| allowed_egress_cidrs |
List of CIDR blocks for outbound traffic |
list(string) |
[
"0.0.0.0/0"
] |
no |
| allowed_http_cidrs |
List of CIDR blocks allowed for HTTP traffic |
list(string) |
[
"0.0.0.0/0"
] |
no |
| allowed_https_cidrs |
List of CIDR blocks allowed for HTTPS traffic |
list(string) |
[
"0.0.0.0/0"
] |
no |
| certificate_arn |
ARN of an existing SSL certificate for HTTPS |
string |
"" |
no |
| enable_availability_zone_all |
Set availability_zone to 'all' for IP targets outside VPC |
bool |
false |
no |
| enable_deletion_protection |
Enable or disable deletion protection for the ALB |
bool |
false |
no |
| enable_https |
Enable HTTPS listener (must provide a certificate ARN) |
bool |
false |
no |
| existing_security_group_id |
ID of existing security group to use (required if use_existing_security_group is true) |
string |
"" |
no |
| health_check_enabled |
Whether to enable health checks |
bool |
true |
no |
| health_check_healthy_threshold |
Number of successful health checks before considering the target healthy |
number |
3 |
no |
| health_check_interval |
Health check interval in seconds |
number |
30 |
no |
| health_check_matcher |
HTTP codes to use when checking for a successful response from a target |
string |
"200" |
no |
| health_check_path |
The health check endpoint for ALB target group |
string |
"/" |
no |
| health_check_port |
Port to use to connect with the target |
string |
"traffic-port" |
no |
| health_check_protocol |
Protocol to use to connect with the target |
string |
"HTTP" |
no |
| health_check_timeout |
Health check timeout in seconds |
number |
5 |
no |
| health_check_unhealthy_threshold |
Number of failed health checks before considering the target unhealthy |
number |
3 |
no |
| http_port |
The HTTP port for ALB security group |
number |
80 |
no |
| https_port |
The HTTPS port for ALB security group |
number |
443 |
no |
| internal |
If true, the ALB will be internal (not internet-facing) |
bool |
false |
no |
| name |
Base name for the ALB and related resources |
string |
n/a |
yes |
| private_subnet_ids |
List of private subnet IDs for internal ALB (when internal = true) |
list(string) |
[] |
no |
| public_subnet_ids |
List of public subnet IDs for external ALB (when internal = false) |
list(string) |
[] |
no |
| suffix |
Optional suffix to append to the resource name |
string |
"" |
no |
| tags |
Tags to apply to resources |
map(string) |
{} |
no |
| target_http_port |
The port the ALB forwards HTTP traffic to (Target Group) |
number |
80 |
no |
| target_type |
Type of target for ALB (instance, ip, lambda, alb) |
string |
"instance" |
no |
| targets |
List of targets (EC2 instance IDs, IPs, Lambda ARNs, or ALB ARNs) |
list(string) |
[] |
no |
| use_existing_security_group |
If true, use an existing security group instead of creating a new one |
bool |
false |
no |
| vpc_id |
The VPC ID where the ALB will be deployed |
string |
n/a |
yes |