Skip to content

Commit 69b9c03

Browse files
puretensionpuretension
authored
fix(ecs-patterns): resolve target group conflict when updating ALB internetFacing or loadBalancerName (under feature flag) (#35508)
fix(ecs-patterns): resolve target group conflict when switching ALB public/private Fixes #33253 ### Issue # (if applicable) Closes #33253. ### Reason for this change When switching ApplicationLoadBalancedFargateService from public to private (or vice versa), CloudFormation fails with "target group cannot be associated with more than one load balancer" error. This happens because both old and new load balancers try to use the same target group during replacement. Updating the `loadBalancerName` of ApplicationLoadBalancedFargateService can also trigger the same issue. ### Description of changes Modified target group naming in `ApplicationLoadBalancedServiceBase` to include the load balancer type and name. e.g: - Public load balancer: target group named "ECS" - Private load balancer: target group named "ECSPrivate" - Private load balancer with name "Foo": target group named "ECSFooPrivate" This ensures each load balancer gets its own target group, preventing conflicts during CloudFormation updates. ## ⚠️ Destructive Changes This PR contains intentional destructive changes to fix the target group conflict issue: - **Target Group Names Changed**, e.g: - Public ALB: `ECS` (unchanged) - Private ALB: `ECSPrivate` (new) - **Impact**: When switching from public to private ALB (or vice versa), CloudFormation will: 1. Create new target group with different name 2. Delete old target group 3. This prevents the "target group cannot be associated with more than one load balancer" error - **Justification**: This is the intended fix for issue #33253. The destructive change is necessary to resolve the CloudFormation conflict. **Breaking Change**: ❌ No - This only affects the internal target group naming, not user-facing APIs. ### Describe any new or updated permissions being added No new IAM permissions required. ### Description of how you validated changes - Added unit tests verifying target group names for both public and private configurations - Created integration test `integ.alb-fargate-service-public-private-switch.ts` that deploys both public and private ALB services - Verified CloudFormation templates generate different target group names ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
1 parent 77331f1 commit 69b9c03

21 files changed

+3752
-1248
lines changed

packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.assets.json

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/ALBFargatePublicPrivateSwitchTestDefaultTestDeployAssertFC4585A1.template.json

Lines changed: 36 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-public-private-switch.js.snapshot/aws-ecs-integ-alb-fargate-public-private-switch.assets.json

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)