How to get ALB name from AWS in Terraform

Question

I need to get an ALB name or id to attach WAF rules to it. The ALB is created by Kubernetes and not used anywhere in Terraform. Oficial data resource only supports name and arn with no filtering.

data "aws_lb" "test" {
  name = ...
  arn = ...
}

Is there a way to get ALB somehow or attach WAF rules to it?

Answer 1

I had to go in reversed route and had to store the value of WAF rule in the value store.

resource "aws_ssm_parameter" "whatever" {
  name  = "...."
  type  = "SecureString"
  value = aws_wafv2_web_acl.name.arn
  overwrite = true
}

And then template it into helm chart annotation: https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/ingress/annotations/#addons with gomplate: https://docs.gomplate.ca/datasources/#examples where it will attach the rule to the created ALB.

Answer 2

I'm currently facing the same issue, the name of the ALB doesn't appear to be something that you can set whilst you're deploying the Helm chart and there doesn't appear to be a way of getting the name once the chart has been deployed.

The only workaround I can think of is to describe the ingress resource and then do a trim of some sort on the ingress address using Terraform (ignoring everything after the 4th dash).

It's not a great workaround but is the only one that I've come up with to get this all working through Terraform. Do let me know if you find a better solution for this.

EDIT: It appears that there is already an open issue for this on GitHub: https://github.com/hashicorp/terraform-provider-aws/issues/12265 There is a solution posted a bit further down in the thread which is similar to what I had originally suggested - using regex to get the name of the load balancer from the ingress resource.