Fix: Allow empty domain name list on host_header_custom alb rule

* Add a check for domain names, where if it's not null but an empty list (required if you have another ecs service that does have a domain_names list), so that it doesn't attempt to create the rule
dxw · Nov 15, 2024 · cfc9206 · cfc9206
1 parent 9cac652
commit cfc9206
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/ecs-cluster-infrastructure-service-alb.tf b/ecs-cluster-infrastructure-service-alb.tf
@@ -154,7 +154,7 @@ resource "aws_alb_listener" "infrastructure_ecs_cluster_service_https" {
 
 resource "aws_alb_listener_rule" "infrastructure_ecs_cluster_service_host_header" {
   for_each = {
-    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] == null && service["container_port"] != 0
+    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] == null ? service["container_port"] != 0 : length(service["domain_names"]) == 0 && service["container_port"] != 0
   }
 
   listener_arn = local.enable_infrastructure_wildcard_certificate ? aws_alb_listener.infrastructure_ecs_cluster_service_https[0].arn : aws_alb_listener.infrastructure_ecs_cluster_service_http[0].arn
@@ -190,7 +190,7 @@ resource "aws_alb_listener_rule" "infrastructure_ecs_cluster_service_host_header
 
 resource "aws_alb_listener_rule" "infrastructure_ecs_cluster_service_host_header_custom" {
   for_each = {
-    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] != null && service["container_port"] != 0
+    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] != null ? length(service["domain_names"]) > 0 : service["container_port"] != 0
   }
 
   listener_arn = each.value["alb_tls_certificate_arn"] != null ? aws_alb_listener.infrastructure_ecs_cluster_service_https[0].arn : aws_alb_listener.infrastructure_ecs_cluster_service_http[0].arn
@@ -226,7 +226,7 @@ resource "aws_alb_listener_rule" "infrastructure_ecs_cluster_service_host_header
 
 resource "aws_lb_listener_certificate" "service_shared_alb_certificate" {
   for_each = {
-    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] != null && service["container_port"] != 0 && service["alb_tls_certificate_arn"] != null
+    for k, service in local.infrastructure_ecs_cluster_services : k => service if service["domain_names"] != null ? length(service["domain_names"]) > 0 && service["container_port"] != 0 && service["alb_tls_certificate_arn"] != null : false
   }
 
   listener_arn    = aws_alb_listener.infrastructure_ecs_cluster_service_https[0].arn

diff --git a/ecs-cluster-infrastructure-service-cloudfront.tf b/ecs-cluster-infrastructure-service-cloudfront.tf
@@ -14,7 +14,7 @@ resource "aws_cloudfront_distribution" "infrastructure_ecs_cluster_service_cloud
   }
 
   enabled         = true
-  aliases         = each.value["domain_names"] != null ? each.value["domain_names"] : ["${each.key}.${local.infrastructure_route53_domain}"]
+  aliases         = each.value["domain_names"] != null ? length(each.value["domain_names"]) > 0 ? each.value["domain_names"] : ["${each.key}.${local.infrastructure_route53_domain}"] : ["${each.key}.${local.infrastructure_route53_domain}"]
   is_ipv6_enabled = true
   http_version    = "http2and3"
   price_class     = "PriceClass_100"