access_logs |
Map containing access logging configuration for load balancer. |
map(string) |
{} |
no |
create_lb |
Controls if the Load Balancer should be created |
bool |
true |
no |
create_security_group |
Determines if a security group is created |
bool |
true |
no |
desync_mitigation_mode |
Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. |
string |
"defensive" |
no |
drop_invalid_header_fields |
Indicates whether invalid header fields are dropped in application load balancers. Defaults to false. |
bool |
false |
no |
enable_cross_zone_load_balancing |
Indicates whether cross zone load balancing should be enabled in application load balancers. |
bool |
false |
no |
enable_deletion_protection |
If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false. |
bool |
false |
no |
enable_http2 |
Indicates whether HTTP/2 is enabled in application load balancers. |
bool |
true |
no |
enable_tls_version_and_cipher_suite_headers |
Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. |
bool |
false |
no |
enable_waf_fail_open |
Indicates whether to route requests to targets if lb fails to forward the request to AWS WAF |
bool |
false |
no |
enable_xff_client_port |
Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in application load balancers. |
bool |
true |
no |
extra_ssl_certs |
A list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward). |
list(map(string)) |
[] |
no |
http_tcp_listener_rules |
A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index]) |
any |
[] |
no |
http_tcp_listener_rules_tags |
A map of tags to add to all http listener rules |
map(string) |
{} |
no |
http_tcp_listeners |
A list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index]) |
any |
[] |
no |
http_tcp_listeners_tags |
A map of tags to add to all http listeners |
map(string) |
{} |
no |
https_listener_rules |
A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index]) |
any |
[] |
no |
https_listener_rules_tags |
A map of tags to add to all https listener rules |
map(string) |
{} |
no |
https_listeners |
A list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index]) |
any |
[] |
no |
https_listeners_tags |
A map of tags to add to all https listeners |
map(string) |
{} |
no |
idle_timeout |
The time in seconds that the connection is allowed to be idle. |
number |
60 |
no |
internal |
Boolean determining if the load balancer is internal or externally facing. |
bool |
false |
no |
ip_address_type |
The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack. |
string |
"ipv4" |
no |
lb_tags |
A map of tags to add to load balancer |
map(string) |
{} |
no |
listener_ssl_policy_default |
The security policy if using HTTPS externally on the load balancer. See. |
string |
"ELBSecurityPolicy-2016-08" |
no |
load_balancer_create_timeout |
Timeout value when creating the ALB. |
string |
"10m" |
no |
load_balancer_delete_timeout |
Timeout value when deleting the ALB. |
string |
"10m" |
no |
load_balancer_type |
The type of load balancer to create. Possible values are application or network. |
string |
"application" |
no |
load_balancer_update_timeout |
Timeout value when updating the ALB. |
string |
"10m" |
no |
name |
The resource name and Name tag of the load balancer. |
string |
null |
no |
name_prefix |
The resource name prefix and Name tag of the load balancer. Cannot be longer than 6 characters |
string |
null |
no |
preserve_host_header |
Indicates whether Host header should be preserve and forward to targets without any change. Defaults to false. |
bool |
false |
no |
security_group_description |
Description of the security group created |
string |
null |
no |
security_group_name |
Name to use on security group created |
string |
null |
no |
security_group_rules |
Security group rules to add to the security group created |
any |
{} |
no |
security_group_tags |
A map of additional tags to add to the security group created |
map(string) |
{} |
no |
security_group_use_name_prefix |
Determines whether the security group name (security_group_name ) is used as a prefix |
bool |
true |
no |
security_groups |
The security groups to attach to the load balancer. e.g. ["sg-edcd9784","sg-edcd9785"] |
list(string) |
[] |
no |
subnet_mapping |
A list of subnet mapping blocks describing subnets to attach to network load balancer |
list(map(string)) |
[] |
no |
subnets |
A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f'] |
list(string) |
null |
no |
tags |
A map of tags to add to all resources |
map(string) |
{} |
no |
target_group_tags |
A map of tags to add to all target groups |
map(string) |
{} |
no |
target_groups |
A list of maps containing key/value pairs that define the target groups to be created. Order of these maps is important and the index of these are to be referenced in listener definitions. Required key/values: name, backend_protocol, backend_port |
any |
[] |
no |
vpc_id |
VPC id where the load balancer and other resources will be deployed. |
string |
null |
no |
xff_header_processing_mode |
Determines how the load balancer modifies the X-Forwarded-For header in the HTTP request before sending the request to the target. |
string |
"append" |
no |