terraform/website/source/docs/providers/aws/r/elb.html.markdown

151 lines
5.8 KiB
Markdown
Raw Normal View History

2014-07-24 03:16:36 +02:00
---
layout: "aws"
page_title: "AWS: aws_elb"
sidebar_current: "docs-aws-resource-elb"
2014-10-22 05:21:56 +02:00
description: |-
Provides an Elastic Load Balancer resource.
2014-07-24 03:16:36 +02:00
---
# aws\_elb
Provides an Elastic Load Balancer resource.
~> **NOTE on ELB Instances and ELB Attachments:** Terraform currently
provides both a standalone [ELB Attachment resource](elb_attachment.html)
(describing an instance attached to an ELB), and an ELB resource with
`instances` defined in-line. At this time you cannot use an ELB with in-line
2016-11-03 22:07:59 +01:00
instances in conjunction with a ELB Attachment resources. Doing so will cause a
conflict and will overwrite attachments.
2014-07-24 03:16:36 +02:00
## Example Usage
```
# Create a new load balancer
resource "aws_elb" "bar" {
name = "foobar-terraform-elb"
2014-07-24 03:16:36 +02:00
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
2015-11-04 08:15:02 +01:00
access_logs {
bucket = "foo"
2015-11-04 08:15:02 +01:00
bucket_prefix = "bar"
interval = 60
2015-11-04 08:15:02 +01:00
}
2014-07-24 03:16:36 +02:00
listener {
instance_port = 8000
2014-07-24 03:16:36 +02:00
instance_protocol = "http"
lb_port = 80
lb_protocol = "http"
2014-07-24 03:16:36 +02:00
}
listener {
instance_port = 8000
instance_protocol = "http"
lb_port = 443
lb_protocol = "https"
2014-10-22 05:21:56 +02:00
ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName"
}
2014-07-30 14:14:18 +02:00
health_check {
healthy_threshold = 2
2014-07-30 14:14:18 +02:00
unhealthy_threshold = 2
timeout = 3
target = "HTTP:8000/"
interval = 30
2014-07-30 14:14:18 +02:00
}
instances = ["${aws_instance.foo.id}"]
cross_zone_load_balancing = true
idle_timeout = 400
connection_draining = true
connection_draining_timeout = 400
2015-06-02 21:05:55 +02:00
tags {
Name = "foobar-terraform-elb"
}
2014-07-24 03:16:36 +02:00
}
```
## Argument Reference
The following arguments are supported:
* `name` - (Optional) The name of the ELB. By default generated by terraform.
2015-11-04 08:15:02 +01:00
* `access_logs` - (Optional) An Access Logs block. Access Logs documented below.
* `availability_zones` - (Required for an EC2-classic ELB) The AZ's to serve traffic in.
* `security_groups` - (Optional) A list of security group IDs to assign to the ELB.
Only valid if creating an ELB within a VPC
* `subnets` - (Required for a VPC ELB) A list of subnet IDs to attach to the ELB.
* `instances` - (Optional) A list of instance ids to place in the ELB pool.
2014-09-30 22:30:15 +02:00
* `internal` - (Optional) If true, ELB will be an internal ELB.
* `listener` - (Required) A list of listener blocks. Listeners documented below.
* `health_check` - (Optional) A health_check block. Health Check documented below.
* `cross_zone_load_balancing` - (Optional) Enable cross-zone load balancing. Default: `true`
* `idle_timeout` - (Optional) The time in seconds that the connection is allowed to be idle. Default: `60`
* `connection_draining` - (Optional) Boolean to enable connection draining. Default: `false`
* `connection_draining_timeout` - (Optional) The time in seconds to allow for connections to drain. Default: `300`
2015-06-02 21:05:55 +02:00
* `tags` - (Optional) A mapping of tags to assign to the resource.
2014-07-24 03:16:36 +02:00
Exactly one of `availability_zones` or `subnets` must be specified: this
determines if the ELB exists in a VPC or in EC2-classic.
2016-08-01 00:44:21 +02:00
Access Logs (`access_logs`) support the following:
2015-11-04 08:15:02 +01:00
* `bucket` - (Required) The S3 bucket name to store the logs in.
* `bucket_prefix` - (Optional) The S3 bucket prefix. Logs are stored in the root if not configured.
* `interval` - (Optional) The publishing interval in minutes. Default: 60 minutes.
* `enabled` - (Optional) Boolean to enable / disable `access_logs`. Default is `true`
2015-11-04 08:15:02 +01:00
2016-08-01 00:44:21 +02:00
Listeners (`listener`) support the following:
2014-07-24 03:16:36 +02:00
* `instance_port` - (Required) The port on the instance to route to
* `instance_protocol` - (Required) The protocol to use to the instance. Valid
values are `HTTP`, `HTTPS`, `TCP`, or `SSL`
2014-07-24 03:16:36 +02:00
* `lb_port` - (Required) The port to listen on for the load balancer
* `lb_protocol` - (Required) The protocol to listen on. Valid values are `HTTP`,
`HTTPS`, `TCP`, or `SSL`
* `ssl_certificate_id` - (Optional) The ARN of an SSL certificate you have
uploaded to AWS IAM. **Note ECDSA-specific restrictions below. Only valid when `lb_protocol` is either HTTPS or SSL**
2014-07-24 03:16:36 +02:00
2016-08-01 00:44:21 +02:00
Health Check (`health_check`) supports the following:
2014-07-30 14:14:18 +02:00
* `healthy_threshold` - (Required) The number of checks before the instance is declared healthy.
* `unhealthy_threshold` - (Required) The number of checks before the instance is declared unhealthy.
2016-08-19 17:12:56 +02:00
* `target` - (Required) The target of the check. Valid pattern is "${PROTOCOL}:${PORT}${PATH}", where PROTOCOL
values are:
2016-08-19 17:12:56 +02:00
* `HTTP`, `HTTPS` - PORT and PATH are required
* `TCP`, `SSL` - PORT is required, PATH is not supported
2014-07-30 14:14:18 +02:00
* `interval` - (Required) The interval between checks.
* `timeout` - (Required) The length of time before the check times out.
## Note on ECDSA Key Algorithm
If the ARN of the `ssl_certificate_id` that is pointed to references a
certificate that was signed by an ECDSA key, note that ELB only supports the
P256 and P384 curves. Using a certificate signed by a key using a different
curve could produce the error `ERR_SSL_VERSION_OR_CIPHER_MISMATCH` in your
browser.
2014-07-24 03:16:36 +02:00
## Attributes Reference
The following attributes are exported:
* `id` - The name of the ELB
* `name` - The name of the ELB
* `dns_name` - The DNS name of the ELB
* `instances` - The list of instances in the ELB
* `source_security_group` - The name of the security group that you can use as
part of your inbound rules for your load balancer's back-end application
instances. Use this for Classic or Default VPC only.
* `source_security_group_id` - The ID of the security group that you can use as
part of your inbound rules for your load balancer's back-end application
2015-12-03 21:24:35 +01:00
instances. Only available on ELBs launched in a VPC.
2015-04-30 23:58:09 +02:00
* `zone_id` - The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)
## Import
ELBs can be imported using the `name`, e.g.
```
$ terraform import aws_elb.bar elb-production-12345
2016-08-01 00:44:21 +02:00
```