diff --git a/modules/gwlb/README.md b/modules/gwlb/README.md
index 3e74623a..c6fbbbe5 100644
--- a/modules/gwlb/README.md
+++ b/modules/gwlb/README.md
@@ -65,6 +65,7 @@ No modules.
| [lb\_tags](#input\_lb\_tags) | Map of AWS tags to apply to the created Load Balancer object. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no |
| [lb\_target\_group\_tags](#input\_lb\_target\_group\_tags) | Map of AWS tags to apply to the created GWLB Target Group. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no |
| [name](#input\_name) | Name of the created GWLB and its Target Group. Must be unique per AWS region per AWS account. | `string` | n/a | yes |
+| [stickiness\_type](#input\_stickiness\_type) | If `stickiness_type` is `null`, then attribute `enabled` is set to `false` in stickiness configuration block,
value provided in `type` is ignored and by default the Gateway Load Balancer uses 5-tuple to maintain flow stickiness to a specific target appliance.
If `stickiness_type` is not `null`, then attribute `enabled` is set to `true` in stickiness configuration block
and the stickiness `type` can be then customized by using value:
- `source_ip_dest_ip_proto` for 3-tuple (Source IP, Destination IP and Transport Protocol)
- `source_ip_dest_ip` for 2-tuple (Source IP and Destination IP) | `string` | `null` | no |
| [subnets](#input\_subnets) | Map of subnets where to create the GWLB. Each map's key is the availability zone name and each map's object has an attribute
`id` identifying AWS subnet.
Example for users of module `subnet_set`:subnets = module.subnet_set.subnets
Example:subnets = {
"us-east-1a" = { id = "snet-123007" }
"us-east-1b" = { id = "snet-123008" }
} | map(object({
id = string
})) | n/a | yes |
| [target\_instances](#input\_target\_instances) | Map of instances to attach to the GWLB Target Group. | map(object({
id = string
})) | `{}` | no |
| [unhealthy\_threshold](#input\_unhealthy\_threshold) | The number of failed health checks required before a healthy target becomes unhealthy. Minimum 2 and maximum 10. | `number` | `3` | no |
diff --git a/modules/gwlb/main.tf b/modules/gwlb/main.tf
index 373a2898..8e2e3ceb 100644
--- a/modules/gwlb/main.tf
+++ b/modules/gwlb/main.tf
@@ -69,6 +69,11 @@ resource "aws_lb_target_group" "this" {
healthy_threshold = var.healthy_threshold
unhealthy_threshold = var.unhealthy_threshold
}
+
+ stickiness {
+ enabled = var.stickiness_type != null
+ type = coalesce(var.stickiness_type, "source_ip_dest_ip_proto")
+ }
}
# Attach one or more Targets (EC2 Instances).
diff --git a/modules/gwlb/variables.tf b/modules/gwlb/variables.tf
index 7cfe9d12..75e496ae 100644
--- a/modules/gwlb/variables.tf
+++ b/modules/gwlb/variables.tf
@@ -105,6 +105,25 @@ variable "unhealthy_threshold" {
type = number
}
+variable "stickiness_type" {
+ description = <<-EOF
+ If `stickiness_type` is `null`, then attribute `enabled` is set to `false` in stickiness configuration block,
+ value provided in `type` is ignored and by default the Gateway Load Balancer uses 5-tuple to maintain flow stickiness to a specific target appliance.
+ If `stickiness_type` is not `null`, then attribute `enabled` is set to `true` in stickiness configuration block
+ and the stickiness `type` can be then customized by using value:
+ - `source_ip_dest_ip_proto` for 3-tuple (Source IP, Destination IP and Transport Protocol)
+ - `source_ip_dest_ip` for 2-tuple (Source IP and Destination IP)
+ ```
+ EOF
+ default = null
+ type = string
+
+ validation {
+ condition = (var.stickiness_type == null || contains(["source_ip_dest_ip", "source_ip_dest_ip_proto"], coalesce(var.stickiness_type, "source_ip_dest_ip_proto")))
+ error_message = "The stickiness_type value must be `null`, `source_ip_dest_ip` or `source_ip_dest_ip_proto`."
+ }
+}
+
##### Various categories of Tags #####
variable "lb_tags" {