Skip to content

Commit

Permalink
Merge pull request #528 from ministryofjustice/TM-531/drop_invalid_he…
Browse files Browse the repository at this point in the history
…ader_fields_option

TM-531: add drop invalid header fields option
  • Loading branch information
sukeshreddyg authored Oct 1, 2024
2 parents 50e1b9b + 19d3d55 commit bb9c17c
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 1 deletion.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,7 @@ If you're looking to raise an issue with this module, please create a new issue
| <a name="input_account_number"></a> [account\_number](#input\_account\_number) | Account number of current environment | `string` | n/a | yes |
| <a name="input_application_name"></a> [application\_name](#input\_application\_name) | Name of application | `string` | n/a | yes |
| <a name="input_dns_record_client_routing_policy"></a> [dns\_record\_client\_routing\_policy](#input\_dns\_record\_client\_routing\_policy) | (optional) Indicates how traffic is distributed among network load balancer Availability Zones only. Possible values are any\_availability\_zone (client DNS queries are resolved among healthy LB IP addresses across all LB Availability Zones), partial\_availability\_zone\_affinity (85 percent of client DNS queries will favor load balancer IP addresses in their own Availability Zone, while the remaining queries resolve to any healthy zone) and availability\_zone\_affinity (Client DNS queries will favor load balancer IP address in their own Availability Zone). | `string` | `"any_availability_zone"` | no |
| <a name="input_drop_invalid_header_fields"></a> [drop\_invalid\_header\_fields](#input\_drop\_invalid\_header\_fields) | Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). | `bool` | `true` | no |
| <a name="input_enable_cross_zone_load_balancing"></a> [enable\_cross\_zone\_load\_balancing](#input\_enable\_cross\_zone\_load\_balancing) | A boolean that determines whether cross zone load balancing is enabled. In application load balancers this feature is always enabled and cannot be disabled. In network and gateway load balancers this feature is disabled by default but can be enabled. | `bool` | `false` | no |
| <a name="input_enable_deletion_protection"></a> [enable\_deletion\_protection](#input\_enable\_deletion\_protection) | If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. | `bool` | n/a | yes |
| <a name="input_existing_bucket_name"></a> [existing\_bucket\_name](#input\_existing\_bucket\_name) | The name of the existing bucket name. If no bucket is provided one will be created for them. | `string` | `""` | no |
Expand Down
2 changes: 1 addition & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ resource "aws_lb" "loadbalancer" {
subnets = concat(var.subnets, var.public_subnets)
enable_deletion_protection = var.enable_deletion_protection
idle_timeout = var.idle_timeout
drop_invalid_header_fields = true
drop_invalid_header_fields = var.drop_invalid_header_fields
enable_cross_zone_load_balancing = var.enable_cross_zone_load_balancing
dns_record_client_routing_policy = var.dns_record_client_routing_policy

Expand Down
6 changes: 6 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -200,3 +200,9 @@ variable "access_logs_lifecycle_rule" {
}
]
}

# set to false for SAP BIP, see https://me.sap.com/notes/0003348935
variable "drop_invalid_header_fields" {
description = "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false)."
default = true
}

0 comments on commit bb9c17c

Please sign in to comment.