Skip to main content
Version: v1.8

AWS ALB

Description

Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources

Specification

Properties

NameDescriptionTypeRequiredDefault
access_logsMap containing access logging configuration for load balancer.map(string)false
create_lbControls if the Load Balancer should be createdboolfalse
desync_mitigation_modeDetermines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync.stringfalse
drop_invalid_header_fieldsIndicates whether invalid header fields are dropped in application load balancers. Defaults to false.boolfalse
enable_cross_zone_load_balancingIndicates whether cross zone load balancing should be enabled in application load balancers.boolfalse
enable_deletion_protectionIf true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false.boolfalse
enable_http2Indicates whether HTTP/2 is enabled in application load balancers.boolfalse
enable_waf_fail_openIndicates whether to route requests to targets if lb fails to forward the request to AWS WAFboolfalse
extra_ssl_certsA list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward).list(map(string))false
http_tcp_listener_rulesA list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index])anyfalse
http_tcp_listener_rules_tagsA map of tags to add to all http listener rulesmap(string)false
http_tcp_listenersA list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index])anyfalse
http_tcp_listeners_tagsA map of tags to add to all http listenersmap(string)false
https_listener_rulesA list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index])anyfalse
https_listener_rules_tagsA map of tags to add to all https listener rulesmap(string)false
https_listenersA list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index])anyfalse
https_listeners_tagsA map of tags to add to all https listenersmap(string)false
idle_timeoutThe time in seconds that the connection is allowed to be idle.numberfalse
internalBoolean determining if the load balancer is internal or externally facing.boolfalse
ip_address_typeThe type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack.stringfalse
lb_tagsA map of tags to add to load balancermap(string)false
listener_ssl_policy_defaultThe security policy if using HTTPS externally on the load balancer. See.stringfalse
load_balancer_create_timeoutTimeout value when creating the ALB.stringfalse
load_balancer_delete_timeoutTimeout value when deleting the ALB.stringfalse
load_balancer_typeThe type of load balancer to create. Possible values are application or network.stringfalse
load_balancer_update_timeoutTimeout value when updating the ALB.stringfalse
nameThe resource name and Name tag of the load balancer.stringfalse
name_prefixThe resource name prefix and Name tag of the load balancer. Cannot be longer than 6 charactersstringfalse
putin_khuyloDo you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!boolfalse
security_groupsThe security groups to attach to the load balancer. e.g. ["sg-edcd9784","sg-edcd9785"]list(string)false
subnet_mappingA list of subnet mapping blocks describing subnets to attach to network load balancerlist(map(string))false
subnetsA list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f']list(string)false
tagsA map of tags to add to all resourcesmap(string)false
target_group_tagsA map of tags to add to all target groupsmap(string)false
target_groupsA list of maps containing key/value pairs that define the target groups to be created. Order of these maps is important and the index of these are to be referenced in listener definitions. Required key/values: name, backend_protocol, backend_portanyfalse
vpc_idVPC id where the load balancer and other resources will be deployed.stringfalse
writeConnectionSecretToRefThe secret which the cloud resource connection will be written towriteConnectionSecretToReffalse

writeConnectionSecretToRef

NameDescriptionTypeRequiredDefault
nameThe secret name which the cloud resource connection will be written tostringtrue
namespaceThe secret namespace which the cloud resource connection will be written tostringfalse