cdk-ecs-service-extensions icon indicating copy to clipboard operation
cdk-ecs-service-extensions copied to clipboard

Published 20 hours ago verified publisher icon cdklabs

Expose security groups as part of the service build interface

Open madeline-k opened this issue 2 years ago • 0 comments

Allow modifying a fargate service's security groups using extensions

Use Case

We have a use case where in we want additional security groups to be added to a fargate service. These security groups are pre created and are used to restrict access to certain resources. The idea is to create an extension which modifies the service prop by adding these additional security groups.

Proposed Solution

The service build interface needs to be modified to account for security groups. Since this is only applicable to a fargate service, it becomes a little tricky. I think we could create a FargateServiceBuild that extends ServiceBuild. (similarly create Ec2ServiceBuild) and then modify extension interfaces where service build is referenced to use FargateServiceBuild | Ec2ServiceBuild

Other

N/A

  • [ ] :wave: I may be able to implement this feature request
  • [ ] :warning: This feature might incur a breaking change

This is a :rocket: Feature Request

Copied from @npb17's comment: https://github.com/aws/aws-cdk/issues/11585

madeline-k avatar Jan 25 '23 22:01 madeline-k