Skip to content

Instantly share code, notes, and snippets.

@alsmola

alsmola/gsuite_saml_cognito_alb.tf

Created February 1, 2020 18:19
Show Gist options
  • Save alsmola/65613208c436d6edf0c762619da933ed to your computer and use it in GitHub Desktop.
Save alsmola/65613208c436d6edf0c762619da933ed to your computer and use it in GitHub Desktop.
Download ZIP
ALB for gsuite-saml-cognito
Raw
gsuite_saml_cognito_alb.tf
resource "aws_lb" "app1" {
name = "App1"
internal = false
load_balancer_type = "application"
security_groups = ["<your-security-group>"]
subnets = ["<your-subnet-id>"]
}
resource "aws_lb_target_group" "app1" {
name = "App1"
port = <your-port>
protocol = "HTTP"
vpc_id = "<your-vpc-id>"
}
resource "aws_lb_listener" "app1" {
load_balancer_arn = "${aws_lb.app1.arn}"
port = "443"
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-2016-08"
certificate_arn = "<your-cert-arn>"
default_action {
type = "forward"
target_group_arn = "${aws_lb_target_group.app1.arn}"
}
}
resource "aws_lb_listener_rule" "admin" {
listener_arn = "${aws_lb_listener.app1.arn}"
action {
type = "authenticate-cognito"
authenticate_cognito {
user_pool_arn = "${module.gsuite_saml_cognito.cognito_user_pool_arn}"
user_pool_client_id = "${module.gsuite_saml_cognito.cognito_user_pool_client_id}"
user_pool_domain = "${module.gsuite_saml_cognito.cognito_user_pool_domain}"
}
}
condition {
path_pattern {
values = ["/auth"]
}
}
action {
type = "forward"
target_group_arn = "${aws_lb_target_group.app1.arn}"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment