create a host based listener rule per service

terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf

@@ -41,25 +41,25 @@ resource "aws_lb_listener_rule" "alb" {
 }
 
 resource "aws_lb_listener_rule" "nlb" {
-  count        = var.ecs_connectivity_nlb != "" ? 1 : 0
-  listener_arn =
+  for_each     = var.ecs_connectivity_nlb == null ? toset([]) : toset([for _, v in var.container_port_config : tostring(v.containerPort)])
+  listener_arn = var.ecs_connectivity_listeners[each.value].arn
   action {
     type             = "forward"
     target_group_arn = aws_lb_target_group.this.arn
   }
   condition {
     host_header {
-      values = aws_route53_record.nlb_target_group.name
+      values = [aws_route53_record.nlb_target_group[0].name]
     }
   }
 }
 
 resource "aws_route53_record" "nlb_target_group" {
+  count    = var.ecs_connectivity_nlb == null ? 0 : 1
   provider = aws.core-vpc
   zone_id  = var.account_config.route53_inner_zone_info.zone_id
   name     = "${var.name}.service.${var.env_name}.${var.account_config.dns_suffix}"
   type     = "CNAME"
-  ttl      = 60
   alias {
     evaluate_target_health = false
     name                   = var.ecs_connectivity_nlb.name

terraform/environments/delius-core/modules/components/delius_microservice/variables.tf

@@ -353,12 +353,13 @@ variable "container_cpu" {
 }
 
 variable "ecs_connectivity_nlb" {
-  description = "The NLB ARN to use for the ECS connectivity"
-  type        = string
-  default     = ""
+  description = "The NLB to use for the ECS connectivity"
+  type        = any
+  default     = null
 }
 
 variable "ecs_connectivity_listeners" {
   description = "The listeners to use for the ECS connectivity"
-  type        = list(any)
+  type        = any
+  default     = null
 }

terraform/environments/delius-core/modules/environment_all_components/user_management.tf

@@ -32,6 +32,9 @@ module "user_management" {
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
   alb_listener_rule_paths            = ["/umt"]
 
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   container_image = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management-ecr-repo:${var.delius_microservice_configs.user_management.image_tag}"
 
   platform_vars = var.platform_vars

terraform/environments/delius-core/modules/environment_all_components/weblogic.tf

@@ -50,7 +50,9 @@ module "weblogic" {
   health_check_path   = "/NDelius-war/delius/JSP/healthcheck.jsp?ping"
   microservice_lb_arn = aws_lb.delius_core_frontend.arn
 
-  ecs_connectivity_nlb    = aws_lb.delius_microservices
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   name                    = "weblogic"
   container_image         = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-weblogic-ecr-repo:${var.delius_microservice_configs.weblogic.image_tag}"
   platform_vars           = var.platform_vars