Code Monkey home page Code Monkey logo

terraform-aws-alb-ingress-rules's Introduction

FivexL

ALB Ingress Rules/TLS/Target Groups

  • TLS with ACM
  • Listener Rules and Target Groups for ALB

Example

data "aws_lb" "this" {
  name = "ExampleALB"
}

data "aws_lb_listener" "this_443" {
  load_balancer_arn = data.aws_lb.this.arn
  port              = 443
}

module "ingress" {
  source            = "./alb-ingress-rules"
  domain_names      = ["example.com", "www.example.com"]
  lb_listener_arn   = data.aws_lb_listener.this_443.arn
  health_check_path = "/health"
  ingress_port      = 8080

  target_groups_map = {
    "my-example-app-v1" = 100
  }

  vpc_id = "vpc-id1111111111111"
}

TODO

  • protocol_version: GRPC
  • protocol: GENEVE, TCP, TCP_UDP, TLS, UDP
  • target_type: instance/lambda

More info

Target groups for your Application Load Balancers

Request protocol Protocol version Result
HTTP/1.1 HTTP/1.1 Success
HTTP/2 HTTP/1.1 Success
gRPC HTTP/1.1 Error
HTTP/1.1 HTTP/2 Error
HTTP/2 HTTP/2 Success
gRPC HTTP/2 Success if targets support gRPC
HTTP/1.1 gRPC Error
HTTP/2 gRPC Success if a POST request
gRPC gRPC Success

License

Apache 2 Licensed. See LICENSE for full details.

Requirements

Name Version
terraform >= 0.14
aws >= 3.30.0

Providers

Name Version
aws >= 3.30.0

Modules

No modules.

Resources

Name Type
aws_lb_listener_certificate.this resource
aws_lb_listener_rule.this_multi_target resource
aws_lb_listener_rule.this_single_target resource
aws_lb_target_group.this resource
aws_acm_certificate.this data source

Inputs

Name Description Type Default Required
acm_domain_names List of domain names used to find TLS certificates list(string) [] no
deregistration_delay Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. number 60 no
domain_names List of domain names used to find TLS certificates and condition for rules list(string) n/a yes
enable_acm_for_domain_names Use the domain_names to find certificates. Disabled by default bool false no
enable_stickiness Enable stickiness at Target Group level. We do not manage stickiness at the group level of target groups. bool false no
health_check_advanced Advanced Health Check settings at the target group level 
object({
    healthy_threshold   = number
    interval            = number
    matcher             = string
    timeout             = number
    unhealthy_threshold = number
  })
 
{
  "healthy_threshold": 3,
  "interval": 30,
  "matcher": "200-299",
  "timeout": 5,
  "unhealthy_threshold": 3
}
 no
health_check_path Destination for the health check request. string "/" no
health_check_port Port to use to connect with the target. Valid values are either ports 1-65535. By default is 0, this is the traffic port. number 0 no
ingress_port Port for Target Group. Will be used by default when registering new IP addresses in the target group, if no other port is specified. ECS automatically specifies the port. number 80 no
lb_listener_arn ARN of Load Balancer Listener, to which the TLS certificate and rules will be added string n/a yes
load_balancing_algorithm_type Determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests string "round_robin" no
protocol Protocol to use for routing traffic to the targets string "HTTP" no
protocol_version The protocol version to use for routing traffic string "HTTP1" no
slow_start Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. number 0 no
source_ips List of source IP CIDR notations to match. Used to restrict access to the service from outside. list(string) [] no
stickiness_cookie_duration The time period, in seconds, during which requests from a client should be routed to the same target. number 3600 no
tags A map of tags to add to all resources map(string) {} no
target_groups_map n/a map(number) n/a yes
vpc_id ID of the VPC in which the Target Group will be created and in which the ALB is located string n/a yes

Outputs

Name Description
lb_target_group_arns n/a

terraform-aws-alb-ingress-rules's People

Contributors

cageyv avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.