1st-Repo/9-LoadBalancer.tf at main · devopsgill/1st-Repo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
resource "aws_lb" "T4Gapp1_alb" {
  name               = "T4Gapp1-load-balancer"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.T4Gapp1-443-sg02-LB01.id]
  subnets            = [
    aws_subnet.public-us-east-1a.id,
    aws_subnet.public-us-east-1b.id,
    aws_subnet.public-us-east-1c.id,

  ]
  enable_deletion_protection = false
#Lots of death and suffering here, make sure it's false

  tags = {
    Name    = "T4Gapp1LoadBalancer"
    Service = "T4Gapp1"
    Owner   = "Megatron"
    Project = "Web Service"
  }
}

resource "aws_lb_listener" "http" {
  load_balancer_arn = aws_lb.T4Gapp1_alb.arn
  port              = 80
  protocol          = "HTTP"

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.T4Gapp1_tg.arn
  }
}

data "aws_acm_certificate" "cert" {
  domain   = "technology4gold.com"
  statuses = ["ISSUED"]
  most_recent = true
}


resource "aws_lb_listener" "https" {
  load_balancer_arn = aws_lb.T4Gapp1_alb.arn
  port              = 443
  protocol          = "HTTPS"
  ssl_policy        = "ELBSecurityPolicy-TLS13-1-2-2021-06"  # or whichever policy suits your requirements
  certificate_arn   = data.aws_acm_certificate.cert.arn


  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.T4Gapp1_tg.arn
  }
}

output "lb_dns_name" {
  value       = aws_lb.T4Gapp1_alb.dns_name
  description = "The DNS name of the T4Gapp1 Load Balancer."
}