forked from terraform-aws-modules/terraform-aws-alb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
261 lines (218 loc) · 8.26 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
variable "create_lb" {
description = "Controls if the Load Balancer should be created"
type = bool
default = true
}
variable "drop_invalid_header_fields" {
description = "Indicates whether invalid header fields are dropped in application load balancers. Defaults to false."
type = bool
default = false
}
variable "preserve_host_header" {
description = "Indicates whether Host header should be preserve and forward to targets without any change. Defaults to false."
type = bool
default = false
}
variable "enable_deletion_protection" {
description = "If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false."
type = bool
default = false
}
variable "enable_http2" {
description = "Indicates whether HTTP/2 is enabled in application load balancers."
type = bool
default = true
}
variable "enable_cross_zone_load_balancing" {
description = "Indicates whether cross zone load balancing should be enabled in application load balancers."
type = bool
default = false
}
variable "extra_ssl_certs" {
description = "A list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward)."
type = list(map(string))
default = []
}
variable "https_listeners" {
description = "A list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index])"
type = any
default = []
}
variable "http_tcp_listeners" {
description = "A list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index])"
type = any
default = []
}
variable "https_listener_rules" {
description = "A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index])"
type = any
default = []
}
variable "http_tcp_listener_rules" {
description = "A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index])"
type = any
default = []
}
variable "idle_timeout" {
description = "The time in seconds that the connection is allowed to be idle."
type = number
default = 60
}
variable "ip_address_type" {
description = "The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack."
type = string
default = "ipv4"
}
variable "listener_ssl_policy_default" {
description = "The security policy if using HTTPS externally on the load balancer. [See](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html)."
type = string
default = "ELBSecurityPolicy-2016-08"
}
variable "internal" {
description = "Boolean determining if the load balancer is internal or externally facing."
type = bool
default = false
}
variable "load_balancer_create_timeout" {
description = "Timeout value when creating the ALB."
type = string
default = "10m"
}
variable "load_balancer_delete_timeout" {
description = "Timeout value when deleting the ALB."
type = string
default = "10m"
}
variable "name" {
description = "The resource name and Name tag of the load balancer."
type = string
default = null
}
variable "name_prefix" {
description = "The resource name prefix and Name tag of the load balancer. Cannot be longer than 6 characters"
type = string
default = null
}
variable "load_balancer_type" {
description = "The type of load balancer to create. Possible values are application or network."
type = string
default = "application"
}
variable "load_balancer_update_timeout" {
description = "Timeout value when updating the ALB."
type = string
default = "10m"
}
variable "access_logs" {
description = "Map containing access logging configuration for load balancer."
type = map(string)
default = {}
}
variable "subnets" {
description = "A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f']"
type = list(string)
default = null
}
variable "subnet_mapping" {
description = "A list of subnet mapping blocks describing subnets to attach to network load balancer"
type = list(map(string))
default = []
}
variable "tags" {
description = "A map of tags to add to all resources"
type = map(string)
default = {}
}
variable "lb_tags" {
description = "A map of tags to add to load balancer"
type = map(string)
default = {}
}
variable "target_group_tags" {
description = "A map of tags to add to all target groups"
type = map(string)
default = {}
}
variable "https_listener_rules_tags" {
description = "A map of tags to add to all https listener rules"
type = map(string)
default = {}
}
variable "http_tcp_listener_rules_tags" {
description = "A map of tags to add to all http listener rules"
type = map(string)
default = {}
}
variable "https_listeners_tags" {
description = "A map of tags to add to all https listeners"
type = map(string)
default = {}
}
variable "http_tcp_listeners_tags" {
description = "A map of tags to add to all http listeners"
type = map(string)
default = {}
}
variable "security_groups" {
description = "The security groups to attach to the load balancer. e.g. [\"sg-edcd9784\",\"sg-edcd9785\"]"
type = list(string)
default = []
}
variable "target_groups" {
description = "A list of maps containing key/value pairs that define the target groups to be created. Order of these maps is important and the index of these are to be referenced in listener definitions. Required key/values: name, backend_protocol, backend_port"
type = any
default = []
}
variable "vpc_id" {
description = "VPC id where the load balancer and other resources will be deployed."
type = string
default = null
}
variable "enable_waf_fail_open" {
description = "Indicates whether to route requests to targets if lb fails to forward the request to AWS WAF"
type = bool
default = false
}
variable "desync_mitigation_mode" {
description = "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync."
type = string
default = "defensive"
}
variable "putin_khuylo" {
description = "Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!"
type = bool
default = true
}
################################################################################
# Security Group
################################################################################
variable "create_security_group" {
description = "Determines if a security group is created"
type = bool
default = true
}
variable "security_group_name" {
description = "Name to use on security group created"
type = string
default = null
}
variable "security_group_use_name_prefix" {
description = "Determines whether the security group name (`security_group_name`) is used as a prefix"
type = bool
default = true
}
variable "security_group_description" {
description = "Description of the security group created"
type = string
default = null
}
variable "security_group_rules" {
description = "Security group rules to add to the security group created"
type = any
default = {}
}
variable "security_group_tags" {
description = "A map of additional tags to add to the security group created"
type = map(string)
default = {}
}