Skip to content

Commit

Permalink
Merge pull request #65 from transcend-io/dmattia/ssl_policy
Browse files Browse the repository at this point in the history 
allow configuring ssl_policy as a variable
  • Loading branch information
@dmattia
dmattia authored Jul 22, 2024
2 parents 0c435dc + 2eadb9c commit 31e2b88
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 4 deletions.
1 change: 1 addition & 0 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module "load_balancer" {
project_id = var.project_id
alb_access_logs = var.alb_access_logs
idle_timeout = var.idle_timeout
var.ssl_policy = var.ssl_policy

# Health check settings
health_check_protocol = var.health_check_protocol
Expand Down
4 changes: 2 additions & 2 deletions modules/sombra_load_balancers/separate_albs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ module internal_load_balancer {
https_listeners = var.use_network_load_balancer ? [] : [{
certificate_arn = var.certificate_arn
port = var.internal_port
ssl_policy = "ELBSecurityPolicy-TLS-1-2-Ext-2018-06"
ssl_policy = var.ssl_policy
}]

# Listeners if NLB
Expand Down Expand Up @@ -136,7 +136,7 @@ module external_load_balancer {
https_listeners = [{
certificate_arn = var.certificate_arn
port = var.external_port
ssl_policy = "ELBSecurityPolicy-TLS-1-2-Ext-2018-06"
ssl_policy = var.ssl_policy
}]

# Target groups
Expand Down
4 changes: 2 additions & 2 deletions modules/sombra_load_balancers/single_alb.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,14 @@ module "load_balancer" {
{
certificate_arn = var.certificate_arn
port = var.internal_port
ssl_policy = "ELBSecurityPolicy-2016-08"
ssl_policy = var.ssl_policy
target_group_index = 0
},
# External Listener
{
certificate_arn = var.certificate_arn
port = var.external_port
ssl_policy = "ELBSecurityPolicy-TLS-1-2-Ext-2018-06"
ssl_policy = var.ssl_policy
target_group_index = 1
},
]
Expand Down
6 changes: 6 additions & 0 deletions modules/sombra_load_balancers/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,12 @@ variable "health_check_protocol" {
default = "HTTPS"
}

variable "ssl_policy" {
type = string
description = "The Security Policy to use for SSL on the load balancers"
default = "ELBSecurityPolicy-TLS-1-2-Ext-2018-06"
}

variable tags {
type = map(string)
description = "Tags to apply to all resources that support them"
Expand Down
5 changes: 5 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -473,3 +473,8 @@ variable "roles_to_assume" {
default = []
}

variable "ssl_policy" {
type = string
description = "The Security Policy to use for SSL on the load balancers"
default = "ELBSecurityPolicy-TLS-1-2-Ext-2018-06"
}

0 comments on commit 31e2b88

Please sign in to comment.