Terraform module to create AWS ELB resources πΊπ¦
Home Page: https://registry.terraform.io/modules/terraform-aws-modules/elb/aws
License: Apache License 2.0
I suspect there may be an issue with PR #20 as it relates to the use of the access_logs field. The relevant parts of my module looks something like:
module "elb_vpn" {
source = "terraform-aws-modules/elb/aws"
version = "~> 2.0"
name = "vpn-elb"
.......
access_logs = {
bucket = "${aws_s3_bucket.logs.id}"
}
}
and the output I get when I run:
Error: Unsupported attribute
on .terraform/modules/elb_vpn/terraform-aws-modules-terraform-aws-elb-63ebc39/modules/elb/main.tf line 28, in resource "aws_elb" "this":
28: bucket = access_logs.value.bucket
This value does not have any attributes.
Error: Invalid function argument
on .terraform/modules/elb_vpn/terraform-aws-modules-terraform-aws-elb-63ebc39/modules/elb/main.tf line 29, in resource "aws_elb" "this":
29: bucket_prefix = lookup(access_logs.value, "bucket_prefix", null)
Invalid value for "inputMap" parameter: lookup() requires a map as the first
argument.
Error: Invalid function argument
on .terraform/modules/elb_vpn/terraform-aws-modules-terraform-aws-elb-63ebc39/modules/elb/main.tf line 30, in resource "aws_elb" "this":
30: interval = lookup(access_logs.value, "interval", null)
Invalid value for "inputMap" parameter: lookup() requires a map as the first
argument.
Error: Invalid function argument
on .terraform/modules/elb_vpn/terraform-aws-modules-terraform-aws-elb-63ebc39/modules/elb/main.tf line 31, in resource "aws_elb" "this":
31: enabled = lookup(access_logs.value, "enabled", true)
Invalid value for "inputMap" parameter: lookup() requires a map as the first
argument.
If I fix my version of the module to 2.0 everything works as expected.
Version info:
terraform -v
Terraform v0.12.3
+ provider.aws v2.20.0
access_logs = [
{
bucket = "${data.terraform_remote_state.base.logging_s3_bucket_id}"
bucket_prefix = "${data.terraform_remote_state.base.logging_elb_prefix}"
},
]Error: module.app_node_primary_elb.module.elb.aws_elb.this: "access_logs.0.bucket": required field is not set
https://www.terraform.io/docs/providers/aws/r/elb.html#access_logs
HI,
I'm using a Udemy course that uses this module, but I'm getting an error when I do a Terraform Plan ..could this just be a formatting error? I am quite new at this, could someone point me on the right direction please.....what kinds of things should I be thinking about when trying to troubleshoot this kind of thing?
"The given value is not suitable for child module variable "health_check" defined at .terraform/modules/elb_http/variables.tf:70,1-24: map of string required.
This is my terraform code that references it
module "elb_http" {
source = "github.com/terraform-aws-modules/terraform-aws-elb.git"
name = "elb1"
internal = "false"
subnets = ["subnet-a4a922cc", "subnet-8dcf0cf7"]
security_groups = ["sg-07b2fc6c"]
listener = [
{
instance_port = "80"
instance_protocol = "HTTP"
lb_port = "80"
lb_protocol = "HTTP"
},
]
health_check = [
{
target = "HTTP:80/"
interval = 30
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 5
},
]
}
This is the variable in the module
variable "health_check" {
description = "A health check block"
type = map(string)
}
Here is the issue: hashicorp/terraform#16582
Here is the output i'm getting:
Error: module.elb.aws_elb.base: "listener.0.instance_port": required field is not set
Error: module.elb.aws_elb.base: "listener.0.instance_protocol": required field is not set
Error: module.elb.aws_elb.base: "listener.0.lb_port": required field is not set
Error: module.elb.aws_elb.base: "listener.0.lb_protocol": required field is not set
terraform -v
Terraform v0.11.0
Hi.
Below description should say "The id of the ELB" in outputs.tf.
Thanks, James.
'''
output "elb_id" {
description = "The name of the ELB"
value = module.elb.elb_id
}
'''
Hello @antonbabenko
In a particular case where one can use a manually configured ssl_certificate_id in the ELB listener parameter in the following manner, breaks the module.
The listener configuration code below does not work as expected.
listener = [
{
instance_port = "80"
instance_protocol = "HTTP"
lb_port = "80"
lb_protocol = "HTTP"
},
{
instance_port = "8443"
instance_protocol = "HTTPS"
lb_port = "8443"
lb_protocol = "HTTPS"
ssl_certificate_id = "${data.aws_acm_certificate.elb_cert.arn}"
},
]
Above configuration throws an error:
Error: module.elb.module.elb.aws_elb.this: "listener.0.instance_port": required field is not set
Error: module.elb.module.elb.aws_elb.this: "listener.0.instance_protocol": required field is not set
Error: module.elb.module.elb.aws_elb.this: "listener.0.lb_port": required field is not set
Error: module.elb.module.elb.aws_elb.this: "listener.0.lb_protocol": required field is not set
Where as below configuration works fine:
listener = [
{
instance_port = "80"
instance_protocol = "HTTP"
lb_port = "80"
lb_protocol = "HTTP"
},
{
instance_port = "8443"
instance_protocol = "HTTPS"
lb_port = "8443"
lb_protocol = "HTTPS"
ssl_certificate_id = "arn:aws:acm:us-east-1:xxxxxxxxxxxxxx:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxx"
},
]
I have opened an issue in the Terraform repository regarding the same: hashicorp/terraform#17292
Hi there,
First off I want to thank you for creating this great module!
I just wanted to reach out if you have come across any issues regarding the outputs? I specify a list of instances for the ELB, but terraform seems to complain about the output of instances.
This is the error I get:
* module.us-west-1-ELB.module.elb.output.this_elb_instances: concat: unexpected type string in list of type list in:
${element(concat(aws_elb.this.*.instances, list("")), 0)}
Thanks for your help!
I am using it the following way:
data "aws_acm_certificate" "xxx-cert" {
domain = "xxx-xxx.systems"
statuses = ["ISSUED"]
}
module "elb-xxx" {
source = "terraform-aws-modules/elb/aws"
name = "xxx-server-${var.product}"
subnets = ["${module.vpc.public_subnets}"]
security_groups = ["${aws_security_group.external-xxx-ssh.id}"]
internal = false
listener = [
{
instance_port = "80"
instance_protocol = "http"
lb_port = "80"
lb_protocol = "http"
},
{
instance_port = "80"
instance_protocol = "http"
lb_port = "443"
lb_protocol = "https"
ssl_certificate_id = "${data.aws_acm_certificate.xxx-cert.arn}"
},
]
receiving the following error:
Error: module.elb-xx.module.elb.aws_elb.this: "listener.0.instance_port": required field is not set
Error: module.elb-xx.module.elb.aws_elb.this: "listener.0.instance_protocol": required field is not set
Error: module.elb-xx.module.elb.aws_elb.this: "listener.0.lb_port": required field is not set
Error: module.elb-xx.module.elb.aws_elb.this: "listener.0.lb_protocol": required field is not set
Hello,
How I can attach ssl_certificate_id from another module output? Now module accept only plain-text based attach.
Example of ssl_certificate_id attachment
listener = [ { instance_port = 80 instance_protocol = "HTTP" lb_port = 80 lb_protocol = "HTTP" }, { instance_port = 443 instance_protocol = "HTTPS" lb_port = 443 lb_protocol = "HTTPS" ssl_certificate_id = "${module.certificate1.cert_arn}" }, ]
And effect in apply
+ listener { + instance_port = 443 + instance_protocol = "HTTPS" + lb_port = 443 + lb_protocol = "HTTPS" } + listener { + instance_port = 80 + instance_protocol = "HTTP" + lb_port = 80 + lb_protocol = "HTTP" }
But when I type any plain-text based arn in ssl_certificate_id it's look like working.
When I tried to pass ssl_certificate_id in listener
listener = [
{
instance_port = "389"
instance_protocol = "TCP"
lb_port = "636"
lb_protocol = "SSL"
ssl_certificate_id = "${module.ldap_elb_certificate.arn}"
},
]
Error: module.ldap_elb.module.elb.aws_elb.this: "listener.0.instance_port": required field is not set
Error: module.ldap_elb.module.elb.aws_elb.this: "listener.0.instance_protocol": required field is not set
Error: module.ldap_elb.module.elb.aws_elb.this: "listener.0.lb_port": required field is not set
Error: module.ldap_elb.module.elb.aws_elb.this: "listener.0.lb_protocol": required field is not set
I believe the new addition of the provider source is causing terraform validate checks to throw warnings.
If we want to include this change it would also need a version bump to terraform 0.13
Warning: Provider source not supported in Terraform v0.12
on .terraform/modules/elb/modules/elb_attachment/versions.tf line 5, in terraform:
5: aws = {
6: source = "hashicorp/aws"
7: version = ">= 2.20"
8: }
A source was declared for provider aws. Terraform v0.12 does not support the
provider source attribute. It will be ignored.Line 6 in 78b026a
Hello,
Is it possible to have an optional parameter ssl_certificate_id on this module? This is useful when one wants to deploy the ELB with AWS ACM generated SSL certificate. This resource, created manually, is exposed by a Terraform data source aws_acm_certificate and can be passed to the module when required.
it fails if i add listener like that:
listener = [
{
instance_port = "8020"
instance_protocol = "HTTP"
lb_port = "443"
lb_protocol = "SSL"
ssl_certificate_id = "${module.cert.cert_arn}"
},
]Not sure if this a bug but running into this . see my code below:
module "apps-elb" {
source = "terraform-aws-modules/elb/aws"
version = "~> 2.0"
name = local.formatted_apps_lb_name
subnets = var.subnets
security_groups = [aws_security_group.apps-elb.id]
internal = true
listener = [
{
instance_port = "30080"
instance_protocol = "TCP"
lb_port = "80"
lb_protocol = "tcp"
},
{
instance_port = "30443"
instance_protocol = "TCP"
lb_port = "443"
lb_protocol = "tcp"
},
]
health_check = {
target = "TCP:30080"
interval = 10
healthy_threshold = 2
unhealthy_threshold = 6
timeout = 5
}
module "admin-elb" {
source = "terraform-aws-modules/elb/aws"
version = "~> 2.0"
name = local.formatted_admin_lb_name
subnets = var.subnets
security_groups = [aws_security_group.admin-elb.id]
internal = true
listener = [
{
instance_port = "32020"
instance_protocol = "TCP"
lb_port = "15020"
lb_protocol = "tcp"
},
{
instance_port = "31080"
instance_protocol = "TCP"
lb_port = "80"
lb_protocol = "tcp"
},
{
instance_port = "32443"
instance_protocol = "TCP"
lb_port = "443"
lb_protocol = "tcp"
},
{
instance_port = "32029"
instance_protocol = "TCP"
lb_port = "15029"
lb_protocol = "tcp"
},
{
instance_port = "32030"
instance_protocol = "TCP"
lb_port = "15030"
lb_protocol = "tcp"
},
{
instance_port = "32031"
instance_protocol = "TCP"
lb_port = "15031"
lb_protocol = "tcp"
},
{
instance_port = "32032"
instance_protocol = "TCP"
lb_port = "15032"
lb_protocol = "tcp"
},
{
instance_port = "32400"
instance_protocol = "TCP"
lb_port = "31400"
lb_protocol = "tcp"
},
{
instance_port = "32444"
instance_protocol = "TCP"
lb_port = "15443"
lb_protocol = "tcp"
},
]
My local TF version: 1.3.7, and I am calling this from a terragrunt file and have enable_cross_zone_load_balancing = true
See the errror:
module.admin-elb.module.elb.aws_elb.this[0]: Creating...
β·
β Error: creating ELB Classic Load Balancer (p1-cnap-dev-nv-adm-lb): InvalidConfigurationRequest: ELB cannot be attached to multiple subnets in the same AZ.
β status code: 409, request id: 1cc6b458-aa4c-4acb-8b1d-04d965893a55
β
β with module.admin-elb.module.elb.aws_elb.this[0],
β on .terraform/modules/admin-elb/modules/elb/main.tf line 1, in resource "aws_elb" "this":
β 1: resource "aws_elb" "this" {
β
β΅
β·
β Error: creating ELB Classic Load Balancer (p1-cnap-dev-nv-apps-lb): InvalidConfigurationRequest: ELB cannot be attached to multiple subnets in the same AZ.
β status code: 409, request id: a0bbba43-be2a-43fe-a177-4c85e835316b
β
β with module.apps-elb.module.elb.aws_elb.this[0],
β on .terraform/modules/apps-elb/modules/elb/main.tf line 1, in resource "aws_elb" "this":
β 1: resource "aws_elb" "this" {
Would appreciate a lift please. Thanks
Hi!
Sorry for my bad english.
I trying use this module, but when I add an ARN from SSL certificate, this message are showing to me:
terraform apply myplan
module.elb_http.module.elb.aws_elb.this: Creating...
Error: Error creating ELB: ValidationError: Secure Listeners need to specify a SSLCertificateId
status code: 400, request id: id-for-my-request1
on .terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf line 1, in resource "aws_elb" "this":
1: resource "aws_elb" "this" {
For test, I changing this file:
.terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf
And, changing the ssl_certificate_id parameter, of lookup(listener.value, "ssl_certificate_id", null) to my ARN from my Certificate, the ACM module and ELB work normally.
If anyone has been through this, thank you if you can help, if it is bad configuration on my part, I apologize.
Terraform Version: Terraform v0.12.18
provider.aws v2.43.0
ACM module version: 2.0
ELB_HTTP module version: 2.0
OS: Ubuntu 19.04
Regards!
Other AWS modules, like the ALB module, have a variable that will enable/disable the entire module. See the ALB example.
To stay in-line with other modules, I think this one should also offer such a feature.
Is there a way to attach autoscaled instances?
Hello
Im using this module, but since today with version 1.3.0 it does not work anymore.
Configuration:
module "elb_xxxx" "xxx_xxxx" {
source = "terraform-aws-modules/elb/aws"
name = "${var.prefix}xxxx"
subnets = "${module.vpc.xxxx}"
security_groups = [
"${aws_security_group.sg_xxxx.id}"
]
number_of_instances = "${var.xxxx_count}"
instances = "${aws_instance.xxxx.*.id}"
internal = false
listener = [
{
instance_port = "443"
instance_protocol = "TCP"
lb_port = "443"
lb_protocol = "TCP"
},
{
instance_port = "80"
instance_protocol = "HTTP"
lb_port = "80"
lb_protocol = "HTTP"
}
]
health_check = [
{
target = "TCP:80"
interval = 30
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 5
},
]
}
Error message:
${element(concat(aws_elb.this.*.instances, list("")), 0)}
* module.xxxx.module.elb.output.this_elb_instances: concat: unexpected type string in list of type list in:
It still works with 1.2.0...
Using the latest
Terraform v0.11.13
+ provider.aws v2.7.0
I've setup using the latest ELB for haproxy with healthcheck
module "elb" {
source = "terraform-aws-modules/elb/aws"
version = "1.4.1"
instances = ["${aws_instance.haproxy.*.id}"]
health_check = [
...
And have my haproxy life_cycle to create_before_destroy
resource "aws_instance" "haproxy" {
count = "1"
...
lifecycle {
create_before_destroy = true
prevent_destroy = false
ignore_changes = [
"security_groups",
]
}
}
However I've confirmed https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#LoadBalancers: still removes my existing running haproxy from the ELB leading to unavailability while it still waits for the haproxy instance to complete setup.
$ terraform apply
module.elb.module.elb_attachment.aws_elb_attachment.this: Destroying... (ID: haproxy-elb-...)
aws_instance.haproxy: Creating...
...
module.elb.module.elb_attachment.aws_elb_attachment.this: Destruction complete after 0s
aws_instance.haproxy: Still creating... (10s elapsed)
...
aws_instance.haproxy: Creation complete after 4m51s (ID: i-...)
aws_instance.haproxy.deposed: Destroying... (ID: i-...)
module.elb.module.elb_attachment.aws_elb_attachment.this: Creating...
elb: "" => "haproxy-elb"
instance: "" => "i-..."
module.elb.module.elb_attachment.aws_elb_attachment.this: Creation complete after 0s (ID: haproxy-elb-...)
aws_instance.haproxy (deposed #0): Still destroying... (ID: i-..., 10s elapsed)
aws_instance.haproxy (deposed #0): Still destroying... (ID: i-..., 20s elapsed)
aws_instance.haproxy (deposed #0): Still destroying... (ID: i-..., 30s elapsed)
aws_instance.haproxy.deposed: Destruction complete after 31s
Apply complete! Resources: 2 added, 0 changed, 2 destroyed.
Hi,
I'm having issues with ELB https://api.github.com/repos/terraform-aws-modules/terraform-aws-elb/tarball/v2.0.0?archive=tar.gz,
Error parsing .terraform\modules\d7663295c63e6e50f0f0ba502c8e8cb5\terraform-aws-modules-terraform-aws-elb-c6f9dc5\main.tf: At 7:17: Unknown token: 7:17 IDENT var.name
do I have to define variable?
With the current code, if I do not specify anything for "access_logs" I get an error:
Error: Error in function call
on .terraform\modules\elb\terraform-aws-modules-terraform-aws-elb-c6f9dc5\modules\elb\main.tf line 26, in resource "aws_elb" "this":
26: bucket = lookup(var.access_logs, "bucket")
|----------------
| var.access_logs is empty map of string
Call to function "lookup" failed: lookup failed to find 'bucket'.
The way the code is written in the module currently means that you cannot avoid specifying a value for access_logs:
access_logs {
bucket = lookup(var.access_logs, "bucket")
bucket_prefix = lookup(var.access_logs, "bucket_prefix", null)
interval = lookup(var.access_logs, "interval", null)
enabled = lookup(var.access_logs, "enabled", true)
}
If this code is changed to the following it functions correctly as an optional value:
dynamic "access_logs" {
for_each = var.access_logs
content {
bucket = access_logs.value.bucket
bucket_prefix = lookup(access_logs.value, "bucket_prefix", null)
interval = lookup(access_logs.value, "interval", null)
enabled = lookup(access_logs.value, "enabled", true)
}
}
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google β€οΈ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.