diff --git a/README.md b/README.md
index c7ad757c..72d93538 100644
--- a/README.md
+++ b/README.md
@@ -67,7 +67,6 @@ module "default_backend_web_app" {
name = "appname"
vpc_id = module.vpc.vpc_id
alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 1
aws_logs_region = "us-east-2"
ecs_cluster_arn = aws_ecs_cluster.default.arn
ecs_cluster_name = aws_ecs_cluster.default.name
@@ -159,7 +158,6 @@ Available targets:
| [alb\_container\_name](#input\_alb\_container\_name) | The name of the container to associate with the ALB. If not provided, the generated container will be used | `string` | `null` | no |
| [alb\_ingress\_authenticated\_hosts](#input\_alb\_ingress\_authenticated\_hosts) | Authenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_authenticated\_listener\_arns](#input\_alb\_ingress\_authenticated\_listener\_arns) | A list of authenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_authenticated\_listener\_arns\_count](#input\_alb\_ingress\_authenticated\_listener\_arns\_count) | The number of authenticated ARNs in `alb_ingress_authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_authenticated\_paths](#input\_alb\_ingress\_authenticated\_paths) | Authenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_ingress\_enable\_default\_target\_group](#input\_alb\_ingress\_enable\_default\_target\_group) | If true, create a default target group for the ALB ingress | `bool` | `true` | no |
| [alb\_ingress\_health\_check\_healthy\_threshold](#input\_alb\_ingress\_health\_check\_healthy\_threshold) | The number of consecutive health checks successes required before healthy | `number` | `2` | no |
@@ -178,7 +176,6 @@ Available targets:
| [alb\_ingress\_target\_type](#input\_alb\_ingress\_target\_type) | Target type for the ALB ingress. One of `ip`, `instance`, `lambda` or `container`. Defaults to `ip`, for bridge networking mode should be `instance` | `string` | `"ip"` | no |
| [alb\_ingress\_unauthenticated\_hosts](#input\_alb\_ingress\_unauthenticated\_hosts) | Unauthenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_unauthenticated\_listener\_arns](#input\_alb\_ingress\_unauthenticated\_listener\_arns) | A list of unauthenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_unauthenticated\_listener\_arns\_count](#input\_alb\_ingress\_unauthenticated\_listener\_arns\_count) | The number of unauthenticated ARNs in `alb_ingress_unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_unauthenticated\_paths](#input\_alb\_ingress\_unauthenticated\_paths) | Unauthenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_security\_group](#input\_alb\_security\_group) | Security group of the ALB | `string` | n/a | yes |
| [alb\_stickiness\_cookie\_duration](#input\_alb\_stickiness\_cookie\_duration) | The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds) | `number` | `86400` | no |
diff --git a/README.yaml b/README.yaml
index e0aa1f3d..31fdf22e 100644
--- a/README.yaml
+++ b/README.yaml
@@ -90,7 +90,6 @@ usage: |-
name = "appname"
vpc_id = module.vpc.vpc_id
alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 1
aws_logs_region = "us-east-2"
ecs_cluster_arn = aws_ecs_cluster.default.arn
ecs_cluster_name = aws_ecs_cluster.default.name
diff --git a/docs/terraform.md b/docs/terraform.md
index e75f5814..e2cd070c 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -42,7 +42,6 @@
| [alb\_container\_name](#input\_alb\_container\_name) | The name of the container to associate with the ALB. If not provided, the generated container will be used | `string` | `null` | no |
| [alb\_ingress\_authenticated\_hosts](#input\_alb\_ingress\_authenticated\_hosts) | Authenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_authenticated\_listener\_arns](#input\_alb\_ingress\_authenticated\_listener\_arns) | A list of authenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_authenticated\_listener\_arns\_count](#input\_alb\_ingress\_authenticated\_listener\_arns\_count) | The number of authenticated ARNs in `alb_ingress_authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_authenticated\_paths](#input\_alb\_ingress\_authenticated\_paths) | Authenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_ingress\_enable\_default\_target\_group](#input\_alb\_ingress\_enable\_default\_target\_group) | If true, create a default target group for the ALB ingress | `bool` | `true` | no |
| [alb\_ingress\_health\_check\_healthy\_threshold](#input\_alb\_ingress\_health\_check\_healthy\_threshold) | The number of consecutive health checks successes required before healthy | `number` | `2` | no |
@@ -61,7 +60,6 @@
| [alb\_ingress\_target\_type](#input\_alb\_ingress\_target\_type) | Target type for the ALB ingress. One of `ip`, `instance`, `lambda` or `container`. Defaults to `ip`, for bridge networking mode should be `instance` | `string` | `"ip"` | no |
| [alb\_ingress\_unauthenticated\_hosts](#input\_alb\_ingress\_unauthenticated\_hosts) | Unauthenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_unauthenticated\_listener\_arns](#input\_alb\_ingress\_unauthenticated\_listener\_arns) | A list of unauthenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_unauthenticated\_listener\_arns\_count](#input\_alb\_ingress\_unauthenticated\_listener\_arns\_count) | The number of unauthenticated ARNs in `alb_ingress_unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_unauthenticated\_paths](#input\_alb\_ingress\_unauthenticated\_paths) | Unauthenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_security\_group](#input\_alb\_security\_group) | Security group of the ALB | `string` | n/a | yes |
| [alb\_stickiness\_cookie\_duration](#input\_alb\_stickiness\_cookie\_duration) | The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds) | `number` | `86400` | no |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index b0bade16..d7437f7a 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -109,11 +109,10 @@ module "ecs_web_app" {
container_port = var.container_port
# ALB
- alb_arn_suffix = module.alb.alb_arn_suffix
- alb_security_group = module.alb.security_group_id
- alb_ingress_unauthenticated_listener_arns = [module.alb.http_listener_arn]
- alb_ingress_unauthenticated_listener_arns_count = 1
- alb_ingress_healthcheck_path = var.alb_ingress_healthcheck_path
+ alb_arn_suffix = module.alb.alb_arn_suffix
+ alb_security_group = module.alb.security_group_id
+ alb_ingress_unauthenticated_listener_arns = [module.alb.http_listener_arn]
+ alb_ingress_healthcheck_path = var.alb_ingress_healthcheck_path
# CodePipeline
codepipeline_enabled = var.codepipeline_enabled
diff --git a/examples/with_cognito_authentication/main.tf b/examples/with_cognito_authentication/main.tf
index a14c928b..4f0bf4f8 100644
--- a/examples/with_cognito_authentication/main.tf
+++ b/examples/with_cognito_authentication/main.tf
@@ -126,8 +126,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# NOTE: Cognito and OIDC authentication only supported on HTTPS endpoints; here we provide `https_listener_arn` from ALB
- alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
- alb_ingress_authenticated_listener_arns_count = 1
+ alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
# Unauthenticated paths (with higher priority than the authenticated paths)
alb_ingress_unauthenticated_paths = ["/events"]
diff --git a/examples/with_google_oidc_authentication/main.tf b/examples/with_google_oidc_authentication/main.tf
index 1b6dcc72..cff32f66 100644
--- a/examples/with_google_oidc_authentication/main.tf
+++ b/examples/with_google_oidc_authentication/main.tf
@@ -127,8 +127,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# NOTE: Cognito and OIDC authentication only supported on HTTPS endpoints; here we provide `https_listener_arn` from ALB
- alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
- alb_ingress_authenticated_listener_arns_count = 1
+ alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
# Unauthenticated paths (with higher priority than the authenticated paths)
alb_ingress_unauthenticated_paths = ["/events"]
diff --git a/examples/without_authentication/main.tf b/examples/without_authentication/main.tf
index 06335e10..fe451bf9 100644
--- a/examples/without_authentication/main.tf
+++ b/examples/without_authentication/main.tf
@@ -127,8 +127,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# Without authentication, both HTTP and HTTPS endpoints are supported
- alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 2
+ alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
# All paths are unauthenticated
alb_ingress_unauthenticated_paths = ["/*"]
diff --git a/variables.tf b/variables.tf
index 504564ca..9f55011f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -935,24 +935,12 @@ variable "alb_ingress_unauthenticated_listener_arns" {
default = []
}
-variable "alb_ingress_unauthenticated_listener_arns_count" {
- type = number
- description = "The number of unauthenticated ARNs in `alb_ingress_unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
- default = 0
-}
-
variable "alb_ingress_authenticated_listener_arns" {
type = list(string)
description = "A list of authenticated ALB listener ARNs to attach ALB listener rules to"
default = []
}
-variable "alb_ingress_authenticated_listener_arns_count" {
- type = number
- description = "The number of authenticated ARNs in `alb_ingress_authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
- default = 0
-}
-
variable "authentication_type" {
type = string
description = "Authentication type. Supported values are `COGNITO` and `OIDC`"