Merge pull request #9 from nventive/chore/add-aliases-parent-zone-val…

…idation

feat: Add validation for aliases parent zone

README.md

@@ -76,6 +76,7 @@ module "ecs_cluster" {
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.0 |
+| <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 ## Modules
 
 | Name | Source | Version |
@@ -90,6 +91,7 @@ module "ecs_cluster" {
 |------|------|
 | [aws_cloudwatch_log_group.ecs_insights](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
 | [aws_ecs_cluster.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |
+| [null_resource.aliases_parent_zone_validation](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_iam_policy_document.kms_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_kms_key.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |
@@ -125,8 +127,8 @@ module "ecs_cluster" {
 | <a name="input_logs_kms_key_arn"></a> [logs\_kms\_key\_arn](#input\_logs\_kms\_key\_arn) | ARN of the KMS key for CloudWatch encryption, if blank, one will be created. | `string` | `""` | no |
 | <a name="input_name"></a> [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.<br>This is the only ID element not also included as a `tag`.<br>The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
-| <a name="input_parent_zone_id"></a> [parent\_zone\_id](#input\_parent\_zone\_id) | ID of the hosted zone to contain this record (or specify `parent_zone_name`). Requires `dns_alias_enabled` set to true. | `string` | `""` | no |
-| <a name="input_parent_zone_name"></a> [parent\_zone\_name](#input\_parent\_zone\_name) | Name of the hosted zone to contain this record (or specify `parent_zone_id`). Requires `dns_alias_enabled` set to true. | `string` | `""` | no |
+| <a name="input_parent_zone_id"></a> [parent\_zone\_id](#input\_parent\_zone\_id) | ID of the hosted zone to contain this record (or specify `parent_zone_name`). Requires `dns_alias_enabled` set to true. | `string` | `null` | no |
+| <a name="input_parent_zone_name"></a> [parent\_zone\_name](#input\_parent\_zone\_name) | Name of the hosted zone to contain this record (or specify `parent_zone_id`). Requires `dns_alias_enabled` set to true. | `string` | `null` | no |
 | <a name="input_regex_replace_chars"></a> [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.<br>Characters matching the regex will be removed from the ID elements.<br>If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
 | <a name="input_stage"></a> [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
 | <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | List of subnet IDs for the Load Balancer. The Load Balancer will be created in the VPC associated with the subnet IDs. | `list(string)` | `[]` | no |

main.tf

@@ -4,6 +4,7 @@ locals {
   logs_kms_key_arn     = local.logs_kms_key_enabled ? module.kms_key.key_arn : data.aws_kms_key.default.0.arn
   alb_use_existing     = length(var.alb_arn) > 0
   alb_enabled          = !local.alb_use_existing && var.alb_enabled && length(var.subnet_ids) > 0
+  alb_alias_enabled    = length(var.alb_dns_aliases) != 0 && local.enabled
 }
 
 data "aws_caller_identity" "current" {}
@@ -99,6 +100,7 @@ data "aws_subnet" "lb" {
 module "lb" {
   source  = "nventive/lb/aws"
   version = "1.2.0"
+
   enabled = local.alb_enabled && local.enabled
 
   subnet_ids                = var.subnet_ids
@@ -124,14 +126,24 @@ module "alb_dns_alias" {
   source  = "cloudposse/route53-alias/aws"
   version = "0.13.0"
 
-  enabled   = length(var.alb_dns_aliases) != 0 && local.enabled
+  enabled = local.alb_alias_enabled
+
   providers = { aws = aws.route53 }
 
   aliases          = var.alb_dns_aliases
   parent_zone_id   = var.parent_zone_id
   parent_zone_name = var.parent_zone_name
-  target_dns_name  = local.alb_use_existing ? data.aws_lb.default.0.dns_name : module.lb.dns_name
-  target_zone_id   = local.alb_use_existing ? data.aws_lb.default.0.zone_id : module.lb.zone_id
+  target_dns_name  = local.alb_use_existing ? join("", data.aws_lb.default.*.dns_name) : module.lb.dns_name
+  target_zone_id   = local.alb_use_existing ? join("", data.aws_lb.default.*.zone_id) : module.lb.zone_id
 
   context = module.this.context
 }
+
+resource "null_resource" "aliases_parent_zone_validation" {
+  lifecycle {
+    precondition {
+      condition     = local.alb_alias_enabled && var.parent_zone_id == null && var.parent_zone_id == null
+      error_message = "When using `alb_dns_aliases` you should specify either `parent_zone_id` or `parent_zone_name`."
+    }
+  }
+}

variables.tf

@@ -69,13 +69,13 @@ variable "alb_dns_aliases" {
 
 variable "parent_zone_id" {
   type        = string
-  default     = ""
+  default     = null
   description = "ID of the hosted zone to contain this record (or specify `parent_zone_name`). Requires `dns_alias_enabled` set to true."
 }
 
 variable "parent_zone_name" {
   type        = string
-  default     = ""
+  default     = null
   description = "Name of the hosted zone to contain this record (or specify `parent_zone_id`). Requires `dns_alias_enabled` set to true."
 }