Usage

Hero Load Balancer (HLB) Terraform Provider

The Hero Load Balancer (HLB) Terraform Provider allows you to manage HLB resources in your Terraform configurations. This document covers the available resources and their usage.

Provider Configuration

To use the HLB provider, you need to configure it in your Terraform configuration. Here’s a basic example:

terraform {
  required_providers {
    hlb = {
      source = "orographiclift/hlb"
      version = "~> 1.0"
    }
  }
}

provider "hlb" {
  # Configuration options
}

Resources

hlb_load_balancer

The hlb_load_balancer resource allows you to create and manage a Hero Load Balancer.

Example Usage

resource "hlb_load_balancer" "example" {
  name        = "example-hlb"
  internal    = false
  subnets     = ["subnet-12345678", "subnet-87654321"]
  enable_http2 = true

  access_logs {
    bucket  = "my-logs-bucket"
    prefix  = "my-hlb-logs"
    enabled = true
  }

  tags = {
    Environment = "production"
  }
}

Argument Reference

The following arguments are supported:

  • name - (Optional) Name of the HLB. Must be unique within your account, max 32 characters, alphanumeric and hyphens only.
  • name_prefix - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with name.
  • internal - (Optional) If true, the HLB will be internal. Defaults to false.
  • subnets - (Optional) List of subnet IDs to attach to the HLB.
  • security_groups - (Optional) List of security group IDs to assign to the HLB.
  • access_logs - (Optional) An Access Logs block. Details below.
  • enable_deletion_protection - (Optional) Prevents deletion via the API. Defaults to false.
  • enable_http2 - (Optional) Enables HTTP/2. Defaults to true.
  • idle_timeout - (Optional) Idle timeout in seconds. Default: 60.
  • ip_address_type - (Optional) IP address type. Valid values: ipv4, dualstack, dualstack-without-public-ipv4.
  • preserve_host_header - (Optional) Preserves the Host header. Defaults to false.
  • enable_cross_zone_load_balancing - (Optional) Cross-zone load balancing. Values: “full”, “avoid” (default), “off”.
  • client_keep_alive - (Optional) Client keep alive in seconds (60-604800). Default: 3600.
  • xff_header_processing_mode - (Optional) X-Forwarded-For header processing. Values: append, preserve, remove. Default: append.
  • tags - (Optional) A map of tags to assign to the resource.
Access Logs Arguments

For access_logs the following attributes are supported:

  • bucket - (Required) The S3 bucket name to store the logs in.
  • prefix - (Optional) The S3 bucket prefix. Logs are stored in the root if not configured.
  • enabled - (Optional) Boolean to enable / disable access_logs. Defaults to false.

Attribute Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the HLB.
  • uri - The full URI of the HLB.
  • dns_name - The DNS name of the HLB.
  • zone_id - The canonical hosted zone ID of the HLB.

hlb_listener_attachment

The hlb_listener_attachment resource allows you to create and manage a listener for your Hero Load Balancer.

Example Usage

resource "hlb_listener_attachment" "front_end" {
  load_balancer_id     = hlb_load_balancer.front_end.id
  port                 = 443
  protocol             = "HTTPS"
  target_group_arn     = aws_lb_target_group.front_end.arn
  certificate_secrets_arn = "arn:aws:secretsmanager:us-west-2:123456789012:secret:my-certificate-secret-123abc"
  alpn_policy          = "HTTP2Preferred"
}

Argument Reference

The following arguments are supported:

  • load_balancer_id - (Required) The ID of the HLB.
  • port - (Required) The port on which the load balancer is listening.
  • target_group_arn - (Required) The ARN of the target group to which to route traffic.
  • protocol - (Optional) The protocol for connections from clients to the load balancer. Valid values are HTTP and HTTPS. Defaults to HTTP.
  • alpn_policy - (Optional) The Application-Layer Protocol Negotiation (ALPN) policy. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.
  • certificate_secrets_arn - (Optional) ARN of the secret in AWS Secrets Manager containing the SSL server certificate. Required if the protocol is HTTPS.

Attribute Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the listener.
  • uri - The full URI of the listener.

Import

HLB resources can be imported using the id, e.g.,

$ terraform import hlb_load_balancer.test hlb-1234567890abcdef
$ terraform import hlb_listener_attachment.test lis-1234567890abcdef

For more information on using the HLB Terraform Provider, please refer to our full documentation or contact our support team.