AWS CDK: Get LoadBalancer ARN of ElasticBeanstalk Environment for ApiGateway VPC Link

Question

I'm using AWS CDK to create an Elastic Beanstalk Environment with a Network Load Balancer.

The Elastic Beanstalk application and the Load Balancer are both in a private Subnet in a VPC. I want to use an API Gateway with a VPC Link that uses the Network Load Balancer.

In my CDK application I'm creating a elasticbeanstalk.CfnEnvironment. For my ApiGateway I've got a VPC Link like this:

const env: elasticbeanstalk.CfnEnvironment = this.createElasticBeanstalkEnvironment();
const loadBalancer = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(this.stack, `DjangoNetworkLoadBalancer`, {
    loadBalancerArn: env.loadBalancerArn (not available!)
})

const link = new apigateway.VpcLink(this.stack, `DjangoLoadBalancerLink`, {
    targets: [loadBalancer],
});

...

private createElasticBeanstalkEnvironment() {
    const env = new elasticbeanstalk.CfnEnvironment(this.stack, 'DjangoBeanstalkEnv', {
        applicationName: 'TestApp',
        environmentName: 'TestAppDev',
        solutionStackName: '64bit Amazon Linux 2 v3.0.1 running Python 3.7'
    });

    env.optionSettings = [
        {
            namespace: 'aws:elasticbeanstalk:environment',
            optionName: 'LoadBalancerType',
            value: 'network'
        },
        {
            namespace: 'aws:elbv2:listener:443',
            optionName: 'ListenerEnabled',
            value: 'true'
        },
        {
            namespace: 'aws:elbv2:listener:default',
            optionName: 'ListenerEnabled',
            value: 'false' 
        }
    ]
    
    return env;
}

Unfortunately I cannot use the env.loadBalancerArn statement. Is there any possibility how I can retrieve the load balancer arn of the Environment?

Answer 1

This should do the trick.

CloudFormation

!Join
      - ""
      - - !Sub 'arn:aws:elasticloadbalancing:${AWS::Region}:${AWS::AccountId}:loadbalancer/net/'
        - !Select [0, !Split ["-", !GetAtt ElasticBeanstalkEnvironment.EndpointURL]]
        - '-'
        - !Select [1, !Split ["-", !GetAtt ElasticBeanstalkEnvironment.EndpointURL]]
        - '-'
        - !Select [2, !Split ["-", !GetAtt ElasticBeanstalkEnvironment.EndpointURL]]
        - '/'
        - !Select [0, !Split [".", !Select [3, !Split ["-", !GetAtt ElasticBeanstalkEnvironment.EndpointURL]]]]

CDK (typescript)

cdk.Fn.join("", [
        'arn:aws:elasticloadbalancing:'.concat(stack.region).concat(':').concat(stack.account).concat(':loadbalancer/net/'),
        cdk.Fn.select(0, cdk.Fn.split("-", this.BeanstalkCfnEnvironment.getAtt('EndpointUrl').toString())),
        '-',
        cdk.Fn.select(1, cdk.Fn.split("-", this.BeanstalkCfnEnvironment.getAtt('EndpointUrl').toString())),
        '-',
        cdk.Fn.select(2, cdk.Fn.split("-", this.BeanstalkCfnEnvironment.getAtt('EndpointUrl').toString())),
        '/',
        cdk.Fn.select(0, cdk.Fn.split(".", cdk.Fn.select(3, cdk.Fn.split('-', this.BeanstalkCfnEnvironment.getAtt('EndpointUrl').toString())))),
      ])

Answer 2

I recall that I have tried similar approach, what happen is that that, due to the way Elasticbeanstalk is created from Cloudformation, it is impossible to retrieve the Load Balancer ARN.

If you observe the ElasticBeanstalk creation process in Cloudformation, when up to the environment, it will spin off another Cloudformation script to build the environment. Therefore, you will not able to retrieve those information, such as EC2, Load Balancer information

At the end, I end up using ECS with API Gateway, and the ECS can give you the load balancer ARN

e.g.

    const apiService = new ecs_patterns.NetworkLoadBalancedEc2Service(
      this,
      "my-service",
      {
        cluster: cluster,
        desiredCount: 1,        
        memoryLimitMiB: 500,
        // other detail omit...        
        publicLoadBalancer: false
      }
    );
    
    const nlb = apiService.loadBalancer;