Skip to content

Instantly share code, notes, and snippets.

@channainfo

channainfo/main.tf

Created January 26, 2022 03:07
Show Gist options
  • Save channainfo/81436d52d8a352149df33223185cf7aa to your computer and use it in GitHub Desktop.
Save channainfo/81436d52d8a352149df33223185cf7aa to your computer and use it in GitHub Desktop.
Download ZIP
Amazon application load balancer with multiple certificates attachment
Raw
main.tf
resource "aws_lb" "main" {
name = var.name
load_balancer_type = "application"
security_groups = var.security_group_ids
enable_deletion_protection = true
subnets = var.subnet_ids
internal = false
tags = var.default_tags
}
resource "aws_lb_target_group" "main" {
name = var.name
port = var.container_port
protocol = "HTTP"
vpc_id = var.vpc_id
target_type = "ip"
health_check {
path = var.health_check_path
port = "traffic-port"
healthy_threshold = 3
unhealthy_threshold = 10
timeout = 30
interval = 60
matcher = "200"
}
}
resource "aws_lb_listener" "http" {
load_balancer_arn = aws_lb.main.id
port = var.container_port
protocol = "HTTP"
depends_on = [aws_lb_target_group.main]
default_action {
type = "redirect"
redirect {
port = 443
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
}
resource "aws_lb_listener" "https" {
load_balancer_arn = aws_lb.main.id
port = 443
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-2016-08"
certificate_arn = var.default_acm_certificate_arn
depends_on = [aws_lb_target_group.main]
default_action {
target_group_arn = aws_lb_target_group.main.arn
type = "forward"
}
}
resource "aws_lb_listener_certificate" "https_additional_certs" {
count = length(var.additional_certs)
listener_arn = aws_lb_listener.https.arn
certificate_arn = var.additional_certs[count.index]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment