From a329f5e75528fe01c3f511620c4ff79a91a77404 Mon Sep 17 00:00:00 2001 From: Stefan Gluszek Date: Fri, 13 Jun 2025 10:49:33 +0200 Subject: [PATCH 1/3] Added support form minimum_load_balancer_capacity. Support for `minimum_load_balancer_capacity` was added to terraform-provider-aws [v5.99.0](https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.99.0). If you have an ALB with minimum load balancer capacity configured applying the `terraform-aws-modules/alb/aws` with the lastest version of terraform-provider-aws would result in the setting being wiped out. --- README.md | 5 +++-- examples/complete-alb/README.md | 4 ++-- examples/complete-alb/main.tf | 2 ++ examples/complete-alb/versions.tf | 2 +- examples/complete-nlb/README.md | 4 ++-- examples/complete-nlb/versions.tf | 2 +- examples/mutual-auth-alb/README.md | 4 ++-- examples/mutual-auth-alb/versions.tf | 2 +- main.tf | 8 ++++++++ modules/lb_trust_store/README.md | 4 ++-- modules/lb_trust_store/versions.tf | 2 +- variables.tf | 10 ++++++++++ versions.tf | 2 +- wrappers/lb_trust_store/versions.tf | 2 +- wrappers/main.tf | 1 + wrappers/versions.tf | 2 +- 16 files changed, 39 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index e960717..8c92aaf 100644 --- a/README.md +++ b/README.md @@ -352,13 +352,13 @@ See [patterns.md](https://github.com/terraform-aws-modules/terraform-aws-alb/blo | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.93 | +| [aws](#requirement\_aws) | >= 5.99 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.93 | +| [aws](#provider\_aws) | >= 5.99 | ## Modules @@ -414,6 +414,7 @@ No modules. | [ipam\_pools](#input\_ipam\_pools) | The IPAM pools to use with the load balancer | `map(string)` | `{}` | no | | [listeners](#input\_listeners) | Map of listener configurations to create | `any` | `{}` | no | | [load\_balancer\_type](#input\_load\_balancer\_type) | The type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application` | `string` | `"application"` | no | +| [minimum_load_balancer_capacity](#input\_minimum\_load\_balancer\_capacity) | Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`. | `number` | `null` | no | | [name](#input\_name) | The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen | `string` | `null` | no | | [name\_prefix](#input\_name\_prefix) | Creates a unique name beginning with the specified prefix. Conflicts with `name` | `string` | `null` | no | | [preserve\_host\_header](#input\_preserve\_host\_header) | Indicates whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false` | `bool` | `null` | no | diff --git a/examples/complete-alb/README.md b/examples/complete-alb/README.md index 15321e0..29f0c83 100644 --- a/examples/complete-alb/README.md +++ b/examples/complete-alb/README.md @@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.93 | +| [aws](#requirement\_aws) | >= 5.99 | | [null](#requirement\_null) | >= 2.0 | | [random](#requirement\_random) | >= 3.6 | @@ -28,7 +28,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.93 | +| [aws](#provider\_aws) | >= 5.99 | | [null](#provider\_null) | >= 2.0 | | [random](#provider\_random) | >= 3.6 | diff --git a/examples/complete-alb/main.tf b/examples/complete-alb/main.tf index fa59304..d66384a 100644 --- a/examples/complete-alb/main.tf +++ b/examples/complete-alb/main.tf @@ -71,6 +71,8 @@ module "alb" { ipv4_ipam_pool_id = aws_vpc_ipam_pool.this.id } + minimum_load_balancer_capacity = 10 + client_keep_alive = 7200 listeners = { diff --git a/examples/complete-alb/versions.tf b/examples/complete-alb/versions.tf index 2a72ce2..52c762c 100644 --- a/examples/complete-alb/versions.tf +++ b/examples/complete-alb/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } null = { source = "hashicorp/null" diff --git a/examples/complete-nlb/README.md b/examples/complete-nlb/README.md index c37bc6b..72592ac 100644 --- a/examples/complete-nlb/README.md +++ b/examples/complete-nlb/README.md @@ -20,13 +20,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.93 | +| [aws](#requirement\_aws) | >= 5.99 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.93 | +| [aws](#provider\_aws) | >= 5.99 | ## Modules diff --git a/examples/complete-nlb/versions.tf b/examples/complete-nlb/versions.tf index f2f9288..57efb00 100644 --- a/examples/complete-nlb/versions.tf +++ b/examples/complete-nlb/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } } } diff --git a/examples/mutual-auth-alb/README.md b/examples/mutual-auth-alb/README.md index 1d8e602..6cd81ed 100644 --- a/examples/mutual-auth-alb/README.md +++ b/examples/mutual-auth-alb/README.md @@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.93 | +| [aws](#requirement\_aws) | >= 5.99 | | [null](#requirement\_null) | >= 2.0 | | [tls](#requirement\_tls) | >= 4.0 | @@ -29,7 +29,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.93 | +| [aws](#provider\_aws) | >= 5.99 | | [null](#provider\_null) | >= 2.0 | | [tls](#provider\_tls) | >= 4.0 | diff --git a/examples/mutual-auth-alb/versions.tf b/examples/mutual-auth-alb/versions.tf index e2a8a92..ed93d64 100644 --- a/examples/mutual-auth-alb/versions.tf +++ b/examples/mutual-auth-alb/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } null = { source = "hashicorp/null" diff --git a/main.tf b/main.tf index 676b059..60f992c 100644 --- a/main.tf +++ b/main.tf @@ -39,6 +39,14 @@ resource "aws_lb" "this" { } } + dynamic "minimum_load_balancer_capacity" { + for_each = var.minimum_load_balancer_capacity != null ? [var.minimum_load_balancer_capacity] : [] + + content { + capacity_units = minimum_load_balancer_capacity.value + } + } + client_keep_alive = var.client_keep_alive customer_owned_ipv4_pool = var.customer_owned_ipv4_pool desync_mitigation_mode = var.desync_mitigation_mode diff --git a/modules/lb_trust_store/README.md b/modules/lb_trust_store/README.md index 074d6af..ae5b045 100644 --- a/modules/lb_trust_store/README.md +++ b/modules/lb_trust_store/README.md @@ -30,13 +30,13 @@ module "trust_store" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.93 | +| [aws](#requirement\_aws) | >= 5.99 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.93 | +| [aws](#provider\_aws) | >= 5.99 | ## Modules diff --git a/modules/lb_trust_store/versions.tf b/modules/lb_trust_store/versions.tf index f2f9288..57efb00 100644 --- a/modules/lb_trust_store/versions.tf +++ b/modules/lb_trust_store/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } } } diff --git a/variables.tf b/variables.tf index 6bc0849..3a5a5c0 100644 --- a/variables.tf +++ b/variables.tf @@ -134,6 +134,16 @@ variable "enforce_security_group_inbound_rules_on_private_link_traffic" { default = null } +variable "minimum_load_balancer_capacity" { + description = "Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`" + type = number + default = null + validation { + condition = var.minimum_load_balancer_capacity == null || contains(["application", "network"], var.load_balancer_type) + error_message = "The minimum_load_balancer_capacity variable is only valid for load balancers of type 'application' or 'network'." + } +} + variable "name" { description = "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen" type = string diff --git a/versions.tf b/versions.tf index f2f9288..57efb00 100644 --- a/versions.tf +++ b/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } } } diff --git a/wrappers/lb_trust_store/versions.tf b/wrappers/lb_trust_store/versions.tf index f2f9288..57efb00 100644 --- a/wrappers/lb_trust_store/versions.tf +++ b/wrappers/lb_trust_store/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } } } diff --git a/wrappers/main.tf b/wrappers/main.tf index 5febe15..5e6b189 100644 --- a/wrappers/main.tf +++ b/wrappers/main.tf @@ -32,6 +32,7 @@ module "wrapper" { load_balancer_type = try(each.value.load_balancer_type, var.defaults.load_balancer_type, "application") name = try(each.value.name, var.defaults.name, null) name_prefix = try(each.value.name_prefix, var.defaults.name_prefix, null) + minimum_load_balancer_capacity = try(each.value.minimum_load_balancer_capacity, var.defaults.minimum_load_balancer_capacity, null) preserve_host_header = try(each.value.preserve_host_header, var.defaults.preserve_host_header, null) putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true) route53_records = try(each.value.route53_records, var.defaults.route53_records, {}) diff --git a/wrappers/versions.tf b/wrappers/versions.tf index f2f9288..57efb00 100644 --- a/wrappers/versions.tf +++ b/wrappers/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.93" + version = ">= 5.99" } } } From c19de34bf862f0dcc93c14ec4249714b34cbca2d Mon Sep 17 00:00:00 2001 From: Stefan Gluszek Date: Fri, 13 Jun 2025 15:28:00 +0200 Subject: [PATCH 2/3] fixup! Added support form minimum_load_balancer_capacity. --- README.md | 2 +- wrappers/main.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8c92aaf..3c687ab 100644 --- a/README.md +++ b/README.md @@ -414,7 +414,7 @@ No modules. | [ipam\_pools](#input\_ipam\_pools) | The IPAM pools to use with the load balancer | `map(string)` | `{}` | no | | [listeners](#input\_listeners) | Map of listener configurations to create | `any` | `{}` | no | | [load\_balancer\_type](#input\_load\_balancer\_type) | The type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application` | `string` | `"application"` | no | -| [minimum_load_balancer_capacity](#input\_minimum\_load\_balancer\_capacity) | Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`. | `number` | `null` | no | +| [minimum\_load\_balancer\_capacity](#input\_minimum\_load\_balancer\_capacity) | Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network` | `number` | `null` | no | | [name](#input\_name) | The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen | `string` | `null` | no | | [name\_prefix](#input\_name\_prefix) | Creates a unique name beginning with the specified prefix. Conflicts with `name` | `string` | `null` | no | | [preserve\_host\_header](#input\_preserve\_host\_header) | Indicates whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false` | `bool` | `null` | no | diff --git a/wrappers/main.tf b/wrappers/main.tf index 5e6b189..6d831e6 100644 --- a/wrappers/main.tf +++ b/wrappers/main.tf @@ -30,9 +30,9 @@ module "wrapper" { ipam_pools = try(each.value.ipam_pools, var.defaults.ipam_pools, {}) listeners = try(each.value.listeners, var.defaults.listeners, {}) load_balancer_type = try(each.value.load_balancer_type, var.defaults.load_balancer_type, "application") + minimum_load_balancer_capacity = try(each.value.minimum_load_balancer_capacity, var.defaults.minimum_load_balancer_capacity, null) name = try(each.value.name, var.defaults.name, null) name_prefix = try(each.value.name_prefix, var.defaults.name_prefix, null) - minimum_load_balancer_capacity = try(each.value.minimum_load_balancer_capacity, var.defaults.minimum_load_balancer_capacity, null) preserve_host_header = try(each.value.preserve_host_header, var.defaults.preserve_host_header, null) putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true) route53_records = try(each.value.route53_records, var.defaults.route53_records, {}) From e53db357887606b02ed38ad1af6aa7adc8c33444 Mon Sep 17 00:00:00 2001 From: Stefan Gluszek Date: Fri, 13 Jun 2025 15:28:11 +0200 Subject: [PATCH 3/3] In terrraform 1.0 conditions can't access other variables. --- variables.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/variables.tf b/variables.tf index 3a5a5c0..c1011c7 100644 --- a/variables.tf +++ b/variables.tf @@ -138,10 +138,6 @@ variable "minimum_load_balancer_capacity" { description = "Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`" type = number default = null - validation { - condition = var.minimum_load_balancer_capacity == null || contains(["application", "network"], var.load_balancer_type) - error_message = "The minimum_load_balancer_capacity variable is only valid for load balancers of type 'application' or 'network'." - } } variable "name" {