From 0002025dbc7abde7a73a98838cdb165d4daec847 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 19 Nov 2024 21:24:36 +0900 Subject: [PATCH 01/12] temp enablePrefixForIpv6Nat --- .../integ.nlb-enable-prefix-for-ipv6-nat.ts | 42 +++++++++++++++++++ .../lib/nlb/network-listener.ts | 14 +++---- .../lib/nlb/network-load-balancer.ts | 10 +++++ 3 files changed, 59 insertions(+), 7 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts new file mode 100644 index 0000000000000..ba17346ffc5a7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -0,0 +1,42 @@ +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as cdk from 'aws-cdk-lib'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2'; +import { IpAddressType } from '../../../../../aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/enums'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'NlbEnablePrefixForIpv6NatStack'); + +const vpc = new ec2.Vpc(stack, 'VPC', { + restrictDefaultSecurityGroup: false, + maxAzs: 2, + ipProtocol: ec2.IpProtocol.DUAL_STACK, +}); + +const nlb = new elbv2.NetworkLoadBalancer(stack, 'LB', { + vpc, + internetFacing: true, + securityGroups: [ + new ec2.SecurityGroup(stack, 'SG', { vpc }), + ], + enablePrefixForIpv6SourceNat: true, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, +}); + +const group = new elbv2.NetworkTargetGroup(stack, 'TargetGroup1', { + vpc, + port: 80, + IpAddressType: IpAddressType.DUAL_STACK, + protocol: elbv2.Protocol.UDP, + targetType: elbv2.TargetType.INSTANCE, +}); + +nlb.addListener('Listener', { + port: 80, + protocol: elbv2.Protocol.UDP, + defaultAction: elbv2.NetworkListenerAction.forward([group]), +}); + +new integ.IntegTest(app, 'NlbEnablePrefixForIpv6NatStackTest', { + testCases: [stack], +}); diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 6ef0e006e088f..cbda216a9664d 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -7,7 +7,7 @@ import * as cxschema from '../../../cloud-assembly-schema'; import { Duration, Resource, Lazy, Token } from '../../../core'; import { BaseListener, BaseListenerLookupOptions, IListener } from '../shared/base-listener'; import { HealthCheck } from '../shared/base-target-group'; -import { AlpnPolicy, IpAddressType, Protocol, SslPolicy } from '../shared/enums'; +import { AlpnPolicy, Protocol, SslPolicy } from '../shared/enums'; import { IListenerCertificate } from '../shared/listener-certificate'; import { validateNetworkProtocol } from '../shared/util'; @@ -195,12 +195,12 @@ export class NetworkListener extends BaseListener implements INetworkListener { throw new Error('Protocol must be TLS when alpnPolicy have been specified'); } - if ( - props.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK && - (props.protocol === Protocol.UDP || props.protocol === Protocol.TCP_UDP) - ) { - throw new Error('UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer.'); - } + // if ( + // props.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK && + // (props.protocol === Protocol.UDP || props.protocol === Protocol.TCP_UDP) + // ) { + // throw new Error('UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer.'); + // } super(scope, id, { loadBalancerArn: props.loadBalancer.loadBalancerArn, diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index a9284e8160d58..4b3f98ddcf23e 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -75,6 +75,15 @@ export interface NetworkLoadBalancerProps extends BaseLoadBalancerProps { * @default false */ readonly zonalShift?: boolean; + + /** + * Indicates whether to use an IPv6 prefix from each subnet for source NAT. + * + * The IP address type must be IpAddressType.DUALSTACK. + * + * @default undefined - NLB default behavior is false + */ + readonly enablePrefixForIpv6SourceNat?: boolean; } /** @@ -262,6 +271,7 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: Lazy.string({ produce: () => this.enforceSecurityGroupInboundRulesOnPrivateLinkTraffic, }), + enablePrefixForIpv6SourceNat: props.enablePrefixForIpv6SourceNat === true ? 'on': props.enablePrefixForIpv6SourceNat === false ? 'off' : undefined, }); this.metrics = new NetworkLoadBalancerMetrics(this, this.loadBalancerFullName); From 7a2ebf5c93849a1edc0c8140caf76de62edd9637 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 19 Nov 2024 21:48:47 +0900 Subject: [PATCH 02/12] remove validation --- .../lib/nlb/network-listener.ts | 7 ---- .../test/nlb/load-balancer.test.ts | 35 ------------------- 2 files changed, 42 deletions(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 6ef0e006e088f..0a9094d58c658 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -195,13 +195,6 @@ export class NetworkListener extends BaseListener implements INetworkListener { throw new Error('Protocol must be TLS when alpnPolicy have been specified'); } - if ( - props.loadBalancer.ipAddressType === IpAddressType.DUAL_STACK && - (props.protocol === Protocol.UDP || props.protocol === Protocol.TCP_UDP) - ) { - throw new Error('UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer.'); - } - super(scope, id, { loadBalancerArn: props.loadBalancer.loadBalancerArn, protocol: proto, diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts index 6681443c6b1a9..37ee0baab63cf 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts @@ -1135,41 +1135,6 @@ describe('tests', () => { IpAddressType: 'dualstack', }); }); - - test('Cannot add UDP or TCP_UDP listeners to a dualstack network load balancer', () => { - // GIVEN - const stack = new cdk.Stack(); - const vpc = new ec2.Vpc(stack, 'Stack'); - - // WHEN - const loadBalancer = new elbv2.NetworkLoadBalancer(stack, 'LB', { - vpc, - internetFacing: true, - ipAddressType: elbv2.IpAddressType.DUAL_STACK, - }); - - const targetGroup = new elbv2.NetworkTargetGroup(stack, 'tg', { - vpc: loadBalancer.vpc, - port: 3000, - }); - - // THEN - expect(() => { - loadBalancer.addListener('listener', { - protocol: elbv2.Protocol.UDP, - port: 3000, - defaultAction: elbv2.NetworkListenerAction.forward([targetGroup]), - }); - }).toThrow(/UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer/); - - expect(() => { - loadBalancer.addListener('listener', { - protocol: elbv2.Protocol.TCP_UDP, - port: 3000, - defaultAction: elbv2.NetworkListenerAction.forward([targetGroup]), - }); - }).toThrow(/UDP or TCP_UDP listeners cannot be added to a dualstack network load balancer/); - }); }); describe('dualstack without public ipv4', () => { From f0d2aca689a73136f0ee6c98b813ce67cf145b50 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 19 Nov 2024 22:10:20 +0900 Subject: [PATCH 03/12] update readme --- packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md index 44eb6dac002df..37fad997c6e5a 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md @@ -380,8 +380,6 @@ const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { }); ``` -You cannot add UDP or TCP_UDP listeners to a dualstack Network Load Balancer. - ### Network Load Balancer attributes You can modify attributes of Network Load Balancers: From 6ac455cfab0d1d82a4682f04eaae387a6ddbcd5e Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 19 Nov 2024 22:46:51 +0900 Subject: [PATCH 04/12] update integ --- .../integ.nlb-enable-prefix-for-ipv6-nat.ts | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts index ba17346ffc5a7..5927f2a9be633 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -2,7 +2,7 @@ import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as cdk from 'aws-cdk-lib'; import * as integ from '@aws-cdk/integ-tests-alpha'; import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2'; -import { IpAddressType } from '../../../../../aws-cdk-lib/aws-elasticloadbalancingv2/lib/shared/enums'; +import * as targets from 'aws-cdk-lib/aws-elasticloadbalancingv2-targets' const app = new cdk.App(); const stack = new cdk.Stack(app, 'NlbEnablePrefixForIpv6NatStack'); @@ -13,6 +13,12 @@ const vpc = new ec2.Vpc(stack, 'VPC', { ipProtocol: ec2.IpProtocol.DUAL_STACK, }); +const instance = new ec2.Instance(stack, 'Instance', { + vpc, + instanceType: new ec2.InstanceType('t2.micro'), + machineImage: new ec2.AmazonLinuxImage(), +}); + const nlb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc, internetFacing: true, @@ -23,20 +29,18 @@ const nlb = new elbv2.NetworkLoadBalancer(stack, 'LB', { ipAddressType: elbv2.IpAddressType.DUAL_STACK, }); -const group = new elbv2.NetworkTargetGroup(stack, 'TargetGroup1', { - vpc, - port: 80, - IpAddressType: IpAddressType.DUAL_STACK, +const listener = nlb.addListener('Listener', { + port: 1229, protocol: elbv2.Protocol.UDP, - targetType: elbv2.TargetType.INSTANCE, }); -nlb.addListener('Listener', { - port: 80, - protocol: elbv2.Protocol.UDP, - defaultAction: elbv2.NetworkListenerAction.forward([group]), +listener.addTargets('Target', { + port: 1229, + targets: [new targets.InstanceTarget(instance)], }); +nlb.connections.allowTo(instance, ec2.Port.udp(1229)); + new integ.IntegTest(app, 'NlbEnablePrefixForIpv6NatStackTest', { testCases: [stack], }); From dccfdcd275ef3a49ab848181a12c0ea14e692a7c Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 19 Nov 2024 22:48:02 +0900 Subject: [PATCH 05/12] remove unused import --- .../aws-elasticloadbalancingv2/lib/nlb/network-listener.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts index 0a9094d58c658..6b97718474c21 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-listener.ts @@ -7,7 +7,7 @@ import * as cxschema from '../../../cloud-assembly-schema'; import { Duration, Resource, Lazy, Token } from '../../../core'; import { BaseListener, BaseListenerLookupOptions, IListener } from '../shared/base-listener'; import { HealthCheck } from '../shared/base-target-group'; -import { AlpnPolicy, IpAddressType, Protocol, SslPolicy } from '../shared/enums'; +import { AlpnPolicy, Protocol, SslPolicy } from '../shared/enums'; import { IListenerCertificate } from '../shared/listener-certificate'; import { validateNetworkProtocol } from '../shared/util'; From 0f0c3df4b674ee421d2e76c203d36e7dc7fe9e8b Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Mon, 2 Dec 2024 23:02:58 +0900 Subject: [PATCH 06/12] update integ --- .../test/integ.nlb-enable-prefix-for-ipv6-nat.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts index 5927f2a9be633..32e29a88fe0ee 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -2,7 +2,7 @@ import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as cdk from 'aws-cdk-lib'; import * as integ from '@aws-cdk/integ-tests-alpha'; import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2'; -import * as targets from 'aws-cdk-lib/aws-elasticloadbalancingv2-targets' +import * as targets from 'aws-cdk-lib/aws-elasticloadbalancingv2-targets'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'NlbEnablePrefixForIpv6NatStack'); From 7395c70c57d7878d97b8481d5e44625fd70a6e72 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 3 Dec 2024 21:24:52 +0900 Subject: [PATCH 07/12] update tests and documents --- .../integ.nlb-enable-prefix-for-ipv6-nat.ts | 24 +++++++------------ .../aws-elasticloadbalancingv2/README.md | 18 +++++++++++++- .../test/nlb/load-balancer.test.ts | 24 +++++++++++++++++++ 3 files changed, 50 insertions(+), 16 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts index 32e29a88fe0ee..67dd9b51975c4 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -2,28 +2,22 @@ import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as cdk from 'aws-cdk-lib'; import * as integ from '@aws-cdk/integ-tests-alpha'; import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2'; -import * as targets from 'aws-cdk-lib/aws-elasticloadbalancingv2-targets'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'NlbEnablePrefixForIpv6NatStack'); -const vpc = new ec2.Vpc(stack, 'VPC', { +const vpc = new ec2.Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false, maxAzs: 2, ipProtocol: ec2.IpProtocol.DUAL_STACK, + natGateways: 0, }); -const instance = new ec2.Instance(stack, 'Instance', { - vpc, - instanceType: new ec2.InstanceType('t2.micro'), - machineImage: new ec2.AmazonLinuxImage(), -}); - -const nlb = new elbv2.NetworkLoadBalancer(stack, 'LB', { +const nlb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { vpc, internetFacing: true, securityGroups: [ - new ec2.SecurityGroup(stack, 'SG', { vpc }), + new ec2.SecurityGroup(stack, 'Sg', { vpc }), ], enablePrefixForIpv6SourceNat: true, ipAddressType: elbv2.IpAddressType.DUAL_STACK, @@ -33,13 +27,13 @@ const listener = nlb.addListener('Listener', { port: 1229, protocol: elbv2.Protocol.UDP, }); - -listener.addTargets('Target', { +const targetGroup = new elbv2.NetworkTargetGroup(stack, 'TargetGroup', { + vpc, port: 1229, - targets: [new targets.InstanceTarget(instance)], + protocol: elbv2.Protocol.UDP, + ipAddressType: elbv2.TargetGroupIpAddressType.IPV6, }); - -nlb.connections.allowTo(instance, ec2.Port.udp(1229)); +listener.addTargetGroups('TargetGroup', targetGroup); new integ.IntegTest(app, 'NlbEnablePrefixForIpv6NatStackTest', { testCases: [stack], diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md index 2724bbc2c9dfd..8b6b825cf2a97 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md @@ -366,7 +366,6 @@ and [Register targets with your Target Group](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-register-targets.html) for more information. - ### Dualstack Network Load Balancer You can create a dualstack Network Load Balancer using the `ipAddressType` property: @@ -380,6 +379,23 @@ const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { }); ``` +If you wan to create UDP listeners, you must set `enablePrefixIpv6SourceNat` to `true`: + +```ts +declare const vpc: ec2.Vpc; + +const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { + vpc, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, + enablePrefixIpv6SourceNat: true, +}); + +const listener = nlb.addListener('Listener', { + port: 1229, + protocol: elbv2.Protocol.UDP, +}); +``` + ### Network Load Balancer attributes You can modify attributes of Network Load Balancers: diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts index 37ee0baab63cf..01c12c018aa81 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts @@ -1135,6 +1135,30 @@ describe('tests', () => { IpAddressType: 'dualstack', }); }); + + test.each([ + { config: true, value: 'on' }, + { config: false, value: 'off' }, + ])('configure EnablePrefixForIpv6SourceNat', ({ config, value }) => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + + // WHEN + new elbv2.NetworkLoadBalancer(stack, 'LB', { + vpc, + enablePrefixForIpv6SourceNat: config, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancingV2::LoadBalancer', { + Scheme: 'internal', + Type: 'network', + IpAddressType: 'dualstack', + EnablePrefixForIpv6SourceNat: value, + }); + }); }); describe('dualstack without public ipv4', () => { From 7dbd1d46c8ae445a0db6a17d82027585235d17e9 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 3 Dec 2024 21:41:35 +0900 Subject: [PATCH 08/12] add snapshot --- ...NlbEnablePrefixForIpv6NatStack.assets.json | 19 + ...bEnablePrefixForIpv6NatStack.template.json | 594 +++++++++++ ...efaultTestDeployAssert4C17D694.assets.json | 19 + ...aultTestDeployAssert4C17D694.template.json | 36 + .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 263 +++++ .../tree.json | 921 ++++++++++++++++++ 8 files changed, 1865 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json new file mode 100644 index 0000000000000..7f225e546d7fc --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json @@ -0,0 +1,19 @@ +{ + "version": "38.0.1", + "files": { + "59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5": { + "source": { + "path": "NlbEnablePrefixForIpv6NatStack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json new file mode 100644 index 0000000000000..e7aa229d33446 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json @@ -0,0 +1,594 @@ +{ + "Resources": { + "VPCB9E5F0B4": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC" + } + ] + } + }, + "VPCipv6cidr4D5C3141": { + "Type": "AWS::EC2::VPCCidrBlock", + "Properties": { + "AmazonProvidedIpv6CidrBlock": true, + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPublicSubnet1SubnetB4246D30": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": true, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "Ipv6CidrBlock": { + "Fn::Select": [ + 0, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet1RouteTableFEE4B781": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet1RouteTableAssociation0B0896DC": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet1DefaultRoute91CEF279": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141", + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet1DefaultRoute6AD2A6FA7": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationIpv6CidrBlock": "::/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet2Subnet74179F39": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": true, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "Ipv6CidrBlock": { + "Fn::Select": [ + 1, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet2RouteTable6F1A15F1": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet2RouteTableAssociation5A808732": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCPublicSubnet2DefaultRouteB7481BBA": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141", + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet2DefaultRoute622F3CED9": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationIpv6CidrBlock": "::/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet1SubnetEBD00FC6": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": true, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "Ipv6CidrBlock": { + "Fn::Select": [ + 2, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Isolated" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Isolated" + }, + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet1RouteTableEB156210": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet1RouteTableAssociationA2D18F7C": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCIsolatedSubnet1RouteTableEB156210" + }, + "SubnetId": { + "Ref": "VPCIsolatedSubnet1SubnetEBD00FC6" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet2Subnet4B1C8CAA": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AssignIpv6AddressOnCreation": true, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "Ipv6CidrBlock": { + "Fn::Select": [ + 3, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Isolated" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Isolated" + }, + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet2RouteTable9B4F78DC": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIsolatedSubnet2RouteTableAssociation7BF8E0EB": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCIsolatedSubnet2RouteTable9B4F78DC" + }, + "SubnetId": { + "Ref": "VPCIsolatedSubnet2Subnet4B1C8CAA" + } + }, + "DependsOn": [ + "VPCipv6cidr4D5C3141" + ] + }, + "VPCIGWB7E252D3": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "NlbEnablePrefixForIpv6NatStack/VPC" + } + ] + } + }, + "VPCVPCGW99B986DC": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCEIGW68A11D88F": { + "Type": "AWS::EC2::EgressOnlyInternetGateway", + "Properties": { + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "SGADB53937": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "NlbEnablePrefixForIpv6NatStack/SG", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "LB8A12904C": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "EnablePrefixForIpv6SourceNat": "on", + "IpAddressType": "dualstack", + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "SGADB53937", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VPCPublicSubnet1DefaultRoute91CEF279", + "VPCPublicSubnet1DefaultRoute6AD2A6FA7", + "VPCPublicSubnet1RouteTableAssociation0B0896DC", + "VPCPublicSubnet2DefaultRouteB7481BBA", + "VPCPublicSubnet2DefaultRoute622F3CED9", + "VPCPublicSubnet2RouteTableAssociation5A808732" + ] + }, + "LBListener49E825B4": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TargetGroup3D7CD9B8" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB8A12904C" + }, + "Port": 1229, + "Protocol": "UDP" + } + }, + "TargetGroup3D7CD9B8": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "IpAddressType": "ipv6", + "Port": 1229, + "Protocol": "UDP", + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets.json new file mode 100644 index 0000000000000..a47c44feab324 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets.json @@ -0,0 +1,19 @@ +{ + "version": "38.0.1", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c6e612584e352 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"38.0.1"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/integ.json new file mode 100644 index 0000000000000..2512b45a69413 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "38.0.1", + "testCases": { + "NlbEnablePrefixForIpv6NatStackTest/DefaultTest": { + "stacks": [ + "NlbEnablePrefixForIpv6NatStack" + ], + "assertionStack": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert", + "assertionStackName": "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json new file mode 100644 index 0000000000000..432aa4ecc8ce5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json @@ -0,0 +1,263 @@ +{ + "version": "38.0.1", + "artifacts": { + "NlbEnablePrefixForIpv6NatStack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "NlbEnablePrefixForIpv6NatStack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "NlbEnablePrefixForIpv6NatStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "NlbEnablePrefixForIpv6NatStack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "NlbEnablePrefixForIpv6NatStack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "NlbEnablePrefixForIpv6NatStack.assets" + ], + "metadata": { + "/NlbEnablePrefixForIpv6NatStack/VPC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCB9E5F0B4" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/ipv6cidr": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCipv6cidr4D5C3141" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1SubnetB4246D30" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableFEE4B781" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute91CEF279" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute6": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute6AD2A6FA7" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2Subnet74179F39" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTable6F1A15F1" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTableAssociation5A808732" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2DefaultRouteB7481BBA" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute6": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2DefaultRoute622F3CED9" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet1SubnetEBD00FC6" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet1RouteTableEB156210" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet1RouteTableAssociationA2D18F7C" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet2Subnet4B1C8CAA" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet2RouteTable9B4F78DC" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIsolatedSubnet2RouteTableAssociation7BF8E0EB" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIGWB7E252D3" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCVPCGW99B986DC" + } + ], + "/NlbEnablePrefixForIpv6NatStack/VPC/EIGW6": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCEIGW68A11D88F" + } + ], + "/NlbEnablePrefixForIpv6NatStack/SG/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SGADB53937" + } + ], + "/NlbEnablePrefixForIpv6NatStack/LB/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LB8A12904C" + } + ], + "/NlbEnablePrefixForIpv6NatStack/LB/Listener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LBListener49E825B4" + } + ], + "/NlbEnablePrefixForIpv6NatStack/TargetGroup": [ + { + "type": "aws:cdk:warning", + "data": "When creating an empty TargetGroup, you should specify a 'targetType' (this warning may become an error in the future). [ack: @aws-cdk/aws-elbv2:targetGroupSpecifyTargetTypeForEmptyTargetGroup]" + } + ], + "/NlbEnablePrefixForIpv6NatStack/TargetGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TargetGroup3D7CD9B8" + } + ], + "/NlbEnablePrefixForIpv6NatStack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/NlbEnablePrefixForIpv6NatStack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "NlbEnablePrefixForIpv6NatStack" + }, + "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "NlbEnablePrefixForIpv6NatStackTestDefaultTestDeployAssert4C17D694.assets" + ], + "metadata": { + "/NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json new file mode 100644 index 0000000000000..131756d5e0e2f --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json @@ -0,0 +1,921 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "NlbEnablePrefixForIpv6NatStack": { + "id": "NlbEnablePrefixForIpv6NatStack", + "path": "NlbEnablePrefixForIpv6NatStack", + "children": { + "VPC": { + "id": "VPC", + "path": "NlbEnablePrefixForIpv6NatStack/VPC", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "ipv6cidr": { + "id": "ipv6cidr", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/ipv6cidr", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", + "aws:cdk:cloudformation:props": { + "amazonProvidedIpv6CidrBlock": true, + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": true, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "ipv6CidrBlock": { + "Fn::Select": [ + 0, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "Acl": { + "id": "Acl", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DefaultRoute6": { + "id": "DefaultRoute6", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute6", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationIpv6CidrBlock": "::/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": true, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "ipv6CidrBlock": { + "Fn::Select": [ + 1, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "Acl": { + "id": "Acl", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DefaultRoute6": { + "id": "DefaultRoute6", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute6", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationIpv6CidrBlock": "::/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "IsolatedSubnet1": { + "id": "IsolatedSubnet1", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": true, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "ipv6CidrBlock": { + "Fn::Select": [ + 2, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Isolated" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Isolated" + }, + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "Acl": { + "id": "Acl", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Acl", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCIsolatedSubnet1RouteTableEB156210" + }, + "subnetId": { + "Ref": "VPCIsolatedSubnet1SubnetEBD00FC6" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "IsolatedSubnet2": { + "id": "IsolatedSubnet2", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "assignIpv6AddressOnCreation": true, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "ipv6CidrBlock": { + "Fn::Select": [ + 3, + { + "Fn::Cidr": [ + { + "Fn::Select": [ + 0, + { + "Fn::GetAtt": [ + "VPCB9E5F0B4", + "Ipv6CidrBlocks" + ] + } + ] + }, + 4, + "64" + ] + } + ] + }, + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Isolated" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Isolated" + }, + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "Acl": { + "id": "Acl", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Acl", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCIsolatedSubnet2RouteTable9B4F78DC" + }, + "subnetId": { + "Ref": "VPCIsolatedSubnet2Subnet4B1C8CAA" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "IGW": { + "id": "IGW", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "NlbEnablePrefixForIpv6NatStack/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "EIGW6": { + "id": "EIGW6", + "path": "NlbEnablePrefixForIpv6NatStack/VPC/EIGW6", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "SG": { + "id": "SG", + "path": "NlbEnablePrefixForIpv6NatStack/SG", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/SG/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "NlbEnablePrefixForIpv6NatStack/SG", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "LB": { + "id": "LB", + "path": "NlbEnablePrefixForIpv6NatStack/LB", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/LB/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "enablePrefixForIpv6SourceNat": "on", + "ipAddressType": "dualstack", + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "SGADB53937", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "Listener": { + "id": "Listener", + "path": "NlbEnablePrefixForIpv6NatStack/LB/Listener", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/LB/Listener/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "TargetGroup3D7CD9B8" + } + } + ], + "loadBalancerArn": { + "Ref": "LB8A12904C" + }, + "port": 1229, + "protocol": "UDP" + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "TargetGroup": { + "id": "TargetGroup", + "path": "NlbEnablePrefixForIpv6NatStack/TargetGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/TargetGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "ipAddressType": "ipv6", + "port": 1229, + "protocol": "UDP", + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "NlbEnablePrefixForIpv6NatStack/BootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "NlbEnablePrefixForIpv6NatStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "NlbEnablePrefixForIpv6NatStackTest": { + "id": "NlbEnablePrefixForIpv6NatStackTest", + "path": "NlbEnablePrefixForIpv6NatStackTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "NlbEnablePrefixForIpv6NatStackTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } +} \ No newline at end of file From 369fcb44fe2c4b84e9f35bdac4feee96414f041b Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 3 Dec 2024 23:16:50 +0900 Subject: [PATCH 09/12] update snapshot --- ...NlbEnablePrefixForIpv6NatStack.assets.json | 4 +- ...bEnablePrefixForIpv6NatStack.template.json | 311 ++++++++----- .../manifest.json | 152 ++++--- .../tree.json | 409 +++++++++++++----- .../integ.nlb-enable-prefix-for-ipv6-nat.ts | 45 +- .../aws-elasticloadbalancingv2/README.md | 19 +- .../lib/nlb/network-load-balancer.ts | 18 +- .../test/nlb/load-balancer.test.ts | 48 +- 8 files changed, 743 insertions(+), 263 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json index 7f225e546d7fc..34d0c4649041f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.assets.json @@ -1,7 +1,7 @@ { "version": "38.0.1", "files": { - "59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5": { + "fa46958bcb246c27c21906c9bf41a44bce7f9613a3d90335588eedc4daeb49dd": { "source": { "path": "NlbEnablePrefixForIpv6NatStack.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5.json", + "objectKey": "fa46958bcb246c27c21906c9bf41a44bce7f9613a3d90335588eedc4daeb49dd.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json index e7aa229d33446..a5031e0a2dafc 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/NlbEnablePrefixForIpv6NatStack.template.json @@ -1,6 +1,6 @@ { "Resources": { - "VPCB9E5F0B4": { + "Vpc8378EB38": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", @@ -10,21 +10,21 @@ "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc" } ] } }, - "VPCipv6cidr4D5C3141": { + "Vpcipv6cidr40D3CB78": { "Type": "AWS::EC2::VPCCidrBlock", "Properties": { "AmazonProvidedIpv6CidrBlock": true, "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, - "VPCPublicSubnet1SubnetB4246D30": { + "VpcPublicSubnet1Subnet5C2D37C4": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": true, @@ -47,7 +47,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -71,80 +71,80 @@ }, { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet1RouteTableFEE4B781": { + "VpcPublicSubnet1RouteTable6C95E38E": { "Type": "AWS::EC2::RouteTable", "Properties": { "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet1RouteTableAssociation0B0896DC": { + "VpcPublicSubnet1RouteTableAssociation97140677": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" }, "SubnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet1DefaultRoute91CEF279": { + "VpcPublicSubnet1DefaultRoute3DA9E72A": { "Type": "AWS::EC2::Route", "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "RouteTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141", - "VPCVPCGW99B986DC" + "Vpcipv6cidr40D3CB78", + "VpcVPCGWBF912B6E" ] }, - "VPCPublicSubnet1DefaultRoute6AD2A6FA7": { + "VpcPublicSubnet1DefaultRoute6A21265FB": { "Type": "AWS::EC2::Route", "Properties": { "DestinationIpv6CidrBlock": "::/0", "GatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "RouteTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet2Subnet74179F39": { + "VpcPublicSubnet2Subnet691E08A3": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": true, @@ -167,7 +167,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -191,80 +191,80 @@ }, { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet2RouteTable6F1A15F1": { + "VpcPublicSubnet2RouteTable94F7E489": { "Type": "AWS::EC2::RouteTable", "Properties": { "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet2RouteTableAssociation5A808732": { + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" }, "SubnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" + "Ref": "VpcPublicSubnet2Subnet691E08A3" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCPublicSubnet2DefaultRouteB7481BBA": { + "VpcPublicSubnet2DefaultRoute97F91067": { "Type": "AWS::EC2::Route", "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "RouteTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141", - "VPCVPCGW99B986DC" + "Vpcipv6cidr40D3CB78", + "VpcVPCGWBF912B6E" ] }, - "VPCPublicSubnet2DefaultRoute622F3CED9": { + "VpcPublicSubnet2DefaultRoute63E63096C": { "Type": "AWS::EC2::Route", "Properties": { "DestinationIpv6CidrBlock": "::/0", "GatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "RouteTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet1SubnetEBD00FC6": { + "VpcIsolatedSubnet1SubnetE48C5737": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": true, @@ -287,7 +287,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -311,49 +311,49 @@ }, { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet1RouteTableEB156210": { + "VpcIsolatedSubnet1RouteTable4771E3E5": { "Type": "AWS::EC2::RouteTable", "Properties": { "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet1RouteTableAssociationA2D18F7C": { + "VpcIsolatedSubnet1RouteTableAssociationD300FCBB": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "VPCIsolatedSubnet1RouteTableEB156210" + "Ref": "VpcIsolatedSubnet1RouteTable4771E3E5" }, "SubnetId": { - "Ref": "VPCIsolatedSubnet1SubnetEBD00FC6" + "Ref": "VpcIsolatedSubnet1SubnetE48C5737" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet2Subnet4B1C8CAA": { + "VpcIsolatedSubnet2Subnet16364B91": { "Type": "AWS::EC2::Subnet", "Properties": { "AssignIpv6AddressOnCreation": true, @@ -376,7 +376,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -400,82 +400,82 @@ }, { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet2RouteTable9B4F78DC": { + "VpcIsolatedSubnet2RouteTable1D30AF7D": { "Type": "AWS::EC2::RouteTable", "Properties": { "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2" } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIsolatedSubnet2RouteTableAssociation7BF8E0EB": { + "VpcIsolatedSubnet2RouteTableAssociationF7B18CCA": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { - "Ref": "VPCIsolatedSubnet2RouteTable9B4F78DC" + "Ref": "VpcIsolatedSubnet2RouteTable1D30AF7D" }, "SubnetId": { - "Ref": "VPCIsolatedSubnet2Subnet4B1C8CAA" + "Ref": "VpcIsolatedSubnet2Subnet16364B91" } }, "DependsOn": [ - "VPCipv6cidr4D5C3141" + "Vpcipv6cidr40D3CB78" ] }, - "VPCIGWB7E252D3": { + "VpcIGWD7BA715C": { "Type": "AWS::EC2::InternetGateway", "Properties": { "Tags": [ { "Key": "Name", - "Value": "NlbEnablePrefixForIpv6NatStack/VPC" + "Value": "NlbEnablePrefixForIpv6NatStack/Vpc" } ] } }, - "VPCVPCGW99B986DC": { + "VpcVPCGWBF912B6E": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "InternetGatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, - "VPCEIGW68A11D88F": { + "VpcEIGW61416F369": { "Type": "AWS::EC2::EgressOnlyInternetGateway", "Properties": { "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, - "SGADB53937": { + "DisabledLbSgB7154DC8": { "Type": "AWS::EC2::SecurityGroup", "Properties": { - "GroupDescription": "NlbEnablePrefixForIpv6NatStack/SG", + "GroupDescription": "NlbEnablePrefixForIpv6NatStack/DisabledLbSg", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", @@ -484,11 +484,95 @@ } ], "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, - "LB8A12904C": { + "DisabledLbF70482DB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "EnablePrefixForIpv6SourceNat": "off", + "IpAddressType": "dualstack", + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "DisabledLbSgB7154DC8", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1DefaultRoute6A21265FB", + "VpcPublicSubnet1RouteTableAssociation97140677", + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2DefaultRoute63E63096C", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "DisabledLbTcpListener070B4D6E": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TcpTargetGroupD98C5CDB" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "DisabledLbF70482DB" + }, + "Port": 1229, + "Protocol": "TCP" + } + }, + "TcpTargetGroupD98C5CDB": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "IpAddressType": "ipv6", + "Port": 1229, + "Protocol": "TCP", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EnabledLbSg11D53248": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "NlbEnablePrefixForIpv6NatStack/EnabledLbSg", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EnabledLb9F3E8D30": { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "EnablePrefixForIpv6SourceNat": "on", @@ -503,56 +587,85 @@ "SecurityGroups": [ { "Fn::GetAtt": [ - "SGADB53937", + "EnabledLbSg11D53248", "GroupId" ] } ], "Subnets": [ { - "Ref": "VPCPublicSubnet1SubnetB4246D30" + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" }, { - "Ref": "VPCPublicSubnet2Subnet74179F39" + "Ref": "VpcPublicSubnet2Subnet691E08A3" } ], "Type": "network" }, "DependsOn": [ - "VPCPublicSubnet1DefaultRoute91CEF279", - "VPCPublicSubnet1DefaultRoute6AD2A6FA7", - "VPCPublicSubnet1RouteTableAssociation0B0896DC", - "VPCPublicSubnet2DefaultRouteB7481BBA", - "VPCPublicSubnet2DefaultRoute622F3CED9", - "VPCPublicSubnet2RouteTableAssociation5A808732" + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1DefaultRoute6A21265FB", + "VpcPublicSubnet1RouteTableAssociation97140677", + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2DefaultRoute63E63096C", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" ] }, - "LBListener49E825B4": { + "EnabledLbUdpListener550E1122": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [ { "TargetGroupArn": { - "Ref": "TargetGroup3D7CD9B8" + "Ref": "UdpTargetGroup5F89FEC0" }, "Type": "forward" } ], "LoadBalancerArn": { - "Ref": "LB8A12904C" + "Ref": "EnabledLb9F3E8D30" }, "Port": 1229, "Protocol": "UDP" } }, - "TargetGroup3D7CD9B8": { + "EnabledLbTcpWithUdpListenerBBFA335D": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TcpWithUdpTargetGroup827EE6D7" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "EnabledLb9F3E8D30" + }, + "Port": 3502, + "Protocol": "TCP_UDP" + } + }, + "UdpTargetGroup5F89FEC0": { "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties": { "IpAddressType": "ipv6", "Port": 1229, "Protocol": "UDP", "VpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" + } + } + }, + "TcpWithUdpTargetGroup827EE6D7": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "IpAddressType": "ipv6", + "Port": 3502, + "Protocol": "TCP_UDP", + "VpcId": { + "Ref": "Vpc8378EB38" } } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json index 432aa4ecc8ce5..c9ae9e3d676a6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/59468471b83aa514898e64f086b0b64d10b56dbdb67ca1df32b5ace667be9db5.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fa46958bcb246c27c21906c9bf41a44bce7f9613a3d90335588eedc4daeb49dd.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,160 +34,208 @@ "NlbEnablePrefixForIpv6NatStack.assets" ], "metadata": { - "/NlbEnablePrefixForIpv6NatStack/VPC/Resource": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/Resource": [ { "type": "aws:cdk:logicalId", - "data": "VPCB9E5F0B4" + "data": "Vpc8378EB38" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/ipv6cidr": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/ipv6cidr": [ { "type": "aws:cdk:logicalId", - "data": "VPCipv6cidr4D5C3141" + "data": "Vpcipv6cidr40D3CB78" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Subnet": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1SubnetB4246D30" + "data": "VpcPublicSubnet1Subnet5C2D37C4" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTable": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1RouteTableFEE4B781" + "data": "VpcPublicSubnet1RouteTable6C95E38E" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTableAssociation": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + "data": "VpcPublicSubnet1RouteTableAssociation97140677" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/DefaultRoute": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1DefaultRoute91CEF279" + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute6": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/DefaultRoute6": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet1DefaultRoute6AD2A6FA7" + "data": "VpcPublicSubnet1DefaultRoute6A21265FB" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Subnet": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2Subnet74179F39" + "data": "VpcPublicSubnet2Subnet691E08A3" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTable": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2RouteTable6F1A15F1" + "data": "VpcPublicSubnet2RouteTable94F7E489" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTableAssociation": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2RouteTableAssociation5A808732" + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/DefaultRoute": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2DefaultRouteB7481BBA" + "data": "VpcPublicSubnet2DefaultRoute97F91067" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute6": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/DefaultRoute6": [ { "type": "aws:cdk:logicalId", - "data": "VPCPublicSubnet2DefaultRoute622F3CED9" + "data": "VpcPublicSubnet2DefaultRoute63E63096C" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Subnet": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet1SubnetEBD00FC6" + "data": "VpcIsolatedSubnet1SubnetE48C5737" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTable": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet1RouteTableEB156210" + "data": "VpcIsolatedSubnet1RouteTable4771E3E5" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTableAssociation": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet1RouteTableAssociationA2D18F7C" + "data": "VpcIsolatedSubnet1RouteTableAssociationD300FCBB" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Subnet": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet2Subnet4B1C8CAA" + "data": "VpcIsolatedSubnet2Subnet16364B91" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTable": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/RouteTable": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet2RouteTable9B4F78DC" + "data": "VpcIsolatedSubnet2RouteTable1D30AF7D" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTableAssociation": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", - "data": "VPCIsolatedSubnet2RouteTableAssociation7BF8E0EB" + "data": "VpcIsolatedSubnet2RouteTableAssociationF7B18CCA" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/IGW": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/IGW": [ { "type": "aws:cdk:logicalId", - "data": "VPCIGWB7E252D3" + "data": "VpcIGWD7BA715C" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/VPCGW": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/VPCGW": [ { "type": "aws:cdk:logicalId", - "data": "VPCVPCGW99B986DC" + "data": "VpcVPCGWBF912B6E" } ], - "/NlbEnablePrefixForIpv6NatStack/VPC/EIGW6": [ + "/NlbEnablePrefixForIpv6NatStack/Vpc/EIGW6": [ { "type": "aws:cdk:logicalId", - "data": "VPCEIGW68A11D88F" + "data": "VpcEIGW61416F369" } ], - "/NlbEnablePrefixForIpv6NatStack/SG/Resource": [ + "/NlbEnablePrefixForIpv6NatStack/DisabledLbSg/Resource": [ { "type": "aws:cdk:logicalId", - "data": "SGADB53937" + "data": "DisabledLbSgB7154DC8" } ], - "/NlbEnablePrefixForIpv6NatStack/LB/Resource": [ + "/NlbEnablePrefixForIpv6NatStack/DisabledLb/Resource": [ { "type": "aws:cdk:logicalId", - "data": "LB8A12904C" + "data": "DisabledLbF70482DB" } ], - "/NlbEnablePrefixForIpv6NatStack/LB/Listener/Resource": [ + "/NlbEnablePrefixForIpv6NatStack/DisabledLb/TcpListener/Resource": [ { "type": "aws:cdk:logicalId", - "data": "LBListener49E825B4" + "data": "DisabledLbTcpListener070B4D6E" } ], - "/NlbEnablePrefixForIpv6NatStack/TargetGroup": [ + "/NlbEnablePrefixForIpv6NatStack/TcpTargetGroup": [ { "type": "aws:cdk:warning", "data": "When creating an empty TargetGroup, you should specify a 'targetType' (this warning may become an error in the future). [ack: @aws-cdk/aws-elbv2:targetGroupSpecifyTargetTypeForEmptyTargetGroup]" } ], - "/NlbEnablePrefixForIpv6NatStack/TargetGroup/Resource": [ + "/NlbEnablePrefixForIpv6NatStack/TcpTargetGroup/Resource": [ { "type": "aws:cdk:logicalId", - "data": "TargetGroup3D7CD9B8" + "data": "TcpTargetGroupD98C5CDB" + } + ], + "/NlbEnablePrefixForIpv6NatStack/EnabledLbSg/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EnabledLbSg11D53248" + } + ], + "/NlbEnablePrefixForIpv6NatStack/EnabledLb/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EnabledLb9F3E8D30" + } + ], + "/NlbEnablePrefixForIpv6NatStack/EnabledLb/UdpListener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EnabledLbUdpListener550E1122" + } + ], + "/NlbEnablePrefixForIpv6NatStack/EnabledLb/TcpWithUdpListener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EnabledLbTcpWithUdpListenerBBFA335D" + } + ], + "/NlbEnablePrefixForIpv6NatStack/UdpTargetGroup": [ + { + "type": "aws:cdk:warning", + "data": "When creating an empty TargetGroup, you should specify a 'targetType' (this warning may become an error in the future). [ack: @aws-cdk/aws-elbv2:targetGroupSpecifyTargetTypeForEmptyTargetGroup]" + } + ], + "/NlbEnablePrefixForIpv6NatStack/UdpTargetGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "UdpTargetGroup5F89FEC0" + } + ], + "/NlbEnablePrefixForIpv6NatStack/TcpWithUdpTargetGroup": [ + { + "type": "aws:cdk:warning", + "data": "When creating an empty TargetGroup, you should specify a 'targetType' (this warning may become an error in the future). [ack: @aws-cdk/aws-elbv2:targetGroupSpecifyTargetTypeForEmptyTargetGroup]" + } + ], + "/NlbEnablePrefixForIpv6NatStack/TcpWithUdpTargetGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TcpWithUdpTargetGroup827EE6D7" } ], "/NlbEnablePrefixForIpv6NatStack/BootstrapVersion": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json index 131756d5e0e2f..75cb2ae8bbbe6 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.js.snapshot/tree.json @@ -8,13 +8,13 @@ "id": "NlbEnablePrefixForIpv6NatStack", "path": "NlbEnablePrefixForIpv6NatStack", "children": { - "VPC": { - "id": "VPC", - "path": "NlbEnablePrefixForIpv6NatStack/VPC", + "Vpc": { + "id": "Vpc", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc", "children": { "Resource": { "id": "Resource", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/Resource", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { @@ -25,7 +25,7 @@ "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc" } ] } @@ -37,13 +37,13 @@ }, "ipv6cidr": { "id": "ipv6cidr", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/ipv6cidr", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/ipv6cidr", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCCidrBlock", "aws:cdk:cloudformation:props": { "amazonProvidedIpv6CidrBlock": true, "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -54,11 +54,11 @@ }, "PublicSubnet1": { "id": "PublicSubnet1", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -82,7 +82,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -106,11 +106,11 @@ }, { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -121,7 +121,7 @@ }, "Acl": { "id": "Acl", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/Acl", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/Acl", "constructInfo": { "fqn": "constructs.Construct", "version": "10.4.2" @@ -129,18 +129,18 @@ }, "RouteTable": { "id": "RouteTable", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -151,15 +151,15 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" }, "subnetId": { - "Ref": "VPCPublicSubnet1SubnetB4246D30" + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" } } }, @@ -170,16 +170,16 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" } } }, @@ -190,16 +190,16 @@ }, "DefaultRoute6": { "id": "DefaultRoute6", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet1/DefaultRoute6", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet1/DefaultRoute6", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { "destinationIpv6CidrBlock": "::/0", "gatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "routeTableId": { - "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" } } }, @@ -216,11 +216,11 @@ }, "PublicSubnet2": { "id": "PublicSubnet2", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2", "children": { "Subnet": { "id": "Subnet", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -244,7 +244,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -268,11 +268,11 @@ }, { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -283,7 +283,7 @@ }, "Acl": { "id": "Acl", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/Acl", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/Acl", "constructInfo": { "fqn": "constructs.Construct", "version": "10.4.2" @@ -291,18 +291,18 @@ }, "RouteTable": { "id": "RouteTable", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -313,15 +313,15 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" }, "subnetId": { - "Ref": "VPCPublicSubnet2Subnet74179F39" + "Ref": "VpcPublicSubnet2Subnet691E08A3" } } }, @@ -332,16 +332,16 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { "destinationCidrBlock": "0.0.0.0/0", "gatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" } } }, @@ -352,16 +352,16 @@ }, "DefaultRoute6": { "id": "DefaultRoute6", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/PublicSubnet2/DefaultRoute6", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/PublicSubnet2/DefaultRoute6", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { "destinationIpv6CidrBlock": "::/0", "gatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "routeTableId": { - "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + "Ref": "VpcPublicSubnet2RouteTable94F7E489" } } }, @@ -378,11 +378,11 @@ }, "IsolatedSubnet1": { "id": "IsolatedSubnet1", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -406,7 +406,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -430,11 +430,11 @@ }, { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -445,7 +445,7 @@ }, "Acl": { "id": "Acl", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/Acl", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/Acl", "constructInfo": { "fqn": "constructs.Construct", "version": "10.4.2" @@ -453,18 +453,18 @@ }, "RouteTable": { "id": "RouteTable", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -475,15 +475,15 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet1/RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "VPCIsolatedSubnet1RouteTableEB156210" + "Ref": "VpcIsolatedSubnet1RouteTable4771E3E5" }, "subnetId": { - "Ref": "VPCIsolatedSubnet1SubnetEBD00FC6" + "Ref": "VpcIsolatedSubnet1SubnetE48C5737" } } }, @@ -500,11 +500,11 @@ }, "IsolatedSubnet2": { "id": "IsolatedSubnet2", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2", "children": { "Subnet": { "id": "Subnet", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Subnet", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -528,7 +528,7 @@ 0, { "Fn::GetAtt": [ - "VPCB9E5F0B4", + "Vpc8378EB38", "Ipv6CidrBlocks" ] } @@ -552,11 +552,11 @@ }, { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -567,7 +567,7 @@ }, "Acl": { "id": "Acl", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/Acl", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/Acl", "constructInfo": { "fqn": "constructs.Construct", "version": "10.4.2" @@ -575,18 +575,18 @@ }, "RouteTable": { "id": "RouteTable", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTable", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2" } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -597,15 +597,15 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IsolatedSubnet2/RouteTableAssociation", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IsolatedSubnet2/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { "routeTableId": { - "Ref": "VPCIsolatedSubnet2RouteTable9B4F78DC" + "Ref": "VpcIsolatedSubnet2RouteTable1D30AF7D" }, "subnetId": { - "Ref": "VPCIsolatedSubnet2Subnet4B1C8CAA" + "Ref": "VpcIsolatedSubnet2Subnet16364B91" } } }, @@ -622,14 +622,14 @@ }, "IGW": { "id": "IGW", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/IGW", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/IGW", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "NlbEnablePrefixForIpv6NatStack/VPC" + "value": "NlbEnablePrefixForIpv6NatStack/Vpc" } ] } @@ -641,15 +641,15 @@ }, "VPCGW": { "id": "VPCGW", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/VPCGW", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/VPCGW", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", "aws:cdk:cloudformation:props": { "internetGatewayId": { - "Ref": "VPCIGWB7E252D3" + "Ref": "VpcIGWD7BA715C" }, "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -660,12 +660,12 @@ }, "EIGW6": { "id": "EIGW6", - "path": "NlbEnablePrefixForIpv6NatStack/VPC/EIGW6", + "path": "NlbEnablePrefixForIpv6NatStack/Vpc/EIGW6", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::EgressOnlyInternetGateway", "aws:cdk:cloudformation:props": { "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -680,17 +680,17 @@ "version": "10.4.2" } }, - "SG": { - "id": "SG", - "path": "NlbEnablePrefixForIpv6NatStack/SG", + "DisabledLbSg": { + "id": "DisabledLbSg", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLbSg", "children": { "Resource": { "id": "Resource", - "path": "NlbEnablePrefixForIpv6NatStack/SG/Resource", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLbSg/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", "aws:cdk:cloudformation:props": { - "groupDescription": "NlbEnablePrefixForIpv6NatStack/SG", + "groupDescription": "NlbEnablePrefixForIpv6NatStack/DisabledLbSg", "securityGroupEgress": [ { "cidrIp": "0.0.0.0/0", @@ -699,7 +699,7 @@ } ], "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" } } }, @@ -714,13 +714,161 @@ "version": "10.4.2" } }, - "LB": { - "id": "LB", - "path": "NlbEnablePrefixForIpv6NatStack/LB", + "DisabledLb": { + "id": "DisabledLb", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLb", "children": { "Resource": { "id": "Resource", - "path": "NlbEnablePrefixForIpv6NatStack/LB/Resource", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLb/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "enablePrefixForIpv6SourceNat": "off", + "ipAddressType": "dualstack", + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "DisabledLbSgB7154DC8", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "TcpListener": { + "id": "TcpListener", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLb/TcpListener", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/DisabledLb/TcpListener/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "TcpTargetGroupD98C5CDB" + } + } + ], + "loadBalancerArn": { + "Ref": "DisabledLbF70482DB" + }, + "port": 1229, + "protocol": "TCP" + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "TcpTargetGroup": { + "id": "TcpTargetGroup", + "path": "NlbEnablePrefixForIpv6NatStack/TcpTargetGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/TcpTargetGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "ipAddressType": "ipv6", + "port": 1229, + "protocol": "TCP", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "EnabledLbSg": { + "id": "EnabledLbSg", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLbSg", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLbSg/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "NlbEnablePrefixForIpv6NatStack/EnabledLbSg", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "EnabledLb": { + "id": "EnabledLb", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "aws:cdk:cloudformation:props": { @@ -736,17 +884,17 @@ "securityGroups": [ { "Fn::GetAtt": [ - "SGADB53937", + "EnabledLbSg11D53248", "GroupId" ] } ], "subnets": [ { - "Ref": "VPCPublicSubnet1SubnetB4246D30" + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" }, { - "Ref": "VPCPublicSubnet2Subnet74179F39" + "Ref": "VpcPublicSubnet2Subnet691E08A3" } ], "type": "network" @@ -757,13 +905,13 @@ "version": "10.4.2" } }, - "Listener": { - "id": "Listener", - "path": "NlbEnablePrefixForIpv6NatStack/LB/Listener", + "UdpListener": { + "id": "UdpListener", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb/UdpListener", "children": { "Resource": { "id": "Resource", - "path": "NlbEnablePrefixForIpv6NatStack/LB/Listener/Resource", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb/UdpListener/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", "aws:cdk:cloudformation:props": { @@ -771,12 +919,12 @@ { "type": "forward", "targetGroupArn": { - "Ref": "TargetGroup3D7CD9B8" + "Ref": "UdpTargetGroup5F89FEC0" } } ], "loadBalancerArn": { - "Ref": "LB8A12904C" + "Ref": "EnabledLb9F3E8D30" }, "port": 1229, "protocol": "UDP" @@ -792,6 +940,42 @@ "fqn": "constructs.Construct", "version": "10.4.2" } + }, + "TcpWithUdpListener": { + "id": "TcpWithUdpListener", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb/TcpWithUdpListener", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/EnabledLb/TcpWithUdpListener/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "TcpWithUdpTargetGroup827EE6D7" + } + } + ], + "loadBalancerArn": { + "Ref": "EnabledLb9F3E8D30" + }, + "port": 3502, + "protocol": "TCP_UDP" + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } } }, "constructInfo": { @@ -799,13 +983,13 @@ "version": "10.4.2" } }, - "TargetGroup": { - "id": "TargetGroup", - "path": "NlbEnablePrefixForIpv6NatStack/TargetGroup", + "UdpTargetGroup": { + "id": "UdpTargetGroup", + "path": "NlbEnablePrefixForIpv6NatStack/UdpTargetGroup", "children": { "Resource": { "id": "Resource", - "path": "NlbEnablePrefixForIpv6NatStack/TargetGroup/Resource", + "path": "NlbEnablePrefixForIpv6NatStack/UdpTargetGroup/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", "aws:cdk:cloudformation:props": { @@ -813,7 +997,36 @@ "port": 1229, "protocol": "UDP", "vpcId": { - "Ref": "VPCB9E5F0B4" + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "TcpWithUdpTargetGroup": { + "id": "TcpWithUdpTargetGroup", + "path": "NlbEnablePrefixForIpv6NatStack/TcpWithUdpTargetGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "NlbEnablePrefixForIpv6NatStack/TcpWithUdpTargetGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "ipAddressType": "ipv6", + "port": 3502, + "protocol": "TCP_UDP", + "vpcId": { + "Ref": "Vpc8378EB38" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts index 67dd9b51975c4..b968392443ba0 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -13,27 +13,60 @@ const vpc = new ec2.Vpc(stack, 'Vpc', { natGateways: 0, }); -const nlb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { +const disabledNlb = new elbv2.NetworkLoadBalancer(stack, 'DisabledLb', { vpc, internetFacing: true, securityGroups: [ - new ec2.SecurityGroup(stack, 'Sg', { vpc }), + new ec2.SecurityGroup(stack, 'DisabledLbSg', { vpc }), ], - enablePrefixForIpv6SourceNat: true, + enablePrefixForIpv6SourceNat: false, ipAddressType: elbv2.IpAddressType.DUAL_STACK, }); -const listener = nlb.addListener('Listener', { +const tcpListener = disabledNlb.addListener('TcpListener', { + port: 1229, + protocol: elbv2.Protocol.TCP, +}); +const tcpTargetGroup = new elbv2.NetworkTargetGroup(stack, 'TcpTargetGroup', { + vpc, + port: 1229, + protocol: elbv2.Protocol.TCP, + ipAddressType: elbv2.TargetGroupIpAddressType.IPV6, +}); +tcpListener.addTargetGroups('TcpTargetGroup', tcpTargetGroup); + +const enabledNlb = new elbv2.NetworkLoadBalancer(stack, 'EnabledLb', { + vpc, + internetFacing: true, + securityGroups: [ + new ec2.SecurityGroup(stack, 'EnabledLbSg', { vpc }), + ], + ipAddressType: elbv2.IpAddressType.DUAL_STACK, +}); +// explicitly enable prefix for ipv6 source nat +const udpListener = enabledNlb.addListener('UdpListener', { port: 1229, protocol: elbv2.Protocol.UDP, }); -const targetGroup = new elbv2.NetworkTargetGroup(stack, 'TargetGroup', { +const udpTargetGroup = new elbv2.NetworkTargetGroup(stack, 'UdpTargetGroup', { vpc, port: 1229, protocol: elbv2.Protocol.UDP, ipAddressType: elbv2.TargetGroupIpAddressType.IPV6, }); -listener.addTargetGroups('TargetGroup', targetGroup); +udpListener.addTargetGroups('TargetGroup', udpTargetGroup); + +const tcpWithUdpListener = enabledNlb.addListener('TcpWithUdpListener', { + port: 3502, + protocol: elbv2.Protocol.TCP_UDP, +}); +const tcpWithUdpTargetGroup = new elbv2.NetworkTargetGroup(stack, 'TcpWithUdpTargetGroup', { + vpc, + port: 3502, + protocol: elbv2.Protocol.TCP_UDP, + ipAddressType: elbv2.TargetGroupIpAddressType.IPV6, +}); +tcpWithUdpListener.addTargetGroups('TcpWithUdpTargetGroup', tcpWithUdpTargetGroup); new integ.IntegTest(app, 'NlbEnablePrefixForIpv6NatStackTest', { testCases: [stack], diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md index 8b6b825cf2a97..de8e15d6e1de7 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md @@ -379,7 +379,8 @@ const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { }); ``` -If you wan to create UDP listeners, you must set `enablePrefixIpv6SourceNat` to `true`: +You can configure whether to use an IPv6 prefix from each subnet for source NAT by setting `enablePrefixForIpv6SourceNat` to `true`. +This must be enabled if you want to create a dualstack Network Load Balancer with a listener that uses UDP protocol. ```ts declare const vpc: ec2.Vpc; @@ -387,7 +388,21 @@ declare const vpc: ec2.Vpc; const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { vpc, ipAddressType: elbv2.IpAddressType.DUAL_STACK, - enablePrefixIpv6SourceNat: true, + enablePrefixForIpv6SourceNat: true, +}); +``` + +If you call `addListener()` with a UDP protocol for dual-stack Network Load Balancer, +`enablePrefixForIpv6SourceNat` will be set to `true` automatically. + +```ts +declare const vpc: ec2.Vpc; + +const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { + vpc, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, + // You don't need to set this property explicitly + // enablePrefixForIpv6SourceNat: true, }); const listener = nlb.addListener('Listener', { diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index 4b3f98ddcf23e..83b89f60ae2ae 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -7,7 +7,7 @@ import { Lazy, Resource } from '../../../core'; import * as cxapi from '../../../cx-api'; import { NetworkELBMetrics } from '../elasticloadbalancingv2-canned-metrics.generated'; import { BaseLoadBalancer, BaseLoadBalancerLookupOptions, BaseLoadBalancerProps, ILoadBalancerV2 } from '../shared/base-load-balancer'; -import { IpAddressType } from '../shared/enums'; +import { IpAddressType, Protocol } from '../shared/enums'; import { parseLoadBalancerFullName } from '../shared/util'; /** @@ -250,6 +250,7 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa public readonly connections: ec2.Connections; private readonly isSecurityGroupsPropertyDefined: boolean; private readonly _enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: boolean; + private enablePrefixIpv6SourceNat?: boolean; /** * After the implementation of `IConnectable` (see https://github.com/aws/aws-cdk/pull/28494), the default @@ -271,9 +272,12 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: Lazy.string({ produce: () => this.enforceSecurityGroupInboundRulesOnPrivateLinkTraffic, }), - enablePrefixForIpv6SourceNat: props.enablePrefixForIpv6SourceNat === true ? 'on': props.enablePrefixForIpv6SourceNat === false ? 'off' : undefined, + enablePrefixForIpv6SourceNat: Lazy.string({ + produce: () => this.enablePrefixIpv6SourceNat === true ? 'on': this.enablePrefixIpv6SourceNat === false ? 'off' : undefined, + }), }); + this.enablePrefixIpv6SourceNat = props.enablePrefixForIpv6SourceNat; this.metrics = new NetworkLoadBalancerMetrics(this, this.loadBalancerFullName); this.isSecurityGroupsPropertyDefined = !!props.securityGroups; this.connections = new ec2.Connections({ securityGroups: props.securityGroups }); @@ -298,6 +302,16 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa * @returns The newly created listener */ public addListener(id: string, props: BaseNetworkListenerProps): NetworkListener { + // UDP listener with dual stack NLB requires prefix IPv6 source NAT to be enabled + if ( + (props.protocol === Protocol.UDP || props.protocol === Protocol.TCP_UDP) && + (this.ipAddressType === IpAddressType.DUAL_STACK || this.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4) + ) { + if (this.enablePrefixIpv6SourceNat === false) { + throw new Error('To add a listener with UDP protocol to a dual stack NLB, \'enablePrefixForIpv6SourceNat\' must be set to true.'); + } + this.enablePrefixIpv6SourceNat = true; + } return new NetworkListener(this, id, { loadBalancer: this, ...props, diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts index 01c12c018aa81..b4cc121b8bc4e 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts @@ -1135,17 +1135,19 @@ describe('tests', () => { IpAddressType: 'dualstack', }); }); + }); + describe('enable prefix for ipv6 source nat', () => { test.each([ { config: true, value: 'on' }, { config: false, value: 'off' }, - ])('configure EnablePrefixForIpv6SourceNat', ({ config, value }) => { + ])('specify EnablePrefixForIpv6SourceNat', ({ config, value }) => { // GIVEN const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Stack'); // WHEN - new elbv2.NetworkLoadBalancer(stack, 'LB', { + new elbv2.NetworkLoadBalancer(stack, 'Lb', { vpc, enablePrefixForIpv6SourceNat: config, ipAddressType: elbv2.IpAddressType.DUAL_STACK, @@ -1159,6 +1161,48 @@ describe('tests', () => { EnablePrefixForIpv6SourceNat: value, }); }); + + test('set EnablePrefixForIpv6SourceNat by calling addListener()', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { + vpc, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, + }); + + // WHEN + lb.addListener('Listener', { + port: 80, + protocol: elbv2.Protocol.UDP, + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })], + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancingV2::LoadBalancer', { + EnablePrefixForIpv6SourceNat: 'on', + }); + }); + + test('throw error for enablePrefixForIpv6SourceNat set to false and add UDP listener', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { + vpc, + ipAddressType: elbv2.IpAddressType.DUAL_STACK, + enablePrefixForIpv6SourceNat: false, + }); + + // THEN + expect(() => { + lb.addListener('Listener', { + port: 80, + protocol: elbv2.Protocol.UDP, + defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })], + }); + }).toThrow('To add a listener with UDP protocol to a dual stack NLB, \'enablePrefixForIpv6SourceNat\' must be set to true.'); + }); }); describe('dualstack without public ipv4', () => { From af10cf8f4337483d2073cd3865d4e3ea5335c009 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Wed, 4 Dec 2024 20:35:37 +0900 Subject: [PATCH 10/12] update readme --- packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md index de8e15d6e1de7..2038067a9cad6 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md @@ -405,7 +405,7 @@ const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { // enablePrefixForIpv6SourceNat: true, }); -const listener = nlb.addListener('Listener', { +const listener = lb.addListener('Listener', { port: 1229, protocol: elbv2.Protocol.UDP, }); From 28080aa5db0cbe1104b6b219cf72db1e4c300390 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Thu, 5 Dec 2024 08:52:40 +0900 Subject: [PATCH 11/12] update --- .../test/integ.nlb-enable-prefix-for-ipv6-nat.ts | 2 +- .../aws-elasticloadbalancingv2/README.md | 14 -------------- .../lib/nlb/network-load-balancer.ts | 16 ++++++---------- 3 files changed, 7 insertions(+), 25 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts index b968392443ba0..f33dcb18f61b5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.nlb-enable-prefix-for-ipv6-nat.ts @@ -42,8 +42,8 @@ const enabledNlb = new elbv2.NetworkLoadBalancer(stack, 'EnabledLb', { new ec2.SecurityGroup(stack, 'EnabledLbSg', { vpc }), ], ipAddressType: elbv2.IpAddressType.DUAL_STACK, + enablePrefixForIpv6SourceNat: true, }); -// explicitly enable prefix for ipv6 source nat const udpListener = enabledNlb.addListener('UdpListener', { port: 1229, protocol: elbv2.Protocol.UDP, diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md index 2038067a9cad6..f55effba63631 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/README.md @@ -390,20 +390,6 @@ const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { ipAddressType: elbv2.IpAddressType.DUAL_STACK, enablePrefixForIpv6SourceNat: true, }); -``` - -If you call `addListener()` with a UDP protocol for dual-stack Network Load Balancer, -`enablePrefixForIpv6SourceNat` will be set to `true` automatically. - -```ts -declare const vpc: ec2.Vpc; - -const lb = new elbv2.NetworkLoadBalancer(this, 'LB', { - vpc, - ipAddressType: elbv2.IpAddressType.DUAL_STACK, - // You don't need to set this property explicitly - // enablePrefixForIpv6SourceNat: true, -}); const listener = lb.addListener('Listener', { port: 1229, diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index 83b89f60ae2ae..7a485b102155e 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -250,7 +250,7 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa public readonly connections: ec2.Connections; private readonly isSecurityGroupsPropertyDefined: boolean; private readonly _enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: boolean; - private enablePrefixIpv6SourceNat?: boolean; + private enablePrefixForIpv6SourceNat?: boolean; /** * After the implementation of `IConnectable` (see https://github.com/aws/aws-cdk/pull/28494), the default @@ -272,12 +272,10 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: Lazy.string({ produce: () => this.enforceSecurityGroupInboundRulesOnPrivateLinkTraffic, }), - enablePrefixForIpv6SourceNat: Lazy.string({ - produce: () => this.enablePrefixIpv6SourceNat === true ? 'on': this.enablePrefixIpv6SourceNat === false ? 'off' : undefined, - }), + enablePrefixForIpv6SourceNat: props.enablePrefixForIpv6SourceNat === true ? 'on': props.enablePrefixForIpv6SourceNat === false ? 'off' : undefined, }); - this.enablePrefixIpv6SourceNat = props.enablePrefixForIpv6SourceNat; + this.enablePrefixForIpv6SourceNat = props.enablePrefixForIpv6SourceNat; this.metrics = new NetworkLoadBalancerMetrics(this, this.loadBalancerFullName); this.isSecurityGroupsPropertyDefined = !!props.securityGroups; this.connections = new ec2.Connections({ securityGroups: props.securityGroups }); @@ -305,12 +303,10 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa // UDP listener with dual stack NLB requires prefix IPv6 source NAT to be enabled if ( (props.protocol === Protocol.UDP || props.protocol === Protocol.TCP_UDP) && - (this.ipAddressType === IpAddressType.DUAL_STACK || this.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4) + (this.ipAddressType === IpAddressType.DUAL_STACK || this.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4) && + this.enablePrefixForIpv6SourceNat !== true ) { - if (this.enablePrefixIpv6SourceNat === false) { - throw new Error('To add a listener with UDP protocol to a dual stack NLB, \'enablePrefixForIpv6SourceNat\' must be set to true.'); - } - this.enablePrefixIpv6SourceNat = true; + throw new Error('To add a listener with UDP protocol to a dual stack NLB, \'enablePrefixForIpv6SourceNat\' must be set to true.'); } return new NetworkListener(this, id, { loadBalancer: this, From 20e4f025c31b8c41a692f988c5ff1cc861409599 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Thu, 5 Dec 2024 09:45:31 +0900 Subject: [PATCH 12/12] update unit test --- .../test/nlb/load-balancer.test.ts | 26 ++----------------- 1 file changed, 2 insertions(+), 24 deletions(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts index b4cc121b8bc4e..1e0e6d602e23c 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts @@ -1162,36 +1162,14 @@ describe('tests', () => { }); }); - test('set EnablePrefixForIpv6SourceNat by calling addListener()', () => { + test.each([false, undefined])('throw error for disabling `enablePrefixForIpv6SourceNat` and add UDP listener', (enablePrefixForIpv6SourceNat) => { // GIVEN const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Stack'); const lb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { vpc, ipAddressType: elbv2.IpAddressType.DUAL_STACK, - }); - - // WHEN - lb.addListener('Listener', { - port: 80, - protocol: elbv2.Protocol.UDP, - defaultTargetGroups: [new elbv2.NetworkTargetGroup(stack, 'Group', { vpc, port: 80 })], - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancingV2::LoadBalancer', { - EnablePrefixForIpv6SourceNat: 'on', - }); - }); - - test('throw error for enablePrefixForIpv6SourceNat set to false and add UDP listener', () => { - // GIVEN - const stack = new cdk.Stack(); - const vpc = new ec2.Vpc(stack, 'Stack'); - const lb = new elbv2.NetworkLoadBalancer(stack, 'Lb', { - vpc, - ipAddressType: elbv2.IpAddressType.DUAL_STACK, - enablePrefixForIpv6SourceNat: false, + enablePrefixForIpv6SourceNat, }); // THEN