diff --git a/.gitignore b/.gitignore index 1fef4ab..3b4ed85 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,13 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files +# Compiled files *.tfstate -*.tfstate.* +*.tfstate.backup +.terraform.tfstate.lock.info + +# Module directory +.terraform/ +.idea +*.iml -# .tfvars files -*.tfvars +# Build Harness +.build-harness +build-harness/ \ No newline at end of file diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..b7cf901 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,16 @@ +addons: + apt: + packages: + - git + - make + - curl + +install: + - make init + +script: + - make terraform/install + - make terraform/get-plugins + - make terraform/get-modules + - make terraform/lint + - make terraform/validate \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..655f630 --- /dev/null +++ b/Makefile @@ -0,0 +1,10 @@ +SHELL := /bin/bash + +# List of targets the `readme` target should call before generating the readme +export README_DEPS ?= docs/targets.md docs/terraform.md + +-include $(shell curl -sSL -o .build-harness "https://git.io/build-harness"; echo .build-harness) + +## Lint terraform code +lint: + $(SELF) terraform/install terraform/get-modules terraform/get-plugins terraform/lint terraform/validate \ No newline at end of file diff --git a/README.md b/README.md index 6a166a2..de6d6d2 100644 --- a/README.md +++ b/README.md @@ -1,71 +1,144 @@ -![Cloud Posse](https://cloudposse.com/logo-300x69.png) + + +[![Cloud Posse](https://cloudposse.com/logo-300x69.png)](https://cloudposse.com) + +# terraform-aws-alb [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-alb.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-alb) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-alb.svg)](https://github.com/cloudposse/terraform-aws-alb/releases) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + + +Terraform module to create an ALB, default ALB listener(s), and a default ALB target and related security groups. + + +--- + +This project is part of our comprehensive ["SweetOps"](https://docs.cloudposse.com) approach towards DevOps. + + +It's 100% Open Source and licensed under the [APACHE2](LICENSE). + -# terraform-aws-alb [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-alb.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-alb) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) -A Terraform module to create an ALB, default ALB listener(s), and a default ALB target and related security groups. ## Usage -## Inputs +Include this module in your existing terraform code: -| Name | Default | Description | Required | -|:-----------------------------------|:---------------:|:---------------------------------------------------------------------------------|:--------:| -| `namespace` | `` | Namespace (e.g. `cp` or `cloudposse`) | Yes | -| `stage` | `` | Stage (e.g. `prod`, `dev`, `staging`) | Yes | -| `name` | `` | Name (e.g. `app` or `cluster`) | Yes | -| `vpc_id` | `` | The VPC ID where ALB will be provisioned | Yes | -| `subnet_ids` | `` | A list of subnet IDs to associate with ALB | Yes | -| `security_group_ids` | `[]` | A list of additional security group IDs to allow access to ALB | No | -| `internal` | `false` | A boolean flag to determine whether the ALB should be internal | No | -| `http_port` | `80` | The port for the HTTP listener | No | -| `http_enabled` | `true` | A boolean flag to enable/disable HTTP listener | No | -| `http_ingress_cidr_blocks` | `["0.0.0.0/0"]` | List of CIDR blocks to allow into HTTP security group | No | -| `http_ingress_prefix_list_ids` | `[]` | List of prefix list IDs for allowing access to HTTP ingress security group | No | -| `certificate_arn` | `` | The ARN of the default SSL certificate for HTTPS listener | No | -| `https_port` | `443` | The port for the HTTPS listener | No | -| `https_enabled` | `false` | A boolean flag to enable/disable HTTPS listener | No | -| `https_ingress_cidr_blocks` | `["0.0.0.0/0"]` | List of CIDR blocks to allow into HTTPS security group | No | -| `https_ingress_prefix_list_ids` | `[]` | List of prefix list IDs for allowing access to HTTPS ingress security group | No | -| `access_logs_prefix` | `` | The S3 bucket prefix | No | -| `access_logs_enabled` | `true` | A boolean flag to enable/disable access_logs | No | -| `access_logs_region` | `us-east-1` | The region for the access_logs S3 bucket | No | -| `http2_enabled` | `true` | A boolean flag to enable/disable HTTP/2 | No | -| `idle_timeout` | `60` | The time in seconds that the connection is allowed to be idle | No | -| `ip_address_type` | `ipv4` | The type of IP addresses used by the subnets (`ipv4` or `dualstack`) | No | -| `deletion_protection_enabled` | `false` | A boolean flag to enable/disable deletion protection for ALB | No | -| `deregistration_delay` | `15` | The amount of time to wait in seconds before changing deregistering target | No | -| `health_check_path` | `/` | The destination for the health check request | No | -| `health_check_timeout` | `10` | The amount of time to wait in seconds before failing a health check request | No | -| `health_check_healthy_threshold` | `2` | The number of consecutive health checks successes required before healthy | No | -| `health_check_unhealthy_threshold` | `2` | The number of consecutive health check failures required before unhealthy | No | -| `health_check_interval` | `15` | The duration in seconds in between health checks | No | -| `health_check_matcher` | `200-399` | The HTTP response codes to indicate a healthy check | No | -| `attributes` | `[]` | Additional attributes (e.g. `1`) | No | -| `tags` | `{}` | Additional tags (e.g. `map("BusinessUnit","XYZ")` | No | -| `delimiter` | `-` | Delimiter to be used between `namespace`, `stage`, `name` and `attributes` | No | +```hcl +module "alb" { + source = "git::https://github.com/cloudposse/terraform-aws-alb.git?ref=tags/0.2.0" + namespace = "eg" + name = "app" + stage = "dev" + vpc_id = "xxxxxxxxx" + ip_address_type = "ipv4" + + subnet_ids = ["xxxxxxxx", "xxxxxxxx"] + access_logs_region = "us-west-2" +} +``` + + + + + + +## Makefile Targets +``` +Available targets: + + help This help screen + help/all Display help for all targets + lint Lint terraform code + +``` + +## Inputs +| Name | Description | Type | Default | Required | +|------|-------------|:----:|:-----:|:-----:| +| access_logs_enabled | A boolean flag to enable/disable access_logs | string | `true` | no | +| access_logs_prefix | The S3 bucket prefix | string | `` | no | +| access_logs_region | The region for the access_logs S3 bucket | string | `us-east-1` | no | +| attributes | Additional attributes, e.g. `1` | list | `` | no | +| certificate_arn | The ARN of the default SSL certificate for HTTPS listener | string | `` | no | +| cross_zone_load_balancing_enabled | A boolean flag to enable/disable cross zone load balancing | string | `true` | no | +| deletion_protection_enabled | A boolean flag to enable/disable deletion protection for ALB | string | `false` | no | +| delimiter | Delimiter to be used between `namespace`, `name`, `stage` and `attributes` | string | `-` | no | +| deregistration_delay | The amount of time to wait in seconds before changing the state of a deregistering target to unused | string | `15` | no | +| health_check_healthy_threshold | The number of consecutive health checks successes required before considering an unhealthy target healthy | string | `2` | no | +| health_check_interval | The duration in seconds in between health checks | string | `15` | no | +| health_check_matcher | The HTTP response codes to indicate a healthy check | string | `200-399` | no | +| health_check_path | The destination for the health check request | string | `/` | no | +| health_check_timeout | The amount of time to wait in seconds before failing a health check request | string | `10` | no | +| health_check_unhealthy_threshold | The number of consecutive health check failures required before considering the target unhealthy | string | `2` | no | +| http2_enabled | A boolean flag to enable/disable HTTP/2 | string | `true` | no | +| http_enabled | A boolean flag to enable/disable HTTP listener | string | `true` | no | +| http_ingress_cidr_blocks | List of CIDR blocks to allow in HTTP security group | list | `` | no | +| http_ingress_prefix_list_ids | List of prefix list IDs for allowing access to HTTP ingress security group | list | `` | no | +| http_port | The port for the HTTP listener | string | `80` | no | +| https_enabled | A boolean flag to enable/disable HTTPS listener | string | `false` | no | +| https_ingress_cidr_blocks | List of CIDR blocks to allow in HTTPS security group | list | `` | no | +| https_ingress_prefix_list_ids | List of prefix list IDs for allowing access to HTTPS ingress security group | list | `` | no | +| https_port | The port for the HTTPS listener | string | `443` | no | +| idle_timeout | The time in seconds that the connection is allowed to be idle | string | `60` | no | +| internal | A boolean flag to determine whether the ALB should be internal | string | `false` | no | +| ip_address_type | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`. | string | `ipv4` | no | +| name | Solution name, e.g. `app` | string | - | yes | +| namespace | Namespace, which could be your organization name, e.g. `cp` or `cloudposse` | string | - | yes | +| security_group_ids | A list of additional security group IDs to allow access to ALB | list | `` | no | +| stage | Stage, e.g. `prod`, `staging`, `dev`, or `test` | string | - | yes | +| subnet_ids | A list of subnet IDs to associate with ALB | list | - | yes | +| tags | Additional tags (e.g. `map(`BusinessUnit`,`XYZ`) | map | `` | no | +| vpc_id | VPC ID to associate with ALB | string | - | yes | ## Outputs -| Name | Description | -|:--------------------------------|:------------------------------------------------------------------| -| `alb_arn` | The ARN of the ALB | -| `alb_arn_suffix` | The ARN suffix of the ALB | -| `alb_dns_name` | DNS name of ALB | -| `alb_zone_id` | The canonical hosted zone ID of ALB (to be used in Route53 Alias) | -| `security_group_id` | The security group ID of the ALB | -| `default_target_group_arn` | The default target group ARN | -| `http_listener_arn` | The ARN of the HTTP listener | -| `https_listener_arn` | The ARN of the HTTPS listener | -| `listener_arns` | A list of all the listener ARNs | -| `access_logs_bucket_id` | The S3 bucket ID for access logs | +| Name | Description | +|------|-------------| +| access_logs_bucket_id | The S3 bucket ID for access logs | +| alb_arn | The ARN of the ALB | +| alb_arn_suffix | The ARN suffix of the ALB | +| alb_dns_name | DNS name of ALB | +| alb_zone_id | The ID of the zone which ALB is provisioned | +| default_target_group_arn | The default target group ARN | +| http_listener_arn | The ARN of the HTTP listener | +| https_listener_arn | The ARN of the HTTPS listener | +| listener_arns | A list of all the listener ARNs | +| security_group_id | The security group ID of the ALB | + + + + +## Related Projects + +Check out these related projects. + +- [terraform-aws-alb-ingress](https://github.com/cloudposse/terraform-aws-alb-ingress) - Terraform module to provision an HTTP style ingress rule based on hostname and path for an ALB + ## Help **Got a question?** -File a GitHub [issue](https://github.com/cloudposse/terraform-aws-alb/issues), send us an [email](mailto:hello@cloudposse.com) or reach out to us on [Slack](https://slack.cloudposse.com). +File a GitHub [issue](https://github.com/cloudposse/terraform-aws-alb/issues), send us an [email][email] or join our [Slack Community][slack]. + +## Commerical Support + +Work directly with our team of DevOps experts via email, slack, and video conferencing. + +We provide *commercial support* for all of our [Open Source][github] projects. As a *Dedicated Support* customer, you have access to our team of subject matter experts at a fraction of the cost of a fulltime engineer. + +- **Questions.** We'll use a Shared Slack channel between your team and ours. +- **Troubleshooting.** We'll help you triage why things aren't working. +- **Code Reviews.** We'll review your Pull Requests and provide constructive feedback. +- **Bug Fixes.** We'll rapidly work to fix any bugs in our projects. +- **Build New Terraform Modules.** We'll develop original modules to provision infrastructure. +- **Cloud Architecture.** We'll assist with your cloud strategy and design. +- **Implementation.** We'll provide hands on support to implement our reference architectures. + +## Community Forum + +Get access to our [Open Source Community Forum][slack] on Slack. It's **FREE** to join for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build *sweet* infrastructure. ## Contributing @@ -75,7 +148,7 @@ Please use the [issue tracker](https://github.com/cloudposse/terraform-aws-alb/i ### Developing -If you are interested in being a contributor and want to get involved in developing `terraform-aws-alb`, we would love to hear from you! Shoot us an [email](mailto:hello@cloudposse.com). +If you are interested in being a contributor and want to get involved in developing this project or [help out](https://github.com/orgs/cloudposse/projects/3) with our other projects, we would love to hear from you! Shoot us an [email](mailto:hello@cloudposse.com). In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow. @@ -83,13 +156,18 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow. 2. **Clone** the project to your own machine 3. **Commit** changes to your own branch 4. **Push** your work back up to your fork - 5. Submit a **Pull request** so that we can review your changes + 5. Submit a **Pull Request** so that we can review your changes + +**NOTE:** Be sure to merge the latest changes from "upstream" before making a pull request! -**NOTE:** Be sure to merge the latest from "upstream" before making a pull request! +## Copyright -## License +Copyright © 2017-2018 [Cloud Posse, LLC](https://cloudposse.com) -[APACHE 2.0](LICENSE) © 2018 [Cloud Posse, LLC](https://cloudposse.com) + +## License + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) See [LICENSE](LICENSE) for full details. @@ -101,7 +179,7 @@ See [LICENSE](LICENSE) for full details. "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an @@ -110,35 +188,46 @@ See [LICENSE](LICENSE) for full details. specific language governing permissions and limitations under the License. -## About -This project is maintained and funded by [Cloud Posse, LLC][website]. +## Trademarks -![Cloud Posse](https://cloudposse.com/logo-300x69.png) +All other trademarks referenced herein are the property of their respective owners. +## About + +This project is maintained and funded by [Cloud Posse, LLC][website]. Like it? Please let us know at + +[![Cloud Posse](https://cloudposse.com/logo-300x69.png)](https://cloudposse.com) -Like it? Please let us know at +We're a [DevOps Professional Services][hire] company based in Los Angeles, CA. We love [Open Source Software](https://github.com/cloudposse/)! -We love [Open Source Software](https://github.com/cloudposse/)! +We offer paid support on all of our projects. -See [our other projects][community] -or [hire us][hire] to help build your next cloud platform. +Check out [our other projects][github], [apply for a job][jobs], or [hire us][hire] to help with your cloud strategy and implementation. + [docs]: https://docs.cloudposse.com/ [website]: https://cloudposse.com/ - [community]: https://github.com/cloudposse/ + [github]: https://github.com/cloudposse/ + [jobs]: https://cloudposse.com/jobs/ [hire]: https://cloudposse.com/contact/ + [slack]: https://slack.cloudposse.com/ + [linkedin]: https://www.linkedin.com/company/cloudposse + [twitter]: https://twitter.com/cloudposse/ + [email]: mailto:hello@cloudposse.com + + +### Contributors +| [![Erik Osterman][osterman_avatar]](osterman_homepage)
[Erik Osterman][osterman_homepage] | [![Igor Rodionov][goruha_avatar]](goruha_homepage)
[Igor Rodionov][goruha_homepage] | [![Andriy Knysh][aknysh_avatar]](aknysh_homepage)
[Andriy Knysh][aknysh_homepage] | [![Sarkis Varozian][sarkis_avatar]](sarkis_homepage)
[Sarkis Varozian][sarkis_homepage] | +|---|---|---|---| -## Contributors + [osterman_homepage]: https://github.com/osterman + [osterman_avatar]: http://s.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb?s=144 + [goruha_homepage]: https://github.com/goruha + [goruha_avatar]: http://s.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2?s=144 + [aknysh_homepage]: https://github.com/aknysh + [aknysh_avatar]: https://avatars0.githubusercontent.com/u/7356997?v=4&u=ed9ce1c9151d552d985bdf5546772e14ef7ab617&s=144 + [sarkis_homepage]: https://github.com/sarkis + [sarkis_avatar]: https://avatars3.githubusercontent.com/u/42673?s=144&v=4 -| [![Erik Osterman][erik_img]][erik_web]
[Erik Osterman][erik_web] | [![Andriy Knysh][andriy_img]][andriy_web]
[Andriy Knysh][andriy_web] |[![Igor Rodionov][igor_img]][igor_web]
[Igor Rodionov][igor_img]|[![Sarkis Varozian][sarkis_img]][sarkis_web]
[Sarkis Varozian][sarkis_web] | -|-------------------------------------------------------|------------------------------------------------------------------|------------------------------------------------------------------|------------------------------------------------------------------| -[erik_img]: http://s.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb?s=144 -[erik_web]: https://github.com/osterman/ -[andriy_img]: https://avatars0.githubusercontent.com/u/7356997?v=4&u=ed9ce1c9151d552d985bdf5546772e14ef7ab617&s=144 -[andriy_web]: https://github.com/aknysh/ -[igor_img]: http://s.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2?s=144 -[igor_web]: https://github.com/goruha/ -[sarkis_img]: https://avatars3.githubusercontent.com/u/42673?s=144&v=4 -[sarkis_web]: https://github.com/sarkis/ diff --git a/README.yaml b/README.yaml new file mode 100644 index 0000000..4bb0d6f --- /dev/null +++ b/README.yaml @@ -0,0 +1,81 @@ +--- +# +# This is the canonical configuration for the `README.md` +# Run `make readme` to rebuild the `README.md` +# + +# Name of this project +name: terraform-aws-alb + +# Logo for this project +#logo: docs/logo.png + +# License of this project +license: "APACHE2" + +# Canonical GitHub repo +github_repo: cloudposse/terraform-aws-alb + +# Badges to display +badges: + - name: "Build Status" + image: "https://travis-ci.org/cloudposse/terraform-aws-alb.svg?branch=master" + url: "https://travis-ci.org/cloudposse/terraform-aws-alb" + - name: "Latest Release" + image: "https://img.shields.io/github/release/cloudposse/terraform-aws-alb.svg" + url: "https://github.com/cloudposse/terraform-aws-alb/releases" + - name: "Slack Community" + image: "https://slack.cloudposse.com/badge.svg" + url: "https://slack.cloudposse.com" + +related: + - name: "terraform-aws-alb-ingress" + description: "Terraform module to provision an HTTP style ingress rule based on hostname and path for an ALB" + url: "https://github.com/cloudposse/terraform-aws-alb-ingress" + +# Short description of this project +description: |- + Terraform module to create an ALB, default ALB listener(s), and a default ALB target and related security groups. + +# How to use this project +usage: |- + Include this module in your existing terraform code: + + ```hcl + module "alb" { + source = "git::https://github.com/cloudposse/terraform-aws-alb.git?ref=tags/0.2.0" + namespace = "eg" + name = "app" + stage = "dev" + + vpc_id = "xxxxxxxxx" + ip_address_type = "ipv4" + + subnet_ids = ["xxxxxxxx", "xxxxxxxx"] + access_logs_region = "us-west-2" + } + ``` + +# Other files to include in this README from the project folder +include: + - "docs/targets.md" + - "docs/terraform.md" + +# Contributors to this project +contributors: + - name: "Erik Osterman" + homepage: "https://github.com/osterman" + avatar: "http://s.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb?s=144" + github: "osterman" + - name: "Igor Rodionov" + homepage: "https://github.com/goruha" + avatar: "http://s.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2?s=144" + github: "goruha" + - name: "Andriy Knysh" + homepage: "https://github.com/aknysh" + avatar: "https://avatars0.githubusercontent.com/u/7356997?v=4&u=ed9ce1c9151d552d985bdf5546772e14ef7ab617&s=144" + github: "aknysh" + - name: "Sarkis Varozian" + homepage: "https://github.com/sarkis" + avatar: "https://avatars3.githubusercontent.com/u/42673?s=144&v=4" + github: "sarkis" \ No newline at end of file diff --git a/docs/targets.md b/docs/targets.md new file mode 100644 index 0000000..09c39cd --- /dev/null +++ b/docs/targets.md @@ -0,0 +1,9 @@ +## Makefile Targets +``` +Available targets: + + help This help screen + help/all Display help for all targets + lint Lint terraform code + +``` diff --git a/docs/terraform.md b/docs/terraform.md new file mode 100644 index 0000000..1981c53 --- /dev/null +++ b/docs/terraform.md @@ -0,0 +1,55 @@ + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|:----:|:-----:|:-----:| +| access_logs_enabled | A boolean flag to enable/disable access_logs | string | `true` | no | +| access_logs_prefix | The S3 bucket prefix | string | `` | no | +| access_logs_region | The region for the access_logs S3 bucket | string | `us-east-1` | no | +| attributes | Additional attributes, e.g. `1` | list | `` | no | +| certificate_arn | The ARN of the default SSL certificate for HTTPS listener | string | `` | no | +| cross_zone_load_balancing_enabled | A boolean flag to enable/disable cross zone load balancing | string | `true` | no | +| deletion_protection_enabled | A boolean flag to enable/disable deletion protection for ALB | string | `false` | no | +| delimiter | Delimiter to be used between `namespace`, `name`, `stage` and `attributes` | string | `-` | no | +| deregistration_delay | The amount of time to wait in seconds before changing the state of a deregistering target to unused | string | `15` | no | +| health_check_healthy_threshold | The number of consecutive health checks successes required before considering an unhealthy target healthy | string | `2` | no | +| health_check_interval | The duration in seconds in between health checks | string | `15` | no | +| health_check_matcher | The HTTP response codes to indicate a healthy check | string | `200-399` | no | +| health_check_path | The destination for the health check request | string | `/` | no | +| health_check_timeout | The amount of time to wait in seconds before failing a health check request | string | `10` | no | +| health_check_unhealthy_threshold | The number of consecutive health check failures required before considering the target unhealthy | string | `2` | no | +| http2_enabled | A boolean flag to enable/disable HTTP/2 | string | `true` | no | +| http_enabled | A boolean flag to enable/disable HTTP listener | string | `true` | no | +| http_ingress_cidr_blocks | List of CIDR blocks to allow in HTTP security group | list | `` | no | +| http_ingress_prefix_list_ids | List of prefix list IDs for allowing access to HTTP ingress security group | list | `` | no | +| http_port | The port for the HTTP listener | string | `80` | no | +| https_enabled | A boolean flag to enable/disable HTTPS listener | string | `false` | no | +| https_ingress_cidr_blocks | List of CIDR blocks to allow in HTTPS security group | list | `` | no | +| https_ingress_prefix_list_ids | List of prefix list IDs for allowing access to HTTPS ingress security group | list | `` | no | +| https_port | The port for the HTTPS listener | string | `443` | no | +| idle_timeout | The time in seconds that the connection is allowed to be idle | string | `60` | no | +| internal | A boolean flag to determine whether the ALB should be internal | string | `false` | no | +| ip_address_type | The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`. | string | `ipv4` | no | +| name | Solution name, e.g. `app` | string | - | yes | +| namespace | Namespace, which could be your organization name, e.g. `cp` or `cloudposse` | string | - | yes | +| security_group_ids | A list of additional security group IDs to allow access to ALB | list | `` | no | +| stage | Stage, e.g. `prod`, `staging`, `dev`, or `test` | string | - | yes | +| subnet_ids | A list of subnet IDs to associate with ALB | list | - | yes | +| tags | Additional tags (e.g. `map(`BusinessUnit`,`XYZ`) | map | `` | no | +| vpc_id | VPC ID to associate with ALB | string | - | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| access_logs_bucket_id | The S3 bucket ID for access logs | +| alb_arn | The ARN of the ALB | +| alb_arn_suffix | The ARN suffix of the ALB | +| alb_dns_name | DNS name of ALB | +| alb_zone_id | The ID of the zone which ALB is provisioned | +| default_target_group_arn | The default target group ARN | +| http_listener_arn | The ARN of the HTTP listener | +| https_listener_arn | The ARN of the HTTPS listener | +| listener_arns | A list of all the listener ARNs | +| security_group_id | The security group ID of the ALB | +