From bdab3382b1a9ad8ab0eecfaf5489bc666d462147 Mon Sep 17 00:00:00 2001
From: George Taylor <george.taylor@digital.justice.gov.uk>
Date: Fri, 9 Feb 2024 17:29:23 +0000
Subject: [PATCH] create a host based listener rule per service

---
 .../components/delius_microservice/load_balancing.tf     | 8 ++++----
 .../modules/components/delius_microservice/variables.tf  | 9 +++++----
 .../environment_all_components/user_management.tf        | 3 +++
 .../modules/environment_all_components/weblogic.tf       | 4 +++-
 4 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf b/terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf
index 154091ae0ca..68be6e12526 100644
--- a/terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf
+++ b/terraform/environments/delius-core/modules/components/delius_microservice/load_balancing.tf
@@ -41,25 +41,25 @@ resource "aws_lb_listener_rule" "alb" {
 }
 
 resource "aws_lb_listener_rule" "nlb" {
-  count        = var.ecs_connectivity_nlb != "" ? 1 : 0
-  listener_arn =
+  for_each     = var.ecs_connectivity_nlb == null ? toset([]) : toset([for _, v in var.container_port_config : tostring(v.containerPort)])
+  listener_arn = var.ecs_connectivity_listeners[each.value].arn
   action {
     type             = "forward"
     target_group_arn = aws_lb_target_group.this.arn
   }
   condition {
     host_header {
-      values = aws_route53_record.nlb_target_group.name
+      values = [aws_route53_record.nlb_target_group[0].name]
     }
   }
 }
 
 resource "aws_route53_record" "nlb_target_group" {
+  count    = var.ecs_connectivity_nlb == null ? 0 : 1
   provider = aws.core-vpc
   zone_id  = var.account_config.route53_inner_zone_info.zone_id
   name     = "${var.name}.service.${var.env_name}.${var.account_config.dns_suffix}"
   type     = "CNAME"
-  ttl      = 60
   alias {
     evaluate_target_health = false
     name                   = var.ecs_connectivity_nlb.name
diff --git a/terraform/environments/delius-core/modules/components/delius_microservice/variables.tf b/terraform/environments/delius-core/modules/components/delius_microservice/variables.tf
index 5f0fc176cb7..945b25ba1a0 100644
--- a/terraform/environments/delius-core/modules/components/delius_microservice/variables.tf
+++ b/terraform/environments/delius-core/modules/components/delius_microservice/variables.tf
@@ -353,12 +353,13 @@ variable "container_cpu" {
 }
 
 variable "ecs_connectivity_nlb" {
-  description = "The NLB ARN to use for the ECS connectivity"
-  type        = string
-  default     = ""
+  description = "The NLB to use for the ECS connectivity"
+  type        = any
+  default     = null
 }
 
 variable "ecs_connectivity_listeners" {
   description = "The listeners to use for the ECS connectivity"
-  type        = list(any)
+  type        = any
+  default     = null
 }
\ No newline at end of file
diff --git a/terraform/environments/delius-core/modules/environment_all_components/user_management.tf b/terraform/environments/delius-core/modules/environment_all_components/user_management.tf
index 525086f303d..45b72720c50 100644
--- a/terraform/environments/delius-core/modules/environment_all_components/user_management.tf
+++ b/terraform/environments/delius-core/modules/environment_all_components/user_management.tf
@@ -32,6 +32,9 @@ module "user_management" {
   microservice_lb_https_listener_arn = aws_lb_listener.listener_https.arn
   alb_listener_rule_paths            = ["/umt"]
 
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   container_image = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management-ecr-repo:${var.delius_microservice_configs.user_management.image_tag}"
 
   platform_vars = var.platform_vars
diff --git a/terraform/environments/delius-core/modules/environment_all_components/weblogic.tf b/terraform/environments/delius-core/modules/environment_all_components/weblogic.tf
index 65aba642b54..e449de8fb2a 100644
--- a/terraform/environments/delius-core/modules/environment_all_components/weblogic.tf
+++ b/terraform/environments/delius-core/modules/environment_all_components/weblogic.tf
@@ -50,7 +50,9 @@ module "weblogic" {
   health_check_path   = "/NDelius-war/delius/JSP/healthcheck.jsp?ping"
   microservice_lb_arn = aws_lb.delius_core_frontend.arn
 
-  ecs_connectivity_nlb    = aws_lb.delius_microservices
+  ecs_connectivity_nlb       = aws_lb.delius_microservices
+  ecs_connectivity_listeners = aws_lb_listener.delius_microservices_listeners
+
   name                    = "weblogic"
   container_image         = "${var.platform_vars.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/delius-core-weblogic-ecr-repo:${var.delius_microservice_configs.weblogic.image_tag}"
   platform_vars           = var.platform_vars