{"id":13505604,"url":"https://github.com/terraform-aws-modules/terraform-aws-alb","last_synced_at":"2025-04-13T08:57:07.963Z","repository":{"id":37822284,"uuid":"104858991","full_name":"terraform-aws-modules/terraform-aws-alb","owner":"terraform-aws-modules","description":"Terraform module to create AWS Application/Network Load Balancer (ALB/NLB) resources πŸ‡ΊπŸ‡¦","archived":false,"fork":false,"pushed_at":"2024-10-25T07:43:49.000Z","size":433,"stargazers_count":438,"open_issues_count":1,"forks_count":674,"subscribers_count":23,"default_branch":"master","last_synced_at":"2024-10-29T17:11:45.616Z","etag":null,"topics":["alb","application-load-balancer","aws","network-load-balancer","nlb","terraform-module"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/terraform-aws-modules/alb/aws","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/terraform-aws-modules.png","metadata":{"funding":{"github":["antonbabenko"],"custom":"https://www.paypal.me/antonbabenko"},"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-26T08:39:49.000Z","updated_at":"2024-10-28T18:37:55.000Z","dependencies_parsed_at":"2023-10-28T22:26:40.059Z","dependency_job_id":"9496e460-f44c-4315-8137-0b39587e6135","html_url":"https://github.com/terraform-aws-modules/terraform-aws-alb","commit_stats":{"total_commits":221,"total_committers":75,"mean_commits":"2.9466666666666668","dds":0.7692307692307692,"last_synced_commit":"e7ff03d4dc110ca1ee5486a1b154a20e5d7daf44"},"previous_names":[],"tags_count":83,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-alb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-alb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-alb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-alb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/terraform-aws-modules","download_url":"https://codeload.github.com/terraform-aws-modules/terraform-aws-alb/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248688543,"owners_count":21145764,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alb","application-load-balancer","aws","network-load-balancer","nlb","terraform-module"],"created_at":"2024-08-01T00:01:10.557Z","updated_at":"2025-04-13T08:57:07.944Z","avatar_url":"https://github.com/terraform-aws-modules.png","language":"HCL","funding_links":["https://github.com/sponsors/antonbabenko","https://www.paypal.me/antonbabenko"],"categories":["Community Modules"],"sub_categories":["Miscellaneous"],"readme":"# AWS Application and Network Load Balancer (ALB \u0026 NLB) Terraform module\n\nTerraform module which creates Application and Network Load Balancer resources on AWS.\n\n[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)\n\n## Usage\n\nWhen you're using ALB Listener rules, make sure that every rule's `actions` block ends in a `forward`, `redirect`, or `fixed-response` action so that every rule will resolve to some sort of an HTTP response. Checkout the [AWS documentation](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-rules.html) for more information.\n\n### Application Load Balancer\n\n#### HTTP to HTTPS redirect\n\n```hcl\nmodule \"alb\" {\n source = \"terraform-aws-modules/alb/aws\"\n\n name = \"my-alb\"\n vpc_id = \"vpc-abcde012\"\n subnets = [\"subnet-abcde012\", \"subnet-bcde012a\"]\n\n # Security Group\n security_group_ingress_rules = {\n all_http = {\n from_port = 80\n to_port = 80\n ip_protocol = \"tcp\"\n description = \"HTTP web traffic\"\n cidr_ipv4 = \"0.0.0.0/0\"\n }\n all_https = {\n from_port = 443\n to_port = 443\n ip_protocol = \"tcp\"\n description = \"HTTPS web traffic\"\n cidr_ipv4 = \"0.0.0.0/0\"\n }\n }\n security_group_egress_rules = {\n all = {\n ip_protocol = \"-1\"\n cidr_ipv4 = \"10.0.0.0/16\"\n }\n }\n\n access_logs = {\n bucket = \"my-alb-logs\"\n }\n\n listeners = {\n ex-http-https-redirect = {\n port = 80\n protocol = \"HTTP\"\n redirect = {\n port = \"443\"\n protocol = \"HTTPS\"\n status_code = \"HTTP_301\"\n }\n }\n ex-https = {\n port = 443\n protocol = \"HTTPS\"\n certificate_arn = \"arn:aws:iam::123456789012:server-certificate/test_cert-123456789012\"\n\n forward = {\n target_group_key = \"ex-instance\"\n }\n }\n }\n\n target_groups = {\n ex-instance = {\n name_prefix = \"h1\"\n protocol = \"HTTP\"\n port = 80\n target_type = \"instance\"\n target_id = \"i-0f6d38a07d50d080f\"\n }\n }\n\n tags = {\n Environment = \"Development\"\n Project = \"Example\"\n }\n}\n```\n\n#### Cognito authentication\n\n```hcl\nmodule \"alb\" {\n source = \"terraform-aws-modules/alb/aws\"\n\n # Truncated for brevity ...\n\n listeners = {\n ex-http-https-redirect = {\n port = 80\n protocol = \"HTTP\"\n redirect = {\n port = \"443\"\n protocol = \"HTTPS\"\n status_code = \"HTTP_301\"\n }\n }\n ex-cognito = {\n port = 444\n protocol = \"HTTPS\"\n certificate_arn = \"arn:aws:iam::123456789012:server-certificate/test_cert-123456789012\"\n\n authenticate_cognito = {\n authentication_request_extra_params = {\n display = \"page\"\n prompt = \"login\"\n }\n on_unauthenticated_request = \"authenticate\"\n session_cookie_name = \"session-${local.name}\"\n session_timeout = 3600\n user_pool_arn = \"arn:aws:cognito-idp:us-west-2:123456789012:userpool/us-west-2_abcdefghi\"\n user_pool_client_id = \"us-west-2_fak3p001B\"\n user_pool_domain = \"https://fak3p001B.auth.us-west-2.amazoncognito.com\"\n }\n\n forward = {\n target_group_key = \"ex-instance\"\n }\n\n rules = {\n ex-oidc = {\n priority = 2\n\n actions = [\n {\n type = \"authenticate-oidc\"\n authentication_request_extra_params = {\n display = \"page\"\n prompt = \"login\"\n }\n authorization_endpoint = \"https://foobar.com/auth\"\n client_id = \"client_id\"\n client_secret = \"client_secret\"\n issuer = \"https://foobar.com\"\n token_endpoint = \"https://foobar.com/token\"\n user_info_endpoint = \"https://foobar.com/user_info\"\n },\n {\n type = \"forward\"\n target_group_key = \"ex-instance\"\n }\n ]\n }\n }\n }\n }\n}\n```\n\n#### Cognito authentication on certain paths, redirects for others\n\n```hcl\nmodule \"alb\" {\n source = \"terraform-aws-modules/alb/aws\"\n\n # Truncated for brevity ...\n\n listeners = {\n https = {\n port = 443\n protocol = \"HTTPS\"\n certificate_arn = \"arn:aws:iam::123456789012:server-certificate/test_cert-123456789012\"\n\n forward = {\n target_group_key = \"instance\"\n }\n\n rules = {\n redirect = {\n priority = 5000\n actions = [{\n type = \"redirect\"\n status_code = \"HTTP_302\"\n host = \"www.youtube.com\"\n path = \"/watch\"\n query = \"v=dQw4w9WgXcQ\"\n protocol = \"HTTPS\"\n }]\n\n conditions = [{\n path_pattern = {\n values = [\"/onboarding\", \"/docs\"]\n }\n }]\n }\n\n cognito = {\n priority = 2\n actions = [\n {\n type = \"authenticate-cognito\"\n user_pool_arn = \"arn:aws:cognito-idp::123456789012:userpool/test-pool\"\n user_pool_client_id = \"6oRmFiS0JHk=\"\n user_pool_domain = \"test-domain-com\"\n },\n {\n type = \"forward\"\n target_group_key = \"instance\"\n }\n ]\n\n conditions = [{\n path_pattern = {\n values = [\"/protected-route\", \"private/*\"]\n }\n }]\n }\n }\n }\n }\n\n target_groups = {\n instance = {\n name_prefix = \"default\"\n protocol = \"HTTPS\"\n port = 443\n target_type = \"instance\"\n target_id = \"i-0f6d38a07d50d080f\"\n }\n }\n}\n```\n\n### Network Load Balancer\n\n#### TCP_UDP, UDP, TCP and TLS listeners\n\n```hcl\nmodule \"nlb\" {\n source = \"terraform-aws-modules/alb/aws\"\n\n name = \"my-nlb\"\n load_balancer_type = \"network\"\n vpc_id = \"vpc-abcde012\"\n subnets = [\"subnet-abcde012\", \"subnet-bcde012a\"]\n\n # Security Group\n enforce_security_group_inbound_rules_on_private_link_traffic = \"on\"\n security_group_ingress_rules = {\n all_http = {\n from_port = 80\n to_port = 82\n ip_protocol = \"tcp\"\n description = \"HTTP web traffic\"\n cidr_ipv4 = \"0.0.0.0/0\"\n }\n all_https = {\n from_port = 443\n to_port = 445\n ip_protocol = \"tcp\"\n description = \"HTTPS web traffic\"\n cidr_ipv4 = \"0.0.0.0/0\"\n }\n }\n security_group_egress_rules = {\n all = {\n ip_protocol = \"-1\"\n cidr_ipv4 = \"10.0.0.0/16\"\n }\n }\n\n access_logs = {\n bucket = \"my-nlb-logs\"\n }\n\n listeners = {\n ex-tcp-udp = {\n port = 81\n protocol = \"TCP_UDP\"\n forward = {\n target_group_key = \"ex-target\"\n }\n }\n\n ex-udp = {\n port = 82\n protocol = \"UDP\"\n forward = {\n target_group_key = \"ex-target\"\n }\n }\n\n ex-tcp = {\n port = 83\n protocol = \"TCP\"\n forward = {\n target_group_key = \"ex-target\"\n }\n }\n\n ex-tls = {\n port = 84\n protocol = \"TLS\"\n certificate_arn = \"arn:aws:iam::123456789012:server-certificate/test_cert-123456789012\"\n forward = {\n target_group_key = \"ex-target\"\n }\n }\n }\n\n target_groups = {\n ex-target = {\n name_prefix = \"pref-\"\n protocol = \"TCP\"\n port = 80\n target_type = \"ip\"\n target_id = \"10.0.47.1\"\n }\n }\n\n tags = {\n Environment = \"Development\"\n Project = \"Example\"\n }\n}\n```\n\n## Conditional creation\n\nThe following values are provided to toggle on/off creation of the associated resources as desired:\n\n```hcl\nmodule \"alb\" {\n source = \"terraform-aws-modules/alb/aws\"\n\n # Disable creation of the LB and all resources\n create = false\n\n # ... omitted\n}\n```\n\n## Examples\n\n- [Complete Application Load Balancer](https://github.com/terraform-aws-modules/terraform-aws-alb/tree/master/examples/complete-alb)\n- [Complete Network Load Balancer](https://github.com/terraform-aws-modules/terraform-aws-alb/tree/master/examples/complete-nlb)\n\nSee [patterns.md](https://github.com/terraform-aws-modules/terraform-aws-alb/blob/master/docs/patterns.md) for additional configuration snippets for common usage patterns.\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.0 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 5.93 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | \u003e= 5.93 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_lambda_permission.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lb.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb) | resource |\n| [aws_lb_listener.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |\n| [aws_lb_listener_certificate.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_certificate) | resource |\n| [aws_lb_listener_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule) | resource |\n| [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |\n| [aws_lb_target_group_attachment.additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group_attachment) | resource |\n| [aws_lb_target_group_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group_attachment) | resource |\n| [aws_route53_record.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |\n| [aws_security_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_vpc_security_group_egress_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_egress_rule) | resource |\n| [aws_vpc_security_group_ingress_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource |\n| [aws_wafv2_web_acl_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_web_acl_association) | resource |\n| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_access_logs\"\u003e\u003c/a\u003e [access\\_logs](#input\\_access\\_logs) | Map containing access logging configuration for load balancer | `map(string)` | `{}` | no |\n| \u003ca name=\"input_additional_target_group_attachments\"\u003e\u003c/a\u003e [additional\\_target\\_group\\_attachments](#input\\_additional\\_target\\_group\\_attachments) | Map of additional target group attachments to create. Use `target_group_key` to attach to the target group created in `target_groups` | `any` | `{}` | no |\n| \u003ca name=\"input_associate_web_acl\"\u003e\u003c/a\u003e [associate\\_web\\_acl](#input\\_associate\\_web\\_acl) | Indicates whether a Web Application Firewall (WAF) ACL should be associated with the load balancer | `bool` | `false` | no |\n| \u003ca name=\"input_client_keep_alive\"\u003e\u003c/a\u003e [client\\_keep\\_alive](#input\\_client\\_keep\\_alive) | Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds. | `number` | `null` | no |\n| \u003ca name=\"input_connection_logs\"\u003e\u003c/a\u003e [connection\\_logs](#input\\_connection\\_logs) | Map containing access logging configuration for load balancer | `map(string)` | `{}` | no |\n| \u003ca name=\"input_create\"\u003e\u003c/a\u003e [create](#input\\_create) | Controls if resources should be created (affects nearly all resources) | `bool` | `true` | no |\n| \u003ca name=\"input_create_security_group\"\u003e\u003c/a\u003e [create\\_security\\_group](#input\\_create\\_security\\_group) | Determines if a security group is created | `bool` | `true` | no |\n| \u003ca name=\"input_customer_owned_ipv4_pool\"\u003e\u003c/a\u003e [customer\\_owned\\_ipv4\\_pool](#input\\_customer\\_owned\\_ipv4\\_pool) | The ID of the customer owned ipv4 pool to use for this load balancer | `string` | `null` | no |\n| \u003ca name=\"input_default_port\"\u003e\u003c/a\u003e [default\\_port](#input\\_default\\_port) | Default port used across the listener and target group | `number` | `80` | no |\n| \u003ca name=\"input_default_protocol\"\u003e\u003c/a\u003e [default\\_protocol](#input\\_default\\_protocol) | Default protocol used across the listener and target group | `string` | `\"HTTP\"` | no |\n| \u003ca name=\"input_desync_mitigation_mode\"\u003e\u003c/a\u003e [desync\\_mitigation\\_mode](#input\\_desync\\_mitigation\\_mode) | Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest` | `string` | `null` | no |\n| \u003ca name=\"input_dns_record_client_routing_policy\"\u003e\u003c/a\u003e [dns\\_record\\_client\\_routing\\_policy](#input\\_dns\\_record\\_client\\_routing\\_policy) | Indicates how traffic is distributed among the load balancer Availability Zones. Possible values are any\\_availability\\_zone (default), availability\\_zone\\_affinity, or partial\\_availability\\_zone\\_affinity. Only valid for network type load balancers. | `string` | `null` | no |\n| \u003ca name=\"input_drop_invalid_header_fields\"\u003e\u003c/a\u003e [drop\\_invalid\\_header\\_fields](#input\\_drop\\_invalid\\_header\\_fields) | Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (`true`) or routed to targets (`false`). The default is `true`. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application` | `bool` | `true` | no |\n| \u003ca name=\"input_enable_cross_zone_load_balancing\"\u003e\u003c/a\u003e [enable\\_cross\\_zone\\_load\\_balancing](#input\\_enable\\_cross\\_zone\\_load\\_balancing) | If `true`, cross-zone load balancing of the load balancer will be enabled. For application load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `true` | `bool` | `true` | no |\n| \u003ca name=\"input_enable_deletion_protection\"\u003e\u003c/a\u003e [enable\\_deletion\\_protection](#input\\_enable\\_deletion\\_protection) | If `true`, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to `true` | `bool` | `true` | no |\n| \u003ca name=\"input_enable_http2\"\u003e\u003c/a\u003e [enable\\_http2](#input\\_enable\\_http2) | Indicates whether HTTP/2 is enabled in application load balancers. Defaults to `true` | `bool` | `null` | no |\n| \u003ca name=\"input_enable_tls_version_and_cipher_suite_headers\"\u003e\u003c/a\u003e [enable\\_tls\\_version\\_and\\_cipher\\_suite\\_headers](#input\\_enable\\_tls\\_version\\_and\\_cipher\\_suite\\_headers) | Indicates whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_enable_waf_fail_open\"\u003e\u003c/a\u003e [enable\\_waf\\_fail\\_open](#input\\_enable\\_waf\\_fail\\_open) | Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_enable_xff_client_port\"\u003e\u003c/a\u003e [enable\\_xff\\_client\\_port](#input\\_enable\\_xff\\_client\\_port) | Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_enable_zonal_shift\"\u003e\u003c/a\u003e [enable\\_zonal\\_shift](#input\\_enable\\_zonal\\_shift) | Whether zonal shift is enabled | `bool` | `null` | no |\n| \u003ca name=\"input_enforce_security_group_inbound_rules_on_private_link_traffic\"\u003e\u003c/a\u003e [enforce\\_security\\_group\\_inbound\\_rules\\_on\\_private\\_link\\_traffic](#input\\_enforce\\_security\\_group\\_inbound\\_rules\\_on\\_private\\_link\\_traffic) | Indicates whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values are on and off. | `string` | `null` | no |\n| \u003ca name=\"input_idle_timeout\"\u003e\u003c/a\u003e [idle\\_timeout](#input\\_idle\\_timeout) | The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: `60` | `number` | `null` | no |\n| \u003ca name=\"input_internal\"\u003e\u003c/a\u003e [internal](#input\\_internal) | If true, the LB will be internal. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_ip_address_type\"\u003e\u003c/a\u003e [ip\\_address\\_type](#input\\_ip\\_address\\_type) | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack` | `string` | `null` | no |\n| \u003ca name=\"input_listeners\"\u003e\u003c/a\u003e [listeners](#input\\_listeners) | Map of listener configurations to create | `any` | `{}` | no |\n| \u003ca name=\"input_load_balancer_type\"\u003e\u003c/a\u003e [load\\_balancer\\_type](#input\\_load\\_balancer\\_type) | The type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application` | `string` | `\"application\"` | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen | `string` | `null` | no |\n| \u003ca name=\"input_name_prefix\"\u003e\u003c/a\u003e [name\\_prefix](#input\\_name\\_prefix) | Creates a unique name beginning with the specified prefix. Conflicts with `name` | `string` | `null` | no |\n| \u003ca name=\"input_preserve_host_header\"\u003e\u003c/a\u003e [preserve\\_host\\_header](#input\\_preserve\\_host\\_header) | Indicates whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_putin_khuylo\"\u003e\u003c/a\u003e [putin\\_khuylo](#input\\_putin\\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no |\n| \u003ca name=\"input_route53_records\"\u003e\u003c/a\u003e [route53\\_records](#input\\_route53\\_records) | Map of Route53 records to create. Each record map should contain `zone_id`, `name`, and `type` | `any` | `{}` | no |\n| \u003ca name=\"input_security_group_description\"\u003e\u003c/a\u003e [security\\_group\\_description](#input\\_security\\_group\\_description) | Description of the security group created | `string` | `null` | no |\n| \u003ca name=\"input_security_group_egress_rules\"\u003e\u003c/a\u003e [security\\_group\\_egress\\_rules](#input\\_security\\_group\\_egress\\_rules) | Security group egress rules to add to the security group created | `any` | `{}` | no |\n| \u003ca name=\"input_security_group_ingress_rules\"\u003e\u003c/a\u003e [security\\_group\\_ingress\\_rules](#input\\_security\\_group\\_ingress\\_rules) | Security group ingress rules to add to the security group created | `any` | `{}` | no |\n| \u003ca name=\"input_security_group_name\"\u003e\u003c/a\u003e [security\\_group\\_name](#input\\_security\\_group\\_name) | Name to use on security group created | `string` | `null` | no |\n| \u003ca name=\"input_security_group_tags\"\u003e\u003c/a\u003e [security\\_group\\_tags](#input\\_security\\_group\\_tags) | A map of additional tags to add to the security group created | `map(string)` | `{}` | no |\n| \u003ca name=\"input_security_group_use_name_prefix\"\u003e\u003c/a\u003e [security\\_group\\_use\\_name\\_prefix](#input\\_security\\_group\\_use\\_name\\_prefix) | Determines whether the security group name (`security_group_name`) is used as a prefix | `bool` | `true` | no |\n| \u003ca name=\"input_security_groups\"\u003e\u003c/a\u003e [security\\_groups](#input\\_security\\_groups) | A list of security group IDs to assign to the LB | `list(string)` | `[]` | no |\n| \u003ca name=\"input_subnet_mapping\"\u003e\u003c/a\u003e [subnet\\_mapping](#input\\_subnet\\_mapping) | A list of subnet mapping blocks describing subnets to attach to load balancer | `list(map(string))` | `[]` | no |\n| \u003ca name=\"input_subnets\"\u003e\u003c/a\u003e [subnets](#input\\_subnets) | A list of subnet IDs to attach to the LB. Subnets cannot be updated for Load Balancers of type `network`. Changing this value for load balancers of type `network` will force a recreation of the resource | `list(string)` | `null` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |\n| \u003ca name=\"input_target_groups\"\u003e\u003c/a\u003e [target\\_groups](#input\\_target\\_groups) | Map of target group configurations to create | `any` | `{}` | no |\n| \u003ca name=\"input_timeouts\"\u003e\u003c/a\u003e [timeouts](#input\\_timeouts) | Create, update, and delete timeout configurations for the load balancer | `map(string)` | `{}` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | Identifier of the VPC where the security group will be created | `string` | `null` | no |\n| \u003ca name=\"input_web_acl_arn\"\u003e\u003c/a\u003e [web\\_acl\\_arn](#input\\_web\\_acl\\_arn) | Web Application Firewall (WAF) ARN of the resource to associate with the load balancer | `string` | `null` | no |\n| \u003ca name=\"input_xff_header_processing_mode\"\u003e\u003c/a\u003e [xff\\_header\\_processing\\_mode](#input\\_xff\\_header\\_processing\\_mode) | Determines how the load balancer modifies the X-Forwarded-For header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append` | `string` | `null` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_arn\"\u003e\u003c/a\u003e [arn](#output\\_arn) | The ID and ARN of the load balancer we created |\n| \u003ca name=\"output_arn_suffix\"\u003e\u003c/a\u003e [arn\\_suffix](#output\\_arn\\_suffix) | ARN suffix of our load balancer - can be used with CloudWatch |\n| \u003ca name=\"output_dns_name\"\u003e\u003c/a\u003e [dns\\_name](#output\\_dns\\_name) | The DNS name of the load balancer |\n| \u003ca name=\"output_id\"\u003e\u003c/a\u003e [id](#output\\_id) | The ID and ARN of the load balancer we created |\n| \u003ca name=\"output_listener_rules\"\u003e\u003c/a\u003e [listener\\_rules](#output\\_listener\\_rules) | Map of listeners rules created and their attributes |\n| \u003ca name=\"output_listeners\"\u003e\u003c/a\u003e [listeners](#output\\_listeners) | Map of listeners created and their attributes |\n| \u003ca name=\"output_route53_records\"\u003e\u003c/a\u003e [route53\\_records](#output\\_route53\\_records) | The Route53 records created and attached to the load balancer |\n| \u003ca name=\"output_security_group_arn\"\u003e\u003c/a\u003e [security\\_group\\_arn](#output\\_security\\_group\\_arn) | Amazon Resource Name (ARN) of the security group |\n| \u003ca name=\"output_security_group_id\"\u003e\u003c/a\u003e [security\\_group\\_id](#output\\_security\\_group\\_id) | ID of the security group |\n| \u003ca name=\"output_target_groups\"\u003e\u003c/a\u003e [target\\_groups](#output\\_target\\_groups) | Map of target groups created and their attributes |\n| \u003ca name=\"output_zone_id\"\u003e\u003c/a\u003e [zone\\_id](#output\\_zone\\_id) | The zone\\_id of the load balancer to assist with creating DNS records |\n\u003c!-- END_TF_DOCS --\u003e\n\n## Authors\n\nModule is maintained by [Anton Babenko](https://github.com/antonbabenko) with help from [these awesome contributors](https://github.com/terraform-aws-modules/terraform-aws-alb/graphs/contributors).\n\n## License\n\nApache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-aws-alb/tree/master/LICENSE) for full details.\n\n## Additional information for users from Russia and Belarus\n\n- Russia has [illegally annexed Crimea in 2014](https://en.wikipedia.org/wiki/Annexation_of_Crimea_by_the_Russian_Federation) and [brought the war in Donbas](https://en.wikipedia.org/wiki/War_in_Donbas) followed by [full-scale invasion of Ukraine in 2022](https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine).\n- Russia has brought sorrow and devastations to millions of Ukrainians, killed hundreds of innocent people, damaged thousands of buildings, and forced several million people to flee.\n- [Putin khuylo!](https://en.wikipedia.org/wiki/Putin_khuylo!)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-alb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-alb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-alb/lists"}