CDK Fargate deploy adds unwanted SG rules

I'm setting up a Fargate cluster with AWS CDK v2. On deploy, CDK is adding a "0.0.0.0/0 Allow from anyone on port 80" rule to a pre-made security group. Any idea how to stop this behavior? Here is my service stanza:

const service = new ecs.FargateService(this, "SBfargate", {
  cluster,
  desiredCount: 1,
  taskDefinition: fargateTaskDefinition,
  assignPublicIp: true,
  securityGroups: [sbsg],
  serviceName: 'SB-Fargate_service',
});

主題

無伺服器容器管理與治理

標籤

AWS Fargate AWS CloudFormation Amazon Elastic Container Service

語言

English

sbecker

已提問 2 年前檢視次數 252 次

1 個回答

最新
最多得票
最多評論

Found https://github.com/aws/aws-cdk/issues/3177 after more digging. Mutable: false on the SG stanza worked as I wanted.

sbecker

已回答 2 年前

CDK Fargate deploy adds unwanted SG rules

相關內容