2014-07-24 03:16:36 +02:00
|
|
|
---
|
|
|
|
layout: "aws"
|
|
|
|
page_title: "AWS: aws_elb"
|
|
|
|
sidebar_current: "docs-aws-resource-elb"
|
2014-10-22 05:21:56 +02:00
|
|
|
description: |-
|
|
|
|
Provides an Elastic Load Balancer resource.
|
2014-07-24 03:16:36 +02:00
|
|
|
---
|
|
|
|
|
|
|
|
# aws\_elb
|
|
|
|
|
|
|
|
Provides an Elastic Load Balancer resource.
|
|
|
|
|
2016-05-25 22:58:53 +02:00
|
|
|
~> **NOTE on ELB Instances and ELB Attachments:** Terraform currently
|
|
|
|
provides both a standalone [ELB Attachment resource](elb_attachment.html)
|
|
|
|
(describing an instance attached to an ELB), and an ELB resource with
|
|
|
|
`instances` defined in-line. At this time you cannot use an ELB with in-line
|
2016-11-03 22:07:59 +01:00
|
|
|
instances in conjunction with a ELB Attachment resources. Doing so will cause a
|
2016-05-25 22:58:53 +02:00
|
|
|
conflict and will overwrite attachments.
|
2014-07-24 03:16:36 +02:00
|
|
|
## Example Usage
|
|
|
|
|
|
|
|
```
|
|
|
|
# Create a new load balancer
|
|
|
|
resource "aws_elb" "bar" {
|
2017-02-18 23:48:50 +01:00
|
|
|
name = "foobar-terraform-elb"
|
2014-07-24 03:16:36 +02:00
|
|
|
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
|
|
|
|
|
2015-11-04 08:15:02 +01:00
|
|
|
access_logs {
|
2017-02-18 23:48:50 +01:00
|
|
|
bucket = "foo"
|
2015-11-04 08:15:02 +01:00
|
|
|
bucket_prefix = "bar"
|
2017-02-18 23:48:50 +01:00
|
|
|
interval = 60
|
2015-11-04 08:15:02 +01:00
|
|
|
}
|
|
|
|
|
2014-07-24 03:16:36 +02:00
|
|
|
listener {
|
2017-02-18 23:48:50 +01:00
|
|
|
instance_port = 8000
|
2014-07-24 03:16:36 +02:00
|
|
|
instance_protocol = "http"
|
2017-02-18 23:48:50 +01:00
|
|
|
lb_port = 80
|
|
|
|
lb_protocol = "http"
|
2014-07-24 03:16:36 +02:00
|
|
|
}
|
|
|
|
|
2014-08-11 01:09:05 +02:00
|
|
|
listener {
|
2017-02-18 23:48:50 +01:00
|
|
|
instance_port = 8000
|
|
|
|
instance_protocol = "http"
|
|
|
|
lb_port = 443
|
|
|
|
lb_protocol = "https"
|
2014-10-22 05:21:56 +02:00
|
|
|
ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName"
|
2014-08-11 01:09:05 +02:00
|
|
|
}
|
|
|
|
|
2014-07-30 14:14:18 +02:00
|
|
|
health_check {
|
2017-02-18 23:48:50 +01:00
|
|
|
healthy_threshold = 2
|
2014-07-30 14:14:18 +02:00
|
|
|
unhealthy_threshold = 2
|
2017-02-18 23:48:50 +01:00
|
|
|
timeout = 3
|
|
|
|
target = "HTTP:8000/"
|
|
|
|
interval = 30
|
2014-07-30 14:14:18 +02:00
|
|
|
}
|
|
|
|
|
2017-02-18 23:48:50 +01:00
|
|
|
instances = ["${aws_instance.foo.id}"]
|
|
|
|
cross_zone_load_balancing = true
|
|
|
|
idle_timeout = 400
|
|
|
|
connection_draining = true
|
2015-04-13 22:14:26 +02:00
|
|
|
connection_draining_timeout = 400
|
2015-06-02 21:05:55 +02:00
|
|
|
|
|
|
|
tags {
|
|
|
|
Name = "foobar-terraform-elb"
|
|
|
|
}
|
2014-07-24 03:16:36 +02:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
## Argument Reference
|
|
|
|
|
|
|
|
The following arguments are supported:
|
|
|
|
|
2015-06-30 14:01:07 +02:00
|
|
|
* `name` - (Optional) The name of the ELB. By default generated by terraform.
|
2015-11-04 08:15:02 +01:00
|
|
|
* `access_logs` - (Optional) An Access Logs block. Access Logs documented below.
|
2015-02-10 17:10:03 +01:00
|
|
|
* `availability_zones` - (Required for an EC2-classic ELB) The AZ's to serve traffic in.
|
2016-09-02 23:25:01 +02:00
|
|
|
* `security_groups` - (Optional) A list of security group IDs to assign to the ELB.
|
2016-03-04 09:28:37 +01:00
|
|
|
Only valid if creating an ELB within a VPC
|
2015-02-10 17:10:03 +01:00
|
|
|
* `subnets` - (Required for a VPC ELB) A list of subnet IDs to attach to the ELB.
|
2015-01-14 18:28:25 +01:00
|
|
|
* `instances` - (Optional) A list of instance ids to place in the ELB pool.
|
2014-09-30 22:30:15 +02:00
|
|
|
* `internal` - (Optional) If true, ELB will be an internal ELB.
|
2015-01-14 18:28:25 +01:00
|
|
|
* `listener` - (Required) A list of listener blocks. Listeners documented below.
|
2014-08-22 02:08:51 +02:00
|
|
|
* `health_check` - (Optional) A health_check block. Health Check documented below.
|
2016-06-02 14:29:29 +02:00
|
|
|
* `cross_zone_load_balancing` - (Optional) Enable cross-zone load balancing. Default: `true`
|
2016-11-15 22:00:13 +01:00
|
|
|
* `idle_timeout` - (Optional) The time in seconds that the connection is allowed to be idle. Default: `60`
|
|
|
|
* `connection_draining` - (Optional) Boolean to enable connection draining. Default: `false`
|
|
|
|
* `connection_draining_timeout` - (Optional) The time in seconds to allow for connections to drain. Default: `300`
|
2015-06-02 21:05:55 +02:00
|
|
|
* `tags` - (Optional) A mapping of tags to assign to the resource.
|
2014-07-24 03:16:36 +02:00
|
|
|
|
2015-02-10 17:10:03 +01:00
|
|
|
Exactly one of `availability_zones` or `subnets` must be specified: this
|
|
|
|
determines if the ELB exists in a VPC or in EC2-classic.
|
|
|
|
|
2016-08-01 00:44:21 +02:00
|
|
|
Access Logs (`access_logs`) support the following:
|
2015-11-04 08:15:02 +01:00
|
|
|
|
|
|
|
* `bucket` - (Required) The S3 bucket name to store the logs in.
|
|
|
|
* `bucket_prefix` - (Optional) The S3 bucket prefix. Logs are stored in the root if not configured.
|
|
|
|
* `interval` - (Optional) The publishing interval in minutes. Default: 60 minutes.
|
2016-08-29 22:15:10 +02:00
|
|
|
* `enabled` - (Optional) Boolean to enable / disable `access_logs`. Default is `true`
|
2015-11-04 08:15:02 +01:00
|
|
|
|
2016-08-01 00:44:21 +02:00
|
|
|
Listeners (`listener`) support the following:
|
2014-07-24 03:16:36 +02:00
|
|
|
|
|
|
|
* `instance_port` - (Required) The port on the instance to route to
|
2015-11-12 18:10:52 +01:00
|
|
|
* `instance_protocol` - (Required) The protocol to use to the instance. Valid
|
|
|
|
values are `HTTP`, `HTTPS`, `TCP`, or `SSL`
|
2014-07-24 03:16:36 +02:00
|
|
|
* `lb_port` - (Required) The port to listen on for the load balancer
|
2015-11-12 18:10:52 +01:00
|
|
|
* `lb_protocol` - (Required) The protocol to listen on. Valid values are `HTTP`,
|
|
|
|
`HTTPS`, `TCP`, or `SSL`
|
2016-04-27 16:02:43 +02:00
|
|
|
* `ssl_certificate_id` - (Optional) The ARN of an SSL certificate you have
|
2016-09-02 23:25:01 +02:00
|
|
|
uploaded to AWS IAM. **Note ECDSA-specific restrictions below. Only valid when `lb_protocol` is either HTTPS or SSL**
|
2014-07-24 03:16:36 +02:00
|
|
|
|
2016-08-01 00:44:21 +02:00
|
|
|
Health Check (`health_check`) supports the following:
|
2014-07-30 14:14:18 +02:00
|
|
|
|
|
|
|
* `healthy_threshold` - (Required) The number of checks before the instance is declared healthy.
|
|
|
|
* `unhealthy_threshold` - (Required) The number of checks before the instance is declared unhealthy.
|
2016-08-19 17:12:56 +02:00
|
|
|
* `target` - (Required) The target of the check. Valid pattern is "${PROTOCOL}:${PORT}${PATH}", where PROTOCOL
|
2016-11-15 22:00:13 +01:00
|
|
|
values are:
|
2016-08-19 17:12:56 +02:00
|
|
|
* `HTTP`, `HTTPS` - PORT and PATH are required
|
|
|
|
* `TCP`, `SSL` - PORT is required, PATH is not supported
|
2014-07-30 14:14:18 +02:00
|
|
|
* `interval` - (Required) The interval between checks.
|
|
|
|
* `timeout` - (Required) The length of time before the check times out.
|
|
|
|
|
2016-09-02 23:25:01 +02:00
|
|
|
## Note on ECDSA Key Algorithm
|
|
|
|
|
|
|
|
If the ARN of the `ssl_certificate_id` that is pointed to references a
|
|
|
|
certificate that was signed by an ECDSA key, note that ELB only supports the
|
|
|
|
P256 and P384 curves. Using a certificate signed by a key using a different
|
|
|
|
curve could produce the error `ERR_SSL_VERSION_OR_CIPHER_MISMATCH` in your
|
|
|
|
browser.
|
|
|
|
|
2014-07-24 03:16:36 +02:00
|
|
|
## Attributes Reference
|
|
|
|
|
|
|
|
The following attributes are exported:
|
|
|
|
|
|
|
|
* `id` - The name of the ELB
|
|
|
|
* `name` - The name of the ELB
|
|
|
|
* `dns_name` - The DNS name of the ELB
|
2015-01-14 18:28:25 +01:00
|
|
|
* `instances` - The list of instances in the ELB
|
2015-04-28 16:40:19 +02:00
|
|
|
* `source_security_group` - The name of the security group that you can use as
|
|
|
|
part of your inbound rules for your load balancer's back-end application
|
2015-11-06 18:20:30 +01:00
|
|
|
instances. Use this for Classic or Default VPC only.
|
|
|
|
* `source_security_group_id` - The ID of the security group that you can use as
|
|
|
|
part of your inbound rules for your load balancer's back-end application
|
2015-12-03 21:24:35 +01:00
|
|
|
instances. Only available on ELBs launched in a VPC.
|
2015-04-30 23:58:09 +02:00
|
|
|
* `zone_id` - The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record)
|
2016-07-21 00:28:59 +02:00
|
|
|
|
|
|
|
## Import
|
|
|
|
|
2016-09-02 23:25:01 +02:00
|
|
|
ELBs can be imported using the `name`, e.g.
|
2016-07-21 00:28:59 +02:00
|
|
|
|
|
|
|
```
|
|
|
|
$ terraform import aws_elb.bar elb-production-12345
|
2016-08-01 00:44:21 +02:00
|
|
|
```
|