作者:mobiledu2502927213 | 来源:互联网 | 2023-07-28 19:33
This issue was originally opened by -morita as hashicorp/terraform#7235. It was migrated here as part of the provider split. The original body of the issue is below.
Terraform Version
Terraform v0.6.16
Affected Resources
- aws_elb
- aws_lb_COOKIE_stickiness_policy
- aws_app_COOKIE_stickiness_policy
Terraform Configuration Files
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
| hcl
resource "aws_elb" "test" {
name = "test-elb"
cross_zone_load_balancing = true
subnets = ["xxx", "yyy"]
listener {
instance_port = 80
instance_protocol = "http"
lb_port = 443
lb_protocol = "https"
ssl_certificate_id = "arn:aws:iam::xxx" # change
}
}
resource "aws_lb_COOKIE_stickiness_policy" "test" {
name = "TestStickiness"
load_balancer = "${aws_elb.test.id}"
lb_port = 443
COOKIE_expiration_period = 3600
} |
Actual Behavior
When I change the SSL certificate on an aws_elb and apply it, the COOKIE stickiness policy which was already applied to the listener will be removed (changed to
).
Is this an expected behavior?
该提问来源于开源项目:hashicorp/terraform-provider-aws
This is what worked for me.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
| resource "aws_lb_COOKIE_stickiness_policy" "session_COOKIE_no_expiration" {
name = "My-ELBCOOKIEPolicy-${aws_elb.elb.name}"
load_balancer = aws_elb.elb.id
lb_port = var.elb_listener_port
}
resource "aws_load_balancer_policy" "COOKIE_policy" {
load_balancer_name = aws_elb.elb.name
policy_name = aws_lb_COOKIE_stickiness_policy.session_COOKIE_no_expiration.name
policy_type_name = "LBCOOKIEStickinessPolicyType"
# beware of this: https://github.com/hashicorp/terraform-provider-aws/issues/12678#issuecomment-692940365
# when applying this policy attribute
policy_attribute {
name = "COOKIEExpirationPeriod"
value = 0
}
}
resource "aws_load_balancer_listener_policy" "elb_listener" {
load_balancer_name = aws_elb.elb.name
load_balancer_port = var.elb_listener_port
policy_names = [
aws_load_balancer_policy.ssl_negotiation.policy_name,
aws_load_balancer_policy.COOKIE_policy.policy_name
]
} |
Notice that in
1
| aws_load_balancer_listener_policy.elb_listener |
, I have listed under
both the ssl negotiation policy for my listener, as well as the COOKIE stickiness policy.