From 42e79e080274f6e8085f27df02aa46b0e31fa5d7 Mon Sep 17 00:00:00 2001 From: Sean Turner Date: Mon, 24 May 2021 20:37:06 +1200 Subject: [PATCH] Added support for dashboard using cloudfront DNS --- r_api_gateway.tf | 2 +- r_cognito.tf | 2 +- r_route53.tf | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/r_api_gateway.tf b/r_api_gateway.tf index 48b1eef..8de87af 100644 --- a/r_api_gateway.tf +++ b/r_api_gateway.tf @@ -7,7 +7,7 @@ resource "aws_apigatewayv2_api" "this" { allow_credentials = true allow_headers = ["Content-Type", "Authorization", "X-Session-Id"] allow_methods = ["GET", "OPTIONS", "POST"] - allow_origins = ["https://${var.fqdn_alias}"] + allow_origins = [var.hosted_zone_name != "" && var.fqdn_alias != "" ? "https://${var.fqdn_alias}" : "https://${module.cloudfront.cloudfront_distribution_domain_name}"] max_age = 600 } diff --git a/r_cognito.tf b/r_cognito.tf index 5aa4974..15c6651 100644 --- a/r_cognito.tf +++ b/r_cognito.tf @@ -41,7 +41,7 @@ resource "aws_cognito_user_pool_client" "this" { allowed_oauth_flows_user_pool_client = true allowed_oauth_scopes = ["email", "openid"] supported_identity_providers = ["COGNITO"] - callback_urls = ["https://${var.fqdn_alias}"] + callback_urls = [var.hosted_zone_name != "" && var.fqdn_alias != "" ? "https://${var.fqdn_alias}" : "https://${module.cloudfront.cloudfront_distribution_domain_name}"] explicit_auth_flows = [ "ALLOW_ADMIN_USER_PASSWORD_AUTH", diff --git a/r_route53.tf b/r_route53.tf index c18db7d..98893c3 100644 --- a/r_route53.tf +++ b/r_route53.tf @@ -13,13 +13,13 @@ resource "aws_route53_record" "alias" { } resource "aws_route53_record" "acm" { - for_each = { + for_each = var.hosted_zone_name != "" && var.fqdn_alias != "" ? { for dvo in aws_acm_certificate.this[0].domain_validation_options : dvo.domain_name => { name = dvo.resource_record_name record = dvo.resource_record_value type = dvo.resource_record_type - } if var.hosted_zone_name != "" && var.fqdn_alias != "" - } + } + } : {} allow_overwrite = true name = each.value.name