From 4f55ac5c4c1c087fc7d20bf869680dab4ebeda9a Mon Sep 17 00:00:00 2001
From: Greg Ericson <gericson@amazon.com>
Date: Tue, 6 Apr 2021 01:45:04 +0000
Subject: [PATCH 1/2] fix(aws-ecs-patterns): fixes #11123 allow for https
 listeners to use non Route 53 DNS if a certificate is provided

---
 .../application-load-balanced-service-base.ts |  7 ++--
 .../test.load-balanced-fargate-service.ts     | 35 +++++++++++++++++++
 2 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts
index 2593853cd0350..2a2c8feb23d7a 100644
--- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts
+++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts
@@ -422,13 +422,14 @@ export abstract class ApplicationLoadBalancedServiceBase extends CoreConstruct {
     this.targetGroup = this.listener.addTargets('ECS', targetProps);
 
     if (protocol === ApplicationProtocol.HTTPS) {
-      if (typeof props.domainName === 'undefined' || typeof props.domainZone === 'undefined') {
-        throw new Error('A domain name and zone is required when using the HTTPS protocol');
-      }
 
       if (props.certificate !== undefined) {
         this.certificate = props.certificate;
       } else {
+        if (typeof props.domainName === 'undefined' || typeof props.domainZone === 'undefined') {
+          throw new Error('A domain name and zone is required when using the HTTPS protocol');
+        }
+
         this.certificate = new Certificate(this, 'Certificate', {
           domainName: props.domainName,
           validation: CertificateValidation.fromDns(props.domainZone),
diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
index e7e847fb5cf45..d5005467251de 100644
--- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
+++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
@@ -1,4 +1,5 @@
 import { expect, haveResource, haveResourceLike, SynthUtils } from '@aws-cdk/assert';
+import { DnsValidatedCertificate } from '@aws-cdk/aws-certificatemanager';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as ecs from '@aws-cdk/aws-ecs';
 import { ApplicationLoadBalancer, ApplicationProtocol, NetworkLoadBalancer } from '@aws-cdk/aws-elasticloadbalancingv2';
@@ -977,4 +978,38 @@ export = {
     test.done();
   },
 
+  'domainName and domainZone not required for HTTPS listener with provided cert'(test: Test) {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const vpc = new ec2.Vpc(stack, 'VPC');
+    const cluster = new ecs.Cluster(stack, 'Cluster', { vpc });
+    const exampleDotComZone = new route53.PublicHostedZone(stack, 'ExampleDotCom', {
+      zoneName: 'example.com',
+    });
+    const certificate = new DnsValidatedCertificate(stack, 'Certificate', {
+      domainName: 'test.example.com',
+      hostedZone: exampleDotComZone,
+    });
+
+    // WHEN
+    new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'FargateAlbService', {
+      cluster,
+      protocol: ApplicationProtocol.HTTPS,
+
+      taskImageOptions: {
+        containerPort: 2015,
+        image: ecs.ContainerImage.fromRegistry('abiosoft/caddy'),
+      },
+      certificate: certificate,
+    });
+
+    // THEN
+    expect(stack).notTo(haveResourceLike('AWS::Route53::RecordSet', {
+      Name: 'test.domain.com.',
+    }));
+
+    test.done();
+
+  },
+
 };

From 7397720ceb2c025e8f937d4beb154721471f267b Mon Sep 17 00:00:00 2001
From: Greg Ericson <gericson@amazon.com>
Date: Mon, 12 Apr 2021 00:52:27 +0000
Subject: [PATCH 2/2] fix: fixed merge issue with assert internal

---
 .../test/fargate/test.load-balanced-fargate-service.ts          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
index d5005467251de..a8c588d1187ef 100644
--- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
+++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts
@@ -1,4 +1,4 @@
-import { expect, haveResource, haveResourceLike, SynthUtils } from '@aws-cdk/assert';
+import { expect, haveResource, haveResourceLike, SynthUtils } from '@aws-cdk/assert-internal';
 import { DnsValidatedCertificate } from '@aws-cdk/aws-certificatemanager';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as ecs from '@aws-cdk/aws-ecs';