pass in listeners

terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf

@@ -42,7 +42,7 @@ resource "aws_lb_listener_rule" "alb" {
 
 resource "aws_lb_listener_rule" "nlb" {
   count        = var.ecs_connectivity_nlb != "" ? 1 : 0
-  listener_arn = var.ecs_connectivity_nlb
+  listener_arn =
   action {
     type             = "forward"
     target_group_arn = aws_lb_target_group.this.arn
@@ -60,5 +60,9 @@ resource "aws_route53_record" "nlb_target_group" {
   name     = "${var.name}.service.${var.env_name}.${var.account_config.dns_suffix}"
   type     = "CNAME"
   ttl      = 60
-  records  = []
+  alias {
+    evaluate_target_health = false
+    name                   = var.ecs_connectivity_nlb.name
+    zone_id                = var.ecs_connectivity_nlb.zone_id
+  }
 }

terraform/environments/delius-core/modules/components/delius_microservice/variables.tf

@@ -356,4 +356,9 @@ variable "ecs_connectivity_nlb" {
   description = "The NLB ARN to use for the ECS connectivity"
   type        = string
   default     = ""
+}
+
+variable "ecs_connectivity_listeners" {
+  description = "The listeners to use for the ECS connectivity"
+  type        = list(any)
 }

terraform/environments/delius-core/modules/environment_all_components/community_api.tf

@@ -46,6 +46,10 @@ module "community_api" {
   # Two LBs (public and secure) are needed as show on the architecture diagram. There is an architectural discussion to be had if we could get away with just one LB instead
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   # Please check with the app team what the rule path should be here.
   alb_listener_rule_paths = ["/secure", "/secure/*"]
   platform_vars           = var.platform_vars

terraform/environments/delius-core/modules/environment_all_components/ecs_connect.tf

@@ -29,7 +29,7 @@ locals {
   unique_container_ports = distinct([for _, v in var.delius_microservice_configs : v.container_port])
 }
 
-resource "aws_lb_listener" "delius_microservices_listener" {
+resource "aws_lb_listener" "delius_microservices_listeners" {
   for_each = {
     for port in local.unique_container_ports : port => var.delius_microservice_configs
   }

terraform/environments/delius-core/modules/environment_all_components/gdpr_api_service.tf

@@ -32,12 +32,16 @@ module "gdpr_api_service" {
   tags                               = var.tags
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
-  alb_listener_rule_paths            = ["/gdpr/api", "/gdpr/api/*"]
-  platform_vars                      = var.platform_vars
-  container_image                    = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-gdpr-api-ecr-repo:${var.delius_microservice_configs.gdpr_api.image_tag}"
-  account_config                     = var.account_config
-  health_check_path                  = "/gdpr/api/actuator/health"
-  account_info                       = var.account_info
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
+  alb_listener_rule_paths = ["/gdpr/api", "/gdpr/api/*"]
+  platform_vars           = var.platform_vars
+  container_image         = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-gdpr-api-ecr-repo:${var.delius_microservice_configs.gdpr_api.image_tag}"
+  account_config          = var.account_config
+  health_check_path       = "/gdpr/api/actuator/health"
+  account_info            = var.account_info
   container_environment_vars = [
     {
       name  = "SERVER_SERVLET_CONTEXT_PATH"

terraform/environments/delius-core/modules/environment_all_components/gdpr_ui_service.tf

@@ -17,13 +17,17 @@ module "gdpr_ui_service" {
   tags                               = var.tags
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
-  alb_listener_rule_paths            = ["/gdpr/ui", "/gdpr/ui/*"]
-  platform_vars                      = var.platform_vars
-  container_image                    = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-gdpr-ui-ecr-repo:${var.delius_microservice_configs.gdpr_ui.image_tag}"
-  account_config                     = var.account_config
-  health_check_path                  = "/gdpr/ui/homepage"
-  account_info                       = var.account_info
-  container_environment_vars         = []
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
+  alb_listener_rule_paths    = ["/gdpr/ui", "/gdpr/ui/*"]
+  platform_vars              = var.platform_vars
+  container_image            = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-gdpr-ui-ecr-repo:${var.delius_microservice_configs.gdpr_ui.image_tag}"
+  account_config             = var.account_config
+  health_check_path          = "/gdpr/ui/homepage"
+  account_info               = var.account_info
+  container_environment_vars = []
 
   providers = {
     aws          = aws

terraform/environments/delius-core/modules/environment_all_components/merge_api_service.tf

@@ -30,12 +30,16 @@ module "merge_api_service" {
   tags                               = var.tags
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
-  alb_listener_rule_paths            = ["/merge/api", "/merge/api/*"]
-  platform_vars                      = var.platform_vars
-  container_image                    = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-merge-api-ecr-repo:${var.delius_microservice_configs.merge_api.image_tag}"
-  account_config                     = var.account_config
-  health_check_path                  = "/merge/api/actuator/health"
-  account_info                       = var.account_info
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
+  alb_listener_rule_paths = ["/merge/api", "/merge/api/*"]
+  platform_vars           = var.platform_vars
+  container_image         = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-merge-api-ecr-repo:${var.delius_microservice_configs.merge_api.image_tag}"
+  account_config          = var.account_config
+  health_check_path       = "/merge/api/actuator/health"
+  account_info            = var.account_info
   container_environment_vars = [
     {
       name  = "SERVER_SERVLET_CONTEXT_PATH"

terraform/environments/delius-core/modules/environment_all_components/merge_ui_service.tf

@@ -17,13 +17,17 @@ module "merge_ui_service" {
   tags                               = var.tags
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
-  alb_listener_rule_paths            = ["/merge/ui", "/merge/ui/*"]
-  platform_vars                      = var.platform_vars
-  container_image                    = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-merge-ui-ecr-repo:${var.delius_microservice_configs.merge_ui.image_tag}"
-  account_config                     = var.account_config
-  health_check_path                  = "/merge/ui/"
-  account_info                       = var.account_info
-  container_environment_vars         = []
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
+  alb_listener_rule_paths    = ["/merge/ui", "/merge/ui/*"]
+  platform_vars              = var.platform_vars
+  container_image            = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-merge-ui-ecr-repo:${var.delius_microservice_configs.merge_ui.image_tag}"
+  account_config             = var.account_config
+  health_check_path          = "/merge/ui/"
+  account_info               = var.account_info
+  container_environment_vars = []
 
   providers = {
     aws          = aws

terraform/environments/delius-core/modules/environment_all_components/password_reset_service.tf

@@ -34,6 +34,10 @@ module "password_reset_service" {
   tags                               = var.tags
   microservice_lb_arn                = aws_lb.delius_core_frontend.arn
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
+
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   #TODO - check the path based routing based on shared ALB or dedicated
   alb_listener_rule_paths = ["/password-reset"]
   platform_vars           = var.platform_vars

terraform/environments/delius-core/modules/environment_all_components/weblogic.tf

@@ -44,10 +44,13 @@ module "weblogic" {
       containerPort = var.delius_microservice_configs.weblogic.container_port
       protocol      = "tcp"
   }]
-  ecs_cluster_arn         = module.ecs.ecs_cluster_arn
-  env_name                = var.env_name
-  health_check_path       = "/NDelius-war/delius/JSP/healthcheck.jsp?ping"
-  microservice_lb_arn     = aws_lb.delius_core_frontend.arn
+  ecs_cluster_arn = module.ecs.ecs_cluster_arn
+  env_name        = var.env_name
+
+  health_check_path   = "/NDelius-war/delius/JSP/healthcheck.jsp?ping"
+  microservice_lb_arn = aws_lb.delius_core_frontend.arn
+
+  ecs_connectivity_nlb    = aws_lb.delius_microservices
   name                    = "weblogic"
   container_image         = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-weblogic-ecr-repo:${var.delius_microservice_configs.weblogic.image_tag}"
   platform_vars           = var.platform_vars

terraform/environments/delius-core/modules/environment_all_components/weblogic_eis.tf

@@ -189,6 +189,9 @@ module "weblogic_eis" {
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
   alb_listener_rule_paths            = ["/eis"]
 
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   container_image = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-weblogic-eis-ecr-repo:${var.delius_microservice_configs.weblogic_eis.image_tag}"
 
   platform_vars = var.platform_vars