diff --git a/README.md b/README.md
index e3c1aee0..31af73fa 100644
--- a/README.md
+++ b/README.md
@@ -70,7 +70,6 @@ module "default_backend_web_app" {
name = "appname"
vpc_id = module.vpc.vpc_id
alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 1
aws_logs_region = "us-east-2"
ecs_cluster_arn = aws_ecs_cluster.default.arn
ecs_cluster_name = aws_ecs_cluster.default.name
@@ -151,7 +150,6 @@ module "default_backend_web_app" {
| [alb\_container\_name](#input\_alb\_container\_name) | The name of the container to associate with the ALB. If not provided, the generated container will be used | `string` | `null` | no |
| [alb\_ingress\_authenticated\_hosts](#input\_alb\_ingress\_authenticated\_hosts) | Authenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_authenticated\_listener\_arns](#input\_alb\_ingress\_authenticated\_listener\_arns) | A list of authenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_authenticated\_listener\_arns\_count](#input\_alb\_ingress\_authenticated\_listener\_arns\_count) | The number of authenticated ARNs in `alb_ingress_authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_authenticated\_paths](#input\_alb\_ingress\_authenticated\_paths) | Authenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_ingress\_enable\_default\_target\_group](#input\_alb\_ingress\_enable\_default\_target\_group) | If true, create a default target group for the ALB ingress | `bool` | `true` | no |
| [alb\_ingress\_health\_check\_healthy\_threshold](#input\_alb\_ingress\_health\_check\_healthy\_threshold) | The number of consecutive health checks successes required before healthy | `number` | `2` | no |
@@ -170,7 +168,6 @@ module "default_backend_web_app" {
| [alb\_ingress\_target\_type](#input\_alb\_ingress\_target\_type) | Target type for the ALB ingress. One of `ip`, `instance`, `lambda` or `container`. Defaults to `ip`, for bridge networking mode should be `instance` | `string` | `"ip"` | no |
| [alb\_ingress\_unauthenticated\_hosts](#input\_alb\_ingress\_unauthenticated\_hosts) | Unauthenticated hosts to match in Hosts header | `list(string)` | `[]` | no |
| [alb\_ingress\_unauthenticated\_listener\_arns](#input\_alb\_ingress\_unauthenticated\_listener\_arns) | A list of unauthenticated ALB listener ARNs to attach ALB listener rules to | `list(string)` | `[]` | no |
-| [alb\_ingress\_unauthenticated\_listener\_arns\_count](#input\_alb\_ingress\_unauthenticated\_listener\_arns\_count) | The number of unauthenticated ARNs in `alb_ingress_unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed | `number` | `0` | no |
| [alb\_ingress\_unauthenticated\_paths](#input\_alb\_ingress\_unauthenticated\_paths) | Unauthenticated path pattern to match (a maximum of 1 can be defined) | `list(string)` | `[]` | no |
| [alb\_security\_group](#input\_alb\_security\_group) | Security group of the ALB | `string` | n/a | yes |
| [alb\_stickiness\_cookie\_duration](#input\_alb\_stickiness\_cookie\_duration) | The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds) | `number` | `86400` | no |
diff --git a/README.yaml b/README.yaml
index 6ecd1f24..8358b041 100644
--- a/README.yaml
+++ b/README.yaml
@@ -90,7 +90,6 @@ usage: |-
name = "appname"
vpc_id = module.vpc.vpc_id
alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 1
aws_logs_region = "us-east-2"
ecs_cluster_arn = aws_ecs_cluster.default.arn
ecs_cluster_name = aws_ecs_cluster.default.name
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index b0bade16..d7437f7a 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -109,11 +109,10 @@ module "ecs_web_app" {
container_port = var.container_port
# ALB
- alb_arn_suffix = module.alb.alb_arn_suffix
- alb_security_group = module.alb.security_group_id
- alb_ingress_unauthenticated_listener_arns = [module.alb.http_listener_arn]
- alb_ingress_unauthenticated_listener_arns_count = 1
- alb_ingress_healthcheck_path = var.alb_ingress_healthcheck_path
+ alb_arn_suffix = module.alb.alb_arn_suffix
+ alb_security_group = module.alb.security_group_id
+ alb_ingress_unauthenticated_listener_arns = [module.alb.http_listener_arn]
+ alb_ingress_healthcheck_path = var.alb_ingress_healthcheck_path
# CodePipeline
codepipeline_enabled = var.codepipeline_enabled
diff --git a/examples/with_cognito_authentication/main.tf b/examples/with_cognito_authentication/main.tf
index a14c928b..4f0bf4f8 100644
--- a/examples/with_cognito_authentication/main.tf
+++ b/examples/with_cognito_authentication/main.tf
@@ -126,8 +126,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# NOTE: Cognito and OIDC authentication only supported on HTTPS endpoints; here we provide `https_listener_arn` from ALB
- alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
- alb_ingress_authenticated_listener_arns_count = 1
+ alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
# Unauthenticated paths (with higher priority than the authenticated paths)
alb_ingress_unauthenticated_paths = ["/events"]
diff --git a/examples/with_google_oidc_authentication/main.tf b/examples/with_google_oidc_authentication/main.tf
index 1b6dcc72..cff32f66 100644
--- a/examples/with_google_oidc_authentication/main.tf
+++ b/examples/with_google_oidc_authentication/main.tf
@@ -127,8 +127,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# NOTE: Cognito and OIDC authentication only supported on HTTPS endpoints; here we provide `https_listener_arn` from ALB
- alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
- alb_ingress_authenticated_listener_arns_count = 1
+ alb_ingress_authenticated_listener_arns = module.alb.https_listener_arn
# Unauthenticated paths (with higher priority than the authenticated paths)
alb_ingress_unauthenticated_paths = ["/events"]
diff --git a/examples/without_authentication/main.tf b/examples/without_authentication/main.tf
index 06335e10..fe451bf9 100644
--- a/examples/without_authentication/main.tf
+++ b/examples/without_authentication/main.tf
@@ -127,8 +127,7 @@ module "web_app" {
alb_ingress_healthcheck_path = "/"
# Without authentication, both HTTP and HTTPS endpoints are supported
- alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
- alb_ingress_unauthenticated_listener_arns_count = 2
+ alb_ingress_unauthenticated_listener_arns = module.alb.listener_arns
# All paths are unauthenticated
alb_ingress_unauthenticated_paths = ["/*"]
diff --git a/variables.tf b/variables.tf
index cba8d7f0..aa3a59e1 100644
--- a/variables.tf
+++ b/variables.tf
@@ -935,24 +935,12 @@ variable "alb_ingress_unauthenticated_listener_arns" {
default = []
}
-variable "alb_ingress_unauthenticated_listener_arns_count" {
- type = number
- description = "The number of unauthenticated ARNs in `alb_ingress_unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
- default = 0
-}
-
variable "alb_ingress_authenticated_listener_arns" {
type = list(string)
description = "A list of authenticated ALB listener ARNs to attach ALB listener rules to"
default = []
}
-variable "alb_ingress_authenticated_listener_arns_count" {
- type = number
- description = "The number of authenticated ARNs in `alb_ingress_authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
- default = 0
-}
-
variable "authentication_type" {
type = string
description = "Authentication type. Supported values are `COGNITO` and `OIDC`"