acl", "path": "aws-cdk-elbv2-integ/VPC/PublicSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -105,7 +105,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -124,7 +124,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -144,7 +144,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -164,7 +164,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -192,13 +192,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -242,7 +242,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -250,7 +250,7 @@ "id": "Acl", "path": "aws-cdk-elbv2-integ/VPC/PublicSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -272,7 +272,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -291,7 +291,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -311,7 +311,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } }, @@ -331,7 +331,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", "version": "0.0.0" } }, @@ -359,13 +359,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", "version": "0.0.0" } }, @@ -409,7 +409,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -417,7 +417,7 @@ "id": "Acl", "path": "aws-cdk-elbv2-integ/VPC/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -439,7 +439,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -458,7 +458,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -478,13 +478,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -528,7 +528,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", "version": "0.0.0" } }, @@ -536,7 +536,7 @@ "id": "Acl", "path": "aws-cdk-elbv2-integ/VPC/PrivateSubnet2/Acl", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -558,7 +558,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", "version": "0.0.0" } }, @@ -577,7 +577,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", "version": "0.0.0" } }, @@ -597,13 +597,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", "version": "0.0.0" } }, @@ -622,7 +622,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", "version": "0.0.0" } }, @@ -641,13 +641,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.Vpc", + "fqn": "aws-cdk-lib.aws_ec2.Vpc", "version": "0.0.0" } }, @@ -680,7 +680,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer", "version": "0.0.0" } }, @@ -710,7 +710,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnListener", "version": "0.0.0" } }, @@ -726,6 +726,7 @@ "aws:cdk:cloudformation:props": { "healthCheckIntervalSeconds": 250, "healthCheckProtocol": "TCP", + "healthCheckTimeoutSeconds": 100, "port": 443, "protocol": "TCP", "targets": [ @@ -740,25 +741,25 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnTargetGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkTargetGroup", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkListener", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkListener", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer", + "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkLoadBalancer", "version": "0.0.0" } }, @@ -766,7 +767,7 @@ "id": "BootstrapVersion", "path": "aws-cdk-elbv2-integ/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -774,13 +775,13 @@ "id": "CheckBootstrapVersion", "path": "aws-cdk-elbv2-integ/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -797,7 +798,7 @@ "path": "elbv2-integ/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.249" + "version": "10.2.52" } }, "DeployAssert": { @@ -808,7 +809,7 @@ "id": "BootstrapVersion", "path": "elbv2-integ/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -816,25 +817,25 @@ "id": "CheckBootstrapVersion", "path": "elbv2-integ/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -843,12 +844,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.249" + "version": "10.2.52" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.ts index 5c02e97f24c7f..17f4739d66a05 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb.ts @@ -27,6 +27,7 @@ const group = listener.addTargets('Target', { group.configureHealthCheck({ interval: cdk.Duration.seconds(250), + timeout: cdk.Duration.seconds(100), protocol: elbv2.Protocol.TCP, }); diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts index 509741b701c17..0f254e46486d5 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts @@ -280,11 +280,17 @@ export class NetworkTargetGroup extends TargetGroupBase implements INetworkTarge `Must be one of [${NLB_PATH_HEALTH_CHECK_PROTOCOLS.join(', ')}]`, ].join(' ')); } - if (healthCheck.timeout && healthCheck.timeout.toSeconds() !== NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]) { - ret.push([ - 'Custom health check timeouts are not supported for Network Load Balancer health checks.', - `Expected ${NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]} seconds for ${healthCheck.protocol}, got ${healthCheck.timeout.toSeconds()}`, - ].join(' ')); + + const lowHealthCheckTimeout = 2; + const highHealthCheckTimeout = 120; + if (healthCheck.timeout) { + const timeoutSeconds = healthCheck.timeout.toSeconds(); + if (timeoutSeconds < lowHealthCheckTimeout || timeoutSeconds > highHealthCheckTimeout) { + ret.push(`Health check timeout '${timeoutSeconds}' not supported. Must be a number between ${lowHealthCheckTimeout} and ${highHealthCheckTimeout}.`); + } + if (healthCheck.interval && healthCheck.interval.toSeconds() < timeoutSeconds) { + ret.push(`Health check timeout '${timeoutSeconds}' must not be greater than the interval '${healthCheck.interval.toSeconds()}'`); + } } return ret; @@ -365,9 +371,4 @@ export interface INetworkLoadBalancerTarget { } const NLB_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS, Protocol.TCP]; -const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS]; -const NLB_HEALTH_CHECK_TIMEOUTS: { [protocol in Protocol]?: number } = { - [Protocol.HTTP]: 6, - [Protocol.HTTPS]: 10, - [Protocol.TCP]: 10, -}; +const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS]; \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts index 7524d07559fca..5ca71c8b5e528 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts @@ -106,12 +106,9 @@ export interface HealthCheck { /** * The amount of time, in seconds, during which no response from a target means a failed health check. + * Must be 2 to 120 seconds. * - * For Application Load Balancers, the range is 2-60 seconds and the - * default is 5 seconds. For Network Load Balancers, this is 10 seconds for - * TCP and HTTPS health checks and 6 seconds for HTTP health checks. - * - * @default Duration.seconds(5) for ALBs, Duration.seconds(10) or Duration.seconds(6) for NLBs + * @default 6 seconds if the protocol is HTTP, 5 seconds if protocol is `GENEVE`, 30 seconds if target type is `lambda`, 10 seconds for TCP, TLS, or HTTPS */ readonly timeout?: cdk.Duration; diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts index cc45b21d129d2..825ca15c40d2a 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts @@ -375,16 +375,40 @@ describe('tests', () => { }, }); + targetGroup.configureHealthCheck({ + interval: cdk.Duration.seconds(150), + protocol: elbv2.Protocol.HTTP, + timeout: cdk.Duration.seconds(130), + }); + + // THEN + const validationErrors: string[] = targetGroup.node.validate(); + const timeoutError = validationErrors.find((err) => /Health check timeout '130' not supported. Must be a number between/.test(err)); + expect(timeoutError).toBeDefined(); + }); + + test('validation error if Health check timeout is greater than the interval', () => { + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + const listener = lb.addListener('PublicListener', { port: 80 }); + const targetGroup = listener.addTargets('ECS', { + port: 80, + healthCheck: { + interval: cdk.Duration.seconds(60), + }, + }); + targetGroup.configureHealthCheck({ interval: cdk.Duration.seconds(30), protocol: elbv2.Protocol.HTTP, - timeout: cdk.Duration.seconds(10), + timeout: cdk.Duration.seconds(40), }); // THEN const validationErrors: string[] = targetGroup.node.validate(); expect(validationErrors).toEqual([ - 'Custom health check timeouts are not supported for Network Load Balancer health checks. Expected 6 seconds for HTTP, got 10', + "Health check timeout '40' must not be greater than the interval '30'", ]); });