Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@aws-solutions-constructs/aws-alb-fargate
Advanced tools
CDK Constructs for Application Load Balancer to AWS Fargate integration
All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
---|
Language | Package |
---|---|
Python | aws_solutions_constructs.aws_alb_fargate |
Typescript | @aws-solutions-constructs/aws-alb-fargate |
Java | software.amazon.awsconstructs.services.albfargate |
This AWS Solutions Construct implements an an Application Load Balancer to an AWS Fargate service
Here is a minimal deployable pattern definition:
Typescript
import { Construct } from 'constructs';
import { Stack, StackProps } from 'aws-cdk-lib';
import { AlbToFargate, AlbToFargateProps } from '@aws-solutions-constructs/aws-alb-fargate';
import * as acm from 'aws-cdk-lib/aws-certificatemanager';
const certificate = acm.Certificate.fromCertificateArn(
this,
'existing-cert',
"arn:aws:acm:us-east-1:123456789012:certificate/11112222-3333-1234-1234-123456789012"
);
const constructProps: AlbToFargateProps = {
ecrRepositoryArn: "arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo",
ecrImageVersion: "latest",
listenerProps: {
certificates: [certificate]
},
publicApi: true
};
// Note - all alb constructs turn on ELB logging by default, so require that an environment including account
// and region be provided when creating the stack
//
// new MyStack(app, 'id', {env: {account: '123456789012', region: 'us-east-1' }});
new AlbToFargate(this, 'new-construct', constructProps);
Python
from aws_solutions_constructs.aws_alb_fargate import AlbToFargate, AlbToFargateProps
from aws_cdk import (
aws_certificatemanager as acm,
aws_elasticloadbalancingv2 as alb,
Stack
)
from constructs import Construct
# Obtain a pre-existing certificate from your account
certificate = acm.Certificate.from_certificate_arn(
self,
'existing-cert',
"arn:aws:acm:us-east-1:123456789012:certificate/11112222-3333-1234-1234-123456789012"
)
# Note - all alb constructs turn on ELB logging by default, so require that an environment including account
# and region be provided when creating the stack
#
# MyStack(app, 'id', env=cdk.Environment(account='679431688440', region='us-east-1'))
AlbToFargate(self, 'new-construct',
ecr_repository_arn="arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo",
ecr_image_version="latest",
listener_props=alb.BaseApplicationListenerProps(
certificates=[certificate],
),
public_api=True)
Java
import software.constructs.Construct;
import java.util.List;
import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awscdk.services.elasticloadbalancingv2.*;
import software.amazon.awsconstructs.services.albfargate.*;
// The code that defines your stack goes here
// Obtain a pre-existing certificate from your account
ListenerCertificate listenerCertificate = ListenerCertificate
.fromArn("arn:aws:acm:us-east-1:123456789012:certificate/11112222-3333-1234-1234-123456789012");
// Note - all alb constructs turn on ELB logging by default, so require that an environment including account
// and region be provided when creating the stack
//
// new MyStack(app, "id", StackProps.builder()
// .env(Environment.builder()
// .account("123456789012")
// .region("us-east-1")
// .build());
new AlbToFargate(this, "AlbToFargatePattern", new AlbToFargateProps.Builder()
.ecrRepositoryArn("arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo")
.ecrImageVersion("latest")
.listenerProps(new BaseApplicationListenerProps.Builder()
.certificates(List.of(listenerCertificate))
.build())
.publicApi(true)
.build());
Name | Type | Description |
---|---|---|
publicApi | boolean | Whether the construct is deploying a private or public API. This has implications for the VPC and ALB. |
loadBalancerProps? | elasticloadbalancingv2.ApplicationLoadBalancerProps | Optional custom properties for a new loadBalancer. Providing both this and existingLoadBalancer is an error. This cannot specify a VPC, it will use the VPC in existingVpc or the VPC created by the construct. |
existingLoadBalancerObj? | elasticloadbalancingv2.ApplicationLoadBalancer | [existing Application Load Balancer to incorporate into the construct architecture. Providing both this and loadBalancerProps is an error. The VPC containing this loadBalancer must match the VPC provided in existingVpc. |
listenerProps? | ApplicationListenerProps | Props to define the listener. Must be provided when adding the listener to an ALB (eg - when creating the alb), may not be provided when adding a second target to an already established listener. When provided, must include either a certificate or protocol: HTTP |
targetGroupProps? | ApplicationTargetGroupProps | Optional custom properties for a new target group. If your application requires end to end encryption, then you should set the protocol attribute to elb.ApplicationProtocol.HTTPS and use a container that can accept HTTPS traffic. |
ruleProps? | AddRuleProps | Rules for directing traffic to the target being created. Must not be specified for the first listener added to an ALB, and must be specified for the second target added to a listener. Add a second target by instantiating this construct a second time and providing the existingAlb from the first instantiation. |
vpcProps? | ec2.VpcProps | Optional custom properties for a VPC the construct will create. This VPC will be used by the new ALB and any Private Hosted Zone the construct creates (that's why loadBalancerProps and privateHostedZoneProps can't include a VPC). Providing both this and existingVpc is an error. |
existingVpc? | ec2.IVpc | An existing VPC in which to deploy the construct. Providing both this and vpcProps is an error. If the client provides an existing load balancer and/or existing Private Hosted Zone, those constructs must exist in this VPC. |
logAlbAccessLogs? | boolean | Whether to turn on Access Logs for the Application Load Balancer. Uses an S3 bucket with associated storage costs.Enabling Access Logging is a best practice. default - true |
albLoggingBucketProps? | s3.BucketProps | Optional properties to customize the bucket used to store the ALB Access Logs. Supplying this and setting logAccessLogs to false is an error. @default - none |
clusterProps? | ecs.ClusterProps | Optional properties to create a new ECS cluster. To provide an existing cluster, use the cluster attribute of fargateServiceProps. |
ecrRepositoryArn? | string | The arn of an ECR Repository containing the image to use to generate the containers. Either this or the image property of containerDefinitionProps must be provided. format: arn:aws:ecr:region:account number:repository/Repository Name |
ecrImageVersion? | string | The version of the image to use from the repository. Defaults to 'Latest' |
containerDefinitionProps? | ecs.ContainerDefinitionProps | any | Optional props to define the container created for the Fargate Service (defaults found in fargate-defaults.ts) |
fargateTaskDefinitionProps? | ecs.FargateTaskDefinitionProps | any | Optional props to define the Fargate Task Definition for this construct (defaults found in fargate-defaults.ts) |
fargateServiceProps? | ecs.FargateServiceProps | any | Optional properties to override default values for the Fargate service. Service will set up in the Public or Isolated subnets of the VPC by default, override that (e.g. - choose Private subnets) by setting vpcSubnets on this object. |
existingFargateServiceObject? | ecs.FargateService | A Fargate Service already instantiated (probably by another Solutions Construct). If this is specified, then no props defining a new service can be provided, including: existingImageObject, ecrImageVersion, containerDefintionProps, fargateTaskDefinitionProps, ecrRepositoryArn, fargateServiceProps, clusterProps, existingClusterInterface |
existingContainerDefinitionObject? | ecs.ContainerDefinition | A container definition already instantiated as part of a Fargate service. This must be the container in the existingFargateServiceObject |
Name | Type | Description |
---|---|---|
vpc | ec2.IVpc | The VPC used by the construct (whether created by the construct or providedb by the client) |
loadBalancer | elasticloadbalancingv2.ApplicationLoadBalancer | The Load Balancer used by the construct (whether created by the construct or provided by the client) |
listener | elb.ApplicationListener | The listener used by this pattern. |
service | ecs.FargateService | The AWS Fargate service used by this construct (whether created by this construct or passed to this construct at initialization) |
container | ecs.ContainerDefinition | The container associated with the AWS Fargate service in the service property. |
Out of the box implementation of the Construct without any override will set the following defaults:
© Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2.22.0 (2022-09-11)
(no changes in this release) Note - 2.22.0 is not available in Maven
FAQs
CDK Constructs for Application Load Balancer to AWS Fargate integration
The npm package @aws-solutions-constructs/aws-alb-fargate receives a total of 347 weekly downloads. As such, @aws-solutions-constructs/aws-alb-fargate popularity was classified as not popular.
We found that @aws-solutions-constructs/aws-alb-fargate demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.