Skip to content

willfarrell/terraform-lb-module

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ecs.tf
ecs.tf
 
 
http.tf
http.tf
 
 
https.tf
https.tf
 
 
locals.tf
locals.tf
 
 
main.tf
main.tf
 
 
output.tf
output.tf
 
 
variable.tf
variable.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

ALB

Application Load Balancer for ECS

Features

Setup

Prerequisites

Before using this terraform module, the "ec2" and "ecs" AMIs need to be created in all required regions with Packer - https://github.com/tesera/terraform-modules/blob/master/packer/README.md.

Module

# Cert
data "aws_acm_certificate" "main" {
  domain   = "${local.workspace["domain"]}"

  statuses = [
    "ISSUED",
  ]
}

# WAF
module "waf" {
  source        = "git@github.com:tesera/terraform-modules//waf-region-owasp?ref=v0.2.4"
  name          = "${local.workspace["name"]}"
  defaultAction = "ALLOW"
}

# ALB
# ( 80 -> 443 ) => ( 80 )
module "alb" {
  source                 = "git@github.com:willfarrell/terraform-lb-module?ref=v0.0.1"
  type                   = "application"
  internal               = false
  name                   = local.workspace["name"]
  vpc_id                 = data.terraform_remote_state.vpc.vpc_id

  private_subnet_ids     = [data.terraform_remote_state.vpc.private_subnet_ids]
  
  https_only             = true
  waf_acl_id             = module.waf.id
  certificate_arn        = data.aws_acm_certificate.main.arn
  # ECS
  ports                  = [80]
  autoscaling_group_name = module.ecs.autoscaling_group_id
  security_group_id      = module.ecs.security_group_id
}

# NLB
# ( 5000, 3000 ) => ( 5000, 3000 )
module "nlb" {
  source                 = "git@github.com:willfarrell/terraform-lb-module?ref=v0.0.1"
  type                   = "network"
  internal               = true
  name                   = local.workspace["name"]
  vpc_id                 = data.terraform_remote_state.vpc.vpc_id

  private_subnet_ids     = [data.terraform_remote_state.vpc.private_subnet_ids]

  # ECS
  ports                  = [5000,3000]
  autoscaling_group_name = module.ecs.autoscaling_group_id
  security_group_id      = module.ecs.security_group_id
}

output "alb_endpoint" {
  value = module.alb.endpoint
}

output "alb_target_group_arn" {
  value = module.alb.target_group_arn
}

Input

  • vpc_id: vpc id
  • subnet_ids: array of subnet ids, public for ALB, private for NLB
  • waf_acl_id: Regional WAF ACL ID
  • internal: Is an internal LB or not [Default: false]
  • https_only: Force HTTPS [Default: true]
  • ssl_policy: TLS policy to enforce. See docs for complete list [Default: ELBSecurityPolicy-TLS-1-1-2017-01]
  • certificate_arn: ARN of AWS certificate, add 443 port forwarding
  • ports: ECS ports to forward to. First, non-443 on in the list will be use for 443 forwarding. [Default: [ 443, 80 ]]
  • autoscaling_group_name: ECS auto-scaling group name
  • security_group_id: ECS security group id

Output

  • id: LB ID
  • arn: LB ARN
  • endpoint: AWS generated URL endpoint
  • target_group_arns: target group arns
  • security_group_id: Security group id

About

Terraform Load Balancer module

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages