Support cross_zone strategy for target groups (#109)

Author: posquit0

modules/alb-instance-target-group/README.md

@@ -40,10 +40,9 @@ This module creates following resources.
 | <a name="input_port"></a> [port](#input\_port) | (Required) The number of port on which targets receive traffic, unless overridden when registering a specific target. Valid values are either ports 1-65535. | `number` | n/a | yes |
 | <a name="input_protocol"></a> [protocol](#input\_protocol) | (Required) The protocol to use for routing traffic to the targets. Valid values are `HTTP` and `HTTPS`. Defaults to `HTTP`. | `string` | n/a | yes |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | (Required) The ID of the VPC which the target group belongs to. | `string` | n/a | yes |
-| <a name="input_anomaly_mitigation_enabled"></a> [anomaly\_mitigation\_enabled](#input\_anomaly\_mitigation\_enabled) | (Optional) Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`. | `bool` | `false` | no |
 | <a name="input_deregistration_delay"></a> [deregistration\_delay](#input\_deregistration\_delay) | (Optional) The time to wait for in-flight requests to complete while deregistering a target. During this time, the state of the target is draining. | `number` | `300` | no |
 | <a name="input_health_check"></a> [health\_check](#input\_health\_check) | (Optional) Health Check configuration block. The associated load balancer periodically sends requests to the registered targets to test their status. `health_check` block as defined below.<br>    (Optional) `protocol` - Protocol to use to connect with the target. The possible values are `HTTP` and `HTTPS`. Defaults to `HTTP`.<br>    (Optional) `port` - The port the load balancer uses when performing health checks on targets. The default is the port on which each target receives traffic from the load balancer. Valid values are either ports 1-65535.<br>    (Optional) `port_override` - Whether to override the port on which each target receives trafficfrom the load balancer to a different port. Defaults to `false`.<br>    (Optional) `path` - Use the default path of `/` to ping the root, or specify a custom path if preferred.<br>    (Optional) `success_codes` - The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, `200,202`) or a range of values (for example, `200-299`).<br>    (Optional) `healthy_threshold` - The number of consecutive health checks successes required before considering an unhealthy target healthy. Valid value range is 2 - 10. Defaults to `5`.<br>    (Optional) `unhealthy_threshold` - The number of consecutive health check failures required before considering a target unhealthy. Valid value range is 2 - 10. Defaults to `2`.<br>    (Optional) `interval` - Approximate amount of time, in seconds, between health checks of an individual target. Valid value range is 5 - 300. Defaults to `30`.<br>    (Optional) `timeout` - The amount of time, in seconds, during which no response means a failed health check. Valid value range is 2 - 120. Defaults to `5`. | <pre>object({<br>    protocol      = optional(string, "HTTP")<br>    port          = optional(number, null)<br>    port_override = optional(bool, false)<br>    path          = optional(string, null)<br>    success_codes = optional(string, null)<br><br>    healthy_threshold   = optional(number, 5)<br>    unhealthy_threshold = optional(number, 2)<br>    interval            = optional(number, 30)<br>    timeout             = optional(number, 5)<br>  })</pre> | `{}` | no |
-| <a name="input_load_balancing_algorithm"></a> [load\_balancing\_algorithm](#input\_load\_balancing\_algorithm) | (Optional) Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`. | `string` | `"ROUND_ROBIN"` | no |
+| <a name="input_load_balancing"></a> [load\_balancing](#input\_load\_balancing) | (Optional) A load balancing configuration of the target group. `load_balancing` block as defined below.<br>    (Optional) `algorithm` - Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`.<br>    (Optional) `anomaly_mitigation_enabled` - Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`.<br>    (Optional) `cross_zone_strategy` - Determines how the load balancer routes requests across the Availability Zones. Valid values are `ENABLED`, `DISABLED` or `INHERIT`. Defaults to `INHERIT` (Use load balancer configuration). | <pre>object({<br>    algorithm                  = optional(string, "ROUND_ROBIN")<br>    anomaly_mitigation_enabled = optional(bool, false)<br>    cross_zone_strategy        = optional(string, "INHERIT")<br>  })</pre> | `{}` | no |
 | <a name="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no |
 | <a name="input_protocol_version"></a> [protocol\_version](#input\_protocol\_version) | (Optional) Use `HTTP1` to send requests to targets using HTTP/1.1. Supported when the request protocol is HTTP/1.1 or HTTP/2. Use `HTTP2` to send requests to targets using HTTP/2. Supported when the request protocol is HTTP/2 or gRPC, but gRPC-specific features are not available. Use `GRPC` to send requests to targets using gRPC. Supported when the request protocol is gRPC. Defaults to `HTTP1`. | `string` | `"HTTP1"` | no |
 | <a name="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no |

modules/alb-instance-target-group/main.tf

@@ -14,6 +14,18 @@ locals {
   } : {}
 }
 
+locals {
+  cross_zone_strategy = {
+    "ENABLED"  = "true"
+    "DISABLED" = "false"
+    "INHERIT"  = "use_load_balancer_configuration"
+  }
+}
+
+
+###################################################
+# ALB Instance Target Group
+###################################################
 
 # INFO: Not supported attributes
 # - `connection_termination`
@@ -33,12 +45,13 @@ resource "aws_lb_target_group" "this" {
 
   ## Attributes
   deregistration_delay          = var.deregistration_delay
-  load_balancing_algorithm_type = lower(var.load_balancing_algorithm)
-  load_balancing_anomaly_mitigation = (var.load_balancing_algorithm == "WEIGHTED_RANDOM"
-    ? var.anomaly_mitigation_enabled ? "on" : "off"
+  load_balancing_algorithm_type = lower(var.load_balancing.algorithm)
+  load_balancing_anomaly_mitigation = (var.load_balancing.algorithm == "WEIGHTED_RANDOM"
+    ? var.load_balancing.anomaly_mitigation_enabled ? "on" : "off"
     : null
   )
-  slow_start = var.slow_start_duration
+  load_balancing_cross_zone_enabled = local.cross_zone_strategy[var.load_balancing.cross_zone_strategy]
+  slow_start                        = var.slow_start_duration
 
   stickiness {
     enabled         = var.stickiness_enabled

modules/alb-instance-target-group/outputs.tf

@@ -61,13 +61,16 @@ output "targets" {
 output "attributes" {
   description = "Attributes of the Instance target group of network load balancer."
   value = {
-    anomaly_mitigation_enabled = (var.load_balancing_algorithm == "WEIGHTED_RANDOM"
-      ? var.anomaly_mitigation_enabled
-      : null
-    )
-    deregistration_delay     = aws_lb_target_group.this.deregistration_delay
-    load_balancing_algorithm = upper(aws_lb_target_group.this.load_balancing_algorithm_type)
-    slow_start_duration      = aws_lb_target_group.this.slow_start
+    deregistration_delay = aws_lb_target_group.this.deregistration_delay
+    load_balancing = {
+      algorithm = upper(aws_lb_target_group.this.load_balancing_algorithm_type)
+      anomaly_mitigation_enabled = (var.load_balancing.algorithm == "WEIGHTED_RANDOM"
+        ? var.load_balancing.anomaly_mitigation_enabled
+        : null
+      )
+      cross_zone_strategy = var.load_balancing.cross_zone_strategy
+    }
+    slow_start_duration = aws_lb_target_group.this.slow_start
     stickiness = {
       enabled  = aws_lb_target_group.this.stickiness[0].enabled
       type     = upper(aws_lb_target_group.this.stickiness[0].type)

modules/alb-instance-target-group/variables.tf

@@ -77,23 +77,30 @@ variable "deregistration_delay" {
   }
 }
 
-variable "load_balancing_algorithm" {
-  description = "(Optional) Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`."
-  type        = string
-  default     = "ROUND_ROBIN"
-  nullable    = false
+variable "load_balancing" {
+  description = <<EOF
+  (Optional) A load balancing configuration of the target group. `load_balancing` block as defined below.
+    (Optional) `algorithm` - Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`.
+    (Optional) `anomaly_mitigation_enabled` - Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`.
+    (Optional) `cross_zone_strategy` - Determines how the load balancer routes requests across the Availability Zones. Valid values are `ENABLED`, `DISABLED` or `INHERIT`. Defaults to `INHERIT` (Use load balancer configuration).
+  EOF
+  type = object({
+    algorithm                  = optional(string, "ROUND_ROBIN")
+    anomaly_mitigation_enabled = optional(bool, false)
+    cross_zone_strategy        = optional(string, "INHERIT")
+  })
+  default  = {}
+  nullable = false
 
   validation {
-    condition     = contains(["ROUND_ROBIN", "LEAST_OUTSTANDING_REQUESTS", "WEIGHTED_RANDOM"], var.load_balancing_algorithm)
+    condition     = contains(["ROUND_ROBIN", "LEAST_OUTSTANDING_REQUESTS", "WEIGHTED_RANDOM"], var.load_balancing.algorithm)
     error_message = "Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` and `WEIGHTED_RANDOM`."
   }
-}
 
-variable "anomaly_mitigation_enabled" {
-  description = "(Optional) Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`."
-  type        = bool
-  default     = false
-  nullable    = false
+  validation {
+    condition     = contains(["ENABLED", "DISABLED", "INHERIT"], var.load_balancing.cross_zone_strategy)
+    error_message = "Valid values are `ENABLED`, `DISABLED` and `INHERIT`."
+  }
 }
 
 variable "slow_start_duration" {

modules/alb-ip-target-group/README.md

@@ -41,11 +41,10 @@ This module creates following resources.
 | <a name="input_port"></a> [port](#input\_port) | (Required) The number of port on which targets receive traffic, unless overridden when registering a specific target. Valid values are either ports 1-65535. | `number` | n/a | yes |
 | <a name="input_protocol"></a> [protocol](#input\_protocol) | (Required) The protocol to use for routing traffic to the targets. Valid values are `HTTP` and `HTTPS`. Defaults to `HTTP`. | `string` | n/a | yes |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | (Required) The ID of the VPC which the target group belongs to. | `string` | n/a | yes |
-| <a name="input_anomaly_mitigation_enabled"></a> [anomaly\_mitigation\_enabled](#input\_anomaly\_mitigation\_enabled) | (Optional) Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`. | `bool` | `false` | no |
 | <a name="input_deregistration_delay"></a> [deregistration\_delay](#input\_deregistration\_delay) | (Optional) The time to wait for in-flight requests to complete while deregistering a target. During this time, the state of the target is draining. | `number` | `300` | no |
 | <a name="input_health_check"></a> [health\_check](#input\_health\_check) | (Optional) Health Check configuration block. The associated load balancer periodically sends requests to the registered targets to test their status. `health_check` block as defined below.<br>    (Optional) `protocol` - Protocol to use to connect with the target. The possible values are `HTTP` and `HTTPS`. Defaults to `HTTP`.<br>    (Optional) `port` - The port the load balancer uses when performing health checks on targets. The default is the port on which each target receives traffic from the load balancer. Valid values are either ports 1-65535.<br>    (Optional) `port_override` - Whether to override the port on which each target receives trafficfrom the load balancer to a different port. Defaults to `false`.<br>    (Optional) `path` - Use the default path of `/` to ping the root, or specify a custom path if preferred.<br>    (Optional) `success_codes` - The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, `200,202`) or a range of values (for example, `200-299`).<br>    (Optional) `healthy_threshold` - The number of consecutive health checks successes required before considering an unhealthy target healthy. Valid value range is 2 - 10. Defaults to `5`.<br>    (Optional) `unhealthy_threshold` - The number of consecutive health check failures required before considering a target unhealthy. Valid value range is 2 - 10. Defaults to `2`.<br>    (Optional) `interval` - Approximate amount of time, in seconds, between health checks of an individual target. Valid value range is 5 - 300. Defaults to `30`.<br>    (Optional) `timeout` - The amount of time, in seconds, during which no response means a failed health check. Valid value range is 2 - 120. Defaults to `5`. | <pre>object({<br>    protocol      = optional(string, "HTTP")<br>    port          = optional(number, null)<br>    port_override = optional(bool, false)<br>    path          = optional(string, null)<br>    success_codes = optional(string, null)<br><br>    healthy_threshold   = optional(number, 5)<br>    unhealthy_threshold = optional(number, 2)<br>    interval            = optional(number, 30)<br>    timeout             = optional(number, 5)<br>  })</pre> | `{}` | no |
 | <a name="input_ip_address_type"></a> [ip\_address\_type](#input\_ip\_address\_type) | (Required) The type of IP addresses used by the target group. Valid values are `IPV4` or `IPV6`. | `string` | `"IPV4"` | no |
-| <a name="input_load_balancing_algorithm"></a> [load\_balancing\_algorithm](#input\_load\_balancing\_algorithm) | (Optional) Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`. | `string` | `"ROUND_ROBIN"` | no |
+| <a name="input_load_balancing"></a> [load\_balancing](#input\_load\_balancing) | (Optional) A load balancing configuration of the target group. `load_balancing` block as defined below.<br>    (Optional) `algorithm` - Determines how the load balancer selects targets when routing requests. Valid values are `ROUND_ROBIN`, `LEAST_OUTSTANDING_REQUESTS` or `WEIGHTED_RANDOM`. Defaults to `ROUND_ROBIN`.<br>    (Optional) `anomaly_mitigation_enabled` - Whether to enable target anomaly mitigation. When a target is determined to be anomalous, traffic is automatically routed away so the target has an opportunity to recover. Target anomaly mitigation is only supported by the `WEIGHTED_RANDOM` load balancing algorithm type. Not compatible with the `slow_start_duration` attribute. Defaults to `false`.<br>    (Optional) `cross_zone_strategy` - Determines how the load balancer routes requests across the Availability Zones. Valid values are `ENABLED`, `DISABLED` or `INHERIT`. Defaults to `INHERIT` (Use load balancer configuration). | <pre>object({<br>    algorithm                  = optional(string, "ROUND_ROBIN")<br>    anomaly_mitigation_enabled = optional(bool, false)<br>    cross_zone_strategy        = optional(string, "INHERIT")<br>  })</pre> | `{}` | no |
 | <a name="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no |
 | <a name="input_protocol_version"></a> [protocol\_version](#input\_protocol\_version) | (Optional) Use `HTTP1` to send requests to targets using HTTP/1.1. Supported when the request protocol is HTTP/1.1 or HTTP/2. Use `HTTP2` to send requests to targets using HTTP/2. Supported when the request protocol is HTTP/2 or gRPC, but gRPC-specific features are not available. Use `GRPC` to send requests to targets using gRPC. Supported when the request protocol is gRPC. Defaults to `HTTP1`. | `string` | `"HTTP1"` | no |
 | <a name="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no |

modules/alb-ip-target-group/main.tf

@@ -19,6 +19,12 @@ data "aws_vpc" "this" {
 }
 
 locals {
+  cross_zone_strategy = {
+    "ENABLED"  = "true"
+    "DISABLED" = "false"
+    "INHERIT"  = "use_load_balancer_configuration"
+  }
+
   ipv4_regex = "^(\\d+).(\\d+).(\\d+).(\\d+)$"
 
   ipv4_vpc_cidrs = data.aws_vpc.this.cidr_block_associations[*].cidr_block
@@ -36,6 +42,11 @@ locals {
   ]
 }
 
+
+###################################################
+# ALB IP Target Group
+###################################################
+
 # INFO: Not supported attributes
 # - `connection_termination`
 # - `lambda_multi_value_headers_enabled`
@@ -54,12 +65,13 @@ resource "aws_lb_target_group" "this" {
 
   ## Attributes
   deregistration_delay          = var.deregistration_delay
-  load_balancing_algorithm_type = lower(var.load_balancing_algorithm)
-  load_balancing_anomaly_mitigation = (var.load_balancing_algorithm == "WEIGHTED_RANDOM"
-    ? var.anomaly_mitigation_enabled ? "on" : "off"
+  load_balancing_algorithm_type = lower(var.load_balancing.algorithm)
+  load_balancing_anomaly_mitigation = (var.load_balancing.algorithm == "WEIGHTED_RANDOM"
+    ? var.load_balancing.anomaly_mitigation_enabled ? "on" : "off"
     : null
   )
-  slow_start = var.slow_start_duration
+  load_balancing_cross_zone_enabled = local.cross_zone_strategy[var.load_balancing.cross_zone_strategy]
+  slow_start                        = var.slow_start_duration
 
   stickiness {
     enabled         = var.stickiness_enabled