search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.59k stars 3.89k forks source link

[aws-ecs-patterns; ApplicationLoadBalancedFargateService] Providing domain zone with 'AWS::NoValue' does not create root A Alias record #5016

Closed kevin-lindsay-1 closed 2 years ago

kevin-lindsay-1 commented 4 years ago

Now, technically I understand that this isn't a bug, as both of these parameters, domainZone and domainName are required, however I'm running into a particular issue where I can't assign an A record to the root of a zone.

For example, let's say I have a hosted zone for: api.mydomain.com

In that zone, I have other APIs, user.api.mydomain.com, product.api.mydomain.com, etc.

Since the @ domain doesn't work in route 53, and this parameter always appends the zone, .api.mydomain.com, when I provide AWS::NoValue, it accepts it, but still appends .api.mydomain.com, whereas it should append api.mydomain.com.

I've tried a few workarounds on this issue, but can't seem to find anything that will solve this (other than making a distinction between api.mydomain.com and another zone of apis.mydomain.com).

Example:

const isProd = new CfnCondition(this, "IsProd", {
  expression: Fn.conditionEquals("prod", appStage)
});
const domainZone = HostedZone.fromHostedZoneAttributes(this, "HostedZone", {
  hostedZoneId: "xxx",
  zoneName: "api.mydomain.com"
});
const domainName = Fn.conditionIf(
  isProd.logicalId,
  "AWS::NoValue",
  appStage
).toString();
const certificate = Certificate.fromCertificateArn(this, "Cert", "...");
const lbfs = new ApplicationLoadBalancedFargateService(this, "LBFS", {
  serviceName: "...",
  cluster,
  taskImageOptions: {
    image,
    environment: {
      STAGE: appStage,
      USER_SERVICE_URL: "https://user.api.mydomain.com",
      PRODUCT_SERVICE_URL: "https://product.api.mydomain.com"
    }
  },
  domainZone,
  domainName,
  certificate
});

outputs:

...
"ServiceLBFSDNS3E11A591": {
  "Type": "AWS::Route53::RecordSet",
  "Properties": {
    "Name": {
      "Fn::Join": [
        "",
        [
          {
            "Fn::If": [
              "ServiceIsProdA297CD3C",
              "AWS::NoValue",
              {
                "Ref": "appStage"
              }
            ]
          },
          ".api.mydomain.com."
        ]
      ]
    },
    ...
  },
  ...
},
...

Should (likely) be:

...
"ServiceLBFSDNS3E11A591": {
  "Type": "AWS::Route53::RecordSet",
  "Properties": {
    "Name": {
      "Fn::Join": [
        "",
        [
          {
            "Fn::If": [
              "ServiceIsProdA297CD3C",
              "AWS::NoValue",
              {
                "Ref": "appStage"
              }
            ]
          },
          // may need additional conditional in CFN to add the leading `.` if value is not `AWS::NoValue`
          "api.mydomain.com."
        ]
      ]
    },
    ...
  },
  ...
},
...

Reproduction Steps

Error Log

Environment

Other

This is :bug: Bug Report

kevin-lindsay-1 commented 4 years ago

As previously mentioned, I have a fairly simple workaround, that being setting a subdomain and setting an ALIAS manually.

For example: service FQDN: api.api.mydomain.com then, in Route 53, set apex (no name) to an A Alias record to api.api.mydomain.com.

Less than ideal, but it appears to work just fine.

github-actions[bot] commented 2 years ago

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.