CDK Allows Invalid Healthcheck Interval for NLB

[jd-carroll]

When adding a listener to a NetworkLoadBalancer, the CDK allows for any health check interval when CloudFormation only supports the values 10 or 30.

Reproduction Steps

The following code will compile successfully but fail during CloudFormation deployment.

const app = new cdk.App();
const stack = new cdk.Stack(app, 'aws-ecs-network-lb');

// Create a cluster
const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2 });

const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc });
cluster.addCapacity('DefaultAutoScalingGroup', {
  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T2, ec2.InstanceSize.MICRO)
});

// Create Task Definition
const taskDefinition = new ecs.Ec2TaskDefinition(stack, 'TaskDef');
const container = taskDefinition.addContainer('web', {
  image: ecs.ContainerImage.fromRegistry('nginx:latest'),
  memoryLimitMiB: 256
});

container.addPortMappings({
  containerPort: 80,
  hostPort: 80,
  protocol: ecs.Protocol.TCP
});

// Create Service
const service = new ecs.Ec2Service(stack, "Service", {
  cluster,
  taskDefinition
});

// Create ALB
const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', {
  vpc,
  internetFacing: true
});
const listener = lb.addListener('PublicListener', { port: 80 });

// Attach ALB to ECS Service
listener.addTargets('ECS', {
  port: 80,
  targets: [service],
  // include health check (default is none)
  healthCheck: {
    interval: cdk.Duration.seconds(60),
    path: "/health",
    timeout: cdk.Duration.seconds(5),
  }
});

Error Log

Which will produce the following error:

15/50 | 10:20:50 AM | CREATE_FAILED        | AWS::ElasticLoadBalancingV2::TargetGroup  | LB/PublicListener/ECSGroup (LBPublicListenerECSGroupD6A32205) Health check interval '60' not supported for target groups with the TCP protocol. Must be one of the following values '[10, 30]'. (Service: AmazonElasticLoadBalancingV2; Status Code: 400; Error Code: ValidationError; Request ID: b408cc1a-6160-42ef-abdf-a16bb1b1068b)
        new TargetGroupBase (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/node_modules/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts:226:21)
        \_ new NetworkTargetGroup (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/node_modules/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts:50:5)
        \_ NetworkListener.addTargets (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/node_modules/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts:142:19)
        \_ Object.<anonymous> (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/index.ts:48:10)
        \_ Module._compile (internal/modules/cjs/loader.js:778:30)
        \_ Module.m._compile (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/node_modules/ts-node/src/index.ts:493:23)
        \_ Module._extensions..js (internal/modules/cjs/loader.js:789:10)
        \_ Object.require.extensions.(anonymous function) [as .ts] (.../aws-cdk-examples/typescript/ecs/ecs-service-with-advanced-alb-config/node_modules/ts-node/src/index.ts:496:12)
        \_ Module.load (internal/modules/cjs/loader.js:653:32)

Environment

• CLI Version : 1.9.0
• Framework Version: 1.9.0
• OS : macOS 10.14.6
• Language : all

---

This is 🐛 Bug Report

[SomayaB]

Hi @jd-carroll, thanks for reporting this and opening a PR, much appreciated! 👍