diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts index 509741b701c17..0f254e46486d5 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts @@ -280,11 +280,17 @@ export class NetworkTargetGroup extends TargetGroupBase implements INetworkTarge `Must be one of [${NLB_PATH_HEALTH_CHECK_PROTOCOLS.join(', ')}]`, ].join(' ')); } - if (healthCheck.timeout && healthCheck.timeout.toSeconds() !== NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]) { - ret.push([ - 'Custom health check timeouts are not supported for Network Load Balancer health checks.', - `Expected ${NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]} seconds for ${healthCheck.protocol}, got ${healthCheck.timeout.toSeconds()}`, - ].join(' ')); + + const lowHealthCheckTimeout = 2; + const highHealthCheckTimeout = 120; + if (healthCheck.timeout) { + const timeoutSeconds = healthCheck.timeout.toSeconds(); + if (timeoutSeconds < lowHealthCheckTimeout || timeoutSeconds > highHealthCheckTimeout) { + ret.push(`Health check timeout '${timeoutSeconds}' not supported. Must be a number between ${lowHealthCheckTimeout} and ${highHealthCheckTimeout}.`); + } + if (healthCheck.interval && healthCheck.interval.toSeconds() < timeoutSeconds) { + ret.push(`Health check timeout '${timeoutSeconds}' must not be greater than the interval '${healthCheck.interval.toSeconds()}'`); + } } return ret; @@ -365,9 +371,4 @@ export interface INetworkLoadBalancerTarget { } const NLB_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS, Protocol.TCP]; -const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS]; -const NLB_HEALTH_CHECK_TIMEOUTS: { [protocol in Protocol]?: number } = { - [Protocol.HTTP]: 6, - [Protocol.HTTPS]: 10, - [Protocol.TCP]: 10, -}; +const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS]; \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts index cc45b21d129d2..825ca15c40d2a 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts @@ -375,16 +375,40 @@ describe('tests', () => { }, }); + targetGroup.configureHealthCheck({ + interval: cdk.Duration.seconds(150), + protocol: elbv2.Protocol.HTTP, + timeout: cdk.Duration.seconds(130), + }); + + // THEN + const validationErrors: string[] = targetGroup.node.validate(); + const timeoutError = validationErrors.find((err) => /Health check timeout '130' not supported. Must be a number between/.test(err)); + expect(timeoutError).toBeDefined(); + }); + + test('validation error if Health check timeout is greater than the interval', () => { + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc }); + const listener = lb.addListener('PublicListener', { port: 80 }); + const targetGroup = listener.addTargets('ECS', { + port: 80, + healthCheck: { + interval: cdk.Duration.seconds(60), + }, + }); + targetGroup.configureHealthCheck({ interval: cdk.Duration.seconds(30), protocol: elbv2.Protocol.HTTP, - timeout: cdk.Duration.seconds(10), + timeout: cdk.Duration.seconds(40), }); // THEN const validationErrors: string[] = targetGroup.node.validate(); expect(validationErrors).toEqual([ - 'Custom health check timeouts are not supported for Network Load Balancer health checks. Expected 6 seconds for HTTP, got 10', + "Health check timeout '40' must not be greater than the interval '30'", ]); });