ZoneHero Documentation

Terraform Provider

HLB Terraform Provider

The Hero Load Balancer (HLB) Terraform Provider is now officially available on the Terraform Registry. The registry is the recommended source for the latest documentation and provider details.

Getting Started with a Minimum Viable Configuration

To get started with HLB using Terraform, you’ll need:

  1. An application already deployed behind an AWS Application Load Balancer (ALB)
  2. A TLS Certificate (see SSL Certificates)
  3. An API Key (see API Keys)
  4. To have completed the sign-up process on AWS marketplace (see CloudFormation)

Here’s a minimum viable configuration to deploy an HLB with TLS that targets the same Target Group as your existing ALB:

# Variables
variable "zone_id" {
  description = "Route53 hosted zone ID"
  type        = string
}

variable "zone_name" {
  description = "Name of the Route53 zone where HLB records will be created"
  type        = string
}

variable "subnet_ids" {
  description = "List of subnet IDs for the load balancer"
  type        = list(string)
}

variable "security_group_id" {
  description = "Security group ID for the load balancer"
  type        = string
}

variable "target_group_arn" {
  description = "ARN of the target group to route traffic to"
  type        = string
}

variable "certificate_secrets_name" {
  description = "Name of the secret in AWS Secrets Manager containing the SSL certificate"
  type        = string
}

# HLB Load Balancer
resource "hlb_load_balancer" "web" {
  name            = "hlb-test-lb"
  subnets         = var.subnet_ids
  security_groups = [var.security_group_id]

  zone_id         = var.zone_id
  zone_name       = var.zone_name
}

# HTTP Listener
resource "hlb_listener_attachment" "web" {
  load_balancer_id = hlb_load_balancer.web.id
  port             = 80
  protocol         = "HTTP"
  target_group_arn = var.target_group_arn
}

# HTTPS Listener with TLS Certificate
resource "hlb_listener_attachment" "web_secure" {
  load_balancer_id         = hlb_load_balancer.web.id
  port                     = 443
  protocol                 = "HTTPS"
  target_group_arn         = var.target_group_arn
  certificate_secrets_name = var.certificate_secrets_name
}

This configuration:

  1. Creates an HLB in the specified subnets with the specified security group
  2. Sets up Route53 DNS records in the specified zone
  3. Configures an HTTP listener on port 80
  4. Configures an HTTPS listener on port 443 with the specified TLS certificate
  5. Routes traffic to the same target group as your existing ALB

Note that this is only a minimal example, without launch_config specified. For guidance on how to choose the appropriate instance type and configuration values for your deployment, please refer to our Right-Sizing documentation.

For more detailed configuration options and advanced usage, please refer to the official documentation on the Terraform Registry.

Prev
Regional Availability
Next
Cost Savings