New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(ecs-patterns): pass securityGroups to ScheduledFargateTask #14220
Conversation
Title does not follow the guidelines of Conventional Commits. Please adjust title before merge. |
eeb5b41
to
0e8d6a9
Compare
0e8d6a9
to
64fdeb1
Compare
just struggled with this in my project: this would be a nice feature |
Hi, @fongie can you share you code please, wherein you have overcome this issue using some way? Thanks |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me
Hi! Sure, but I warn you it's not pretty and there might be a better way too :) private addSecurityGroupToScheduledTask(group: SecurityGroup, task: ScheduledFargateTask) {
const rule = task.eventRule as any as CfnRule
const targets = rule.targets as any as RuleTargetConfig[]
const config = targets[0].ecsParameters!.networkConfiguration as any
const groups = config.awsVpcConfiguration.securityGroups as Array<string>
groups.push(group.securityGroupId)
} This adds the security group you pass in to the method to the security groups of the task. Then, you can configure connections via the security group (like allowfrom, to, etc). Note that it also keeps the default security group. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great! Do you think you could also add this to the ScheduledEc2Task as well?
packages/@aws-cdk/aws-ecs-patterns/lib/fargate/scheduled-fargate-task.ts
Outdated
Show resolved
Hide resolved
I went ahead and added the change to support Ec2 patterns on top of your work here: #15096 |
…te-task.ts Co-authored-by: Hsing-Hui Hsu <hsinghui@amazon.com>
Nice. I was having some trouble figuring out how to unit test that case. |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Just curious, is it critical that you can reference the securityGroup as an output property on the ScheduledFargateTask after it is created? I.e. https://github.com/aws/aws-cdk/pull/14220/files#diff-7ebbca721fecf8f6c66398af515f1d264cbdf3116d34ef912aab19a55e06994aR39-R43? |
Resolved by #15096 |
closes #5213
This is a minimal approach.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license