-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathvariables.tf
179 lines (149 loc) · 5.49 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
variable "alb_certificate_arns" {
description = "The ARNs of the certificates to be attached to the ALB."
type = list(string)
default = []
}
variable "alb_default_certificate_arn" {
description = "The ARN of the default certificate to be attached to the ALB."
type = string
}
variable "alb_idle_timeout" {
description = "The time in seconds that the connection is allowed to be idle."
type = number
default = 60
}
variable "alb_internal" {
description = "If true, the ALB will be internal. Default's to false, the ALB will be public."
type = string
default = false
}
variable "alb_ssl_policy" {
description = "The SSL policy (aka security policy) for the Application Load Balancer that specifies the TLS protocols and ciphers allowed. See <https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies>."
type = string
default = "ELBSecurityPolicy-2016-08"
}
variable "alb_subnet_ids" {
description = "Subnet IDs for the ALB. Use public subnets for a public ALB and private subnets for an internal ALB."
type = list(string)
}
variable "alb_vpc_id" {
description = "VPC ID to be used by the ALB."
type = string
}
variable "allow_public_http" {
description = "Allow inbound access from the Internet to port 80"
type = string
default = true
}
variable "allow_public_https" {
description = "Allow inbound access from the Internet to port 443"
type = string
default = true
}
variable "container_port" {
description = "The port on which the container will receive traffic."
type = string
default = 443
}
variable "container_protocol" {
description = "The protocol to use to connect with the container."
type = string
default = "HTTPS"
}
variable "container_protocol_version" {
description = "The protocol version to use with the container."
type = string
default = "HTTP1"
}
variable "deregistration_delay" {
description = "The amount time for the LB to wait before changing the state of a deregistering target from draining to unused. Default is 90s."
type = string
default = 90
}
variable "desync_mitigation_mode" {
description = "Specifies how the load balancer handles security issues related to HTTP desync"
type = string
default = "defensive"
}
variable "enable_deletion_protection" {
description = " If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer"
type = string
default = false
}
variable "environment" {
description = "Environment tag, e.g prod."
type = string
}
variable "health_check_interval" {
description = "The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. Default 30 seconds."
type = string
default = 30
}
variable "health_check_path" {
description = "The destination for the health check requests to the container."
type = string
default = "/"
}
variable "health_check_success_codes" {
description = "The HTTP codes to use when checking for a successful response from the container. You can specify multiple values (for example, '200,202') or a range of values (for example, '200-299')."
type = string
default = "200"
}
variable "health_check_timeout" {
description = "The health check timeout. Minimum value 2 seconds, Maximum value 60 seconds. Default 5 seconds."
type = string
default = 5
}
variable "healthy_threshold" {
description = "The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3."
type = string
default = 3
}
variable "load_balancing_algorithm_type" {
description = "Determines how the load balancer selects targets when routing requests. Default is round_robin."
type = string
default = "round_robin"
}
variable "logs_s3_bucket" {
description = "S3 bucket for storing access logs. Set to empty string to disable logs."
type = string
}
variable "logs_s3_prefix" {
description = "Overrides prefix for ALB logs"
default = ""
type = string
}
variable "logs_s3_prefix_enabled" {
description = "Toggle for ALB logs S3 prefix"
default = true
type = bool
}
variable "name" {
description = "The service name."
type = string
}
variable "security_group" {
description = "SG for the ALB"
type = string
default = ""
}
variable "security_group_tags" {
description = "A map of tags to add to the ALB's security group."
type = map(string)
default = {}
}
variable "slow_start" {
description = "The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0."
type = number
default = 0
}
variable "target_group_name" {
description = "Override the default name of the ALB's target group. Must be less than or equal to 32 characters. Default: ecs-[name]-[environment]-[protocol]."
type = string
default = ""
}
variable "unhealthy_threshold" {
description = "The number of consecutive health check failures required before considering the target unhealthy. For Network Load Balancers, this value must be the same as the healthy_threshold. Defaults to 3."
type = string
default = 3
}