From cd2efea8a9ff9eb348dc0914aa7d1e9477638a84 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Wed, 27 Mar 2019 16:19:19 +0000 Subject: [PATCH 01/12] adds TLS termination to NLBs Adds new props to support termination: - SSLPolicy - Certificates - Protocol --- .../lib/nlb/network-listener.ts | 62 +++- .../lib/shared/enums.ts | 7 +- .../package-lock.json | 285 ++++++++++++++++++ .../aws-elasticloadbalancingv2/package.json | 3 +- .../test/nlb/test.listener.ts | 49 +++ 5 files changed, 402 insertions(+), 4 deletions(-) create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index b31c631d6938c..17598f48b202d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -1,7 +1,7 @@ import cdk = require('@aws-cdk/cdk'); import { BaseListener } from '../shared/base-listener'; import { HealthCheck } from '../shared/base-target-group'; -import { Protocol } from '../shared/enums'; +import { Protocol, SslPolicy } from '../shared/enums'; import { INetworkLoadBalancer } from './network-load-balancer'; import { INetworkLoadBalancerTarget, INetworkTargetGroup, NetworkTargetGroup } from './network-target-group'; @@ -20,6 +20,31 @@ export interface BaseNetworkListenerProps { * @default None */ readonly defaultTargetGroups?: INetworkTargetGroup[]; + + /** + * Protocol for listener, expects TCP or TLS + */ + protocol?: Protocol; + + /** + * Certificate list of ACM cert ARNs + */ + certificates?: INetworkListenerCertificateProps[]; + + /** + * SSL Policy to use for the listener + */ + sslPolicy?: SslPolicy; +} + +/** + * Properties for adding a certificate to a listener + */ +export interface INetworkListenerCertificateProps { + /** + * Certificate ARN from ACM + */ + certificateArn: string } /** @@ -48,13 +73,29 @@ export class NetworkListener extends BaseListener implements INetworkListener { */ private readonly loadBalancer: INetworkLoadBalancer; + /** + * Protocol assigned to listener + */ + private readonly protocol: Protocol; + + /** + * Certificates array + */ + private readonly certificates?: INetworkListenerCertificateProps[]; + constructor(scope: cdk.Construct, id: string, props: NetworkListenerProps) { super(scope, id, { loadBalancerArn: props.loadBalancer.loadBalancerArn, - protocol: Protocol.Tcp, + protocol: props.protocol || Protocol.Tcp, port: props.port, + sslPolicy: props.sslPolicy, + certificates: props.certificates }); + this.protocol = props.protocol || Protocol.Tcp; + // this.sslPolicy = props.sslPolicy; + this.certificates = props.certificates; + this.loadBalancer = props.loadBalancer; (props.defaultTargetGroups || []).forEach(this._addDefaultTargetGroup.bind(this)); @@ -109,6 +150,23 @@ export class NetworkListener extends BaseListener implements INetworkListener { }; } + protected validate(): string[] { + const errors: string[] = []; + + if ([Protocol.Tcp, Protocol.Tls].indexOf(this.protocol) === -1) { + errors.push(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${this.protocol}`); + } + + const certs = this.certificates || []; + + if (this.protocol === Protocol.Tls && (certs.length === 0 || certs.filter(v => { + return v.certificateArn == null; + }).length > 0)) { + errors.push(`When the protocol is set to TLS, you must specify certificates`); + } + + return errors; + } } /** diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts index f043272ab139d..66851cd621750 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts @@ -30,7 +30,12 @@ export enum Protocol { /** * TCP */ - Tcp = 'TCP' + Tcp = 'TCP', + + /** + * TLS + */ + Tls = 'TLS' } /** diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json new file mode 100644 index 0000000000000..542ff956f38bf --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json @@ -0,0 +1,285 @@ +{ + "name": "@aws-cdk/aws-elasticloadbalancingv2", + "version": "0.26.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@aws-cdk/assert": { + "version": "0.26.0", + "dev": true, + "requires": { + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/cloudformation-diff": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0", + "source-map-support": "^0.5.6" + } + }, + "@aws-cdk/assets": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/assets/-/assets-0.26.0.tgz", + "integrity": "sha512-kuuJLSCXF4nmliohxqii8akrB/oSzylhszT8ACGzMQ40uPyx7C1WouuZpDqMXPp6rp2ak4sWuO+jPDl0q1xrwA==", + "requires": { + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-s3": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0" + }, + "dependencies": { + "@aws-cdk/cx-api": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.26.0.tgz", + "integrity": "sha512-MO/JgF2DA8Bqz9e06Y4ZSxYCx6FFwI10Pda85f+F+YdvRV5Zhimx+MW57hG0miUSWCbDpu6NGisEfes7WM42Dg==" + } + } + }, + "@aws-cdk/aws-autoscaling-api": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-autoscaling-api/-/aws-autoscaling-api-0.26.0.tgz", + "integrity": "sha512-dz2mJPzMcmzFVJOH9Y7hxsOVt9yEi9GQTNsvyO4gxL/dw0rYoyM9oE4Ye8zGQCCwreboNp7mHPEED/VSdqZMVw==", + "requires": { + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-certificatemanager": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-certificatemanager/-/aws-certificatemanager-0.26.0.tgz", + "integrity": "sha512-MeCTe9fPcQe1CnJGJA0E9mkOZMOEQ98CXsL/JozWglR5yz6XneiOlPa1xLAFCpxbBxXVpGE5BwECoiGGNP6E1Q==", + "requires": { + "@aws-cdk/aws-cloudformation": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-lambda": "^0.26.0", + "@aws-cdk/aws-route53": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-cloudformation": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-cloudformation/-/aws-cloudformation-0.26.0.tgz", + "integrity": "sha512-yB7l8gZhD+70iv8/z4UmwYu/nWFFesmjCuIdTdHsyUzi2HT7xW1f3zN31pes3+3QvIuLyOMAlU0hgUUYWjm/aA==", + "requires": { + "@aws-cdk/aws-codepipeline-api": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-lambda": "^0.26.0", + "@aws-cdk/aws-sns": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-cloudwatch": { + "version": "0.26.0", + "requires": { + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-codedeploy-api": { + "version": "0.26.0", + "requires": { + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-codepipeline-api": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-codepipeline-api/-/aws-codepipeline-api-0.26.0.tgz", + "integrity": "sha512-JiRuHpCK/UvP0pHTwIvV8UtZI5sbHxhiIzwPNovOcjY6ayhEGZbgnScdCh5ID6ann6pEmSxg2ESV8k5nz1049g==", + "requires": { + "@aws-cdk/aws-events": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-ec2": { + "version": "0.26.0", + "requires": { + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0" + } + }, + "@aws-cdk/aws-events": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-events/-/aws-events-0.26.0.tgz", + "integrity": "sha512-dEodAG/tQDTrNaLy2ScHBCeXADMQTnD29ickQViXb0TERjdDm1pc7Q+YQ87z9iulC0RF4a2BdVYyqYERohdSDg==", + "requires": { + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-iam": { + "version": "0.26.0", + "requires": { + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/region-info": "^0.26.0" + } + }, + "@aws-cdk/aws-kms": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-kms/-/aws-kms-0.26.0.tgz", + "integrity": "sha512-2rAm+b9sQVrZwPb2uSwgZHb4bP/5jRzFi2ITEA/o1s43ie1BOR9IvjTq596dQ4geTk5zfvLtrOfao0IGMz0MDQ==", + "requires": { + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-lambda": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-lambda/-/aws-lambda-0.26.0.tgz", + "integrity": "sha512-VXYzPLiv1vlVoYEpbtI2XKZ0sClHfdYniGqQpEkY4vRXceth8cH3kD+XSXk8aXwrqyDn5Q0Oxp2c4GuaSKCdMA==", + "requires": { + "@aws-cdk/assets": "^0.26.0", + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-codepipeline-api": "^0.26.0", + "@aws-cdk/aws-ec2": "^0.26.0", + "@aws-cdk/aws-events": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-logs": "^0.26.0", + "@aws-cdk/aws-s3": "^0.26.0", + "@aws-cdk/aws-s3-notifications": "^0.26.0", + "@aws-cdk/aws-sqs": "^0.26.0", + "@aws-cdk/aws-stepfunctions": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0" + }, + "dependencies": { + "@aws-cdk/cx-api": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.26.0.tgz", + "integrity": "sha512-MO/JgF2DA8Bqz9e06Y4ZSxYCx6FFwI10Pda85f+F+YdvRV5Zhimx+MW57hG0miUSWCbDpu6NGisEfes7WM42Dg==" + } + } + }, + "@aws-cdk/aws-logs": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-logs/-/aws-logs-0.26.0.tgz", + "integrity": "sha512-uB8WwXzmUXASFpVb1CIQ9V119032OTX5SE9gblYCTguPhtKKvF3gUdUBuzZbKS6gdGpWHabq8IUoVRGD/oZzIA==", + "requires": { + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-route53": { + "version": "0.26.0", + "requires": { + "@aws-cdk/aws-ec2": "^0.26.0", + "@aws-cdk/aws-logs": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0" + } + }, + "@aws-cdk/aws-s3": { + "version": "0.26.0", + "requires": { + "@aws-cdk/aws-codepipeline-api": "^0.26.0", + "@aws-cdk/aws-events": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-kms": "^0.26.0", + "@aws-cdk/aws-s3-notifications": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-s3-notifications": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-s3-notifications/-/aws-s3-notifications-0.26.0.tgz", + "integrity": "sha512-6ByLqb1sbbBjiiYaX9Q/keXBSJ1SxCzmM7r1vgXmYteQ1VkW5Th142YPtwXwP7nqYbiDeHJfvTk5NVdU+rtvSQ==", + "requires": { + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-sns": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sns/-/aws-sns-0.26.0.tgz", + "integrity": "sha512-QZseBIlcwZLGEMxOLHaEQAnYIKZrB+ykl+LfL3rAVpTGfmEuwTIgKC8/8f5nV76MT2aAYzbxCrrV+uGW4AlZcg==", + "requires": { + "@aws-cdk/aws-autoscaling-api": "^0.26.0", + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-events": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-lambda": "^0.26.0", + "@aws-cdk/aws-s3-notifications": "^0.26.0", + "@aws-cdk/aws-sqs": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-sqs": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sqs/-/aws-sqs-0.26.0.tgz", + "integrity": "sha512-AW5lLWksAqSXYrS2v7TNB83XXMGgFe/Khtqm5/ptxmhpNGhe+CmHSFV4Jsj+BZb8SE/pBW5GjJseaxB3nHUxJw==", + "requires": { + "@aws-cdk/aws-autoscaling-api": "^0.26.0", + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/aws-kms": "^0.26.0", + "@aws-cdk/aws-s3-notifications": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/aws-stepfunctions": { + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-stepfunctions/-/aws-stepfunctions-0.26.0.tgz", + "integrity": "sha512-BhGUYueVmjp5ge6jHqJzNN55sKxghQzfu0RNOJ3UrUJcpNQXj4WSdtUCtU9196Ny6SjpbU6W+dLGFdCQxUUp0Q==", + "requires": { + "@aws-cdk/aws-cloudwatch": "^0.26.0", + "@aws-cdk/aws-events": "^0.26.0", + "@aws-cdk/aws-iam": "^0.26.0", + "@aws-cdk/cdk": "^0.26.0" + } + }, + "@aws-cdk/cdk": { + "version": "0.26.0", + "requires": { + "@aws-cdk/cx-api": "^0.26.0" + } + }, + "cdk-build-tools": { + "version": "0.26.0", + "dev": true, + "requires": { + "awslint": "^0.26.0", + "fs-extra": "^7.0.1", + "jest": "^24.4.0", + "jsii": "^0.7.15", + "jsii-pacmak": "^0.7.15", + "nodeunit": "^0.11.3", + "nyc": "^13.3.0", + "ts-jest": "^24.0.0", + "tslint": "^5.13.1", + "typescript": "^3.3.3333", + "yargs": "^13.2.1" + } + }, + "cdk-integ-tools": { + "version": "0.26.0", + "dev": true, + "requires": { + "@aws-cdk/cloudformation-diff": "^0.26.0", + "@aws-cdk/cx-api": "^0.26.0", + "aws-cdk": "^0.26.0", + "yargs": "^9.0.1" + } + }, + "cfn2ts": { + "version": "0.26.0", + "dev": true, + "requires": { + "@aws-cdk/cfnspec": "^0.26.0", + "codemaker": "^0.6.4", + "fast-json-patch": "^2.0.6", + "fs-extra": "^7.0.0", + "yargs": "^9.0.1" + } + }, + "pkglint": { + "version": "0.26.0", + "dev": true, + "requires": { + "case": "^1.5.5", + "colors": "^1.3.2", + "fs-extra": "^7.0.0", + "semver": "^5.6.0", + "yargs": "^9.0.1" + } + } + } +} diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 0081fda1e4168..7bed18e9031ff 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -65,6 +65,7 @@ "pkglint": "^0.27.0" }, "dependencies": { + "@aws-cdk/aws-certificatemanager": "^0.27.0", "@aws-cdk/aws-cloudwatch": "^0.27.0", "@aws-cdk/aws-codedeploy-api": "^0.27.0", "@aws-cdk/aws-ec2": "^0.27.0", @@ -92,4 +93,4 @@ "construct-ctor:@aws-cdk/aws-elasticloadbalancingv2.TargetGroupBase." ] } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts index f5fd6f554c1da..82fcdc2183cde 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts @@ -1,4 +1,5 @@ import { expect, haveResource, MatchStyle } from '@aws-cdk/assert'; +import acm = require('@aws-cdk/aws-certificatemanager'); import ec2 = require('@aws-cdk/aws-ec2'); import cdk = require('@aws-cdk/cdk'); import { Test } from 'nodeunit'; @@ -144,6 +145,54 @@ export = { test.done(); }, + + 'Trivial add TLS listener'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.VpcNetwork(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + const cert = new acm.Certificate(stack, 'Certificate', { + domainName: 'example.com' + }); + + // WHEN + lb.addListener('Listener', { + port: 443, + protocol: elbv2.Protocol.Tls, + certificates: [ { certificateArn: cert.certificateArn } ], + sslPolicy: elbv2.SslPolicy.TLS12, + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })] + }); + + // THEN + expect(stack).to(haveResource('AWS::ElasticLoadBalancingV2::Listener', { + Protocol: 'TLS', + Port: 443, + Certificates: [ + { CertificateArn: { Ref: "Certificate4E7ABB08" } } + ], + SslPolicy: "ELBSecurityPolicy-TLS-1-2-2017-01" + })); + + test.done(); + }, + + 'Failing TLS listener'(test: Test) { + const stack = new cdk.Stack(); + const vpc = new ec2.VpcNetwork(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + + lb.addListener('Listener', { + port: 443, + protocol: elbv2.Protocol.Tls, + sslPolicy: elbv2.SslPolicy.TLS12, + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })] + }); + + test.throws(() => expect(stack), '/When the protocol is set to TLS, you must specify certificates at: NetworkLoadBalancer [LB]/'); + + test.done(); + }, }; class ResourceWithLBDependency extends cdk.CfnResource { From 7c96f488433025258a7157894ed69db97022e1ab Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Wed, 3 Apr 2019 11:22:38 +0100 Subject: [PATCH 02/12] changes how protocol is defined based on feedback --- .../lib/nlb/network-listener.ts | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 17598f48b202d..8ceb0b1e34c94 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -84,16 +84,21 @@ export class NetworkListener extends BaseListener implements INetworkListener { private readonly certificates?: INetworkListenerCertificateProps[]; constructor(scope: cdk.Construct, id: string, props: NetworkListenerProps) { + let proto = props.protocol || Protocol.Tcp; + + if (props.certificates && props.certificates.length > 0) { + proto = Protocol.Tls; + } + super(scope, id, { loadBalancerArn: props.loadBalancer.loadBalancerArn, - protocol: props.protocol || Protocol.Tcp, + protocol: proto, port: props.port, sslPolicy: props.sslPolicy, certificates: props.certificates }); - this.protocol = props.protocol || Protocol.Tcp; - // this.sslPolicy = props.sslPolicy; + this.protocol = proto; this.certificates = props.certificates; this.loadBalancer = props.loadBalancer; From 8d38d32413201335bb2bb670f7dba3d3414d8760 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Mon, 8 Apr 2019 11:27:56 +0100 Subject: [PATCH 03/12] moves validate into constructor --- .../lib/nlb/network-listener.ts | 42 ++++++++++++------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 8ceb0b1e34c94..19f59197a7607 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -86,8 +86,20 @@ export class NetworkListener extends BaseListener implements INetworkListener { constructor(scope: cdk.Construct, id: string, props: NetworkListenerProps) { let proto = props.protocol || Protocol.Tcp; - if (props.certificates && props.certificates.length > 0) { - proto = Protocol.Tls; + if ([Protocol.Tcp, Protocol.Tls].indexOf(props.protocol) === -1) { + throw new Error(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${props.protocol}`); + } + + const certs = props.certificates || []; + + if (proto === Protocol.Tls && (certs.length === 0 || certs.filter(v => { + return v.certificateArn == null; + }).length > 0)) { + throw new Error(`When the protocol is set to TLS, you must specify certificates`); + } + + if (proto != Protocol.Tls && certs.length > 0) { + throw new Error(`Protocol must be TLS when certificates have been specified`) } super(scope, id, { @@ -155,23 +167,23 @@ export class NetworkListener extends BaseListener implements INetworkListener { }; } - protected validate(): string[] { - const errors: string[] = []; + // protected validate(): string[] { + // const errors: string[] = []; - if ([Protocol.Tcp, Protocol.Tls].indexOf(this.protocol) === -1) { - errors.push(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${this.protocol}`); - } + // if ([Protocol.Tcp, Protocol.Tls].indexOf(this.protocol) === -1) { + // errors.push(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${this.protocol}`); + // } - const certs = this.certificates || []; + // const certs = this.certificates || []; - if (this.protocol === Protocol.Tls && (certs.length === 0 || certs.filter(v => { - return v.certificateArn == null; - }).length > 0)) { - errors.push(`When the protocol is set to TLS, you must specify certificates`); - } + // if (this.protocol === Protocol.Tls && (certs.length === 0 || certs.filter(v => { + // return v.certificateArn == null; + // }).length > 0)) { + // errors.push(`When the protocol is set to TLS, you must specify certificates`); + // } - return errors; - } + // return errors; + // } } /** From 8c61f7d894e4014bc2400fc6056b4d78bc29a305 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Mon, 8 Apr 2019 11:28:11 +0100 Subject: [PATCH 04/12] removes validate func --- .../lib/nlb/network-listener.ts | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 19f59197a7607..f2b165633c7d1 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -166,24 +166,6 @@ export class NetworkListener extends BaseListener implements INetworkListener { listenerArn: new cdk.CfnOutput(this, 'ListenerArn', { value: this.listenerArn }).makeImportValue().toString() }; } - - // protected validate(): string[] { - // const errors: string[] = []; - - // if ([Protocol.Tcp, Protocol.Tls].indexOf(this.protocol) === -1) { - // errors.push(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${this.protocol}`); - // } - - // const certs = this.certificates || []; - - // if (this.protocol === Protocol.Tls && (certs.length === 0 || certs.filter(v => { - // return v.certificateArn == null; - // }).length > 0)) { - // errors.push(`When the protocol is set to TLS, you must specify certificates`); - // } - - // return errors; - // } } /** From 59e7604fb86d5e7f70e164158f3fb9b967fa4591 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Mon, 8 Apr 2019 15:37:34 +0100 Subject: [PATCH 05/12] fixes linting errors --- .../lib/nlb/network-listener.ts | 29 +++++-------------- 1 file changed, 8 insertions(+), 21 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index f2b165633c7d1..e8c2f7d9a246a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -24,17 +24,17 @@ export interface BaseNetworkListenerProps { /** * Protocol for listener, expects TCP or TLS */ - protocol?: Protocol; + readonly protocol?: Protocol; /** * Certificate list of ACM cert ARNs */ - certificates?: INetworkListenerCertificateProps[]; + readonly certificates?: INetworkListenerCertificateProps[]; /** - * SSL Policy to use for the listener + * SSL Policy */ - sslPolicy?: SslPolicy; + readonly sslPolicy?: SslPolicy; } /** @@ -73,20 +73,10 @@ export class NetworkListener extends BaseListener implements INetworkListener { */ private readonly loadBalancer: INetworkLoadBalancer; - /** - * Protocol assigned to listener - */ - private readonly protocol: Protocol; - - /** - * Certificates array - */ - private readonly certificates?: INetworkListenerCertificateProps[]; - constructor(scope: cdk.Construct, id: string, props: NetworkListenerProps) { - let proto = props.protocol || Protocol.Tcp; + const proto = props.protocol || Protocol.Tcp; - if ([Protocol.Tcp, Protocol.Tls].indexOf(props.protocol) === -1) { + if ([Protocol.Tcp, Protocol.Tls].indexOf(proto) === -1) { throw new Error(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${props.protocol}`); } @@ -98,8 +88,8 @@ export class NetworkListener extends BaseListener implements INetworkListener { throw new Error(`When the protocol is set to TLS, you must specify certificates`); } - if (proto != Protocol.Tls && certs.length > 0) { - throw new Error(`Protocol must be TLS when certificates have been specified`) + if (proto !== Protocol.Tls && certs.length > 0) { + throw new Error(`Protocol must be TLS when certificates have been specified`); } super(scope, id, { @@ -110,9 +100,6 @@ export class NetworkListener extends BaseListener implements INetworkListener { certificates: props.certificates }); - this.protocol = proto; - this.certificates = props.certificates; - this.loadBalancer = props.loadBalancer; (props.defaultTargetGroups || []).forEach(this._addDefaultTargetGroup.bind(this)); From 2a1d47b8a22c6dc489ff70531f4a5f06418719e2 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Mon, 8 Apr 2019 21:22:46 +0100 Subject: [PATCH 06/12] sets cert arn as readonly --- .../aws-elasticloadbalancingv2/lib/nlb/network-listener.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index e8c2f7d9a246a..fee4c5b5a701a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -44,7 +44,7 @@ export interface INetworkListenerCertificateProps { /** * Certificate ARN from ACM */ - certificateArn: string + readonly certificateArn: string } /** From bbbe13973d92cb80fe8625f789e4d779619edbc4 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Mon, 8 Apr 2019 21:31:40 +0100 Subject: [PATCH 07/12] fix logic to set protocol to tls if certs is specified, but the protocol is not --- .../lib/nlb/network-listener.ts | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index fee4c5b5a701a..b26555fb260a7 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -74,17 +74,14 @@ export class NetworkListener extends BaseListener implements INetworkListener { private readonly loadBalancer: INetworkLoadBalancer; constructor(scope: cdk.Construct, id: string, props: NetworkListenerProps) { - const proto = props.protocol || Protocol.Tcp; + const certs = props.certificates || []; + const proto = props.protocol || (certs.length > 0 ? Protocol.Tls : Protocol.Tcp); if ([Protocol.Tcp, Protocol.Tls].indexOf(proto) === -1) { throw new Error(`The protocol must be either ${Protocol.Tcp} or ${Protocol.Tls}. Found ${props.protocol}`); } - const certs = props.certificates || []; - - if (proto === Protocol.Tls && (certs.length === 0 || certs.filter(v => { - return v.certificateArn == null; - }).length > 0)) { + if (proto === Protocol.Tls && certs.filter(v => v != null).length === 0) { throw new Error(`When the protocol is set to TLS, you must specify certificates`); } From 8bac68d655dc7423635fa8c2b2354698485f68fd Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Thu, 25 Apr 2019 22:21:54 +0200 Subject: [PATCH 08/12] remove acm from package.json --- .../package-lock.json | 285 ------------------ .../aws-elasticloadbalancingv2/package.json | 1 - 2 files changed, 286 deletions(-) delete mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json deleted file mode 100644 index 514b0c77a9f24..0000000000000 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json +++ /dev/null @@ -1,285 +0,0 @@ -{ - "name": "@aws-cdk/aws-elasticloadbalancingv2", - "requires": true, - "dependencies": { - "@aws-cdk/assert": { - "version": "0.26.0", - "dev": true, - "requires": { - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/cloudformation-diff": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0", - "source-map-support": "^0.5.6" - } - }, - "@aws-cdk/assets": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/assets/-/assets-0.26.0.tgz", - "integrity": "sha512-kuuJLSCXF4nmliohxqii8akrB/oSzylhszT8ACGzMQ40uPyx7C1WouuZpDqMXPp6rp2ak4sWuO+jPDl0q1xrwA==", - "requires": { - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-s3": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0" - }, - "dependencies": { - "@aws-cdk/cx-api": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.26.0.tgz", - "integrity": "sha512-MO/JgF2DA8Bqz9e06Y4ZSxYCx6FFwI10Pda85f+F+YdvRV5Zhimx+MW57hG0miUSWCbDpu6NGisEfes7WM42Dg==" - } - } - }, - "@aws-cdk/aws-autoscaling-api": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-autoscaling-api/-/aws-autoscaling-api-0.26.0.tgz", - "integrity": "sha512-dz2mJPzMcmzFVJOH9Y7hxsOVt9yEi9GQTNsvyO4gxL/dw0rYoyM9oE4Ye8zGQCCwreboNp7mHPEED/VSdqZMVw==", - "requires": { - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-certificatemanager": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-certificatemanager/-/aws-certificatemanager-0.26.0.tgz", - "integrity": "sha512-MeCTe9fPcQe1CnJGJA0E9mkOZMOEQ98CXsL/JozWglR5yz6XneiOlPa1xLAFCpxbBxXVpGE5BwECoiGGNP6E1Q==", - "requires": { - "@aws-cdk/aws-cloudformation": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-lambda": "^0.26.0", - "@aws-cdk/aws-route53": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-cloudformation": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-cloudformation/-/aws-cloudformation-0.26.0.tgz", - "integrity": "sha512-yB7l8gZhD+70iv8/z4UmwYu/nWFFesmjCuIdTdHsyUzi2HT7xW1f3zN31pes3+3QvIuLyOMAlU0hgUUYWjm/aA==", - "requires": { - "@aws-cdk/aws-codepipeline-api": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-lambda": "^0.26.0", - "@aws-cdk/aws-sns": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-cloudwatch": { - "version": "0.26.0", - "requires": { - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-codedeploy-api": { - "version": "0.26.0", - "requires": { - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-codepipeline-api": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-codepipeline-api/-/aws-codepipeline-api-0.26.0.tgz", - "integrity": "sha512-JiRuHpCK/UvP0pHTwIvV8UtZI5sbHxhiIzwPNovOcjY6ayhEGZbgnScdCh5ID6ann6pEmSxg2ESV8k5nz1049g==", - "requires": { - "@aws-cdk/aws-events": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-ec2": { - "version": "0.26.0", - "requires": { - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0" - } - }, - "@aws-cdk/aws-events": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-events/-/aws-events-0.26.0.tgz", - "integrity": "sha512-dEodAG/tQDTrNaLy2ScHBCeXADMQTnD29ickQViXb0TERjdDm1pc7Q+YQ87z9iulC0RF4a2BdVYyqYERohdSDg==", - "requires": { - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-iam": { - "version": "0.26.0", - "requires": { - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/region-info": "^0.26.0" - } - }, - "@aws-cdk/aws-kms": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-kms/-/aws-kms-0.26.0.tgz", - "integrity": "sha512-2rAm+b9sQVrZwPb2uSwgZHb4bP/5jRzFi2ITEA/o1s43ie1BOR9IvjTq596dQ4geTk5zfvLtrOfao0IGMz0MDQ==", - "requires": { - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-lambda": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-lambda/-/aws-lambda-0.26.0.tgz", - "integrity": "sha512-VXYzPLiv1vlVoYEpbtI2XKZ0sClHfdYniGqQpEkY4vRXceth8cH3kD+XSXk8aXwrqyDn5Q0Oxp2c4GuaSKCdMA==", - "requires": { - "@aws-cdk/assets": "^0.26.0", - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-codepipeline-api": "^0.26.0", - "@aws-cdk/aws-ec2": "^0.26.0", - "@aws-cdk/aws-events": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-logs": "^0.26.0", - "@aws-cdk/aws-s3": "^0.26.0", - "@aws-cdk/aws-s3-notifications": "^0.26.0", - "@aws-cdk/aws-sqs": "^0.26.0", - "@aws-cdk/aws-stepfunctions": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0" - }, - "dependencies": { - "@aws-cdk/cx-api": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.26.0.tgz", - "integrity": "sha512-MO/JgF2DA8Bqz9e06Y4ZSxYCx6FFwI10Pda85f+F+YdvRV5Zhimx+MW57hG0miUSWCbDpu6NGisEfes7WM42Dg==" - } - } - }, - "@aws-cdk/aws-logs": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-logs/-/aws-logs-0.26.0.tgz", - "integrity": "sha512-uB8WwXzmUXASFpVb1CIQ9V119032OTX5SE9gblYCTguPhtKKvF3gUdUBuzZbKS6gdGpWHabq8IUoVRGD/oZzIA==", - "requires": { - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-route53": { - "version": "0.26.0", - "requires": { - "@aws-cdk/aws-ec2": "^0.26.0", - "@aws-cdk/aws-logs": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0" - } - }, - "@aws-cdk/aws-s3": { - "version": "0.26.0", - "requires": { - "@aws-cdk/aws-codepipeline-api": "^0.26.0", - "@aws-cdk/aws-events": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-kms": "^0.26.0", - "@aws-cdk/aws-s3-notifications": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-s3-notifications": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-s3-notifications/-/aws-s3-notifications-0.26.0.tgz", - "integrity": "sha512-6ByLqb1sbbBjiiYaX9Q/keXBSJ1SxCzmM7r1vgXmYteQ1VkW5Th142YPtwXwP7nqYbiDeHJfvTk5NVdU+rtvSQ==", - "requires": { - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-sns": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sns/-/aws-sns-0.26.0.tgz", - "integrity": "sha512-QZseBIlcwZLGEMxOLHaEQAnYIKZrB+ykl+LfL3rAVpTGfmEuwTIgKC8/8f5nV76MT2aAYzbxCrrV+uGW4AlZcg==", - "requires": { - "@aws-cdk/aws-autoscaling-api": "^0.26.0", - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-events": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-lambda": "^0.26.0", - "@aws-cdk/aws-s3-notifications": "^0.26.0", - "@aws-cdk/aws-sqs": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-sqs": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sqs/-/aws-sqs-0.26.0.tgz", - "integrity": "sha512-AW5lLWksAqSXYrS2v7TNB83XXMGgFe/Khtqm5/ptxmhpNGhe+CmHSFV4Jsj+BZb8SE/pBW5GjJseaxB3nHUxJw==", - "requires": { - "@aws-cdk/aws-autoscaling-api": "^0.26.0", - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/aws-kms": "^0.26.0", - "@aws-cdk/aws-s3-notifications": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/aws-stepfunctions": { - "version": "0.26.0", - "resolved": "https://registry.npmjs.org/@aws-cdk/aws-stepfunctions/-/aws-stepfunctions-0.26.0.tgz", - "integrity": "sha512-BhGUYueVmjp5ge6jHqJzNN55sKxghQzfu0RNOJ3UrUJcpNQXj4WSdtUCtU9196Ny6SjpbU6W+dLGFdCQxUUp0Q==", - "requires": { - "@aws-cdk/aws-cloudwatch": "^0.26.0", - "@aws-cdk/aws-events": "^0.26.0", - "@aws-cdk/aws-iam": "^0.26.0", - "@aws-cdk/cdk": "^0.26.0" - } - }, - "@aws-cdk/cdk": { - "version": "0.26.0", - "requires": { - "@aws-cdk/cx-api": "^0.26.0" - } - }, - "cdk-build-tools": { - "version": "0.26.0", - "dev": true, - "requires": { - "awslint": "^0.26.0", - "fs-extra": "^7.0.1", - "jest": "^24.4.0", - "jsii": "^0.7.15", - "jsii-pacmak": "^0.7.15", - "nodeunit": "^0.11.3", - "nyc": "^13.3.0", - "ts-jest": "^24.0.0", - "tslint": "^5.13.1", - "typescript": "^3.3.3333", - "yargs": "^13.2.1" - } - }, - "cdk-integ-tools": { - "version": "0.26.0", - "dev": true, - "requires": { - "@aws-cdk/cloudformation-diff": "^0.26.0", - "@aws-cdk/cx-api": "^0.26.0", - "aws-cdk": "^0.26.0", - "yargs": "^9.0.1" - } - }, - "cfn2ts": { - "version": "0.26.0", - "dev": true, - "requires": { - "@aws-cdk/cfnspec": "^0.26.0", - "codemaker": "^0.6.4", - "fast-json-patch": "^2.0.6", - "fs-extra": "^7.0.0", - "yargs": "^9.0.1" - } - }, - "pkglint": { - "version": "0.26.0", - "dev": true, - "requires": { - "case": "^1.5.5", - "colors": "^1.3.2", - "fs-extra": "^7.0.0", - "semver": "^5.6.0", - "yargs": "^9.0.1" - } - } - }, - "version": "0.28.0", - "lockfileVersion": 1 -} diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 2f8b81de15670..4970e40c619a0 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -66,7 +66,6 @@ "pkglint": "^0.28.0" }, "dependencies": { - "@aws-cdk/aws-certificatemanager": "^0.28.0", "@aws-cdk/aws-cloudwatch": "^0.28.0", "@aws-cdk/aws-codedeploy-api": "^0.28.0", "@aws-cdk/aws-ec2": "^0.28.0", From bad3dd7e4d06928fd03153506671e14d26af3607 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Thu, 25 Apr 2019 22:22:42 +0200 Subject: [PATCH 09/12] fixes package-lock --- .../package-lock.json | 122 ++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json new file mode 100644 index 0000000000000..a09f52946a1a0 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json @@ -0,0 +1,122 @@ +{ + "name": "@aws-cdk/aws-elasticloadbalancingv2", + "version": "0.28.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@aws-cdk/assert": { + "version": "0.28.0", + "dev": true, + "requires": { + "@aws-cdk/cdk": "^0.28.0", + "@aws-cdk/cloudformation-diff": "^0.28.0", + "@aws-cdk/cx-api": "^0.28.0", + "source-map-support": "^0.5.12" + } + }, + "@aws-cdk/aws-cloudwatch": { + "version": "0.28.0", + "requires": { + "@aws-cdk/aws-iam": "^0.28.0", + "@aws-cdk/cdk": "^0.28.0" + } + }, + "@aws-cdk/aws-codedeploy-api": { + "version": "0.28.0", + "requires": { + "@aws-cdk/cdk": "^0.28.0" + } + }, + "@aws-cdk/aws-ec2": { + "version": "0.28.0", + "requires": { + "@aws-cdk/aws-cloudwatch": "^0.28.0", + "@aws-cdk/aws-iam": "^0.28.0", + "@aws-cdk/cdk": "^0.28.0", + "@aws-cdk/cx-api": "^0.28.0" + } + }, + "@aws-cdk/aws-iam": { + "version": "0.28.0", + "requires": { + "@aws-cdk/cdk": "^0.28.0", + "@aws-cdk/region-info": "^0.28.0" + } + }, + "@aws-cdk/aws-route53": { + "version": "0.28.0", + "requires": { + "@aws-cdk/aws-ec2": "^0.28.0", + "@aws-cdk/aws-logs": "^0.28.0", + "@aws-cdk/cdk": "^0.28.0", + "@aws-cdk/cx-api": "^0.28.0" + } + }, + "@aws-cdk/aws-s3": { + "version": "0.28.0", + "requires": { + "@aws-cdk/aws-events": "^0.28.0", + "@aws-cdk/aws-iam": "^0.28.0", + "@aws-cdk/aws-kms": "^0.28.0", + "@aws-cdk/aws-s3-notifications": "^0.28.0", + "@aws-cdk/cdk": "^0.28.0" + } + }, + "@aws-cdk/cdk": { + "version": "0.28.0", + "requires": { + "@aws-cdk/cx-api": "^0.28.0" + } + }, + "cdk-build-tools": { + "version": "0.28.0", + "dev": true, + "requires": { + "awslint": "^0.28.0", + "fs-extra": "^7.0.1", + "jest": "^24.7.1", + "jsii": "^0.10.2", + "jsii-pacmak": "^0.10.2", + "nodeunit": "^0.11.3", + "nyc": "^14.0.0", + "pkglint": "^0.28.0", + "ts-jest": "^24.0.2", + "tslint": "^5.16.0", + "typescript": "^3.4.3", + "yargs": "^13.2.2" + } + }, + "cdk-integ-tools": { + "version": "0.28.0", + "dev": true, + "requires": { + "@aws-cdk/cloudformation-diff": "^0.28.0", + "@aws-cdk/cx-api": "^0.28.0", + "aws-cdk": "^0.28.0", + "yargs": "^13.2.2" + } + }, + "cfn2ts": { + "version": "0.28.0", + "dev": true, + "requires": { + "@aws-cdk/cfnspec": "^0.28.0", + "codemaker": "^0.10.0", + "fast-json-patch": "^2.1.0", + "fs-extra": "^7.0.1", + "yargs": "^13.2.2" + } + }, + "pkglint": { + "version": "0.28.0", + "dev": true, + "requires": { + "case": "^1.6.1", + "colors": "^1.3.3", + "fs-extra": "^7.0.1", + "semver": "^6.0.0", + "yargs": "^13.2.2" + } + } + } +} From 45e0d9630bb59147eb3f7da10cf0957fae930785 Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Thu, 25 Apr 2019 22:53:04 +0200 Subject: [PATCH 10/12] adds back acm --- .../package-lock.json | 261 +++++++++++++++--- .../aws-elasticloadbalancingv2/package.json | 1 + 2 files changed, 219 insertions(+), 43 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json index a09f52946a1a0..2f7088718bc9b 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package-lock.json @@ -1,85 +1,260 @@ { "name": "@aws-cdk/aws-elasticloadbalancingv2", - "version": "0.28.0", + "version": "0.29.0", "lockfileVersion": 1, "requires": true, "dependencies": { "@aws-cdk/assert": { - "version": "0.28.0", + "version": "0.29.0", "dev": true, "requires": { - "@aws-cdk/cdk": "^0.28.0", - "@aws-cdk/cloudformation-diff": "^0.28.0", - "@aws-cdk/cx-api": "^0.28.0", + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/cloudformation-diff": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0", "source-map-support": "^0.5.12" } }, + "@aws-cdk/assets": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/assets/-/assets-0.29.0.tgz", + "integrity": "sha512-OfAq/xxGd+Fh6nsXKpTrKzRfi9Q8lsTd5+PyLeuMyVAHE6mPGXi0qL93T4dtwErDEEXVlLWBiMFpvBztNKSgLw==", + "requires": { + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-s3": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0", + "minimatch": "^3.0.4" + }, + "dependencies": { + "@aws-cdk/cx-api": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.29.0.tgz", + "integrity": "sha512-SnktMmv4flwsGSJmfDJzqD23K/U/UzCCrJkShZX7Etqdm0SiI1aS5PlkDq4iHEy42bIRlyIOhqavKCkTMWt9fg==" + }, + "balanced-match": { + "version": "1.0.0", + "bundled": true + }, + "brace-expansion": { + "version": "1.1.11", + "bundled": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "concat-map": { + "version": "0.0.1", + "bundled": true + }, + "minimatch": { + "version": "3.0.4", + "bundled": true, + "requires": { + "brace-expansion": "^1.1.7" + } + } + } + }, + "@aws-cdk/aws-autoscaling-api": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-autoscaling-api/-/aws-autoscaling-api-0.29.0.tgz", + "integrity": "sha512-9rwx90OJelKPPGuL9OY/fs8AijKfU+sC8hsaTZ9bc9AjiPeUCc8/d+jvaJbw7Gc0PV0l0HNC2zKo95pGt6Bqug==", + "requires": { + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-certificatemanager": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-certificatemanager/-/aws-certificatemanager-0.29.0.tgz", + "integrity": "sha512-KUsCXq4Tf/Dpf9jH6cLhYl5bzHpxdXrG6gdIEjmjbHt9lqcRBXWclvn+ItyveBiBq81CB9czs+ypsBX5gbmi9Q==", + "requires": { + "@aws-cdk/aws-cloudformation": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-lambda": "^0.29.0", + "@aws-cdk/aws-route53": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-cloudformation": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-cloudformation/-/aws-cloudformation-0.29.0.tgz", + "integrity": "sha512-JwyqWMjmHstRZu1Zlih+Y+NvC5c8SVpybzcEmrAfwxa4e8fyzpCrWg+iJHhUZWXof/wQRD1ZsL/WUdVEwZfKJA==", + "requires": { + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-lambda": "^0.29.0", + "@aws-cdk/aws-sns": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, "@aws-cdk/aws-cloudwatch": { - "version": "0.28.0", + "version": "0.29.0", "requires": { - "@aws-cdk/aws-iam": "^0.28.0", - "@aws-cdk/cdk": "^0.28.0" + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" } }, "@aws-cdk/aws-codedeploy-api": { - "version": "0.28.0", + "version": "0.29.0", "requires": { - "@aws-cdk/cdk": "^0.28.0" + "@aws-cdk/cdk": "^0.29.0" } }, "@aws-cdk/aws-ec2": { - "version": "0.28.0", + "version": "0.29.0", "requires": { - "@aws-cdk/aws-cloudwatch": "^0.28.0", - "@aws-cdk/aws-iam": "^0.28.0", - "@aws-cdk/cdk": "^0.28.0", - "@aws-cdk/cx-api": "^0.28.0" + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0" + } + }, + "@aws-cdk/aws-events": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-events/-/aws-events-0.29.0.tgz", + "integrity": "sha512-97dzhbtA6MyL+wpnsCxZ7whhAqMtQYD5fx+bPZzE6NjRoZ/41F1Jk5Uz9maWiVhH+1pP1joY3svxy1ZpOxXOHQ==", + "requires": { + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" } }, "@aws-cdk/aws-iam": { - "version": "0.28.0", + "version": "0.29.0", + "requires": { + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/region-info": "^0.29.0" + } + }, + "@aws-cdk/aws-kms": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-kms/-/aws-kms-0.29.0.tgz", + "integrity": "sha512-3n711C5mVIm527gkZECiEFHDqJmd9vk/vJRFlGM/1tGA8esxsRATekJsLQOchDXrU22Hsr7MhSO23CHkxzbBPg==", "requires": { - "@aws-cdk/cdk": "^0.28.0", - "@aws-cdk/region-info": "^0.28.0" + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-lambda": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-lambda/-/aws-lambda-0.29.0.tgz", + "integrity": "sha512-7kYZ501H3JCpJ0fbrWED3z/kqyqK2zS8cy9GmbSolXZKtUmkppWArGMXpUiCJAkwVdAj7i+3dMznzLtWus/nZA==", + "requires": { + "@aws-cdk/assets": "^0.29.0", + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-ec2": "^0.29.0", + "@aws-cdk/aws-events": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-logs": "^0.29.0", + "@aws-cdk/aws-s3": "^0.29.0", + "@aws-cdk/aws-s3-notifications": "^0.29.0", + "@aws-cdk/aws-sqs": "^0.29.0", + "@aws-cdk/aws-stepfunctions": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0" + }, + "dependencies": { + "@aws-cdk/cx-api": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-0.29.0.tgz", + "integrity": "sha512-SnktMmv4flwsGSJmfDJzqD23K/U/UzCCrJkShZX7Etqdm0SiI1aS5PlkDq4iHEy42bIRlyIOhqavKCkTMWt9fg==" + } + } + }, + "@aws-cdk/aws-logs": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-logs/-/aws-logs-0.29.0.tgz", + "integrity": "sha512-q+UzWt9yZs3Nzcz2+YNpBEf3/cpjzMV7iBTer212RtTW3FGsKv0gX4uhAMl9qFZZFve0Zfrw4XI6RLeZW/Ujsg==", + "requires": { + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" } }, "@aws-cdk/aws-route53": { - "version": "0.28.0", + "version": "0.29.0", "requires": { - "@aws-cdk/aws-ec2": "^0.28.0", - "@aws-cdk/aws-logs": "^0.28.0", - "@aws-cdk/cdk": "^0.28.0", - "@aws-cdk/cx-api": "^0.28.0" + "@aws-cdk/aws-ec2": "^0.29.0", + "@aws-cdk/aws-logs": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0" } }, "@aws-cdk/aws-s3": { - "version": "0.28.0", + "version": "0.29.0", + "requires": { + "@aws-cdk/aws-events": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-kms": "^0.29.0", + "@aws-cdk/aws-s3-notifications": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-s3-notifications": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-s3-notifications/-/aws-s3-notifications-0.29.0.tgz", + "integrity": "sha512-Hdx+89vYcRxCVioarogYs2BIB9tvfsTC035gZwzMeUCj3evyRTfTs63LdM4edb/nkpQj609XKIKzkf3oWBHMIQ==", + "requires": { + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-sns": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sns/-/aws-sns-0.29.0.tgz", + "integrity": "sha512-HyChJcZCxKxICdbqqUewJQVemH7lTZ+hY/x72bCIBA92aMOt8qzKEz3AmQC9k6sRCMPPUTsYiqty3R5dZ0+UAw==", + "requires": { + "@aws-cdk/aws-autoscaling-api": "^0.29.0", + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-events": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-lambda": "^0.29.0", + "@aws-cdk/aws-s3-notifications": "^0.29.0", + "@aws-cdk/aws-sqs": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-sqs": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-sqs/-/aws-sqs-0.29.0.tgz", + "integrity": "sha512-LLtcD1N8nm+rQNPQ3T5vmUUI+AzRG/Dz8pxe6q1iUw7R66powQDybMV/xWS1vjdkeFkbamdrk3EH4fgEO0rauQ==", + "requires": { + "@aws-cdk/aws-autoscaling-api": "^0.29.0", + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/aws-kms": "^0.29.0", + "@aws-cdk/aws-s3-notifications": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" + } + }, + "@aws-cdk/aws-stepfunctions": { + "version": "0.29.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/aws-stepfunctions/-/aws-stepfunctions-0.29.0.tgz", + "integrity": "sha512-8SQkKn2aPTDHqZo4jyuKQVMMmkb+jut8XSFZje7hRa4FDGqVmbYQb9lMyTEqSwZFb+UTmPiCKn82mNUlKtcx7w==", "requires": { - "@aws-cdk/aws-events": "^0.28.0", - "@aws-cdk/aws-iam": "^0.28.0", - "@aws-cdk/aws-kms": "^0.28.0", - "@aws-cdk/aws-s3-notifications": "^0.28.0", - "@aws-cdk/cdk": "^0.28.0" + "@aws-cdk/aws-cloudwatch": "^0.29.0", + "@aws-cdk/aws-events": "^0.29.0", + "@aws-cdk/aws-iam": "^0.29.0", + "@aws-cdk/cdk": "^0.29.0" } }, "@aws-cdk/cdk": { - "version": "0.28.0", + "version": "0.29.0", "requires": { - "@aws-cdk/cx-api": "^0.28.0" + "@aws-cdk/cx-api": "^0.29.0" } }, "cdk-build-tools": { - "version": "0.28.0", + "version": "0.29.0", "dev": true, "requires": { - "awslint": "^0.28.0", + "awslint": "^0.29.0", "fs-extra": "^7.0.1", "jest": "^24.7.1", - "jsii": "^0.10.2", - "jsii-pacmak": "^0.10.2", + "jsii": "^0.10.3", + "jsii-pacmak": "^0.10.3", "nodeunit": "^0.11.3", "nyc": "^14.0.0", - "pkglint": "^0.28.0", + "pkglint": "^0.29.0", "ts-jest": "^24.0.2", "tslint": "^5.16.0", "typescript": "^3.4.3", @@ -87,20 +262,20 @@ } }, "cdk-integ-tools": { - "version": "0.28.0", + "version": "0.29.0", "dev": true, "requires": { - "@aws-cdk/cloudformation-diff": "^0.28.0", - "@aws-cdk/cx-api": "^0.28.0", - "aws-cdk": "^0.28.0", + "@aws-cdk/cloudformation-diff": "^0.29.0", + "@aws-cdk/cx-api": "^0.29.0", + "aws-cdk": "^0.29.0", "yargs": "^13.2.2" } }, "cfn2ts": { - "version": "0.28.0", + "version": "0.29.0", "dev": true, "requires": { - "@aws-cdk/cfnspec": "^0.28.0", + "@aws-cdk/cfnspec": "^0.29.0", "codemaker": "^0.10.0", "fast-json-patch": "^2.1.0", "fs-extra": "^7.0.1", @@ -108,7 +283,7 @@ } }, "pkglint": { - "version": "0.28.0", + "version": "0.29.0", "dev": true, "requires": { "case": "^1.6.1", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 45ce49d0dfafc..974b36e8f2982 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -66,6 +66,7 @@ "pkglint": "^0.29.0" }, "dependencies": { + "@aws-cdk/aws-certificatemanager": "^0.29.0", "@aws-cdk/aws-cloudwatch": "^0.29.0", "@aws-cdk/aws-codedeploy-api": "^0.29.0", "@aws-cdk/aws-ec2": "^0.29.0", From 8ee7ca514fe8a4c2186d4e0a7c27f4e06d1aff5f Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Fri, 26 Apr 2019 11:50:25 +0200 Subject: [PATCH 11/12] fixes tests --- .../aws-elasticloadbalancingv2/package.json | 3 +- .../test/nlb/test.listener.ts | 37 +++++++++++++++++-- 2 files changed, 35 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 974b36e8f2982..e112a87fab820 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -83,7 +83,8 @@ "@aws-cdk/aws-iam": "^0.29.0", "@aws-cdk/aws-route53": "^0.29.0", "@aws-cdk/aws-s3": "^0.29.0", - "@aws-cdk/cdk": "^0.29.0" + "@aws-cdk/cdk": "^0.29.0", + "@aws-cdk/aws-certificatemanager": "^0.29.0" }, "engines": { "node": ">= 8.10.0" diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts index 82fcdc2183cde..9b6ddb375d937 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts @@ -177,19 +177,48 @@ export = { test.done(); }, - 'Failing TLS listener'(test: Test) { + 'Invalid Protocol listener'(test: Test) { const stack = new cdk.Stack(); const vpc = new ec2.VpcNetwork(stack, 'Stack'); const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + + test.throws(() => lb.addListener('Listener', { + port: 443, + protocol: elbv2.Protocol.Http, + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })] + }), Error, '/The protocol must be either TCP or TLS. Found HTTP/'); - lb.addListener('Listener', { + test.done(); + }, + + 'Protocol & certs TLS listener'(test: Test) { + const stack = new cdk.Stack(); + const vpc = new ec2.VpcNetwork(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + + test.throws(() => lb.addListener('Listener', { port: 443, protocol: elbv2.Protocol.Tls, - sslPolicy: elbv2.SslPolicy.TLS12, defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })] + }), Error, '/When the protocol is set to TLS, you must specify certificates/'); + + test.done(); + }, + + 'TLS and certs specified listener'(test: Test) { + const stack = new cdk.Stack(); + const vpc = new ec2.VpcNetwork(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + const cert = new acm.Certificate(stack, 'Certificate', { + domainName: 'example.com' }); - test.throws(() => expect(stack), '/When the protocol is set to TLS, you must specify certificates at: NetworkLoadBalancer [LB]/'); + test.throws(() => lb.addListener('Listener', { + port: 443, + protocol: elbv2.Protocol.Tcp, + certificates: [ { certificateArn: cert.certificateArn } ], + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })] + }), Error, '/Protocol must be TLS when certificates have been specified/'); test.done(); }, From 19471fb12fd0b95d09679fb90677a3953c2482ea Mon Sep 17 00:00:00 2001 From: Simon Thulbourn Date: Fri, 26 Apr 2019 14:10:17 +0200 Subject: [PATCH 12/12] remove whitespace --- .../aws-elasticloadbalancingv2/test/nlb/test.listener.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts index 9b6ddb375d937..40ee69ff2f1a8 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/test.listener.ts @@ -181,7 +181,7 @@ export = { const stack = new cdk.Stack(); const vpc = new ec2.VpcNetwork(stack, 'Stack'); const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); - + test.throws(() => lb.addListener('Listener', { port: 443, protocol: elbv2.Protocol.Http,