diff --git a/README.md b/README.md
index a1ba15e4..c7bcf5f6 100644
--- a/README.md
+++ b/README.md
@@ -329,6 +329,7 @@ allow_github_webhooks = true
| [alb\_authenticate\_cognito](#input\_alb\_authenticate\_cognito) | Map of AWS Cognito authentication parameters to protect ALB (eg, using SAML). See https://www.terraform.io/docs/providers/aws/r/lb_listener.html#authenticate-cognito-action | `any` | `{}` | no |
| [alb\_authenticate\_oidc](#input\_alb\_authenticate\_oidc) | Map of Authenticate OIDC parameters to protect ALB (eg, using Auth0). See https://www.terraform.io/docs/providers/aws/r/lb_listener.html#authenticate-oidc-action | `any` | `{}` | no |
| [alb\_drop\_invalid\_header\_fields](#input\_alb\_drop\_invalid\_header\_fields) | Indicates whether invalid header fields are dropped in application load balancers. Defaults to false. | `bool` | `null` | no |
+| [alb\_enable\_cross\_zone\_load\_balancing](#input\_alb\_enable\_cross\_zone\_load\_balancing) | Whether cross-zone load balancing is enabled for the load balancer | `bool` | `null` | no |
| [alb\_enable\_deletion\_protection](#input\_alb\_enable\_deletion\_protection) | If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false. | `bool` | `null` | no |
| [alb\_http\_security\_group\_tags](#input\_alb\_http\_security\_group\_tags) | Additional tags to put on the http security group | `map(string)` | `{}` | no |
| [alb\_https\_security\_group\_tags](#input\_alb\_https\_security\_group\_tags) | Additional tags to put on the https security group | `map(string)` | `{}` | no |
diff --git a/examples/github-complete/main.tf b/examples/github-complete/main.tf
index b93dd52e..24f7f398 100644
--- a/examples/github-complete/main.tf
+++ b/examples/github-complete/main.tf
@@ -101,12 +101,13 @@ module "atlantis" {
atlantis_repo_allowlist = [for repo in var.github_repo_names : "github.com/${var.github_owner}/${repo}"]
# ALB access
- alb_ingress_cidr_blocks = var.alb_ingress_cidr_blocks
- alb_logging_enabled = true
- alb_log_bucket_name = module.atlantis_access_log_bucket.s3_bucket_id
- alb_log_location_prefix = "atlantis-alb"
- alb_listener_ssl_policy_default = "ELBSecurityPolicy-TLS-1-2-2017-01"
- alb_drop_invalid_header_fields = true
+ alb_ingress_cidr_blocks = var.alb_ingress_cidr_blocks
+ alb_logging_enabled = true
+ alb_log_bucket_name = module.atlantis_access_log_bucket.s3_bucket_id
+ alb_log_location_prefix = "atlantis-alb"
+ alb_listener_ssl_policy_default = "ELBSecurityPolicy-TLS-1-2-2017-01"
+ alb_drop_invalid_header_fields = true
+ alb_enable_cross_zone_load_balancing = true
allow_unauthenticated_access = true
allow_github_webhooks = true
diff --git a/main.tf b/main.tf
index 72a68645..ab1acf1d 100644
--- a/main.tf
+++ b/main.tf
@@ -242,9 +242,10 @@ module "alb" {
name = var.name
internal = var.internal
- vpc_id = local.vpc_id
- subnets = local.public_subnet_ids
- security_groups = flatten([module.alb_https_sg.security_group_id, module.alb_http_sg.security_group_id, var.security_group_ids])
+ enable_cross_zone_load_balancing = var.alb_enable_cross_zone_load_balancing
+ vpc_id = local.vpc_id
+ subnets = local.public_subnet_ids
+ security_groups = flatten([module.alb_https_sg.security_group_id, module.alb_http_sg.security_group_id, var.security_group_ids])
access_logs = {
enabled = var.alb_logging_enabled
diff --git a/variables.tf b/variables.tf
index 64201f66..32b18fc3 100644
--- a/variables.tf
+++ b/variables.tf
@@ -766,3 +766,9 @@ variable "max_session_duration" {
type = number
default = null
}
+
+variable "alb_enable_cross_zone_load_balancing" {
+ description = "Whether cross-zone load balancing is enabled for the load balancer"
+ type = bool
+ default = null
+}