From 5756384376733f18d019d01e2b2bd02a8991c9a9 Mon Sep 17 00:00:00 2001
From: Lawrence Warren <lawrencewarren2@gmail.com>
Date: Fri, 6 Oct 2023 11:29:35 +0100
Subject: [PATCH] fix(tf): When setting `enabled = false`, also destroy ALB

---
 elb.tf | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/elb.tf b/elb.tf
index 978a884..dd178db 100644
--- a/elb.tf
+++ b/elb.tf
@@ -1,5 +1,5 @@
 resource "aws_security_group" "alb" {
-  count       = var.alb_enabled ? 1 : 0
+  count       = local.enabled && var.alb_enabled ? 1 : 0
   description = "Controls access to the ${var.use_wrong_loadbalancer_name ? "" : "Kylin "}ALB (HTTP/HTTPS)"
   vpc_id      = var.vpc_id
   name        = module.label_alb.id
@@ -7,7 +7,7 @@ resource "aws_security_group" "alb" {
 }
 
 resource "aws_security_group_rule" "alb_egress" {
-  count             = var.alb_enabled ? 1 : 0
+  count             = local.enabled && var.alb_enabled ? 1 : 0
   type              = "egress"
   from_port         = "0"
   to_port           = "0"
@@ -28,7 +28,7 @@ resource "aws_security_group_rule" "alb_http_ingress" {
 }
 
 resource "aws_security_group_rule" "alb_https_ingress" {
-  count             = var.alb_enabled && var.alb_allow_https_access ? 1 : 0
+  count             = local.enabled && var.alb_enabled && var.alb_allow_https_access ? 1 : 0
   type              = "ingress"
   from_port         = 443
   to_port           = 443
@@ -39,7 +39,7 @@ resource "aws_security_group_rule" "alb_https_ingress" {
 }
 
 resource "aws_lb" "default" {
-  count              = var.alb_enabled ? 1 : 0
+  count              = local.enabled && var.alb_enabled ? 1 : 0
   name               = module.label_alb.id
   tags               = module.label_alb.tags
   internal           = var.alb_internal
@@ -56,7 +56,7 @@ resource "aws_lb" "default" {
 }
 
 resource "aws_route53_record" "default" {
-  count   = var.alb_enabled ? 1 : 0
+  count   = local.enabled && var.alb_enabled ? 1 : 0
   zone_id = var.zone_id
   name    = var.master_dns_name
   type    = "A"
@@ -69,7 +69,7 @@ resource "aws_route53_record" "default" {
 }
 
 resource "aws_lb_target_group" "default" {
-  count                = var.alb_enabled ? 1 : 0
+  count                = local.enabled && var.alb_enabled ? 1 : 0
   name                 = module.label_alb.id
   port                 = var.alb_target_group_port
   protocol             = var.alb_target_group_protocol
@@ -102,7 +102,7 @@ resource "aws_lb_target_group" "default" {
 }
 
 resource "aws_lb_target_group_attachment" "default" {
-  count            = var.alb_enabled && var.master_instance_group_instance_count > 0 ? var.master_instance_group_instance_count : 0
+  count            = local.enabled && var.alb_enabled && var.master_instance_group_instance_count > 0 ? var.master_instance_group_instance_count : 0
   target_group_arn = aws_lb_target_group.default[0].arn
   target_id        = element(data.aws_instances.emr_master_instances.ids, count.index)
   port             = var.alb_target_group_port
@@ -114,7 +114,7 @@ resource "aws_lb_target_group_attachment" "default" {
 }
 
 resource "aws_lb_listener" "http_redirect" {
-  count             = var.alb_enabled && var.alb_allow_http_access ? 1 : 0
+  count             = local.enabled && var.alb_enabled && var.alb_allow_http_access ? 1 : 0
   load_balancer_arn = aws_lb.default[0].arn
   port              = 80
   protocol          = "HTTP"
@@ -132,7 +132,7 @@ resource "aws_lb_listener" "http_redirect" {
 }
 
 resource "aws_lb_listener" "https" {
-  count             = var.alb_enabled && var.alb_allow_https_access ? 1 : 0
+  count             = local.enabled && var.alb_enabled && var.alb_allow_https_access ? 1 : 0
   load_balancer_arn = aws_lb.default[0].arn
 
   port            = 443