diff --git a/core/alarms/alb-target-group.ts b/core/alarms/alb-target-group.ts index 3a4b0886..0fcecc09 100644 --- a/core/alarms/alb-target-group.ts +++ b/core/alarms/alb-target-group.ts @@ -55,7 +55,7 @@ export function findLoadBalancersForTargetGroup (targetGroupLogicalId: string, c for (const [listenerRuleLogicalId, listenerRule] of Object.entries(listenerRuleResources)) { for (const action of listenerRule.Properties?.Actions ?? []) { const targetGroupArn = action.TargetGroupArn - if (targetGroupArn.Ref === targetGroupLogicalId) { + if (typeof targetGroupArn === 'object' && targetGroupArn.Ref === targetGroupLogicalId) { allListenerRules[listenerRuleLogicalId] = listenerRule break } diff --git a/core/alarms/tests/alb-target-group.test.ts b/core/alarms/tests/alb-target-group.test.ts index 7a081098..7fb400db 100644 --- a/core/alarms/tests/alb-target-group.test.ts +++ b/core/alarms/tests/alb-target-group.test.ts @@ -79,6 +79,7 @@ test('findLoadBalancersForTargetGroup', (t) => { t.equal(loadBalancerLogicalIds.length, 0) t.end() }) + test('finds load balancers through listener rule target groups', (t) => { const compiledTemplate = { Resources: { @@ -189,6 +190,29 @@ test('findLoadBalancersForTargetGroup', (t) => { t.end() }) +test('handles actions without a target group', (t) => { + const compiledTemplate = { + Resources: { + listenerRuleA: { + Type: 'AWS::ElasticLoadBalancingV2::ListenerRule', + Properties: { + Actions: [{ AuthenticateOidcConfig: {} }], + ListenerArn: { Ref: 'listener' } + } + }, + listener: { + Type: 'AWS::ElasticLoadBalancingV2::Listener', + Properties: { + LoadBalancerArn: 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188' + } + } + } + } + const loadBalancerLogicalIds = findLoadBalancersForTargetGroup('tgA', compiledTemplate) + t.equal(loadBalancerLogicalIds.length, 0) + t.end() +}) + test('ALB Target Group alarms are created', (t) => { const testConfig = createTestConfig( defaultConfig.alarms,