-
Notifications
You must be signed in to change notification settings - Fork 4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(elbv2): unable to add multiple certificates to NLB (#19289)
This PR does a couple of things to update the NetworkListener to be on par with ApplicationListener. 1. Add a NetworkListenerCertificate construct that allows you to associate multiple certificates with a listener. 2. Add a `addCertificates` method to `NetworkListener` similar to the same method on the `ApplicationListener`. This is needed because even though the `certificates` property on a `Listener`is an array, it expects only one certificate. To add more than one you have to create an `AWS::ElasticLoadBalancingV2::ListenerCertificate`. This functionality was added to `ApplicationListner` via #13490. fixes #8918, #15328 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
- Loading branch information
Showing
3 changed files
with
139 additions
and
2 deletions.
There are no files selected for viewing
43 changes: 43 additions & 0 deletions
43
packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener-certificate.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
import { Construct } from 'constructs'; | ||
import { CfnListenerCertificate } from '../elasticloadbalancingv2.generated'; | ||
import { IListenerCertificate } from '../shared/listener-certificate'; | ||
import { INetworkListener } from './network-listener'; | ||
|
||
// keep this import separate from other imports to reduce chance for merge conflicts with v2-main | ||
// eslint-disable-next-line no-duplicate-imports, import/order | ||
import { Construct as CoreConstruct } from '@aws-cdk/core'; | ||
|
||
/** | ||
* Properties for adding a set of certificates to a listener | ||
*/ | ||
export interface NetworkListenerCertificateProps { | ||
/** | ||
* The listener to attach the rule to | ||
*/ | ||
readonly listener: INetworkListener; | ||
|
||
/** | ||
* Certificates to attach | ||
* | ||
* Duplicates are not allowed. | ||
*/ | ||
readonly certificates: IListenerCertificate[]; | ||
} | ||
|
||
/** | ||
* Add certificates to a listener | ||
*/ | ||
export class NetworkListenerCertificate extends CoreConstruct { | ||
constructor(scope: Construct, id: string, props: NetworkListenerCertificateProps) { | ||
super(scope, id); | ||
|
||
const certificates = [ | ||
...(props.certificates || []).map(c => ({ certificateArn: c.certificateArn })), | ||
]; | ||
|
||
new CfnListenerCertificate(this, 'Resource', { | ||
listenerArn: props.listener.listenerArn, | ||
certificates, | ||
}); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters