copilot-cli icon indicating copy to clipboard operation
copilot-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Add load balancer configuration: security groups

Open sasaki-kouhei opened this issue 1 year ago • 2 comments

We would like to limit requests with public and private load balancers.

For example, could it be done this way?

http:
  path: '/'
  healthcheck:
    path: '/'
    healthy_threshold: 2
    unhealthy_threshold: 2
    interval: 10s
    timeout: 5s
    grace_period: 300s
    success_codes: '200,301'
  redirect_to_https: true
  security_groups:
    groups:
      - sg-xxxxxxx

I think this would make development much more efficient as it would prevent unintentional requests, etc., and allow centralized management.

sasaki-kouhei avatar Dec 15 '23 03:12 sasaki-kouhei

Hello @sasaki-kouhei. Sorry it's a feature request for us. Feel free to thumbs-up (+1) to https://github.com/aws/copilot-cli/issues/3939 to help us prioritize. In the meanwhile, you can use yaml patch to attach the additional security group to the ALB.

iamhopaul123 avatar Dec 15 '23 18:12 iamhopaul123

@iamhopaul123

Thanks for the reply.

I am looking forward to the added features.

As for the override in the yaml file you suggested, we have considered this one and after reviewing the notes in the documentation, we have decided not to adopt it.

We are currently using the control in the source IP. However, it is a hassle to have to write in every manifest.yml, so we are looking forward to being able to control by security group.

thank you.

sasaki-kouhei avatar Dec 17 '23 02:12 sasaki-kouhei