Terraform module which creates an application load balancer on AWS.
Terraform 0.12 and newer.
module "loadbalancer" {
source = "/path/to/module/terraform-aws-alb"
name = var.name
region = var.region
vpc_cidr = var.vpc_cidr
vpc_id = var.vpc_id
subnet_ids = var.subnet_ids
target_ids = var.target_ids
target_group_port = "443"
target_group_protocol = "HTTPS"
target_group_stickiness_enabled = var.target_group_stickiness_enabled
target_group_stickiness_type = var.target_group_stickiness_type
ip_address_type = var.ip_address_type
listener_https = var.listener_https
listener_certificate_arn = var.listener_certificate_arn
listener_additional_certificates_arns = var.listener_additional_certificates_arns
enable_athena_access_logs_s3 = var.enable_athena_access_logs_s3
athena_access_logs_s3_db_name = var.athena_access_logs_s3_db_name
sg_rules_ingress_cidr_map = {
internet_http = {
port = 80
cidr_block = "0.0.0.0/0"
}
internet_https = {
port = 443
cidr_block = "0.0.0.0/0"
}
}
tags = {
Environment = var.environment,
Tier = var.web_tier
}
}| Name | Version |
|---|---|
| terraform | >= 0.12.6 |
| aws | >= 2.65 |
| Name | Version |
|---|---|
| aws | >= 2.65 |
No modules.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_logs_s3_bucket_name | Name of the S3 bucket for access logs of Load Balancer | string |
null |
no |
| access_logs_s3_expiration_days | Amount of days for expiration of S3 access logs of Load Balancer | number |
90 |
no |
| access_logs_s3_transition_days | Amount of days for S3 storage class to transition of access logs of Load Balancer | number |
30 |
no |
| access_logs_s3_transition_storage_class | S3 storage class to transition access logs of Load Balancer after amount of days | string |
"STANDARD_IA" |
no |
| athena_access_logs_s3_bucket_name | AWS Athena S3 bucket name for ALB access logging | string |
null |
no |
| athena_access_logs_s3_db_name | AWS Athena Database name for ALB access logging | string |
"alb_logs" |
no |
| athena_access_logs_s3_expiration_days | Amount of days for expiration of S3 results of AWS Athena | number |
30 |
no |
| deletion_protection_enabled | A boolean flag to enable/disable deletion protection for Load Balancer | bool |
false |
no |
| drop_invalid_header_fields_enabled | A boolean flag to enable/disable drop invalid header fields for Load Balancer | bool |
false |
no |
| enable_any_egress_to_vpc | Enable any egress traffic from Load Balancer instance to VPC | bool |
true |
no |
| enable_athena_access_logs_s3 | Enable AWS Athena for ALB access logging analysis | bool |
false |
no |
| idle_timeout | The time in seconds that the connection is allowed to be idle | number |
60 |
no |
| internal | A boolean flag to determine whether the Load Balancer should be internal | bool |
false |
no |
| ip_address_type | IP address type of Load Balancer | string |
"ipv4" |
no |
| listener_additional_certificates_arns | List of SSL certificates of Load Balancer listener | list(string) |
[] |
no |
| listener_certificate_arn | SSL certificate of Load Balancer listener | string |
null |
no |
| listener_http | Create listener for HTTP | bool |
true |
no |
| listener_http_port | Port of HTTP listener | string |
"80" |
no |
| listener_https | Create listener for HTTPS | bool |
false |
no |
| listener_https_port | Port of HTTPS listener | string |
"443" |
no |
| listener_ssl_policy | SSL policy of Load Balancer listener | string |
"ELBSecurityPolicy-2016-08" |
no |
| name | Name to be used on all resources as prefix | string |
n/a | yes |
| region | Name of region | string |
n/a | yes |
| sg_description | Description to be used for security group | string |
null |
no |
| sg_name | Name to be used for security group | string |
null |
no |
| sg_rules_egress_cidr_map | Map of security group rules for egress communication of cidr | map |
{} |
no |
| sg_rules_ingress_cidr_map | Map of security group rules for ingress communication of cidr | map |
{} |
no |
| subnet_ids | A list of VPC Subnet IDs to launch in | list(string) |
[] |
no |
| tags | A mapping of tags to assign to the resource | map(string) |
{} |
no |
| target_group_health_check_healthy_threshold | Healthy threshold of target group health check | string |
"3" |
no |
| target_group_health_check_interval | Interval of target group health check | string |
"30" |
no |
| target_group_health_check_matcher | Matcher of target group health check | string |
"200" |
no |
| target_group_health_check_path | Path of target group health check | string |
"/" |
no |
| target_group_health_check_port | Port of target group health check | string |
"80" |
no |
| target_group_health_check_timeout | Timeout of target group health check | string |
"5" |
no |
| target_group_health_check_unhealthy_threshold | Unhealthy threshold of target group health check | string |
"2" |
no |
| target_group_port | Port of target group | string |
"80" |
no |
| target_group_protocol | Protocol of target group | string |
"HTTP" |
no |
| target_group_stickiness_cookie_duration | The time period, in seconds, during which requests from a client should be routed to the same target | string |
"86400" |
no |
| target_group_stickiness_enabled | Boolean to enable / disable stickiness. Default is true. | bool |
false |
no |
| target_group_stickiness_type | The type of sticky sessions. The only current possible values are lb_cookie, app_cookie for ALBs, and source_ip for NLBs. | string |
"lb_cookie" |
no |
| target_group_target_type | Target type of target group | string |
"instance" |
no |
| target_ids | A list of EC2 instance ids | list(string) |
n/a | yes |
| vpc_cidr | VPC cidr for security group rules | string |
"10.0.0.0/16" |
no |
| vpc_id | String of vpc id | string |
n/a | yes |
| Name | Description |
|---|---|
| arn_alb | ARN of application load balancer |
| dns_name_alb | DNS Name of application load balancer |
| name_alb | Name of application load balancer |
| security_group_id_alb | ID of security group to use for the application load balancer |
Module managed by Marcel Emmert.
Apache 2 Licensed. See LICENSE for full details.