Terraform module for deploying and managing an AWS Application Load Balancer (ALB) with enhanced features including internal load balancer support, configurable health checks, and flexible security group management.
| Name | Version |
|---|---|
| aws | >= 5.0 |
| Name | Version |
|---|---|
| aws | >= 5.0 |
No modules.
| Name | Type |
|---|---|
| aws_lb.this | resource |
| aws_lb_listener.http | resource |
| aws_lb_listener.https | resource |
| aws_lb_target_group.http | resource |
| aws_lb_target_group.https | resource |
| aws_lb_target_group_attachment.generic | resource |
| aws_lb_target_group_attachment.lambda | resource |
| aws_security_group.this | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| allowed_egress_cidrs | List of CIDR blocks for outbound traffic | list(string) |
[ |
no |
| allowed_http_cidrs | List of CIDR blocks allowed for HTTP traffic | list(string) |
[ |
no |
| allowed_https_cidrs | List of CIDR blocks allowed for HTTPS traffic | list(string) |
[ |
no |
| certificate_arn | ARN of an existing SSL certificate for HTTPS | string |
"" |
no |
| enable_availability_zone_all | Set availability_zone to 'all' for IP targets outside VPC | bool |
false |
no |
| enable_deletion_protection | Enable or disable deletion protection for the ALB | bool |
false |
no |
| enable_https | Enable HTTPS listener (must provide a certificate ARN) | bool |
false |
no |
| existing_security_group_id | ID of existing security group to use (required if use_existing_security_group is true) | string |
"" |
no |
| health_check_enabled | Whether to enable health checks | bool |
true |
no |
| health_check_healthy_threshold | Number of successful health checks before considering the target healthy | number |
3 |
no |
| health_check_interval | Health check interval in seconds | number |
30 |
no |
| health_check_matcher | HTTP codes to use when checking for a successful response from a target | string |
"200" |
no |
| health_check_path | The health check endpoint for ALB target group | string |
"/" |
no |
| health_check_port | Port to use to connect with the target | string |
"traffic-port" |
no |
| health_check_protocol | Protocol to use to connect with the target | string |
"HTTP" |
no |
| health_check_timeout | Health check timeout in seconds | number |
5 |
no |
| health_check_unhealthy_threshold | Number of failed health checks before considering the target unhealthy | number |
3 |
no |
| http_port | The HTTP port for ALB security group | number |
80 |
no |
| https_port | The HTTPS port for ALB security group | number |
443 |
no |
| internal | If true, the ALB will be internal (not internet-facing) | bool |
false |
no |
| name | Base name for the ALB and related resources | string |
n/a | yes |
| private_subnet_ids | List of private subnet IDs for internal ALB (when internal = true) | list(string) |
[] |
no |
| public_subnet_ids | List of public subnet IDs for external ALB (when internal = false) | list(string) |
[] |
no |
| suffix | Optional suffix to append to the resource name | string |
"" |
no |
| tags | Tags to apply to resources | map(string) |
{} |
no |
| target_http_port | The port the ALB forwards HTTP traffic to (Target Group) | number |
80 |
no |
| target_type | Type of target for ALB (instance, ip, lambda, alb) | string |
"instance" |
no |
| targets | List of targets (EC2 instance IDs, IPs, Lambda ARNs, or ALB ARNs) | list(string) |
[] |
no |
| use_existing_security_group | If true, use an existing security group instead of creating a new one | bool |
false |
no |
| vpc_id | The VPC ID where the ALB will be deployed | string |
n/a | yes |
| Name | Description |
|---|---|
| alb_arn | The ARN of the ALB |
| alb_dns | The DNS name of the ALB |
| alb_http_listener_arn | The ARN of the ALB HTTP listener |
| alb_https_listener_arn | The ARN of the ALB HTTPS listener |
| alb_security_group_id | The security group ID assigned to the ALB |
| alb_target_health_command | Command to check the ALB target group health |
| alb_test_command | Command to test the ALB's HTTP response |
| alb_zone_id | The canonical hosted zone ID of the ALB (to be used in a Route 53 Alias record) |
| attached_targets | List of targets successfully attached to the target group |
| http_target_group_arn | The ARN of the HTTP target group (only when HTTPS is disabled) |
| http_target_group_name | The name of the HTTP target group (only when HTTPS is disabled) |
| https_target_group_arn | The ARN of the HTTPS target group |
| https_target_group_name | The name of the HTTPS target group |
| target_group_arn | The ARN of the target group (HTTP or HTTPS based on configuration) |