terraform-aws-load-balancer/modules/gwlb-ip-target-group/variables.tf at main · tedilabs/terraform-aws-load-balancer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
variable "region" {
  description = "(Optional) The region in which to create the module resources. If not provided, the module resources will be created in the provider's configured region."
  type        = string
  default     = null
  nullable    = true
}

variable "name" {
  description = "(Required) Name of the target group. A maximum of 32 alphanumeric characters including hyphens are allowed, but the name must not begin or end with a hyphen."
  type        = string
  nullable    = false

  validation {
    condition     = length(var.name) <= 32
    error_message = "The name can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen."
  }
}

variable "vpc_id" {
  description = "(Required) The ID of the VPC which the target group belongs to."
  type        = string
  nullable    = false
}

variable "targets" {
  description = <<EOF
  (Optional) A set of targets to add to the target group. Each value of `targets` block as defined below.
    (Required) `ip_address` - Specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses. Support also IPv6 addresses.
  EOF
  type = set(object({
    ip_address = string
  }))
  default  = []
  nullable = false
}

variable "deregistration_delay" {
  description = "(Optional) The time to wait for in-flight requests to complete while deregistering a target. During this time, the state of the target is draining. Valid values are from `0` to `3600` seconds. Defaults to `300` seconds."
  type        = number
  default     = 300
  nullable    = false

  validation {
    condition     = var.deregistration_delay <= 3600 && var.deregistration_delay >= 0
    error_message = "Valid value range is 0 - 3600."
  }
}

variable "target_failover" {
  description = <<EOF
  (Optional) A configuration for how Gateway Load Balancer handles existing flows on target deregistration and unhealthy events. `target_failover` as defined below.
    (Optional) `rebalance_on_deregistration` - Whether to rebalance existing flows when a target is deregistered. If `true`, the load balancer will rebalance existing flows across the remaining healthy targets. Defaults to `false`.
    (Optional) `rebalance_on_unhealthy` - Whether to rebalance existing flows when a target is marked unhealthy. If `true`, the load balancer will rebalance existing flows across the remaining healthy targets. Defaults to `false`.
  EOF
  type = object({
    rebalance_on_deregistration = optional(bool, false)
    rebalance_on_unhealthy      = optional(bool, false)
  })
  default  = {}
  nullable = false

  validation {
    condition     = var.target_failover.rebalance_on_deregistration == var.target_failover.rebalance_on_unhealthy
    error_message = "`target_failover.rebalance_on_deregistration` and `target_failover.rebalance_on_unhealthy` must be equal."
  }
}

variable "flow_stickiness" {
  description = <<EOF
  (Optional) A configuration for flow stickiness of the target group. `flow_stickiness` as defined below.
    (Optional) `type` - The type of flow stickiness. Valid values are `5-tuple`, `3-tuple` and `2-tuple`. Defaults to `5-tuple`.
      `5-tuple` - Source IP, Source Port, Destination IP, Destination Port and Transport Protocol.
      `3-tuple` - Source IP, Destination IP and Transport Protocol.
      `2-tuple` - Source IP and Destination IP.
  EOF
  type = object({
    type = optional(string, "5-tuple")
  })
  default  = {}
  nullable = false

  validation {
    condition     = contains(["5-tuple", "3-tuple", "2-tuple"], var.flow_stickiness.type)
    error_message = "Valid values for `type` are `5-tuple`, `3-tuple` and `2-tuple`."
  }
}

variable "health_check" {
  description = <<EOF
  (Optional) A configurations for Health Check of the target group. The associated load balancer periodically sends requests to the registered targets to test their status. `health_check` block as defined below.
    (Optional) `protocol` - Protocol to use to connect with the target. The possible values are `TCP`, `HTTP` and `HTTPS`. Defaults to `TCP`.
    (Optional) `port` - The port the load balancer uses when performing health checks on targets. The default is the port on which each target receives traffic from the load balancer. Valid values are either ports 1-65535.
    (Optional) `port_override` - Whether to override the port on which each target receives traffic from the load balancer to a different port. Defaults to `false`.
    (Optional) `path` - The ping path for the HTTP or HTTPS protocol. Defaults to `/`. A path can have a maximum of 1024 characters.
    (Optional) `success_codes` - The HTTP codes to use when checking for a successful response from a target for the HTTP or HTPS protocol. You can specify multiple values (for example, `200,202`) or a range of values (for example, `200-299`). Defaults to `200-399`.
    (Optional) `healthy_threshold` - The number of consecutive health checks successes required before considering an unhealthy target healthy. Valid value range is 2 - 10. Defaults to `5`.
    (Optional) `unhealthy_threshold` - The number of consecutive health check failures required before considering a target unhealthy. Valid value range is 2 - 10. Defaults to `2`.
    (Optional) `interval` - Approximate amount of time, in seconds, between health checks of an individual target. Valid value range is 5 - 300. Defaults to `30`.
    (Optional) `timeout` - The amount of time, in seconds, during which no response means a failed health check. Valid value range is 2 - 120. Defaults to `5`.
  EOF
  type = object({
    protocol      = optional(string, "TCP")
    port          = optional(number)
    port_override = optional(bool, false)
    path          = optional(string, "/")
    success_codes = optional(string, "200-399")

    healthy_threshold   = optional(number, 5)
    unhealthy_threshold = optional(number, 2)
    interval            = optional(number, 10)
    timeout             = optional(number, 5)
  })
  default  = {}
  nullable = false

  validation {
    condition     = contains(["TCP", "HTTP", "HTTPS"], var.health_check.protocol)
    error_message = "Valid values for `protocol` are `TCP`, `HTTP` and `HTTPS`."
  }
  validation {
    condition = anytrue([
      var.health_check.port == null,
      var.health_check.port != null && (
        var.health_check.port >= 1 &&
        var.health_check.port <= 65535
      ),
    ])
    error_message = "Valid values for `port` are either ports 1-65535."
  }
  validation {
    condition     = length(var.health_check.path) <= 1024
    error_message = "A path can have a maximum of 1024 characters."
  }
  validation {
    condition = alltrue([
      var.health_check.healthy_threshold >= 2,
      var.health_check.healthy_threshold <= 10,
    ])
    error_message = "Valid value range for `healthy_threshold` is 2 - 10."
  }
  validation {
    condition = alltrue([
      var.health_check.unhealthy_threshold >= 2,
      var.health_check.unhealthy_threshold <= 10,
    ])
    error_message = "Valid value range for `unhealthy_threshold` is 2 - 10."
  }
  validation {
    condition = alltrue([
      var.health_check.interval >= 5,
      var.health_check.interval <= 300,
    ])
    error_message = "Valid value range for `interval` is 5 - 300."
  }
  validation {
    condition = alltrue([
      var.health_check.timeout >= 2,
      var.health_check.timeout <= 120,
    ])
    error_message = "Valid value range for `timeout` is 2 - 120."
  }
}

variable "tags" {
  description = "(Optional) A map of tags to add to all resources."
  type        = map(string)
  default     = {}
  nullable    = false
}

variable "module_tags_enabled" {
  description = "(Optional) Whether to create AWS Resource Tags for the module informations."
  type        = bool
  default     = true
  nullable    = false
}


###################################################
# Resource Group
###################################################

variable "resource_group" {
  description = <<EOF
  (Optional) A configurations of Resource Group for this module. `resource_group` as defined below.
    (Optional) `enabled` - Whether to create Resource Group to find and group AWS resources which are created by this module. Defaults to `true`.
    (Optional) `name` - The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. If not provided, a name will be generated using the module name and instance name.
    (Optional) `description` - The description of Resource Group. Defaults to `Managed by Terraform.`.
  EOF
  type = object({
    enabled     = optional(bool, true)
    name        = optional(string, "")
    description = optional(string, "Managed by Terraform.")
  })
  default  = {}
  nullable = false
}