41 lines
1.3 KiB
HCL
41 lines
1.3 KiB
HCL
# Here is the application load balancer that we use for services hosted on ECS
|
|
##############################################################################
|
|
|
|
|
|
# The LB that we'll use to move traffic into our services
|
|
#########################################################
|
|
resource "aws_lb" "alpha" {
|
|
name = "alpha-lb"
|
|
internal = false
|
|
load_balancer_type = "application"
|
|
subnets = [ aws_subnet.delphi.id, aws_subnet.crete_subnet.id ]
|
|
security_groups = [ aws_security_group.ecs_web_ingress.id ]
|
|
# TODO: change this to true later
|
|
enable_deletion_protection = false
|
|
}
|
|
|
|
## ECS services manage themselves when it comes to registering to the
|
|
## target group so we only need to provide the pool
|
|
#####################################################################
|
|
resource "aws_lb_target_group" "alpha_cluster" {
|
|
name = "${var.athens_prefix}-alpha-cluster"
|
|
port = 80
|
|
protocol = "HTTP"
|
|
target_type = "ip"
|
|
vpc_id = aws_vpc.athens_vpc.id
|
|
}
|
|
|
|
resource "aws_lb_listener" "https" {
|
|
load_balancer_arn = aws_lb.alpha.arn
|
|
port = 443
|
|
protocol = "HTTPS"
|
|
ssl_policy = "ELBSecurityPolicy-2016-08"
|
|
|
|
certificate_arn = aws_acm_certificate_validation.sample.certificate_arn
|
|
default_action {
|
|
type = "forward"
|
|
target_group_arn = aws_lb_target_group.alpha_cluster.arn
|
|
}
|
|
}
|
|
|