Add fixed response option on listeners (http or https) (#69)

* Add fixed response option

* Auto Format

* Update with formatting

Co-authored-by: cloudpossebot <[email protected]>

README.md

@@ -224,6 +224,8 @@ Available targets:
 | ip\_address\_type | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`. | `string` | `"ipv4"` | no |
 | label\_order | The naming order of the id output and Name tag.<br>Defaults to ["namespace", "environment", "stage", "name", "attributes"].<br>You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no |
 | lifecycle\_rule\_enabled | A boolean that indicates whether the s3 log bucket lifecycle rule should be enabled. | `bool` | `false` | no |
+| listener\_http\_fixed\_response | Have the HTTP listener return a fixed response for the default action. | <pre>object({<br>    content_type = string<br>    message_body = string<br>    status_code  = string<br>  })</pre> | `null` | no |
+| listener\_https\_fixed\_response | Have the HTTPS listener return a fixed response for the default action. | <pre>object({<br>    content_type = string<br>    message_body = string<br>    status_code  = string<br>  })</pre> | `null` | no |
 | name | Solution name, e.g. 'app' or 'jenkins' | `string` | `null` | no |
 | namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no |
 | noncurrent\_version\_expiration\_days | Specifies when noncurrent s3 log versions expire | `number` | `90` | no |
@@ -349,7 +351,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
 
 ## Copyright
 
-Copyright © 2017-2020 [Cloud Posse, LLC](https://cpco.io/copyright)
+Copyright © 2017-2021 [Cloud Posse, LLC](https://cpco.io/copyright)
 
 
 

docs/terraform.md

@@ -60,6 +60,8 @@
 | ip\_address\_type | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`. | `string` | `"ipv4"` | no |
 | label\_order | The naming order of the id output and Name tag.<br>Defaults to ["namespace", "environment", "stage", "name", "attributes"].<br>You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no |
 | lifecycle\_rule\_enabled | A boolean that indicates whether the s3 log bucket lifecycle rule should be enabled. | `bool` | `false` | no |
+| listener\_http\_fixed\_response | Have the HTTP listener return a fixed response for the default action. | <pre>object({<br>    content_type = string<br>    message_body = string<br>    status_code  = string<br>  })</pre> | `null` | no |
+| listener\_https\_fixed\_response | Have the HTTPS listener return a fixed response for the default action. | <pre>object({<br>    content_type = string<br>    message_body = string<br>    status_code  = string<br>  })</pre> | `null` | no |
 | name | Solution name, e.g. 'app' or 'jenkins' | `string` | `null` | no |
 | namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no |
 | noncurrent\_version\_expiration\_days | Specifies when noncurrent s3 log versions expire | `number` | `90` | no |

main.tf

@@ -137,8 +137,17 @@ resource "aws_lb_listener" "http_forward" {
   protocol          = "HTTP"
 
   default_action {
-    target_group_arn = join("", aws_lb_target_group.default.*.arn)
-    type             = "forward"
+    target_group_arn = var.listener_http_fixed_response != null ? null : join("", aws_lb_target_group.default.*.arn)
+    type             = var.listener_http_fixed_response != null ? "fixed-response" : "forward"
+
+    dynamic "fixed_response" {
+      for_each = var.listener_http_fixed_response != null ? [var.listener_http_fixed_response] : []
+      content {
+        content_type = fixed_response.value["content_type"]
+        message_body = fixed_response.value["message_body"]
+        status_code  = fixed_response.value["status_code"]
+      }
+    }
   }
 }
 
@@ -170,10 +179,20 @@ resource "aws_lb_listener" "https" {
   certificate_arn = var.certificate_arn
 
   default_action {
-    target_group_arn = join("", aws_lb_target_group.default.*.arn)
-    type             = "forward"
+    target_group_arn = var.listener_https_fixed_response != null ? null : join("", aws_lb_target_group.default.*.arn)
+    type             = var.listener_https_fixed_response != null ? "fixed-response" : "forward"
+
+    dynamic "fixed_response" {
+      for_each = var.listener_https_fixed_response != null ? [var.listener_https_fixed_response] : []
+      content {
+        content_type = fixed_response.value["content_type"]
+        message_body = fixed_response.value["message_body"]
+        status_code  = fixed_response.value["status_code"]
+      }
+    }
   }
 }
+
 resource "aws_lb_listener_certificate" "https_sni" {
   count           = module.this.enabled && var.https_enabled && var.additional_certs != [] ? length(var.additional_certs) : 0
   listener_arn    = join("", aws_lb_listener.https.*.arn)

variables.tf

@@ -212,6 +212,26 @@ variable "target_group_additional_tags" {
   description = "The additional tags to apply to the target group"
 }
 
+variable "listener_http_fixed_response" {
+  description = "Have the HTTP listener return a fixed response for the default action."
+  type = object({
+    content_type = string
+    message_body = string
+    status_code  = string
+  })
+  default = null
+}
+
+variable "listener_https_fixed_response" {
+  description = "Have the HTTPS listener return a fixed response for the default action."
+  type = object({
+    content_type = string
+    message_body = string
+    status_code  = string
+  })
+  default = null
+}
+
 variable "lifecycle_rule_enabled" {
   type        = bool
   description = "A boolean that indicates whether the s3 log bucket lifecycle rule should be enabled."