elb.tf
1.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
## Create LoadBalancer
module "m-elb-xpdays" {
source = "./elb"
elb_name = "elb-xpdays"
vpc_id = "${module.vpc.vpc_id}"
subnet_az1 = "${aws_subnet.default_subnet.id}"
subnet_az2 = "${aws_subnet.default_subnet.id}"
backend_port = "3334"
backend_protocol = "http"
ssl_certificate_id = "${data.aws_acm_certificate.star-shalb-com.arn}"
health_check_target = "HTTP:3334/"
# elb_security_group = "${aws_security_group.elb-sg.id}"
}
# Get the certificate assigned
data "aws_acm_certificate" "star-shalb-com" {
domain = "*.aws.shalb.com"
statuses = ["ISSUED"]
}
# Attach the domain to ELB
resource "aws_route53_record" "xpdays-aws-shalb-com" {
zone_id = "Z36XQDCMS0HHZM"
name = "xpdays.aws.shalb.com"
type = "CNAME"
ttl = "300"
records = ["${module.m-elb-xpdays.elb_dns_name}"]
}
## Add rule for access to ELB SG into default SG
resource "aws_security_group_rule" "allow_3334_xpdays" {
type = "ingress"
from_port = 3334
to_port = 3334
protocol = "tcp"
source_security_group_id = "${module.m-elb-xpdays.elb_sg_id}"
security_group_id = "${module.vpc.vpc_default_security_group}"
}