forked from cloudposse/terraform-aws-alb-ingress
-
Notifications
You must be signed in to change notification settings - Fork 2
/
variables.tf
265 lines (222 loc) · 8.08 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
variable "default_target_group_enabled" {
type = bool
default = true
description = "Enable/disable creation of the default target group"
}
variable "target_group_arn" {
type = string
default = ""
description = "Existing ALB target group ARN. If provided, set `default_target_group_enabled` to `false` to disable creation of the default target group"
}
variable "unauthenticated_listener_arns" {
type = list(string)
default = []
description = "A list of unauthenticated ALB listener ARNs to attach ALB listener rules to"
}
variable "unauthenticated_listener_arns_count" {
type = number
default = 0
description = "The number of unauthenticated ARNs in `unauthenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
}
variable "listener_http_header_conditions" {
type = list(object({
name = string
value = list(string)
}))
default = []
description = "A list of http header conditions to apply to the listener."
}
variable "authenticated_listener_arns" {
type = list(string)
default = []
description = "A list of authenticated ALB listener ARNs to attach ALB listener rules to"
}
variable "authenticated_listener_arns_count" {
type = number
default = 0
description = "The number of authenticated ARNs in `authenticated_listener_arns`. This is necessary to work around a limitation in Terraform where counts cannot be computed"
}
variable "deregistration_delay" {
type = number
default = 15
description = "The amount of time to wait in seconds while deregistering target"
}
variable "load_balancing_algorithm_type" {
type = string
default = "round_robin"
description = "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin or least_outstanding_requests. The default is round_robin."
}
variable "health_check_enabled" {
type = bool
default = true
description = "Indicates whether health checks are enabled. Defaults to `true`"
}
variable "health_check_path" {
type = string
default = "/"
description = "The destination for the health check request"
}
variable "health_check_port" {
type = string
default = "traffic-port"
description = "The port to use to connect with the target. Valid values are either ports 1-65536, or `traffic-port`. Defaults to `traffic-port`"
}
variable "health_check_protocol" {
type = string
default = "HTTP"
description = "The protocol to use to connect with the target. Defaults to `HTTP`. Not applicable when `target_type` is `lambda`"
}
variable "health_check_timeout" {
type = number
default = 10
description = "The amount of time to wait in seconds before failing a health check request"
}
variable "health_check_healthy_threshold" {
type = number
default = 2
description = "The number of consecutive health checks successes required before healthy"
}
variable "health_check_unhealthy_threshold" {
type = number
default = 2
description = "The number of consecutive health check failures required before unhealthy"
}
variable "health_check_interval" {
type = number
default = 15
description = "The duration in seconds in between health checks"
}
variable "health_check_matcher" {
type = string
default = "200-399"
description = "The HTTP response codes to indicate a healthy check"
}
variable "unauthenticated_priority" {
type = number
default = 0
description = "The priority for the rules without authentication, between 1 and 50000 (1 being highest priority). Must be different from `authenticated_priority` since a listener can't have multiple rules with the same priority"
}
variable "authenticated_priority" {
type = number
default = 0
description = "The priority for the rules with authentication, between 1 and 50000 (1 being highest priority). Must be different from `unauthenticated_priority` since a listener can't have multiple rules with the same priority"
}
variable "port" {
type = number
default = 80
description = "The port for the created ALB target group (if `target_group_arn` is not set)"
}
variable "protocol" {
type = string
default = "HTTP"
description = "The protocol for the created ALB target group (if `target_group_arn` is not set)"
}
variable "target_type" {
type = string
default = "ip"
description = "The type (`instance`, `ip` or `lambda`) of targets that can be registered with the target group"
}
variable "vpc_id" {
type = string
description = "The VPC ID where generated ALB target group will be provisioned (if `target_group_arn` is not set)"
}
variable "unauthenticated_hosts" {
type = list(string)
default = []
description = "Unauthenticated hosts to match in Hosts header"
}
variable "authenticated_hosts" {
type = list(string)
default = []
description = "Authenticated hosts to match in Hosts header"
}
variable "unauthenticated_paths" {
type = list(string)
default = []
description = "Unauthenticated path pattern to match (a maximum of 1 can be defined)"
}
variable "authenticated_paths" {
type = list(string)
default = []
description = "Authenticated path pattern to match (a maximum of 1 can be defined)"
}
variable "authentication_type" {
type = string
default = ""
description = "Authentication type. Supported values are `COGNITO` and `OIDC`"
}
variable "authentication_cognito_user_pool_arn" {
type = string
description = "Cognito User Pool ARN"
default = ""
}
variable "authentication_cognito_user_pool_client_id" {
type = string
description = "Cognito User Pool Client ID"
default = ""
}
variable "authentication_cognito_user_pool_domain" {
type = string
description = "Cognito User Pool Domain. The User Pool Domain should be set to the domain prefix (`xxx`) instead of full domain (https://xxx.auth.us-west-2.amazoncognito.com)"
default = ""
}
variable "authentication_cognito_scope" {
type = list(string)
description = "Cognito scope"
default = []
}
variable "authentication_oidc_client_id" {
type = string
description = "OIDC Client ID"
default = ""
}
variable "authentication_oidc_client_secret" {
type = string
description = "OIDC Client Secret"
default = ""
}
variable "authentication_oidc_issuer" {
type = string
description = "OIDC Issuer"
default = ""
}
variable "authentication_oidc_authorization_endpoint" {
type = string
description = "OIDC Authorization Endpoint"
default = ""
}
variable "authentication_oidc_token_endpoint" {
type = string
description = "OIDC Token Endpoint"
default = ""
}
variable "authentication_oidc_user_info_endpoint" {
type = string
description = "OIDC User Info Endpoint"
default = ""
}
variable "authentication_oidc_scope" {
type = list(string)
description = "OIDC scope"
default = []
}
variable "slow_start" {
type = number
default = 0
description = "The amount of time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is `0` seconds"
}
variable "stickiness_type" {
type = string
default = "lb_cookie"
description = "The type of sticky sessions. The only current possible value is `lb_cookie`"
}
variable "stickiness_cookie_duration" {
type = number
default = 86400
description = "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds)"
}
variable "stickiness_enabled" {
type = bool
default = true
description = "Boolean to enable / disable `stickiness`. Default is `true`"
}