-
-
Save ketzacoatl/be53b0d3bb286093648584fe32045665 to your computer and use it in GitHub Desktop.
| # Security Group for ALB | |
| resource "aws_security_group" "atlassian-alb" { | |
| name = "${var.name}-load-balancer" | |
| description = "allow HTTPS to ${var.name} Load Balancer (ALB)" | |
| vpc_id = "${module.vpc.vpc_id}" | |
| ingress { | |
| from_port = "443" | |
| to_port = "443" | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| tags { | |
| Name = "${var.name}" | |
| } | |
| } | |
| # Create a single load balancer for all Atlassian services | |
| resource "aws_alb" "atlassian" { | |
| name = "${var.name}" | |
| internal = false | |
| idle_timeout = "300" | |
| security_groups = [ | |
| "${aws_security_group.atlassian-alb.id}", | |
| "${module.open-egress-sg.id}" | |
| ] | |
| subnets = ["${module.vpc.public_subnet_ids}"] | |
| enable_deletion_protection = true | |
| # access_logs { | |
| # bucket = "${aws_s3_bucket.alb_logs.bucket}" | |
| # prefix = "test-alb" | |
| # } | |
| tags { | |
| Name = "${var.name}" | |
| } | |
| } | |
| # Define a listener | |
| resource "aws_alb_listener" "atlassian" { | |
| load_balancer_arn = "${aws_alb.atlassian.arn}" | |
| port = "443" | |
| protocol = "HTTPS" | |
| ssl_policy = "ELBSecurityPolicy-2015-05" | |
| certificate_arn = "${var.ssl_arn}" | |
| default_action { | |
| target_group_arn = "${aws_alb_target_group.bitbucket.arn}" | |
| type = "forward" | |
| } | |
| } | |
| # Connect bitbucket ASG up to the Application Load Balancer (see load-balancer.tf) | |
| resource "aws_alb_target_group" "bitbucket" { | |
| name = "${var.name}-bitbucket" | |
| port = 7990 | |
| protocol = "HTTP" | |
| vpc_id = "${module.vpc.vpc_id}" | |
| } | |
| resource "aws_alb_listener_rule" "bitbucket" { | |
| listener_arn = "${aws_alb_listener.atlassian.arn}" | |
| priority = 99 | |
| action { | |
| type = "forward" | |
| target_group_arn = "${aws_alb_target_group.bitbucket.arn}" | |
| } | |
| condition { | |
| field = "host-header" | |
| values = ["bitbucket.example.com"] | |
| } | |
| } | |
| # create single-node auto-scaling group to run bitbucket | |
| module "bitbucket-asg" { | |
| ... | |
| alb_target_group_arns = ["${aws_alb_target_group.bitbucket.arn}"] | |
| } |
How do I attach Application Load Balancer (ALB) directly with Auto-scaling Group(ASG) in aws.
Sorry to have missed your message @danyal2050! I'll assume you were able to answer it, but to address the question for future readers:
The ALB can be attached to an ASG in one of several ways between AWS and Terraform.
First, the ALB and ELB are slightly different. Next, it's possible to attach either "by-instance" or "by-ASG".
On the Terraform side, we are creating a link between several resource types. We can either link them when creating the resources, or we can create the resources and attach them with a third "attachment" resource.
For example, when creating an ASG, we have load_balancers for ELB, and target_group_arns for ALB. These are parameters on the aws_autoscaling_group resource:
load_balancers(Optional) A list of elastic load balancer names to add to the autoscaling group names. Only valid for classic load balancers. For ALBs, use target_group_arns instead.
target_group_arns(Optional) A list of aws_alb_target_group ARNs, for use with Application or Network Load Balancing.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#target_group_arns
It is also possible to associate those resources after creating them, using the elb_attachment resource for ELB, and the lb_target_group_attachment resource for ALB. Creating the resources separately, and then using the attachment resource allows for slightly better control over which ASG are associated with which TG, for A/B deployments, and similar operational strategies.
How do I attach Application Load Balancer (ALB) directly with Auto-scaling Group(ASG) in aws.