Terraform AWS Application Load Balancer module Terraform module for AWS provider which creates aws_lb* resources
AWS ALB redirect from HTTP to HTTPS module "alb" {
source = " edelwud/alb/aws" version = " x.x.x" name = " redirect-http-https" type = " application" internal = false
subnets = . vpc . public_subnets
security_groups = module . vpc . default_security_group_id ,
module . lb_sg . security_group_id
]
listeners = " http-to-https" = {
port = 80
protocol = " HTTP" = {
port = " 443" = " HTTPS" = " HTTP_301" " https" = {
port = 433
protocol = " HTTPS" = " ELBSecurityPolicy-2016-08" = aws_acm_certificate.example.arn
fixed_response = {
content_type = " text/plain" = " Fixed response content" = " 200" module "alb" {
source = " edelwud/alb/aws" version = " x.x.x" name = " listener-rules" type = " application" internal = false
subnets = . vpc . public_subnets
security_groups = module . vpc . default_security_group_id ,
module . lb_sg . security_group_id
]
listeners = " http-to-https" = {
port = 80
protocol = " HTTP" = {
port = " 443" = " HTTPS" = " HTTP_301" = {
" if-path-pattern-is-api" = {
priority = 20
condition = {
path_pattern = [" /api*" = {
target_group_arn = aws_lb_target_group.api.arn
}
}
}
}
" https" = {
port = 433
protocol = " HTTPS" = " ELBSecurityPolicy-2016-08" = aws_acm_certificate.example.arn
fixed_response = {
content_type = " text/plain" = " Fixed response content" = " 200" = {
" if-path-pattern-is-api" = {
priority = 20
condition = {
path_pattern = [" /api*" = {
target_group_arn = aws_lb_target_group.api.arn
}
}
" if-host-header-is-example-and-method-is-get" = {
priority = 20
condition = {
host_header = [" example.com" = [" GET" = {
target_group_arn = aws_lb_target_group.ui.arn
}
}
}
}
}
}module "alb" {
source = " edelwud/alb/aws" version = " x.x.x" name = " cognito-oidc" type = " application" internal = false
subnets = . vpc . public_subnets
security_groups = module . vpc . default_security_group_id ,
module . lb_sg . security_group_id
]
listeners = " access-to-fixed-response-after-oidc" = {
port = 433
protocol = " HTTPS" = " ELBSecurityPolicy-2016-08" = aws_acm_certificate.example.arn
authenticate_oidc = {
authorization_endpoint = " https://example.com/authorization_endpoint" = " client_id" = " client_secret" = " https://example.com" = " https://example.com/token_endpoint" = " https://example.com/user_info_endpoint" = {
content_type = " text/plain" = " Fixed response content" = " 200" = {
" cognito-before-api" = {
priority = 20
conditions = {
path_pattern = [" /api*" = {
user_pool_arn = aws_cognito_user_pool.pool.arn
user_pool_client_id = aws_cognito_user_pool_client.client.id
user_pool_domain = aws_cognito_user_pool_domain.domain.domain
}
forward = {
target_group_arn = aws_lb_target_group.api.arn
}
}
}
}
}
}No modules.
Name
Description
Type
Default
Required
access_logs AWS ALB access logs
object({ nullno
deletion_protection AWS LB deletion protection
stringfalseno
idle_timeout AWS LB idle timeout
number600no
internal Is AWS Load Balancer internal?
boolfalseno
listeners AWS LB listeners
anynullno
name AWS Load Balancer name
stringn/a
yes
security_groups AWS LB security groups
list(string)n/a
yes
subnet_mapping AWS Load Balancer subnet mapping
list(object({ nullno
subnets AWS LB subnets
list(string)n/a
yes
tags Tags
map(string)nullno
type AWS load balancer type
string"application"no