Provides an Elastic Load Balancer resource, also known as a "Classic Load Balancer" after the release of Application/Network Load Balancers.
NOTE on ELB Instances and ELB Attachments: Terraform currently provides both a standalone ELB Attachment resource (describing an instance attached to an ELB), and an ELB resource with
instances
defined in-line. At this time you cannot use an ELB with in-line instances in conjunction with a ELB Attachment resources. Doing so will cause a conflict and will overwrite attachments.
# Create a new load balancer resource "aws_elb" "bar" { name = "foobar-terraform-elb" availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] access_logs { bucket = "foo" bucket_prefix = "bar" interval = 60 } listener { instance_port = 8000 instance_protocol = "http" lb_port = 80 lb_protocol = "http" } listener { instance_port = 8000 instance_protocol = "http" lb_port = 443 lb_protocol = "https" ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName" } health_check { healthy_threshold = 2 unhealthy_threshold = 2 timeout = 3 target = "HTTP:8000/" interval = 30 } instances = ["${aws_instance.foo.id}"] cross_zone_load_balancing = true idle_timeout = 400 connection_draining = true connection_draining_timeout = 400 tags { Name = "foobar-terraform-elb" } }
The following arguments are supported:
name
- (Optional) The name of the ELB. By default generated by Terraform. name_prefix
- (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with name
. access_logs
- (Optional) An Access Logs block. Access Logs documented below. availability_zones
- (Required for an EC2-classic ELB) The AZ's to serve traffic in. security_groups
- (Optional) A list of security group IDs to assign to the ELB. Only valid if creating an ELB within a VPC subnets
- (Required for a VPC ELB) A list of subnet IDs to attach to the ELB. instances
- (Optional) A list of instance ids to place in the ELB pool. internal
- (Optional) If true, ELB will be an internal ELB. listener
- (Required) A list of listener blocks. Listeners documented below. health_check
- (Optional) A health_check block. Health Check documented below. cross_zone_load_balancing
- (Optional) Enable cross-zone load balancing. Default: true
idle_timeout
- (Optional) The time in seconds that the connection is allowed to be idle. Default: 60
connection_draining
- (Optional) Boolean to enable connection draining. Default: false
connection_draining_timeout
- (Optional) The time in seconds to allow for connections to drain. Default: 300
tags
- (Optional) A mapping of tags to assign to the resource. Exactly one of availability_zones
or subnets
must be specified: this determines if the ELB exists in a VPC or in EC2-classic.
Access Logs (access_logs
) support the following:
bucket
- (Required) The S3 bucket name to store the logs in. bucket_prefix
- (Optional) The S3 bucket prefix. Logs are stored in the root if not configured. interval
- (Optional) The publishing interval in minutes. Default: 60 minutes. enabled
- (Optional) Boolean to enable / disable access_logs
. Default is true
Listeners (listener
) support the following:
instance_port
- (Required) The port on the instance to route to instance_protocol
- (Required) The protocol to use to the instance. Valid values are HTTP
, HTTPS
, TCP
, or SSL
lb_port
- (Required) The port to listen on for the load balancer lb_protocol
- (Required) The protocol to listen on. Valid values are HTTP
, HTTPS
, TCP
, or SSL
ssl_certificate_id
- (Optional) The ARN of an SSL certificate you have uploaded to AWS IAM. Note ECDSA-specific restrictions below. Only valid when lb_protocol
is either HTTPS or SSL Health Check (health_check
) supports the following:
healthy_threshold
- (Required) The number of checks before the instance is declared healthy. unhealthy_threshold
- (Required) The number of checks before the instance is declared unhealthy. target
- (Required) The target of the check. Valid pattern is "${PROTOCOL}:${PORT}${PATH}", where PROTOCOL values are: interval
- (Required) The interval between checks. timeout
- (Required) The length of time before the check times out. If the ARN of the ssl_certificate_id
that is pointed to references a certificate that was signed by an ECDSA key, note that ELB only supports the P256 and P384 curves. Using a certificate signed by a key using a different curve could produce the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH
in your browser.
In addition to all arguments above, the following attributes are exported:
id
- The name of the ELB arn
- The ARN of the ELB name
- The name of the ELB dns_name
- The DNS name of the ELB instances
- The list of instances in the ELB source_security_group
- The name of the security group that you can use as part of your inbound rules for your load balancer's back-end application instances. Use this for Classic or Default VPC only. source_security_group_id
- The ID of the security group that you can use as part of your inbound rules for your load balancer's back-end application instances. Only available on ELBs launched in a VPC. zone_id
- The canonical hosted zone ID of the ELB (to be used in a Route 53 Alias record) ELBs can be imported using the name
, e.g.
$ terraform import aws_elb.bar elb-production-12345
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/aws/r/elb.html