v3.0.0
- (breaking change) var.subnet_tags removed instead to use hard coded var.subnet_ids
- (breaking change) added mandatory var.security_groups_ingress_cidr to allow for optional CIDR range for SG's
- Optional disable_security_groups to allow for backwards compatability
v2.0.0
- (breaking changes) renaming var.listeners to var.ports and turns it into an map(object) which uses the ports as indexes so doesn't cause the Terraform index shift recreation issue and also accepts multiple target groups
v1.0.5
- Adds support for the boolean argument 'preserve_client_ip'
module "nlb" {
source = "git::https://github.com/UKHomeOffice/acp-tf-nlb?ref=master"
name = "my-service"
environment = "dev" # by default both Name and Env is added to the tags
dns\_zone = "example.com"
vpc\_id = "vpc-32323232"
tags = {
Role = "some\_tag"
}
# A series of tags applied to filter out the source subnets, by default Env and Role = elb-subnet is used
subnet\_tags {
Role = "some\_tag"
}
ports = {
"80" = {
target_port = "8080"
target_groups = ["compute-az1", "compute-az2"]
},
"443" = {
target_port = "8443"
target_groups = ["compute-az1", "compute-az2]
}
}
}
| Name | Version |
|---|---|
| terraform | >= 1.0 |
| Name | Version |
|---|---|
| aws | 3.71.0 |
No modules.
| Name | Type |
|---|---|
| aws_autoscaling_attachment.asg_attachment | resource |
| aws_lb.balancer | resource |
| aws_lb_listener.listeners | resource |
| aws_lb_target_group.target_groups | resource |
| aws_route53_record.dns | resource |
| aws_security_group.balancer | resource |
| aws_security_group_rule.egress | resource |
| aws_security_group_rule.ingress | resource |
| aws_route53_zone.selected | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| deregistration_delay | The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused | string |
"300" |
no |
| disable_security_groups | Disable SecurityGroup creation, this is for backwards compatability as SG's can't be added after creation | bool |
false |
no |
| dns_name | An optional hostname to add to the hosting zone, otherwise defaults to var.name | string |
"" |
no |
| dns_type | The dns record type to use when adding the dns entry | string |
"A" |
no |
| dns_zone | The AWS route53 domain name hosting the dns entry, i.e. example.com | any |
n/a | yes |
| elb_role_tag | The role tag applied to the subnets used for ELB, i.e. Role = elb-subnet | string |
"elb-subnets" |
no |
| environment | An envionment name for the ELB, i.e. prod, dev, ci etc and used to search for assets | any |
n/a | yes |
| health_check_interval | The interval between performing a health check | string |
"30" |
no |
| healthy_threshold | The number of consecutive health checks successes required before considering an unhealthy target healthy | string |
"3" |
no |
| idle_timeout | The timeout applie to idle ELB connections | string |
"120" |
no |
| internal | Indicates if the ELB should be an internal load balancer, defaults to true | bool |
true |
no |
| internal_nlb_subnet_mappings | n/a | map(object({ |
{} |
no |
| name | A descriptive name for this ELB | any |
n/a | yes |
| ports | A map of ports and autoscaling groups to make listeners/target groups/ attachments from | map(object({ |
n/a | yes |
| preserve_client_ip | Whether to preserve the client (source) IP - false will regard all traffic as originating from the eni, for example | bool |
true |
no |
| security_group_ingress_cidr | CIDR ranges to allow access to this NLB | list(string) |
n/a | yes |
| subnet_ids | A list of subnet id's to be used for the NLB | list |
[] |
no |
| tags | A map of tags which will be added to the ELB cloud tags, by default Name, Env and KubernetesCluster is added | map |
{} |
no |
| unhealthy_threshold | The number of consecutive health check failures required before considering the target unhealthy | string |
"3" |
no |
| vpc_id | The VPC id you are building the network load balancer in | any |
n/a | yes |
| Name | Description |
|---|---|
| dns | The FQDN of the newly created ELB |
| nlb_arn | The AWS ARN of the NLB which has been created |
| nlb_dns_name | The name given to the ELB just created |
| nlb_id | The ID for the ELB which has been created |
| nlb_name | The name of the network load balancer we are creating |