Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated asg target group ARN #83

Closed
wants to merge 1 commit into from
Closed

Updated asg target group ARN #83

wants to merge 1 commit into from

Conversation

jameslaneovermind
Copy link
Contributor

Terraform plan only shows a "Update in-place"

@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 5, 2024

mapped Expected Changes

No expected changes found.

unmapped Unmapped Changes

Note

These changes couldn't be mapped to a real cloud resource and therefore won't be included in the blast radius calculation.

updated autoscaling-auto-scaling-group › module.scenarios[0].aws_autoscaling_group.my_asg 
--- current
+++ planned
@@ -37,7 +37,7 @@
 suspended_processes: []
 tag: []
 target_group_arns:
-    - arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-change-tg/f558dcbbd9e9b1f2
+    - arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-new-change-tg/93b7bc3e3ad8ed46
 termination_policies: []
 terraform_address: module.scenarios[0].aws_autoscaling_group.my_asg
 terraform_name: module.scenarios[0].aws_autoscaling_group.my_asg

Blast Radius

items Items edges Edges
0 0

Open in Overmind

warning Risks

high Incorrect Target Group Configuration After Switchover [High]

Given that the current aws_autoscaling_group (my_asg) is configured with a target group (asg-change-tg) that is presumably working correctly, switching to a new target group (my_new_target_group) introduces the risk of misconfiguration. Potential issues include incorrect health check settings, port configurations, or protocol settings in the new target group that differ from the current working setup. This could lead to instances not being registered correctly or failing health checks, thereby affecting traffic distribution and service availability.

medium Possible Downtime During Transition to New Target Group [Medium]

With the current setup indicating a desire for minimal downtime (evident from the small default_cooldown and desired_capacity set to 1), changing the target group ARN might result in a brief period of traffic disruption. This risk arises when instances are deregistered from the current target group and registered with the new one, especially if the new target group is not immediately ready to handle incoming traffic at the moment of switchover.

medium IAM Permissions for ASG Interaction with New Target Group [Medium]

While not directly indicated by the current configuration details, there's an implicit risk that the aws_autoscaling_group lacks the necessary IAM permissions to interact with the new target group (my_new_target_group). If the IAM role (aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling) associated with the ASG does not include permissions for actions on the new target group, instances may not register or deregister properly, impacting service delivery.

@jameslaneovermind jameslaneovermind deleted the target_group_test branch March 20, 2024 09:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jameslaneovermind