nextpublishing.jp
github.com
resource "aws_lb" "example" {
name = "example"
load_balancer_type = "application"
internal = false
idle_timeout = 60
enable_deletion_protection = true
subnets = [
aws_subnet.public_0.id,
aws_subnet.public_1.id
]
access_logs {
bucket = aws_s3_bucket.alb_log.id
enabled = true
}
security_groups = [
module.http_sg.security_group_id,
module.https_sg.security_group_id,
module.https_redirect_sg.security_group_id
]
}
load_balancer_type = "application"
internal = false
- true: VPC内部向け
- false: インターネット向け
idle_timeout = 60
enable_deletion_protection = true
- サブネット
subnets = [
aws_subnet.public_0.id,
aws_subnet.public_1.id
]
- AZの異なる2つ以上のサブネットを指定しないとエラーになる
Error: Error creating application Load Balancer: ValidationError: At least two subnets in two different Availability Zones must be specified
status code: 400, request id: cac1ce58-dd9b-47e6-a650-3fbc9e5cd436
access_logs {
bucket = aws_s3_bucket.alb_log.id
enabled = true
}
security_groups = [
module.http_sg.security_group_id,
module.https_sg.security_group_id,
module.https_redirect_sg.security_group_id
]
リスナー
resource "aws_lb_listener" "http" {
load_balancer_arn = aws_lb.example.arn
port = "80"
protocol = "HTTP"
default_action {
type = "fixed-response"
fixed_response {
content_type = "application/json"
message_body = "{\"message\":\"これは『HTTP』です\"}"
status_code = "200"
}
}
}
output "public_dns" {
value = aws_lb.example.dns_name
}
docker-compose run terraform apply
...
public_dns = example-870645885.ap-northeast-1.elb.amazonaws.com
curl example-870645885.ap-northeast-1.elb.amazonaws.com
{"message":"これは『HTTP』です"}
protocol = "HTTP"
port = "80"
default_action {
type = "fixed-response"
fixed_response {
content_type = "application/json"
message_body = "{\"message\":\"これは『HTTP』です\"}"
status_code = "200"
}
}
- デフォルトアクション
- 公式/ルール
- 認証系
authenticate-cognitoauthenticate-oidc
fixed-response- 転送系
- still destroying...のまま永久に返ってこない
- ALBの削除保護が有効になっていると、エラーになることもなくハングする模様
- ALBの削除保護を無効にして再試行すると、無事削除できた
- ↓現象を確認したバージョン
Terraform v0.12.21
+ provider.aws v2.52.0
