search

nhs-england-tools / terraform-aws-opennext

🧱 💻 ☁️ A Terraform module for deploying a Next.js application built with OpenNext to AWS
MIT License
75 stars 10 forks source link

Fix initial deploy invalid count dependency error #17

Closed adam-carruthers closed 7 months ago

adam-carruthers commented 7 months ago

Description

Fixing #16 - which happens due to the code below

# modules/opennext-cloudfront/waf.tf
resource "aws_wafv2_web_acl" "cloudfront_waf" {
  count = var.custom_waf == null ? 1 : 0
  ...
}

resouce "aws_wafv2_web_acl_logging_configuration" "waf_logging" {
  count = var.waf_logging_configuration == null || try(aws_wafv2_web_acl.cloudfront_waf[0], null) == null ? 0 : 1
  ...
}

If you reference another resource in the count argument, terraform will fail on initial deploy because that other resource won't exist yet, so the count argument is not yet defined, but terraform needs the count argument to be defined for a deploy.

All the code is trying to do is deploy aws_wafv2_web_acl_logging_configuration.waf_logging only if the aws_wafv2_web_acl.cloudfront_waf exists (has count > 0). We can do this without causing this terraform error by simply placing the condition in the count for aws_wafv2_web_acl.cloudfront_waf inside of aws_wafv2_web_acl_logging_configuration.waf_logging's count condition.

Like this:

resource "aws_wafv2_web_acl_logging_configuration" "waf_logging" {
  count = var.waf_logging_configuration == null || var.custom_waf != null ? 0 : 1

  ...
}

Context

Issue #16

Type of changes

Checklist

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.