Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/miquido/terraform-alb

Last synced: 5 days ago
JSON representation
Host: GitHub
URL: https://github.com/miquido/terraform-alb
Owner: miquido
Created: 2023-09-13T05:26:51.000Z (over 1 year ago)
Default Branch: dependabot-terraform-cloudposse-alb-aws-1.10.0
Last Pushed: 2024-11-08T17:19:39.000Z (2 months ago)
Last Synced: 2024-11-09T11:34:55.519Z (2 months ago)
Language: HCL
Size: 124 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
Awesome Lists containing this project

README

        
[![Miquido][logo]](https://www.miquido.com/)

# miquido-terraform-alb

This module Application Load Balancer along with AWS ACM TLS/SSL certificate via ACM Request

---

**Terraform Module**

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.13 |

|  [aws](#requirement\_aws) | ~> 4.7 |

|  [local](#requirement\_local) | >= 1.3 |

|  [null](#requirement\_null) | >= 2.0 |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | ~> 4.7 |

## Modules

| Name | Source | Version |

|------|--------|---------|

|  [alb](#module\_alb) | cloudposse/alb/aws | 1.10.0 |

## Resources

| Name | Type |

|------|------|

| [aws_lb_listener_rule.redirect_http_to_https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule) | resource |

| [aws_s3_bucket_public_access_block.alb-logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |

| [aws_security_group_rule.allow-http-ipv6](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |

| [aws_security_group_rule.allow-https-ipv6](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [access\_logs\_enabled](#input\_access\_logs\_enabled) | A boolean flag to enable/disable access\_logs | `bool` | `true` | no |

|  [access\_logs\_prefix](#input\_access\_logs\_prefix) | The S3 log bucket prefix | `string` | `""` | no |

|  [access\_logs\_s3\_bucket\_force\_destroy](#input\_access\_logs\_s3\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the ALB access logs S3 bucket so that the bucket can be destroyed without error | `bool` | `false` | no |

|  [acm\_certificate\_arn](#input\_acm\_certificate\_arn) | The ARN of the default SSL certificate for HTTPS listener. Required if `https_enabled` is true. | `string` | `""` | no |

|  [additional\_certs](#input\_additional\_certs) | A list of additonal certs to add to the https listerner | `list(string)` | `[]` | no |

|  [cross\_zone\_load\_balancing\_enabled](#input\_cross\_zone\_load\_balancing\_enabled) | A boolean flag to enable/disable cross zone load balancing | `bool` | `false` | no |

|  [deletion\_protection\_enabled](#input\_deletion\_protection\_enabled) | A boolean flag to enable/disable deletion protection for ALB | `bool` | `false` | no |

|  [deregistration\_delay](#input\_deregistration\_delay) | The amount of time to wait in seconds before changing the state of a deregistering target to unused | `number` | `15` | no |

|  [domain](#input\_domain) | Domain to request ACM certificate for root domain and wildcard SAN | `string` | `""` | no |

|  [enable\_redirect\_http\_to\_https](#input\_enable\_redirect\_http\_to\_https) | Attach rule to HTTP listener that redirects | `bool` | `false` | no |

|  [environment](#input\_environment) | Environment name | `string` | `""` | no |

|  [health\_check\_healthy\_threshold](#input\_health\_check\_healthy\_threshold) | The number of consecutive health checks successes required before considering an unhealthy target healthy | `number` | `2` | no |

|  [health\_check\_interval](#input\_health\_check\_interval) | The duration in seconds in between health checks | `number` | `15` | no |

|  [health\_check\_matcher](#input\_health\_check\_matcher) | The HTTP response codes to indicate a healthy check | `string` | `"200-399"` | no |

|  [health\_check\_path](#input\_health\_check\_path) | The destination for the health check request | `string` | `"/"` | no |

|  [health\_check\_timeout](#input\_health\_check\_timeout) | The amount of time to wait in seconds before failing a health check request | `number` | `10` | no |

|  [health\_check\_unhealthy\_threshold](#input\_health\_check\_unhealthy\_threshold) | The number of consecutive health check failures required before considering the target unhealthy | `number` | `2` | no |

|  [http2\_enabled](#input\_http2\_enabled) | A boolean flag to enable/disable HTTP/2 | `bool` | `true` | no |

|  [http\_enabled](#input\_http\_enabled) | A boolean flag to enable/disable HTTP listener | `bool` | `true` | no |

|  [http\_ingress\_cidr\_blocks](#input\_http\_ingress\_cidr\_blocks) | List of CIDR blocks to allow in HTTP security group | `list(string)` | 
[
  "0.0.0.0/0"
] | no |

|  [http\_ingress\_ipv6\_cidr\_blocks](#input\_http\_ingress\_ipv6\_cidr\_blocks) | List of IPv6 CIDR blocks to allow in HTTP security group | `list(string)` | [
  "::/0"
] | no |

|  [http\_ingress\_prefix\_list\_ids](#input\_http\_ingress\_prefix\_list\_ids) | List of prefix list IDs for allowing access to HTTP ingress security group | `list(string)` | `[]` | no |

|  [http\_port](#input\_http\_port) | The port for the HTTP listener | `number` | `80` | no |

|  [https\_enabled](#input\_https\_enabled) | A boolean flag to enable/disable HTTPS listener | `bool` | `true` | no |

|  [https\_ingress\_cidr\_blocks](#input\_https\_ingress\_cidr\_blocks) | List of CIDR blocks to allow in HTTPS security group | `list(string)` | [
  "0.0.0.0/0"
] | no |

|  [https\_ingress\_ipv6\_cidr\_blocks](#input\_https\_ingress\_ipv6\_cidr\_blocks) | List of IPv6 CIDR blocks to allow in HTTPS security group | `list(string)` | [
  "::/0"
] | no |

|  [https\_ingress\_prefix\_list\_ids](#input\_https\_ingress\_prefix\_list\_ids) | List of prefix list IDs for allowing access to HTTPS ingress security group | `list(string)` | `[]` | no |

|  [https\_port](#input\_https\_port) | The port for the HTTPS listener | `number` | `443` | no |

|  [https\_ssl\_policy](#input\_https\_ssl\_policy) | The name of the SSL Policy for the listener | `string` | `"ELBSecurityPolicy-2016-08"` | no |

|  [idle\_timeout](#input\_idle\_timeout) | The time in seconds that the connection is allowed to be idle | `number` | `60` | no |

|  [internal](#input\_internal) | A boolean flag to determine whether the ALB should be internal | `bool` | `false` | no |

|  [ip\_address\_type](#input\_ip\_address\_type) | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`. | `string` | `"ipv4"` | no |

|  [name](#input\_name) | Resource common name | `string` | n/a | yes |

|  [project](#input\_project) | Account/Project Name | `string` | n/a | yes |

|  [redirect\_http\_to\_https\_priority](#input\_redirect\_http\_to\_https\_priority) | HTTP Listener Rule priority | `number` | `5` | no |

|  [redirect\_http\_to\_https\_status\_code](#input\_redirect\_http\_to\_https\_status\_code) | The HTTP redirect code. The redirect is either permanent (HTTP\_301) or temporary (HTTP\_302) | `string` | `"HTTP_301"` | no |

|  [security\_group\_ids](#input\_security\_group\_ids) | A list of additional security group IDs to allow access to ALB | `list(string)` | `[]` | no |

|  [subnet\_ids](#input\_subnet\_ids) | A list of (typically public) subnet IDs to associate with ALB. | `list(string)` | n/a | yes |

|  [tags](#input\_tags) | Tags to apply on repository | `map(string)` | `{}` | no |

|  [target\_group\_additional\_tags](#input\_target\_group\_additional\_tags) | The additional tags to apply to the target group | `map(string)` | `{}` | no |

|  [target\_group\_name](#input\_target\_group\_name) | The name for the default target group, uses a module label name if left empty | `string` | `""` | no |

|  [target\_group\_port](#input\_target\_group\_port) | The port for the default target group | `number` | `80` | no |

|  [target\_group\_target\_type](#input\_target\_group\_target\_type) | The type (`instance`, `ip` or `lambda`) of targets that can be registered with the target group | `string` | `"ip"` | no |

|  [vpc\_id](#input\_vpc\_id) | The VPC ID where resources are created | `string` | n/a | yes |

## Outputs

| Name | Description |

|------|-------------|

|  [access\_logs\_bucket\_id](#output\_access\_logs\_bucket\_id) | The S3 bucket ID for access logs |

|  [alb\_arn](#output\_alb\_arn) | The ARN of the ALB |

|  [alb\_arn\_suffix](#output\_alb\_arn\_suffix) | The ARN suffix of the ALB |

|  [alb\_dns\_name](#output\_alb\_dns\_name) | DNS name of ALB |

|  [alb\_name](#output\_alb\_name) | The ARN suffix of the ALB |

|  [alb\_zone\_id](#output\_alb\_zone\_id) | The ID of the zone which ALB is provisioned |

|  [default\_target\_group\_arn](#output\_default\_target\_group\_arn) | The default target group ARN |

|  [http\_listener\_arn](#output\_http\_listener\_arn) | The ARN of the HTTP listener |

|  [https\_listener\_arn](#output\_https\_listener\_arn) | The ARN of the HTTPS listener |

|  [listener\_arns](#output\_listener\_arns) | A list of all the listener ARNs |

|  [security\_group\_id](#output\_security\_group\_id) | The security group ID of the ALB |

## Makefile Targets

```text

Available targets:

  help                                Help screen

  help/all                            Display help for all targets

  help/short                          This help short screen

  lint                                Lint Terraform code

```

## Developing

1. Make changes in terraform files

2. Regenerate documentation

    ```bash

    bash <(git archive [email protected]:miquido/terraform/terraform-readme-update.git master update.sh | tar -xO)

    ```

3. Run lint

    ```

    make lint

    ```

## Copyright

Copyright © 2017-2023 [Miquido](https://miquido.com)

### Contributors

|  [![Konrad Obal][k911_avatar]][k911_homepage]
[Konrad Obal][k911_homepage] |

|---|

  [k911_homepage]: https://github.com/k911

  [k911_avatar]: https://github.com/k911.png?size=150

  [logo]: https://www.miquido.com/img/logos/logo__miquido.svg

  [website]: https://www.miquido.com/

  [gitlab]: https://gitlab.com/miquido

  [github]: https://github.com/miquido

  [bitbucket]: https://bitbucket.org/miquido