forked from terraform-aws-modules/terraform-aws-alb
-
Notifications
You must be signed in to change notification settings - Fork 6
/
variables.tf
236 lines (194 loc) · 6.06 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
//
// Variables specific to module label
//
variable "attributes" {
description = "Suffix name with additional attributes (policy, role, etc.)"
type = "list"
default = []
}
variable "delimiter" {
description = "Delimiter to be used between `name`, `namespaces`, `attributes`, etc."
type = "string"
default = "-"
}
variable "environment" {
description = "Environment (ex: dev, qa, stage, prod)"
type = "string"
}
variable "name" {
description = "Base name for resource"
type = "string"
}
variable "namespace-env" {
description = "Prefix name with the environment"
default = true
}
variable "namespace-org" {
description = "Prefix name with the organization. If both env and org namespaces are used, format will be <org>-<env>-<name>"
default = false
}
variable "organization" {
description = "Organization name"
type = "string"
default = ""
}
variable "tags" {
description = "A map of additional tags to add"
type = "map"
default = {}
}
//
// Module specific Variables
//
variable "enabled" {
description = "Set to false to prevent the module from creating anything"
default = true
}
variable "enable_logging" {
description = "Enable the LB to write log entries to S3."
default = false
}
variable "certificate_name" {
description = "The name of the SSL Certificate to look up in ACM and use"
default = ""
}
//
// Load Balancer settings
//
variable "idle_timeout" {
description = "The time in seconds that the connection is allowed to be idle"
default = "60"
}
variable "internal" {
description = "Boolean determining if the LB is internal or externally facing."
default = true
}
variable "security_groups" {
description = "The security groups with which we associate the LB. e.g. [\"sg-edcd9784\",\"sg-edcd9785\"]"
type = "list"
}
variable "subnets" {
description = "A list of subnets to associate with the LB. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f']"
type = "list"
}
variable "type" {
description = "Type of load balancer. (`application` or `network`)"
default = "application"
}
//
// Load Balancer Logging settings
//
variable "bucket_policy" {
description = "An S3 bucket policy to apply to the log bucket. If not provided, a minimal policy will be generated from other variables."
default = ""
}
variable "create_log_bucket" {
description = "Create the S3 bucket (named with the log_bucket_name var) and attach a policy to allow LB logging."
default = false
}
variable "force_destroy_log_bucket" {
description = "If set to true and if the log bucket already exists, it will be destroyed and recreated."
default = false
}
variable "log_bucket_name" {
description = "S3 bucket for storing LB access logs. To create the bucket \"create_log_bucket\" should be set to true."
default = ""
}
variable "log_location_prefix" {
description = "S3 prefix within the log_bucket_name under which logs are stored."
default = ""
}
//
// Listener and Target Group settings
//
variable "lb_protocols" {
description = "The protocols the LB accepts. e.g.: [\"HTTP\"]"
type = "list"
default = ["HTTP"]
}
variable "backend_port" {
description = "The port the service on the EC2 instances listen on."
default = 80
}
variable "backend_protocol" {
description = "The protocol the backend service speaks. Options: HTTP, HTTPS, TCP, SSL (secure tcp)."
default = "HTTP"
}
variable "ports" {
description = "Default port set. Used fo all instance and LB port sets that are not defined"
default = "80"
}
variable "instance_http_ports" {
description = "Backend HTTP instance (target group) ports"
default = ""
}
variable "instance_https_ports" {
description = "Backend HTTPS instance (target group) ports"
default = ""
}
variable "instance_tcp_ports" {
description = "Backend TCP instance (target group) ports"
default = ""
}
variable "lb_http_ports" {
description = "Frontend HTTP listener ports"
default = ""
}
variable "lb_https_ports" {
description = "Frontend HTTPS listener ports"
default = ""
}
variable "lb_tcp_ports" {
description = "Frontend TCP listener ports"
default = ""
}
///
/// Health Checks
///
variable "health_check_healthy_threshold" {
description = "Number of consecutive positive health checks before a backend instance is considered healthy."
default = 3
}
variable "health_check_interval" {
description = "Interval in seconds on which the health check against backend hosts is tried."
default = 10
}
variable "health_check_matcher" {
description = "The HTTP codes that are a success when checking TG health."
default = "200-299"
# AWS default is 200-399
}
variable "health_check_path" {
description = "The URL the ELB should use for health checks. e.g. /health"
default = "/"
}
variable "health_check_port" {
description = "The port used by the health check if different from the traffic-port."
default = "traffic-port"
}
variable "health_check_protocol" {
description = "The protocol used by the health check."
default = "HTTP"
}
variable "health_check_timeout" {
description = "Seconds to leave a health check waiting before terminating it and calling the check unhealthy."
default = 5
}
variable "health_check_unhealthy_threshold" {
description = "Number of consecutive positive health checks before a backend instance is considered unhealthy."
default = 3
}
//
// Misc
//
variable "cookie_duration" {
description = "If load balancer connection stickiness is desired, set this to the duration in seconds that cookie should be valid (e.g. 300). Otherwise, if no stickiness is desired, leave the default."
default = 0
}
variable "security_policy" {
description = "The security policy if using HTTPS externally on the LB. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html"
default = "ELBSecurityPolicy-2016-08"
}
variable "vpc_id" {
description = "VPC id where the LB and other resources will be deployed."
}