Skip to content

Commit 24767ec

Browse files
johncblandiiaknysh
authored andcommitted
Add support for ALB SSLPolicy (#60)
* Allow aws:elasticbeanstalk:managedactions toggling * Remove duplicate DeploymentPolicy setting * Add support for CloudWatch health log streaming * Updated documentation * Rebuild README * Add all beanstalk outputs * Documentation updates * Add description variable and fix for boolean values * Remove description output It is listed in the documentation but fails every time. It isn’t a critical output anyway. Error: Error running plan: 1 error(s) occurred: * module.elastic_beanstalk_environment.output.description: Resource 'aws_elastic_beanstalk_environment.default' does not have attribute 'description' for variable 'aws_elastic_beanstalk_environment.default.description' * Documentation update * Updated enable_managed_actions documentation * tf fmt * Add ALB SSLPolicy support
1 parent 138e006 commit 24767ec

File tree

4 files changed

+12
-0
lines changed

4 files changed

+12
-0
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,7 @@ Available targets:
8787
| loadbalancer_certificate_arn | Load Balancer SSL certificate ARN. The certificate must be present in AWS Certificate Manager | string | `` | no |
8888
| loadbalancer_managed_security_group | Load balancer managed security group | string | `` | no |
8989
| loadbalancer_security_groups | Load balancer security groups | list | `<list>` | no |
90+
| loadbalancer_ssl_policy | Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer. | string | `` | no |
9091
| loadbalancer_type | Load Balancer type, e.g. 'application' or 'classic' | string | `classic` | no |
9192
| logs_delete_on_terminate | Whether to delete the log groups when the environment is terminated. If false, the logs are kept RetentionInDays days. | string | `false` | no |
9293
| logs_retention_in_days | The number of days to keep log events before they expire. | string | `7` | no |

docs/terraform.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
| loadbalancer_certificate_arn | Load Balancer SSL certificate ARN. The certificate must be present in AWS Certificate Manager | string | `` | no |
4040
| loadbalancer_managed_security_group | Load balancer managed security group | string | `` | no |
4141
| loadbalancer_security_groups | Load balancer security groups | list | `<list>` | no |
42+
| loadbalancer_ssl_policy | Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer. | string | `` | no |
4243
| loadbalancer_type | Load Balancer type, e.g. 'application' or 'classic' | string | `classic` | no |
4344
| logs_delete_on_terminate | Whether to delete the log groups when the environment is terminated. If false, the logs are kept RetentionInDays days. | string | `false` | no |
4445
| logs_retention_in_days | The number of days to keep log events before they expire. | string | `7` | no |

main.tf

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -642,6 +642,11 @@ resource "aws_elastic_beanstalk_environment" "default" {
642642
name = "SSLCertificateArns"
643643
value = "${var.loadbalancer_certificate_arn}"
644644
}
645+
setting {
646+
namespace = "aws:elbv2:listener:443"
647+
name = "SSLPolicy"
648+
value = "${var.loadbalancer_type == "application" ? var.loadbalancer_ssl_policy : ""}"
649+
}
645650
setting {
646651
namespace = "aws:elasticbeanstalk:healthreporting:system"
647652
name = "ConfigDocument"

variables.tf

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,11 @@ variable "loadbalancer_certificate_arn" {
105105
description = "Load Balancer SSL certificate ARN. The certificate must be present in AWS Certificate Manager"
106106
}
107107

108+
variable "loadbalancer_ssl_policy" {
109+
default = ""
110+
description = "Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer."
111+
}
112+
108113
variable "loadbalancer_security_groups" {
109114
type = "list"
110115
default = []

0 commit comments

Comments
 (0)