This is the common component:
# Create a single load balancer for all Atlassian services
resource "aws_alb" "atlassian" {
name = "${var.name}"
internal = false
idle_timeout = "300"
security_groups = [
"${aws_security_group.atlassian-alb.id}",
"${module.open-egress-sg.id}"
]
subnets = ["${module.vpc.public_subnet_ids}"]
enable_deletion_protection = true
# access_logs {
# bucket = "${aws_s3_bucket.alb_logs.bucket}"
# prefix = "test-alb"
# }
tags {
Name = "${var.name}"
Apps = "Crowd-Docker_Registry-Bitbucket-JIRA"
}
}
# Define a listener
resource "aws_alb_listener" "atlassian" {
load_balancer_arn = "${aws_alb.atlassian.arn}"
port = "443"
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-2015-05"
certificate_arn = "${var.ssl_arn}"
default_action {
target_group_arn = "${aws_alb_target_group.bitbucket.arn}"
type = "forward"
}
}
Then each application you want to hookup to the ALB would get something like the following:
## Connect crowd ASG up to the Application Load Balancer (see load-balancer.tf)
resource "aws_alb_target_group" "crowd" {
name = "${var.name}-crowd"
port = 8095
protocol = "HTTP"
vpc_id = "${module.vpc.vpc_id}"
}
resource "aws_alb_listener_rule" "crowd" {
listener_arn = "${aws_alb_listener.atlassian.arn}"
priority = 98
action {
type = "forward"
target_group_arn = "${aws_alb_target_group.crowd.arn}"
}
condition {
field = "host-header"
values = ["crowd.foobar.com"]
}
}