Skip to content

Commit

Permalink
allowing http non encrypted traffic for internal ALB
Browse files Browse the repository at this point in the history
  • Loading branch information
@robertomoutinho
robertomoutinho committed Nov 30, 2023
1 parent 54abccc commit 14050d6
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions load_balancer.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,21 +58,21 @@ module "alb" {

# HTTPS redirects are enabled only for public facing ALB
resource "aws_lb_listener" "allow_http" {

Check failure on line 60 in load_balancer.tf

View workflow job for this annotation

GitHub Actions / build 

CKV_AWS_2: "Ensure ALB protocol is HTTPS"
count = var.enable_alb && var.alb_internal ? 0 : 1
load_balancer_arn = module.alb[0].this_lb_arn
count = (var.enable_alb == true && var.alb_internal == false) ? 1 : 0
load_balancer_arn = module.alb.this_lb_arn
port = "80"
protocol = "HTTP"

default_action {
type = "forward"
target_group_arn = module.alb[0].target_group_arns[0]
target_group_arn = module.alb.target_group_arns[0]
}
}

# Allow non-encrypted traffic for internal ALB onb port 80
resource "aws_lb_listener" "force_https" {
count = var.enable_alb && var.alb_internal ? 1 : 0
load_balancer_arn = module.alb[0].this_lb_arn
count = (var.enable_alb == true && var.alb_internal == true) ? 1 : 0
load_balancer_arn = module.alb.this_lb_arn
port = "80"
protocol = "HTTP"

Expand Down

0 comments on commit 14050d6

Please sign in to comment.