Created
December 3, 2024 19:35
-
-
Save fatmcgav/172722b7c82eea6050dadba43a1ec7cb to your computer and use it in GitHub Desktop.
ALB null reproducer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = local.region | |
| } | |
| data "aws_availability_zones" "available" {} | |
| locals { | |
| region = "eu-west-1" | |
| name = "alb-null-error" | |
| vpc_cidr = "10.0.0.0/16" | |
| azs = slice(data.aws_availability_zones.available.names, 0, 3) | |
| listeners = { | |
| http = { | |
| port = 80 | |
| protocol = "HTTP" | |
| fixed_response = { | |
| content_type = "text/plain" | |
| status_code = "404" | |
| } | |
| forward = null | |
| } | |
| } | |
| tags = { | |
| Name = local.name | |
| } | |
| } | |
| output "listeners" { | |
| value = var.listeners | |
| } | |
| output "local_listeners" { | |
| value = local.listeners | |
| } | |
| module "alb" { | |
| source = "terraform-aws-modules/alb/aws" | |
| # source = "github.com/fatmcgav/terraform-aws-alb?ref=refactor-try-can" | |
| name = local.name | |
| vpc_id = module.vpc.vpc_id | |
| subnets = module.vpc.public_subnets | |
| enable_deletion_protection = true | |
| enable_cross_zone_load_balancing = true | |
| # Security Group | |
| security_group_ingress_rules = { | |
| all_http = { | |
| from_port = 80 | |
| to_port = 80 | |
| ip_protocol = "tcp" | |
| description = "HTTP web traffic" | |
| cidr_ipv4 = "0.0.0.0/0" | |
| } | |
| all_https = { | |
| from_port = 443 | |
| to_port = 443 | |
| ip_protocol = "tcp" | |
| description = "HTTPS web traffic" | |
| cidr_ipv4 = "0.0.0.0/0" | |
| } | |
| } | |
| security_group_egress_rules = { | |
| all = { | |
| ip_protocol = "-1" | |
| cidr_ipv4 = module.vpc.vpc_cidr_block | |
| } | |
| } | |
| listeners = local.listeners | |
| } | |
| ############################################################################### | |
| # Supporting resources | |
| ################################################################################ | |
| module "vpc" { | |
| source = "terraform-aws-modules/vpc/aws" | |
| version = "~> 5.0" | |
| name = local.name | |
| cidr = local.vpc_cidr | |
| azs = local.azs | |
| private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)] | |
| public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)] | |
| tags = local.tags | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| listeners = { | |
| http = { | |
| port = 80 | |
| protocol = "HTTP" | |
| fixed_response = { | |
| content_type = "text/plain" | |
| status_code = "404" | |
| } | |
| rules = {} | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "listeners" { | |
| description = "Listeners to attach to ALB. A http-https-redirect-listener will be created automatically if 'enable_http_https_redirect = true'" | |
| default = {} | |
| type = map(object({ | |
| port = number | |
| protocol = optional(string, "HTTP") | |
| # Default behaviours | |
| fixed_response = optional(object({ | |
| content_type = optional(string, "text/plain") | |
| message_body = optional(string) | |
| status_code = optional(string) | |
| })) | |
| forward = optional(object({ | |
| target_groups = list(object({ | |
| name = optional(string, null) | |
| weight = optional(number) | |
| })) | |
| stickiness = object({ | |
| duration = optional(number) | |
| enabled = optional(bool, false) | |
| }) | |
| })) | |
| redirect = optional(object({ | |
| host = optional(string, "#{host}") | |
| path = optional(string, "#{path}") | |
| port = optional(string, "#{port}") | |
| protocol = optional(string, "#{protocol}") | |
| query = optional(string, "#{query}") | |
| status_code = optional(string, "HTTP_301") | |
| })) | |
| # Listener rules | |
| rules = map(object({ | |
| type = optional(string) | |
| fixed_response = optional(object({ | |
| content_type = optional(string) | |
| message_body = optional(string) | |
| status_code = optional(string) | |
| })) | |
| forward = optional(object({ | |
| target_groups = list(object({ | |
| name = string | |
| weight = optional(number) | |
| })) | |
| stickiness = object({ | |
| duration = number | |
| enabled = optional(bool, false) | |
| }) | |
| })) | |
| redirect = optional(object({ | |
| host = optional(string, "#{host}") | |
| path = optional(string, "#{path}") | |
| port = optional(string, "#{port}") | |
| protocol = optional(string, "#{protocol}") | |
| query = optional(string, "#{query}") | |
| status_code = optional(string, "HTTP_301") | |
| })) | |
| })) | |
| })) | |
| validation { | |
| condition = alltrue([ | |
| for listener in var.listeners : contains([80, 443], listener.port) | |
| ]) | |
| error_message = "listener 'port' value should be '80' or '443'" | |
| } | |
| validation { | |
| condition = alltrue([ | |
| for listener in var.listeners : contains(["HTTP", "HTTPS"], listener.protocol) | |
| ]) | |
| error_message = "listener 'protocol' value should be 'HTTP' or 'HTTPS'" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment