fix(elbv2): consider default protocol when validating redirectHTTP (#…

…10100) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Sep 2, 2020 · 9e4c6d2 · 9e4c6d2
1 parent aa2068f
commit 9e4c6d2
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 3 deletions.
diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts
@@ -335,12 +335,13 @@ export abstract class ApplicationLoadBalancedServiceBase extends cdk.Construct {
     if (props.certificate !== undefined && props.protocol !== undefined && props.protocol !== ApplicationProtocol.HTTPS) {
       throw new Error('The HTTPS protocol must be used when a certificate is given');
     }
-    if (props.protocol !== ApplicationProtocol.HTTPS && props.redirectHTTP === true) {
-      throw new Error('The HTTPS protocol must be used when redirecting HTTP traffic');
-    }
     const protocol = props.protocol !== undefined ? props.protocol :
       (props.certificate ? ApplicationProtocol.HTTPS : ApplicationProtocol.HTTP);
 
+    if (protocol !== ApplicationProtocol.HTTPS && props.redirectHTTP === true) {
+      throw new Error('The HTTPS protocol must be used when redirecting HTTP traffic');
+    }
+
     const targetProps = {
       port: 80,
     };

diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts
@@ -548,6 +548,49 @@ export = {
     test.done();
   },
 
+  'errors when setting both HTTP protocol and redirectHTTP'(test: Test) {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const vpc = new ec2.Vpc(stack, 'VPC');
+    const cluster = new ecs.Cluster(stack, 'Cluster', { vpc });
+
+    // THEN
+    test.throws(() => {
+      new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', {
+        cluster,
+        taskImageOptions: {
+          image: ecs.ContainerImage.fromRegistry('test'),
+        },
+        protocol: ApplicationProtocol.HTTP,
+        redirectHTTP: true,
+      });
+    });
+
+    test.done();
+  },
+
+  'does not throw errors when not setting HTTPS protocol but certificate for redirectHTTP'(test: Test) {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const vpc = new ec2.Vpc(stack, 'VPC');
+    const cluster = new ecs.Cluster(stack, 'Cluster', { vpc });
+    const zone = new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' });
+
+    // THEN
+    new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', {
+      cluster,
+      taskImageOptions: {
+        image: ecs.ContainerImage.fromRegistry('test'),
+      },
+      domainName: 'api.example.com',
+      domainZone: zone,
+      redirectHTTP: true,
+      certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'),
+    });
+
+    test.done();
+  },
+
   'errors when setting HTTPS protocol but not domain name'(test: Test) {
     // GIVEN
     const stack = new cdk.Stack();