Merge pull request #25 from sourcefuse/chore/ARC-890-toggle-features

James Crowley · web-flow · commit ad65050a561a · 2023-05-30T13:19:47.000-05:00
chore/ARC-890-toggle-features
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -29,4 +29,3 @@ jobs:
 
       - name: Run tflint
         run: tflint -f compact
-
diff --git a/.version b/.version
@@ -1 +1 @@
-1.2.6
+1.3.0
diff --git a/README.md b/README.md
@@ -116,13 +116,14 @@ module "ecs" {
 | <a name="input_create_acm_certificate"></a> [create\_acm\_certificate](#input\_create\_acm\_certificate) | Create an ACM Certificate to use with the ALB | `bool` | `true` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | n/a | yes |
 | <a name="input_execution_policy_attachment_arns"></a> [execution\_policy\_attachment\_arns](#input\_execution\_policy\_attachment\_arns) | The ARNs of the policies you want to apply | `list(string)` | <pre>[<br>  "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess",<br>  "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"<br>]</pre> | no |
-| <a name="input_health_check_route_53_private_zone"></a> [health\_check\_route\_53\_private\_zone](#input\_health\_check\_route\_53\_private\_zone) | Used with `name` field to get a private Hosted Zone | `bool` | `false` | no |
+| <a name="input_externally_managed_route_53_record"></a> [externally\_managed\_route\_53\_record](#input\_externally\_managed\_route\_53\_record) | If there is a Route 53 Zone externally managed from the account you are running in. If `true`, you will have to manage your DNS yourself. | `bool` | `false` | no |
 | <a name="input_health_check_route_53_records"></a> [health\_check\_route\_53\_records](#input\_health\_check\_route\_53\_records) | List of Route 53 records for the health check service. | `list(string)` | n/a | yes |
 | <a name="input_health_check_subnet_ids"></a> [health\_check\_subnet\_ids](#input\_health\_check\_subnet\_ids) | Subnet IDs for the health check tasks to run in. If not defined, this will use `var.alb_subnet_ids`. | `list(string)` | `[]` | no |
 | <a name="input_log_group_retention_days"></a> [log\_group\_retention\_days](#input\_log\_group\_retention\_days) | Specifies the number of days you want to retain log events in the specified log group.<br>Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096,<br>1827, 2192, 2557, 2922, 3288, 3653, and 0.<br>If you select 0, the events in the log group are always retained and never expire | `number` | `30` | no |
 | <a name="input_log_group_skip_destroy"></a> [log\_group\_skip\_destroy](#input\_log\_group\_skip\_destroy) | Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time, and instead just remove the log group from the Terraform state. | `bool` | `false` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace your resource belongs to.<br>Usually an abbreviation of your organization name, e.g. 'example' or 'arc', to help ensure generated IDs are globally unique" | `string` | n/a | yes |
-| <a name="input_route_53_zone"></a> [route\_53\_zone](#input\_route\_53\_zone) | Route 53 domain to generate an ACM request for and to create A records against, i.e. sfrefarch.com. A wildcard subject alternative name is generated with the certificate. | `string` | n/a | yes |
+| <a name="input_route_53_zone_id"></a> [route\_53\_zone\_id](#input\_route\_53\_zone\_id) | Route 53 zone ID | `string` | `null` | no |
+| <a name="input_route_53_zone_name"></a> [route\_53\_zone\_name](#input\_route\_53\_zone\_name) | Route 53 domain to generate an ACM request for and to create A records against, i.e. sfrefarch.com. A wildcard subject alternative name is generated with the certificate. | `string` | `null` | no |
 | <a name="input_service_discovery_private_dns_namespace"></a> [service\_discovery\_private\_dns\_namespace](#input\_service\_discovery\_private\_dns\_namespace) | The name of the namespace | `list(string)` | <pre>[<br>  "default.example.local"<br>]</pre> | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to assign the resources. | `map(string)` | `{}` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | Id of the VPC where the resources will live | `string` | n/a | yes |
diff --git a/example/main.tf b/example/main.tf
@@ -48,7 +48,7 @@ module "ecs" {
   // -------------------------- END ------------------------- //
 
   ## create acm certificate and dns record for health check
-  route_53_zone                 = local.route_53_zone
+  route_53_zone_name            = local.route_53_zone
   acm_domain_name               = "healthcheck-ecs-${var.namespace}-${var.environment}.${local.route_53_zone}"
   acm_subject_alternative_names = []
   health_check_route_53_records = [
diff --git a/main.tf b/main.tf
@@ -57,7 +57,7 @@ module "acm" {
   name                              = "${var.environment}-${var.namespace}-acm-certificate"
   namespace                         = var.namespace
   environment                       = var.environment
-  zone_name                         = var.route_53_zone
+  zone_name                         = var.route_53_zone_name
   domain_name                       = var.acm_domain_name
   subject_alternative_names         = var.acm_subject_alternative_names
   process_domain_validation_options = var.acm_process_domain_validation_options
@@ -156,10 +156,11 @@ module "health_check" {
   alb_dns_name = module.alb.alb_dns_name
   alb_zone_id  = module.alb.alb_zone_id
 
-  ## for internal records on health check
-  route_53_zone_name            = var.route_53_zone
+  externally_managed_route_53_record = var.externally_managed_route_53_record
+
+  ## health check
+  route_53_zone_id              = var.route_53_zone_id
   health_check_route_53_records = var.health_check_route_53_records
-  route_53_private_zone         = var.health_check_route_53_private_zone
 
   task_execution_role_arn = aws_iam_role.execution.arn
 
diff --git a/modules/health-check/README.md b/modules/health-check/README.md
@@ -34,7 +34,6 @@ AWS Terraform ALB Health Check Module
 | [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
 | [aws_route53_record.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
 | [aws_security_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_route53_zone.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source |
 
 ## Inputs
 
@@ -44,6 +43,7 @@ AWS Terraform ALB Health Check Module
 | <a name="input_alb_zone_id"></a> [alb\_zone\_id](#input\_alb\_zone\_id) | ALB Route53 zone ID to create A record for health check service | `string` | n/a | yes |
 | <a name="input_cluster_id"></a> [cluster\_id](#input\_cluster\_id) | ID of the ECS cluster. | `string` | n/a | yes |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the ECS cluster. | `string` | n/a | yes |
+| <a name="input_externally_managed_route_53_record"></a> [externally\_managed\_route\_53\_record](#input\_externally\_managed\_route\_53\_record) | If there is a Route 53 Zone externally managed from the account you are running in. If `true`, you will have to manage your DNS yourself. | `bool` | `false` | no |
 | <a name="input_health_check_desired_count"></a> [health\_check\_desired\_count](#input\_health\_check\_desired\_count) | Number of ECS tasks to run for the health check. | `number` | `1` | no |
 | <a name="input_health_check_image"></a> [health\_check\_image](#input\_health\_check\_image) | Docker image used for the health-check | `string` | `"ealen/echo-server"` | no |
 | <a name="input_health_check_launch_type"></a> [health\_check\_launch\_type](#input\_health\_check\_launch\_type) | Launch type for the health check service. | `string` | `"FARGATE"` | no |
@@ -52,8 +52,7 @@ AWS Terraform ALB Health Check Module
 | <a name="input_health_check_route_53_records"></a> [health\_check\_route\_53\_records](#input\_health\_check\_route\_53\_records) | List of A record domains to create for the health check service | `list(string)` | n/a | yes |
 | <a name="input_lb_listener_arn"></a> [lb\_listener\_arn](#input\_lb\_listener\_arn) | ARN of the load balancer listener. | `string` | n/a | yes |
 | <a name="input_lb_security_group_ids"></a> [lb\_security\_group\_ids](#input\_lb\_security\_group\_ids) | LB Security Group IDs for ingress access to the health check task definition. | `list(string)` | n/a | yes |
-| <a name="input_route_53_private_zone"></a> [route\_53\_private\_zone](#input\_route\_53\_private\_zone) | Used with `name` field to get a private Hosted Zone | `bool` | `false` | no |
-| <a name="input_route_53_zone_name"></a> [route\_53\_zone\_name](#input\_route\_53\_zone\_name) | Route53 zone name used for looking up and creating an `A` record for the health check service | `string` | n/a | yes |
+| <a name="input_route_53_zone_id"></a> [route\_53\_zone\_id](#input\_route\_53\_zone\_id) | Route53 zone ID used for looking up and creating an `A` record for the health check service | `string` | n/a | yes |
 | <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | Subnet IDs to run health check task in | `list(string)` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to assign the resources. | `map(string)` | `{}` | no |
 | <a name="input_task_definition_cpu"></a> [task\_definition\_cpu](#input\_task\_definition\_cpu) | Number of cpu units used by the task. If the requires\_compatibilities is FARGATE this field is required. | `number` | `1024` | no |
diff --git a/modules/health-check/data.tf b/modules/health-check/data.tf
diff --git a/modules/health-check/main.tf b/modules/health-check/main.tf
@@ -146,9 +146,9 @@ resource "aws_ecs_task_definition" "this" {
 ## route 53
 ################################################################################
 resource "aws_route53_record" "this" {
-  for_each = toset(var.health_check_route_53_records)
+  for_each = var.externally_managed_route_53_record != true ? toset(var.health_check_route_53_records) : []
 
-  zone_id = data.aws_route53_zone.this.id
+  zone_id = var.route_53_zone_id
   name    = each.value
   type    = var.health_check_route_53_record_type
 
diff --git a/modules/health-check/variables.tf b/modules/health-check/variables.tf
@@ -96,9 +96,9 @@ variable "alb_zone_id" {
   description = "ALB Route53 zone ID to create A record for health check service"
 }
 
-variable "route_53_zone_name" {
+variable "route_53_zone_id" {
   type        = string
-  description = "Route53 zone name used for looking up and creating an `A` record for the health check service"
+  description = "Route53 zone ID used for looking up and creating an `A` record for the health check service"
 }
 
 ################################################################################
@@ -117,8 +117,8 @@ variable "lb_listener_arn" {
 ################################################################################
 ## route 53
 ################################################################################
-variable "route_53_private_zone" {
+variable "externally_managed_route_53_record" {
   type        = bool
-  description = "Used with `name` field to get a private Hosted Zone"
+  description = "If there is a Route 53 Zone externally managed from the account you are running in. If `true`, you will have to manage your DNS yourself."
   default     = false
 }
diff --git a/variables.tf b/variables.tf
@@ -75,19 +75,26 @@ variable "health_check_subnet_ids" {
   default     = []
 }
 
-variable "route_53_zone" {
+variable "route_53_zone_id" {
+  type        = string
+  description = "Route 53 zone ID"
+  default     = null
+}
+
+variable "route_53_zone_name" {
   type        = string
   description = "Route 53 domain to generate an ACM request for and to create A records against, i.e. sfrefarch.com. A wildcard subject alternative name is generated with the certificate."
+  default     = null
 }
 
 variable "health_check_route_53_records" {
   type        = list(string)
   description = "List of Route 53 records for the health check service."
 }
 
-variable "health_check_route_53_private_zone" {
+variable "externally_managed_route_53_record" {
   type        = bool
-  description = "Used with `name` field to get a private Hosted Zone"
+  description = "If there is a Route 53 Zone externally managed from the account you are running in. If `true`, you will have to manage your DNS yourself."
   default     = false
 }
 

Original file line number	Diff line number	Diff line change
`@@ -29,4 +29,3 @@ jobs:`
`29`	`29`
`30`	`30`	`- name: Run tflint`
`31`	`31`	`run: tflint -f compact`
`32`		`-`