diff --git a/README.md b/README.md index 48a3e2b..f346514 100644 --- a/README.md +++ b/README.md @@ -273,6 +273,7 @@ If you're looking to raise an issue with this module, please create a new issue | [account\_number](#input\_account\_number) | Account number of current environment | `string` | n/a | yes | | [application\_name](#input\_application\_name) | Name of application | `string` | n/a | yes | | [dns\_record\_client\_routing\_policy](#input\_dns\_record\_client\_routing\_policy) | (optional) Indicates how traffic is distributed among network load balancer Availability Zones only. Possible values are any\_availability\_zone (client DNS queries are resolved among healthy LB IP addresses across all LB Availability Zones), partial\_availability\_zone\_affinity (85 percent of client DNS queries will favor load balancer IP addresses in their own Availability Zone, while the remaining queries resolve to any healthy zone) and availability\_zone\_affinity (Client DNS queries will favor load balancer IP address in their own Availability Zone). | `string` | `"any_availability_zone"` | no | +| [drop\_invalid\_header\_fields](#input\_drop\_invalid\_header\_fields) | Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). | `bool` | `true` | no | | [enable\_cross\_zone\_load\_balancing](#input\_enable\_cross\_zone\_load\_balancing) | A boolean that determines whether cross zone load balancing is enabled. In application load balancers this feature is always enabled and cannot be disabled. In network and gateway load balancers this feature is disabled by default but can be enabled. | `bool` | `false` | no | | [enable\_deletion\_protection](#input\_enable\_deletion\_protection) | If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. | `bool` | n/a | yes | | [existing\_bucket\_name](#input\_existing\_bucket\_name) | The name of the existing bucket name. If no bucket is provided one will be created for them. | `string` | `""` | no | diff --git a/main.tf b/main.tf index 3d9831a..59c80a5 100644 --- a/main.tf +++ b/main.tf @@ -117,7 +117,7 @@ resource "aws_lb" "loadbalancer" { subnets = concat(var.subnets, var.public_subnets) enable_deletion_protection = var.enable_deletion_protection idle_timeout = var.idle_timeout - drop_invalid_header_fields = true + drop_invalid_header_fields = var.drop_invalid_header_fields enable_cross_zone_load_balancing = var.enable_cross_zone_load_balancing dns_record_client_routing_policy = var.dns_record_client_routing_policy diff --git a/variables.tf b/variables.tf index 90fc338..6f6bd70 100644 --- a/variables.tf +++ b/variables.tf @@ -200,3 +200,9 @@ variable "access_logs_lifecycle_rule" { } ] } + +# set to false for SAP BIP, see https://me.sap.com/notes/0003348935 +variable "drop_invalid_header_fields" { + description = "Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false)." + default = true +}