Description
Describe the bug
When the ApplicationLoadBalancedFargateService pattern is used to create an ALB along with a target group, it creates a public facing load balancer. Once this is created, if I try to switch it to a private ALB, using the parameter publicLoadBalancer: false, it fails with error:
Resource handler returned message: "The following target groups cannot be associated with more than one load balancer: arn:aws:elasticloadbalancing:eu-west-1:318627068478:targetgroup/EcsCon-Sampl-HV24A4ZHHGG1/829e923a9abe6705 (Service: ElasticLoadBalancingV2, Status Code: 400, Request ID: dbe30509-a4b7-42fa-9087-bcff22fdb55b)" (RequestToken: 544175ba-248a-5a75-3458-50b0f5d80582, HandlerErrorCode: ServiceLimitExceeded)
Regression Issue
- Select this option if this issue appears to be a regression.
Last Known Working CDK Version
No response
Expected Behavior
The target group should be disassociated from the previous load balancer and then attempted to be attached to the new load balancer or a new target group could be created to attach to the new load balancer.
Here's the CDK diff:
Resources
[~] AWS::ElasticLoadBalancingV2::LoadBalancer SampleNetworkLoadBalancedFargateService/LB SampleNetworkLoadBalancedFargateServiceLB3B04F5EA replace
├─ [~] Scheme (requires replacement)
│ ├─ [-] internet-facing
│ └─ [+] internal
└─ [~] Subnets
└─ @@ -1,4 +1,4 @@
[ ] [
[-] "subnet-08d2e5e9a5526d5cd",
[-] "subnet-03639cc2fb087e322"
[+] "subnet-0be5b8bc6890cdfd1",
[+] "subnet-002110f783fd87957"
[ ] ]
[~] AWS::ElasticLoadBalancingV2::Listener SampleNetworkLoadBalancedFargateService/LB/PublicListener SampleNetworkLoadBalancedFargateServiceLBPublicListener8ED1C5F0 replace
└─ [~] LoadBalancerArn (requires replacement)
└─ [~] .Ref:
├─ [-] SampleNetworkLoadBalancedFargateServiceLB3B04F5EA
└─ [+] SampleNetworkLoadBalancedFargateServiceLB3B04F5EA (replaced)
✨ Number of stacks with differences: 1
Current Behavior
Stack deployment fails because the target group is not attached to the private load balancer since it is already attached to the public load balancer
Reproduction Steps
Create an application load balanced fargate service using the construct as follows:
const fargateService = new ApplicationLoadBalancedFargateService(this, "SampleNetworkLoadBalancedFargateService", {
vpc,
taskDefinition: taskDefinition,
minHealthyPercent: 100
});
// fargateService.service.connections.allowFromAnyIpv4(Port.tcp(80), "Allow inbound HTTP traffic");
fargateService.targetGroup.healthCheck = {
port: "80",
protocol: Protocol.HTTP,
path: "/alive",
interval: Duration.seconds(20),
}
Simply add the publicLoadBalancer: false to the construct ApplicationLoadBalancedFargateService as follows:
const fargateService = new ApplicationLoadBalancedFargateService(this, "SampleNetworkLoadBalancedFargateService", {
vpc,
taskDefinition: taskDefinition,
minHealthyPercent: 100,
publicLoadBalancer: false
});
// fargateService.service.connections.allowFromAnyIpv4(Port.tcp(80), "Allow inbound HTTP traffic");
fargateService.targetGroup.healthCheck = {
port: "80",
protocol: Protocol.HTTP,
path: "/alive",
interval: Duration.seconds(20),
}
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
v2.177.0
Framework Version
No response
Node.js Version
v20.17.0
OS
Windows
Language
TypeScript
Language Version
No response
Other information
No response