aws · mergify · Jun 26, 2023 · Jun 17, 2023 · Jun 17, 2023 · Jun 19, 2023
diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-target-group.ts
@@ -280,11 +280,17 @@ export class NetworkTargetGroup extends TargetGroupBase implements INetworkTarge
         `Must be one of [${NLB_PATH_HEALTH_CHECK_PROTOCOLS.join(', ')}]`,
       ].join(' '));
     }
-    if (healthCheck.timeout && healthCheck.timeout.toSeconds() !== NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]) {
-      ret.push([
-        'Custom health check timeouts are not supported for Network Load Balancer health checks.',
-        `Expected ${NLB_HEALTH_CHECK_TIMEOUTS[healthCheck.protocol]} seconds for ${healthCheck.protocol}, got ${healthCheck.timeout.toSeconds()}`,
-      ].join(' '));
+
+    const lowHealthCheckTimeout = 2;
+    const highHealthCheckTimeout = 120;
+    if (healthCheck.timeout) {
+      const timeoutSeconds = healthCheck.timeout.toSeconds();
+      if (timeoutSeconds < lowHealthCheckTimeout || timeoutSeconds > highHealthCheckTimeout) {
+        ret.push(`Health check timeout '${timeoutSeconds}' not supported. Must be a number between ${lowHealthCheckTimeout} and ${highHealthCheckTimeout}.`);
+      }
+      if (healthCheck.interval && healthCheck.interval.toSeconds() < timeoutSeconds) {
+        ret.push(`Health check timeout '${timeoutSeconds}' must not be greater than the interval '${healthCheck.interval.toSeconds()}'`);
+      }
     }
 
     return ret;
@@ -365,9 +371,4 @@ export interface INetworkLoadBalancerTarget {
 }
 
 const NLB_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS, Protocol.TCP];
-const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS];
-const NLB_HEALTH_CHECK_TIMEOUTS: { [protocol in Protocol]?: number } = {
-  [Protocol.HTTP]: 6,
-  [Protocol.HTTPS]: 10,
-  [Protocol.TCP]: 10,
-};
+const NLB_PATH_HEALTH_CHECK_PROTOCOLS = [Protocol.HTTP, Protocol.HTTPS];
diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/test/nlb/listener.test.ts
@@ -375,16 +375,40 @@ describe('tests', () => {
       },
     });
 
+    targetGroup.configureHealthCheck({
+      interval: cdk.Duration.seconds(150),
+      protocol: elbv2.Protocol.HTTP,
+      timeout: cdk.Duration.seconds(130),
+    });
+
+    // THEN
+    const validationErrors: string[] = targetGroup.node.validate();
+    const timeoutError = validationErrors.find((err) => /Health check timeout '130' not supported. Must be a number between/.test(err));
+    expect(timeoutError).toBeDefined();
+  });
+
+  test('validation error if Health check timeout is greater than the interval', () => {
+    const stack = new cdk.Stack();
+    const vpc = new ec2.Vpc(stack, 'Stack');
+    const lb = new elbv2.NetworkLoadBalancer(stack, 'LB', { vpc });
+    const listener = lb.addListener('PublicListener', { port: 80 });
+    const targetGroup = listener.addTargets('ECS', {
+      port: 80,
+      healthCheck: {
+        interval: cdk.Duration.seconds(60),
+      },
+    });
+
     targetGroup.configureHealthCheck({
       interval: cdk.Duration.seconds(30),
       protocol: elbv2.Protocol.HTTP,
-      timeout: cdk.Duration.seconds(10),
+      timeout: cdk.Duration.seconds(40),
     });
 
     // THEN
     const validationErrors: string[] = targetGroup.node.validate();
     expect(validationErrors).toEqual([
-      'Custom health check timeouts are not supported for Network Load Balancer health checks. Expected 6 seconds for HTTP, got 10',
+      "Health check timeout '40' must not be greater than the interval '30'",
     ]);
   });