98 lines
2.9 KiB
HCL
98 lines
2.9 KiB
HCL
locals {
|
|
use = var.use
|
|
name = var.name
|
|
vpc_id = var.vpc_id
|
|
security_group_id = var.security_group_id
|
|
subnets = var.subnets
|
|
access_info = (var.access_info == null ? {} : var.access_info)
|
|
create = (local.use == "create" ? 1 : 0)
|
|
select = (local.use == "select" ? 1 : 0)
|
|
eips = (local.select == 1 ? data.aws_eip.selected : aws_eip.created)
|
|
public_ips = (local.select == 1 ? [for e in data.aws_eip.selected : e.public_ip if can(e.public_ip)] : [for e in aws_eip.created : e.public_ip if can(e.public_ip)])
|
|
}
|
|
|
|
data "aws_lb" "selected" {
|
|
count = local.select
|
|
tags = {
|
|
Name = local.name
|
|
}
|
|
}
|
|
|
|
data "aws_eip" "selected" {
|
|
for_each = (local.select == 1 ? local.subnets : {})
|
|
filter {
|
|
name = "name"
|
|
values = [local.name]
|
|
}
|
|
}
|
|
|
|
resource "aws_eip" "created" {
|
|
for_each = (local.create == 1 ? local.subnets : {})
|
|
domain = "vpc"
|
|
associate_with_private_ip = cidrhost(each.value.cidr, -2) # map the eip to the last available ip of the private subnet
|
|
tags = {
|
|
Name = local.name
|
|
}
|
|
}
|
|
|
|
resource "aws_security_group" "load_balancer" {
|
|
count = local.create
|
|
name = local.name
|
|
description = "Security group for load balancer ${local.name}"
|
|
vpc_id = local.vpc_id
|
|
tags = {
|
|
Name = local.name
|
|
}
|
|
}
|
|
|
|
resource "aws_security_group_rule" "external_ingress" {
|
|
for_each = (local.create == 1 ? local.access_info : {})
|
|
security_group_id = aws_security_group.load_balancer[0].id
|
|
type = "ingress"
|
|
from_port = each.value.port
|
|
to_port = each.value.port
|
|
protocol = each.value.protocol
|
|
cidr_blocks = each.value.cidrs
|
|
}
|
|
|
|
resource "aws_lb" "new" {
|
|
count = local.create
|
|
name = local.name
|
|
internal = false
|
|
load_balancer_type = "network"
|
|
security_groups = [local.security_group_id]
|
|
enable_cross_zone_load_balancing = true
|
|
dynamic "subnet_mapping" {
|
|
for_each = local.subnets
|
|
content {
|
|
subnet_id = subnet_mapping.value.id
|
|
allocation_id = local.eips[subnet_mapping.key].id
|
|
}
|
|
}
|
|
tags = {
|
|
Name = local.name
|
|
}
|
|
}
|
|
|
|
resource "aws_lb_target_group" "created" {
|
|
for_each = (local.create == 1 ? local.access_info : {})
|
|
name_prefix = "${substr(md5("${local.name}-${each.key}"), 0, 5)}-"
|
|
port = each.value.port
|
|
protocol = upper(each.value.protocol)
|
|
vpc_id = local.vpc_id
|
|
tags = {
|
|
Name = "${local.name}-${each.key}"
|
|
}
|
|
}
|
|
|
|
resource "aws_lb_listener" "created" {
|
|
for_each = (local.create == 1 ? local.access_info : {})
|
|
load_balancer_arn = aws_lb.new[0].arn
|
|
port = each.value.port
|
|
protocol = upper(each.value.protocol)
|
|
default_action {
|
|
type = "forward"
|
|
target_group_arn = aws_lb_target_group.created[each.key].arn
|
|
}
|
|
}
|