Skip to content

v1.12.0

Compare
Choose a tag to compare
@cloudposse-releaser cloudposse-releaser released this 07 Nov 20:01
95e6dc2
Add IPv6 ingress security group rules @mschfh (#186) ## what
  • Added IPv6 support for ingress security groups
  • Added variable validation for http_ingress_cidr_blocks and https_ingress_cidr_blocks
  • Added variable validation for ip_address_type
  • Updated the http_ingress_cidr_blocks and https_ingress_cidr_blocks defaults values to include ::/0

why

The current implementation only configures IPv4 security group rules, causing IPv6 traffic to be dropped by default for dualstack ALBs

references

AWS Load Balancer dual-stack mode: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#ip-address-type
AWS Security Group IPv6 support: https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#security-group-rule-syntax
TF aws_security_group_rule resource: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule#ipv6_cidr_blocks