Class CcPublicApplicationLoadbalancer

CloudKitect Public Facing Application Load Balancer component. This load balancer is created in public subnet

Default Configuration

Drop Invalid header fields: true Removal Policy: Retain in Production

Default Alarms

4xx error alerts
- Risk Level: Medium
- Well Architected Pillar: Reliability, Operational Excellence
5xx error alerts
- Risk Level: High
- Well Architected Pillar: Reliability, Operational Excellence

Note that the default alarm uses the CcAlarm construct, which sets up an alarm action to notify the SNS Topic AlarmEventsTopic by default.

Examples

Default Usage

new CcPublicApplicationLoadbalancer(this, "LogicalId", {});

Custom Configuration

new CcPublicApplicationLoadbalancer(this, "LogicalId", {
   deletionProtection: false
});

Compliance

It addresses the following compliance requirements

Ensure ALB is always using https, by redirecting http to https
- Risk Level: High
- Compliance: PCI, APRA, NIST4
- Well Architected Pillar: Security
Enable access logs in production
- Risk Level: Medium
- Compliance: PCI, HIPAA, APRA, MAS, NIST4
- Well Architected Pillar: Security
Cross Zone load balancing enabled
- Risk Level: Medium
- Compliance: NIST4
- Well Architected Pillar: Reliability
Security group to only allow https traffic
- Risk Level: High
- Compliance: PCI, APRA, MAS, NIST4
- Well Architected Pillar: Security

Compliance Check Report Not: WAF is enabled in the patterns, because the rules differ based on use-case.

Hierarchy

ApplicationLoadBalancer
- CcPublicApplicationLoadbalancer

Index

Constructors

constructor

new CcPublicApplicationLoadbalancer(scope, id, props): CcPublicApplicationLoadbalancer
Parameters
- scope: Construct
- id: string
- props: CcPublicApplicationLoadBalancerProps
Returns CcPublicApplicationLoadbalancer
Overrides elbv2.ApplicationLoadBalancer.constructor
- Defined in cc-elasticloadbalancingv2/cc-public-application-loadbalancer.ts:107

Properties

`Readonly` alarms

alarms: Alarms = ...

All the default alarms configured for the Well Architected Application Load Balancer.

`Readonly` lbSecurityGroup

lbSecurityGroup: SecurityGroup

Security group created inside load balancer that only allows traffic from https

Methods

`Private` add4xxErrorsAlarm

add4xxErrorsAlarm(): void
Returns void
- Defined in cc-elasticloadbalancingv2/cc-public-application-loadbalancer.ts:164

`Private` add5xxErrorsAlarm

add5xxErrorsAlarm(): void
Returns void
- Defined in cc-elasticloadbalancingv2/cc-public-application-loadbalancer.ts:188

Class CcPublicApplicationLoadbalancer

Default Configuration

Default Alarms

Examples

Compliance

Hierarchy

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

scope: Construct

id: string

props: CcPublicApplicationLoadBalancerProps

Returns CcPublicApplicationLoadbalancer

Properties

`Readonly` alarms

`Readonly` lbSecurityGroup

Methods

`Private` add4xxErrorsAlarm

Returns void

`Private` add5xxErrorsAlarm

Returns void

Settings

Member Visibility

Theme

On This Page

Class CcPublicApplicationLoadbalancer

Default Configuration

Default Alarms

Examples

Compliance

Hierarchy

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

scope: Construct

id: string

props: CcPublicApplicationLoadBalancerProps

Returns CcPublicApplicationLoadbalancer

Properties

Readonly alarms

Readonly lbSecurityGroup

Methods

Private add4xxErrorsAlarm

Returns void

Private add5xxErrorsAlarm

Returns void

Settings

Member Visibility

Theme

On This Page

`Readonly` alarms

`Readonly` lbSecurityGroup

`Private` add4xxErrorsAlarm

`Private` add5xxErrorsAlarm